What is the purpose of the Clean-up Rule?
A . To log all traffic that is not explicitly allowed or denied in the Rule Base
B . To clean up policies found inconsistent with the compliance blade reports
C . To remove all rules that could have a conflict with other rules in the database
D . To eliminate duplicate log entries in the Security Gateway
Answer: A
Explanation:
These are basic access control rules we recommend for all Rule Bases:
– Stealth rule that prevents direct access to the Security Gateway.
– Cleanup rule that drops all traffic that is not allowed by the earlier rules.
There is also an implied rule that drops all traffic, but you can use the Cleanup rule to log the traffic.
Reference: https://sc1.checkpoint.com/documents/R76/CP_R76_Firewall_WebAdmin/92703.htm
Leave a Reply