Which is false about SIC communications?
A.
A.VPN Certificates, such as those for IKE are used for secure communications
B.
B.The Policy Editior initiates an SSL based connection with the Management Server
C.
The Policy Editor must be defined as being authorised to use the Management Server
D.
The Management Server verifies that the Clients IP address belongs to an authorised Policy
Editor Client
Explanation:
VPN certificates, such of those used for IKE, are used for VPNs, and should not be confused with
SIC certificates, used for securing internal network communications. In SIC the management
server acts as a certificate authority that issue this certificates to uniquely identify all checkpoint
enabled machines. See Page 1.21 of the official CCSA NG Courseware – Management 1.
Incorrect Answers:
B: SIC for Checkpoint SVN components uses certificates for authentication and standart-based
SSL for encryption for communication between components. See Page 1.20 of the official CCSA
NG Courseware – Management 1.
C: For SIC communications between the management server and Policy editor, the policy editor
client must be defined as being authorized to use the management server. See Page 1.22 of the
official CCSA NG Courseware – Management 1.
D: The IP address of the machine trying to connect must be defined as authorized with CPConfig
utility. The management server verifies that the client IP address belongs to an authorized Policy
editor client. See Pages 1.20 and 1.22 of the official CCSA NG Courseware – Management 1.