Check Point Certified Security Administrator (CCSA) R80 — Question 359

MyCorp has the following NAT rules. You need to disable the NAT function when Alpha-internal networks try to reach the Google DNS (8.8.8.8) server.
What can you do in this case?

Answer options

• A. Use manual NAT rule to make an exception
• B. Use the NAT settings in the Global Properties
• C. Disable NAT inside the VPN community
• D. Use network exception in the Alpha-internal network object

Correct answer: D

Explanation

The correct answer is D because creating a network exception in the Alpha-internal network object allows traffic to bypass NAT specifically for the Google DNS server. Options A, B, and C do not directly address the need to exclude this specific traffic from NAT processing.