The ICA creates certificates for the VPN-1/FireWall-1 Modules and any other communicating
component are created via initialization of the Policy Editor. The ICA creates, signs, and delivers a
certificate to the communicating component. When would the certificate become invalid? (Select
all that apply)
A.
If you rename the gateway
B.
If you rename the rule base
C.
When you Reset the ICA
D.
Delete the Module object from the Policy Editor
E.
something else
Explanation:
according to checkpoint documentation there are two cases when certificates become invalid, the
first case is when you reset ICA, because all the certificates have to be reissued, and the second
case is when you delete a module at the policy editor because the object is no longer available
and the management server published a CRL invalidating the associated SIC certificate previously
issued by ICA.Incorrect Answers:
A: This is not one of the cases, remember that the internal search is made through the DN and not
the alias.
B: The rulebase does not have a certificate associated with it, the certificates are issued to
machines.
E: This in not one of the cases.