Check Point Certified Security Expert (CCSE) R81 — Question 131

Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

Answer options

• A. create FW rule for particular protocol
• B. tecli advanced attributes set prohibited_file_types.exe.bat
• C. Enable .exe bat protection in IPS Policy
• D. enable DLP and select .exe and .bat file type

Correct answer: B

Explanation

The correct answer is B because using the command 'tecli advanced attributes set prohibited_file_types.exe.bat' explicitly sets .exe and .bat files as prohibited within the Threat Emulation framework. The other options either do not directly address blocking these file types or pertain to different configurations that do not effectively prevent execution of .exe and .bat files.