nerdexam
Check_Point

156-215.80 · Question #514

What Check Point technologies deny or permit network traffic?

The correct answer is B. Packet Filtering, Stateful Inspection, Application Layer Firewall.. The three foundational firewall technologies that enforce permit/deny decisions on network traffic are packet filtering, stateful inspection, and application layer firewalling. The other choices mix detection or data-protection tools that do not primarily control traffic flow.

Introduction to Check Point Technology

Question

What Check Point technologies deny or permit network traffic?

Options

  • AApplication Control, DLP
  • BPacket Filtering, Stateful Inspection, Application Layer Firewall.
  • CACL, SandBlast, MPT
  • DIPS, Mobile Threat Protection

How the community answered

(62 responses)
  • A
    3% (2)
  • B
    85% (53)
  • C
    8% (5)
  • D
    3% (2)

Why each option

The three foundational firewall technologies that enforce permit/deny decisions on network traffic are packet filtering, stateful inspection, and application layer firewalling. The other choices mix detection or data-protection tools that do not primarily control traffic flow.

AApplication Control, DLP

Application Control can restrict specific applications, but DLP (Data Loss Prevention) is focused on detecting and preventing sensitive data exfiltration rather than serving as a general traffic permit/deny mechanism.

BPacket Filtering, Stateful Inspection, Application Layer Firewall.Correct

Packet filtering evaluates individual packet headers against rule sets to allow or drop traffic, stateful inspection tracks active connection state to make context-aware permit/deny decisions, and application layer firewalls deep-inspect payload content to enforce policy - these three are the core mechanisms by which firewalls control whether network traffic passes or is blocked.

CACL, SandBlast, MPT

ACL is a packet filtering concept but SandBlast is a threat emulation and extraction solution, and MPT (Mobile Threat Protection) targets mobile device threats - these three do not form a coherent set of foundational traffic control technologies.

DIPS, Mobile Threat Protection

IPS detects and blocks intrusion attempts and Mobile Threat Protection addresses mobile device security, but neither functions as a primary traffic permit/deny enforcement mechanism the way the three firewall inspection types do.

Concept tested: Core firewall traffic permit/deny technologies

Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/Firewall.htm

Topics

#packet filtering#stateful inspection#application layer firewall#traffic enforcement

Community Discussion

4
Grace U.Grace U.Jan 18, 2026

The question is really asking you to identify the core firewall inspection technologies, not tools that happen to block traffic as a side effect of doing something else. B is the correct answer. Packet Filtering, Stateful Inspection, and the Application Layer Firewall are the three foundational mechanisms Check Point defines as methods that directly deny or permit traffic at the network level, and they appear in the Check Point Security Engineering material almost word for word in that grouping. The other options mix in things like DLP or IPS, which certainly influence what traffic gets through, but their primary job is detection and policy enforcement around content or threats, not the raw permit/deny decision-making that the question is pointing at. When you see a question asking specifically about technologies that "deny or permit" traffic, that phrasing is a clue to think about the inspection engine itself, and that takes you straight to B.

20
Bao N.Bao N.Jan 11, 2026

Nailed B on my first pass, those three core firewall mechanisms are basically the whole intro module.

5
Hiroshi T.Hiroshi T.Jan 12, 2026

B is it. Packet Filtering, Stateful Inspection, Application Layer Firewall are the three core traffic control mechanisms per the R80 admin guide, chapter 1. Saw this exact question on my exam last year, eliminated A and D immediately since those are inspection or content tools, not traffic decision engines, and C is a mix of unrelated acronyms.

3
Ola B.Ola B.Jan 7, 2026

I went with A first because Application Control sounds like it is doing exactly that job, but then I remembered the question is asking about the underlying technologies that handle the actual traffic decisions, not the blade names, and that is squarely Packet Filtering, Stateful Inspection, and Application Layer Firewall. Spin up a lab with a basic R80 gateway and watch the traffic hit each inspection layer in order, it clicks way faster than memorizing the answer cold.

2
Full 156-215.80 Practice