Check Point Certified Security Expert (CCSE) R81 — Question 295

Can Check Point and Third-party Gateways establish a certificate-based Site-to-Site VPN tunnel?

Answer options

• A. Yes, but they need to have a mutually trusted certificate authority
• B. Yes, but they have to have a pre-shared secret key
• C. No, they cannot share certificate authorities
• D. No, Certificate based VPNs are only possible between Check Point devices

Correct answer: A

Explanation

The correct answer is A because a mutual trust in the certificate authority is necessary for establishing a secure connection. Options B and D are incorrect as they suggest alternatives that do not apply to certificate-based configurations. Option C is also wrong because it misrepresents the ability to share certificate authorities in this context.