Check Point Certified Security Expert (CCSE) R81 — Question 205

Is it possible to establish a VPN before the user login to the Endpoint Client.

Answer options

• A. yes, you had to set neo_remember_user_password to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_remember_user_password attribute in the trac_client_1.ttm file located in the $FWDIR/conf directory on the Security Gateway.
• B. no, the user must login first.
• C. yes, you had to set neo_always_connected to true in the trac.defaults of the Remote Access Client or you can use the endpoint_vpn_always_connected attribute in the trac_client_1.ttm file located in the $FWDIR/conf directory on the Security Gateway.
• D. yes, you had to enable Machine Authentication in the Gateway object of the Smart Console.

Correct answer: D

Explanation

The correct answer is D because enabling Machine Authentication allows the VPN to establish a connection before user login. Options A and C pertain to settings that do not enable a VPN connection prior to login, and option B incorrectly states that a login is mandatory for establishing a VPN connection.