Check Point Certified Security Expert (CCSE) R81.20 — Question 13

Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

Answer options

• A. Enable .exe bat protection in IPS Policy
• B. tecli advanced attributes set prohibited_file_types exe, bat
• C. create FW rule for particular protocol
• D. enable DLP and select .exe and .bat file type

Correct answer: B

Explanation

The correct answer, B, uses the command to specify prohibited file types directly within the Threat Emulation technology. Option A does not provide the specific command needed for blocking, while C refers to firewall rules that do not target these file types specifically. Option D involves data loss prevention, which is not as direct or effective for this particular type of file blocking.