CheckPoint 156-590 Exam - Topic 2 Question 1 Discussion

The correct answer is B. QoS Policy exemptions. Threat Prevention exceptions are policy constructs used to alter how Threat Prevention blades, IPS protections, files, sites, or protected-scope objects are handled. Check Point documentation explains that an exception sets a different action for an object in the protected scope than the action specified by the Threat Prevention rule, and that exceptions are generally intended to reduce the level of enforcement rather than increase it. The guide also describes creating exceptions from IPS Protections, logs, events, and exception groups, all within the Threat Prevention policy workflow.

IPS Settings Exceptions, Core Activation Exceptions, and Implied IPS Exceptions are aligned with the IPS/Threat Prevention exception model because they affect how protections are activated, tuned, or safely excluded from enforcement. QoS Policy exemptions do not belong to Threat Prevention exception taxonomy. QoS relates to traffic prioritization, bandwidth control, and quality-of-service enforcement, not malware, IPS, Anti-Bot, Anti-Virus, or blade exception handling. In certification terms, the key separation is policy domain: Threat Prevention exceptions modify security inspection behavior, while QoS exemptions belong to traffic management. Reference topics: Threat Prevention Exceptions, IPS Exceptions, Core Activation Exceptions, Implied IPS Exceptions, exception groups.