Check Point Certified Security Expert (CCSE) R80 — Question 25

Using Threat Emulation technologies, what is the best way to block .exe and .bat file types?

Answer options

• A. enable DLP and select.exe and .bat file type
• B. enable .exe & .bat protection in IPS Policy
• C. create FW rule for particular protocol
• D. tecli advanced attributes set prohibited_file_types exe.bat

Correct answer: A

Explanation

The correct choice, A, involves enabling Data Loss Prevention (DLP) and specifically selecting the .exe and .bat file types for blocking, which is a direct approach for this purpose. Option B suggests using IPS Policy, which may offer protection but is not as precise for file type blocking. Option C is irrelevant as it pertains to firewall rules rather than specific file types. Option D is incorrect as it uses a command that does not effectively address the file types in a Threat Emulation context.