ExamGecko
Search Search Login
Home Home / Checkpoint / 156-215.81

Checkpoint 156-215.81 Practice Test - Questions Answers, Page 41

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

What needs to be configured if the NAT property 'Translate destination on client side' is not enabled in Global properties?
Which is a suitable command to check whether Drop Templates are activated or not?
Which Check Point software blade provides Application Security and identity control?
How are the backups stored in Check Point appliances?
Fill in the blank: The position of an implied rule is manipulated in the __________________ window.
Which of the following is true about Stateful Inspection?
Fill in the blank: With the User Directory Software Blade, you can create user definitions on a(n) ___________ Server.
What is the main difference between Threat Extraction and Threat Emulation?
Which of the following is NOT a method used by Identity Awareness for acquiring identity?
When should you generate new licenses?

Question 401

Report
Export
Collapse

What is required for a certificate-based VPN tunnel between two gateways with separate management systems?

A.
Shared Secret Passwords
A.
Shared Secret Passwords
Answers
B.
Unique Passwords
B.
Unique Passwords
Answers
C.
Shared User Certificates
C.
Shared User Certificates
Answers
D.
Mutually Trusted Certificate Authorities
D.
Mutually Trusted Certificate Authorities
Answers
Suggested answer: D

Explanation:

This answer is correct because for a certificate-based VPN tunnel, both gateways need to have a certificate issued by a certificate authority (CA) that they trust1.A CA is a trusted entity that verifies the identity of the gateways and signs their certificates2.The gateways can either use the same CA or different CAs, as long as they trust each other's CA3. This way, the gateways can authenticate each other using their certificates and establish a secure VPN tunnel.

The other answers are not correct because they are either irrelevant or incompatible with certificate-based VPN tunnel.Shared secret passwords and unique passwords are used for pre-shared key (PSK) authentication, which is a different method than certificate authentication4. PSK authentication is less secure and more vulnerable to brute force attacks than certificate authentication. Shared user certificates are not used for gateway authentication, but for user authentication, which is a different level of authentication than gateway authentication. User authentication is optional and can be used in addition to gateway authentication to provide more granular access control.

Configure server settings for P2S VPN Gateway connections - certificate authentication

VPN certificates and how they work

Create Certificate Based Site to Site VPN between 2 Check Point Gateways

HowTo Set Up Certificate Based VPNs with Check Point Appliances

Total 401 questions
Go to page: of 41
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms