What is the correct order for pushing SIC certificates to the Gateway before shipping it?

You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?

1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.

2) Initialize internal certificate authority (ICA) on the security Management server.

3) Confirm the gateway object with the host name and IP address for the remote site.

4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.

5) Install the security policy.

You installed Security Management Server on a computer using SecurePlatform in the MegaCorp home office. You use IP address 10.1.1.1. You also installed the Security Gateway on a second SecurePlatform computer, which you plan to ship to another Administrator at a MegaCorp hub office. What is the correct order for pushing SIC certificates to the Gateway before shipping it?

1) Run cpconfig on the gateway, set secure internal communication, enter the activation key and reconfirm.

2) Initialize internal certificate authority (ICA) on the security Management server.

3) Confirm the gateway object with the host name and IP address for the remote site.

4) Click the communication button in the gateway object’s general screen, enter the activation key, and click initialize and ok.

5) Install the security policy.

A.
2, 3, 4, 5, 1

B.
1, 3, 2, 4, 5

C.
2, 3, 4, 1, 5

D.
2, 1, 3, 4, 5

Show Hint

Leave a Reply 6

Your email address will not be published. Required fields are marked *

ascii

ascii

Answer must be C.

Reply

Gunzman

Gunzman

A,B and C are incorrect, reason:
A and C:
We cannot do 4 before 1 it will not work…

Reason it is not b:
we cannot press ok on the object before we can create a certificate…

Correct answer is: D

Reply

Greg

Greg

I liked D better, too. You may actually be able to do 4 before 1, but I wouldn’t recommend it. I really don’t like leaving 2 until half-way through this process, so am very surprised by B as the answer. I wasn’t aware that you could establish SIC with a machine, then change its IP and not break SIC….

Reply

BamBam

BamBam

B is correct, because first u create a new activation key on the gateway. After that u create a new Security Gateway Object on the Management Server. Then “2” , “3” and “5”

Reply

florentjustin

florentjustin

Correct answer is D:

https://sc1.checkpoint.com/documents/R77/CP_R77_SecurityManagement_WebAdminGuide/html_frameset.htm

Initializing the Trust Establishment Process:

The Internal Certificate Authority (ICA) is created when the Security Management server is installed. The ICA issues and delivers a certificate to the Security Management server.

To initialize SIC:

1.Decide on an alphanumeric Activation Key.
2.In SmartDashboard, open the gateway network object. In the General Properties page of the gateway, click Communication to initialize the SIC procedure.
3.In the Communication window of the object, enter the Activation Key that you created in step 2.
4.Click Initialize.

To reset Trust on Check Point Security Gateways:

1 . Log in to the Check Point component.
2.Enter: cpconfig
3.Enter the number for Secure Internal Communication and press enter.
4.Enter y to confirm that you are want to reset trust and are prepared to stop Check Point processes.
5.Enter the activation key when prompted.
6.When done, enter the number for Exit.
7.Wait for the processes to stop and automatically start again.
8.On SmartDashboard, establish trust again. Make sure to use the activation key that you entered on the component.

Reply