Question 3
Vanessa is firewall administrator in her company; her company is using Check Point firewalls on central and remote locations, which are managed centrally by R80 Security Management Server. One central location has an installed R77.30 Gateway on Open server. Remote location is using Check Point UTM-1 570 series appliance with R71.
Which encryption is used in Secure Internal Communication (SIC) between central management and firewall on each location?
On central firewall AES128 encryption is used for SIC, on Remote firewall 3DES encryption is used for SIC.
On both firewalls, the same encryption is used for SIC. This is AES-GCM-256.
The Firewall Administrator can choose which encryption suite will be used by SIC.
On central firewall AES256 encryption is used for SIC, on Remote firewall AES128 encryption is used for SIC.
Correct answer: A
Explanation:
Gateways above R71 use AES128 for SIC. If one of the gateways is R71 or below, the gateways use 3DES. Reference:http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf
Gateways above R71 use AES128 for SIC. If one of the gateways is R71 or below, the gateways use 3DES.
Reference:
http://dl3.checkpoint.com/paid/74/74d596decb6071a4ee642fbdaae7238f/CP_R80_SecurityManagement_AdminGuide.pdf?HashKey=1479584563_6f823c8ea1514609148aa4fec5425db2&xtn=.pdf