How does he solve this problem?

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR
servers to designated IP addresses to minimize malware infection and unauthorized access risks.
Thus, the gateway policy permits access only from John’s desktop which is assigned an IP
address 10.0.0.19 via DHCP.
John received a laptop and wants to access the HR Web Server from anywhere in the
organization. The IT department gave the laptop a static IP address, but that limits him to
operating it only from his desk. The current Rule Base contains a rule that lets John Adams
access the HR Web Server from his laptop. He wants to move around the organization and
continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources
installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR
Web Server from any machine and from any location.
John plugged in his laptop to the network on a different network segment and he is not able to
connect. How does he solve this problem?

John Adams is an HR partner in the ACME organization. ACME IT wants to limit access to HR
servers to designated IP addresses to minimize malware infection and unauthorized access risks.
Thus, the gateway policy permits access only from John’s desktop which is assigned an IP
address 10.0.0.19 via DHCP.
John received a laptop and wants to access the HR Web Server from anywhere in the
organization. The IT department gave the laptop a static IP address, but that limits him to
operating it only from his desk. The current Rule Base contains a rule that lets John Adams
access the HR Web Server from his laptop. He wants to move around the organization and
continue to have access to the HR Web Server.
To make this scenario work, the IT administrator:
1) Enables Identity Awareness on a gateway, selects AD Query as one of the Identity Sources
installs the policy.
2) Adds an access role object to the Firewall Rule Base that lets John Adams PC access the HR
Web Server from any machine and from any location.
John plugged in his laptop to the network on a different network segment and he is not able to
connect. How does he solve this problem?

A.
John should install the Identity Awareness Agent
B. The firewall admin should install the Security Policy

C.
John should lock and unlock the computer

D.
Investigate this as a network connectivity issue



Leave a Reply 10

Your email address will not be published. Required fields are marked *


some guy

some guy

Its C.

Michael

Michael

It’s B, because the Security admin forgot to install the security policy after adding john’s access role.

OBM

OBM

C is the likely answer as the PDP will still have his old IP listed. The lock/unlock generates a security event on the AD server.

Chirag

Chirag

Without pushing the firewall rule to the gateway, it is not going to work. Here the answer should be B.

Zubair Altaf Qureshi

Zubair Altaf Qureshi

It’s B. Although there is another same question but in that 2nd step it’s clearly written that the admin installs the policy. So if you get that question then the answer is different i.e lock/unlock the pc. Thanks hope this clears the confusion.
Note:- Always read the question properly 🙂