This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Vivus
Participant
‎2021-06-13 05:46 PM
Jump to solution

Conflict on Exception - Why is the most liberal action taken?

Hi there guys,

I'm currently looking over some material for the CCSA (have been particularly aided by ExamTopics - excellent for practice exam questions and actually free, thank God) and have come across a questions regarding conflict resolution within Security Policies. 

 

Question

"What are the three conflict resolution rules in the Threat Prevention Policy Layers?"

Answer

"Conflict on action, conflict on exception, and conflict on settings"

 

Description 

After doing a bit of reading up on these conflict resolution rules, I was particularly perplexed by the description for the Conflict on Exception which reads (CCSA R80.10 guide page 407 - I know this is a bit outdated as we're at R81.10 now... maybe this has changed?):

"Conflict on exception: The exceptions for a specified scope is different between layers. The action taken will be the most liberal, or least restrictive."

 

Any Ideas?

Can anyone explain why, if the conflict on action opts for the most restrictive option when a conflict occurs, the conflict on exception vouches for the least restrictive option? This seems to me like it might dangerously expose the system? Any insight is greatly appreciated. 

 

Thanks Check Mates, 🍻

Vivus

0 Kudos
1 Solution

Accepted Solutions
Jason_Tugwell
Employee Employee
Employee
‎2021-06-17 05:18 AM
Jump to solution

As a FYI, the source material is not up to date as that question is no longer on the exam. 🙂

Regards,

Tug 

View solution in original post

3 Replies
PhoneBoy
Admin
Admin
‎2021-06-13 09:10 PM
Jump to solution

Thinking about it logically, an exception is generally to give you the option to reduce the level of enforcement for a specific protection, not increase it.
Therefore, to me at least, it would make sense that if there was a conflict for an exception, the least restrictive one would apply. 
Not sure that's the official reason, but that's my take.

Vivus
Participant
‎2021-06-16 08:52 PM
In response to PhoneBoy
Jump to solution

Hi PhoneBoy, thanks for the response. I had considered that, but then thought that if there was a lack of exception in one rule base it would imply that there may be reason to keep 'exceptional individuals' out, which compromises security if the two rule bases are merged and the least restrictive option is held.

I don't really know, maybe I'm overthinking it, haha.

0 Kudos
Jason_Tugwell
Employee Employee
Employee
‎2021-06-17 05:18 AM
Jump to solution

As a FYI, the source material is not up to date as that question is no longer on the exam. 🙂

Regards,

Tug 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events