The correct answer is A. An audit log is a record of actions taken by administrators . In Check Point management architecture, audit logs are different from traffic logs, threat logs, or operating-system event logs. A traffic log records inspected network connections and blade decisions. A threat log records Threat Prevention detections, preventions, packet captures, forensic details, and blade-specific events. An audit log records administrative activity performed in the management environment. The uploaded Check Point glossary material defines an Audit Log as a log that contains administrator actions on a Management Server, including login and logout, creation or modification of an object, and installation of a policy.
This is operationally important because audit logs support accountability and change control. When investigating a policy change, exception addition, blade enablement, profile modification, or installation event, the audit trail shows which administrator performed the action and when it occurred. Option B is incorrect because system event logs are not the same as audit logs. Option C describes a filtered view of logs, not an audit record. Option D is incorrect because gateway system logs are operational logs from enforcement points, while audit logs are management-plane administrative records. Reference topics: Audit Logs, administrator actions, Management Server accountability, policy installation auditing, change tracking.
