The correct answer isD. In Check Point Identity Awareness and Access Control policy, anAccess Roleobject combines identity and location attributes into one reusable policy object. The R82 Security Management Administration Guide states that Access Role objects let administrators configure network access according toNetworks,Users and user groups,Computers and computer groups, andRemote Access VPN clients. That maps directly to option D: Name, Networks, Users, Machines, and Remote Access Clients. Option A is too narrow and incorrectly reduces the object to subnet and LDAP fields. Option B mixes IP address and LDAP account unit fields but misses the real policy dimensions. Option C also mixes back-end directory and object-type terminology rather than the functional Access Role components. The purpose of an Access Role is not merely to identify a subnet or LDAP unit; it is to define who, from which machines, on which networks, and through which remote-access context can match a rule. Reference topic:Access Roles / Identity Awareness.
========
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit