Check Point Certified Security Expert (CCSE) R81.20 — Question 15

Is it possible to establish a VPN before the user login to the Endpoint Client.

Answer options

• A. Yes, you had to set neo_remember_user_password to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_remember_user_password attribute in the trac_client_1.ttm file located in the $FWDIR/conf directory on the Security Gateway
• B. Yes, you had to set neo_always_connected to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_always_connected attribute in the trac_client_1.ttm file located in the $FWDIR/conf directory on the Security Gateway
• C. No, the user must login first.
• D. Yes, you have to enable Machine Authentication in the Gateway object of the Smart Console

Correct answer: D

Explanation

The correct answer is D because enabling Machine Authentication allows the VPN to be established before user login. Options A and B discuss settings that relate to user password management but do not enable VPN connections prior to login. Option C is incorrect as it states the opposite of the correct answer.