Check Point Certified Security Administrator (CCSA) R81 — Question 7

A security zone is a group of one or more network interfaces from different centrally managed gateways. What is considered part of the zone?

Answer options

• A. The zone is based on the network topology and determined according to where the interface leads to.
• B. Security Zones are not supported by Check Point firewalls.
• C. The firewall rule can be configured to include one or more subnets in a zone.
• D. The local directly connected subnet defined by the subnet IP and subnet mask.

Correct answer: A

Explanation

Option A is correct because it accurately describes that the zone's definition is based on the network topology and the path of the interface. Options B and D are incorrect as they misrepresent the capabilities of Check Point firewalls and the definition of a zone, respectively. Option C, while related, does not directly define what constitutes part of a zone.