Which option, when applied to a rule, allows traffic to VPN gateways in specific VPN communities?
A. All Connections (Clear or Encrypted)
B. Accept all encrypted traffic
C. Specific VPN Communities
D. All Site-to-Site VPN Communities
|
Download Printable PDF. VALID exam to help you PASS. |
 |
correct answer is C as “Accept all encrypted traffic” is applied on community configuration not rules
C. Specific VPN Communities
C is the correct
B is correct!
Quote “Encrypted Traffic – Select Accept all encrypted traffic to encrypt and decrypt all traffic between the Security Gateways. If this is not selected, create rules in the Security Policy Rule Base to allow encrypted traffic between community members”
from link:
https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_SitetoSiteVPN_AdminGuide/html_frameset.htm?topic=documents/R80.10/WebAdminGuides/EN/CP_R80.10_SitetoSiteVPN_AdminGuide/136968
C is correct Not B
Key statement here is ‘When applied to a rule’
Oh, you really are a moron !
The Question says “when applied to a rule”, which means a rule needs to be created and therefore a specific VPN community must be specified hence the answer is C
If you don’t want to add a rule manually, it is possible to configure a Site-to-Site VPN community to automatically allow all encrypted connections, in that case, use the “Accept all encrypted traffic” option to configure the Firewall to allow all VPN traffic to the internal networks for the VPN communities.
There is no option “Accept all encrypted traffic” in a rule base.
Imho answer is C
Gello is right. Check the examples at:
https://sc1.checkpoint.com/documents/R80.10/WebAdminGuides/EN/CP_R80.10_SitetoSiteVPN_AdminGuide/html_frameset.htm?topic=documents/R80.10/WebAdminGuides/EN/CP_R80.10_SitetoSiteVPN_AdminGuide/136968
I think C