Check Point Certified Security Administrator (CCSA) R81.20 — Question 165

You had setup the VPN Community ‘VPN-Stores' with 3 gateways. There are some issues with one remote gateway(1.1.1.1) and an your local gateway. What will be the best log filter to see only the IKE Phase 2 agreed networks for both gateways.

Answer options

• A. action:"Key Install" AND 1.1.1.1 AND Quick Mode
• B. Blade:"VPN" AND VPN-Stores AND Main Mode
• C. action:"Key Install" AND 1.1.1.1 AND Main Mode
• D. Blade:"VPN" AND VPN-Stores AND Quick Mode

Correct answer: A

Explanation

The correct option A filters logs for the Key Install action during Quick Mode, which is relevant for IKE Phase 2 negotiations. Options B and D focus on different modes that do not pertain specifically to Phase 2, while option C incorrectly references Main Mode, which is not applicable for this scenario.