Check Point Certified Security Administrator (CCSA) R81 — Question 32
A network administrator has informed you that they have identified a malicious host on the network, and instructed you to block it. Corporate policy dictates that firewall policy changes cannot be made at this time. What tool can you use to block this traffic?
Answer options
- A. Anti-Bot protection
- B. Anti-Malware protection
- C. Policy-based routing
- D. Suspicious Activity Monitoring (SAM) rules
Correct answer: D
Explanation
The correct answer is D, as Suspicious Activity Monitoring (SAM) rules can help in identifying and mitigating threats without changing firewall policies. Options A and B focus on detecting malware and botnets but do not specifically block traffic from malicious hosts. Option C, Policy-based routing, does not provide a means to block traffic based on specific threats.