nerdexam
Check_Point

156-215.80 · Question #263

You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?

The correct answer is A. A group with generic user. When integrating RSA SecurID with Check Point, you define a group containing a single generic user in SmartDashboard to represent all token-authenticated users rather than creating individual internal accounts.

User Management and Authentication

Question

You are about to integrate RSA SecurID users into the Check Point infrastructure. What kind of users are to be defined via SmartDashboard?

Options

  • AA group with generic user
  • BAll users
  • CLDAP Account Unit Group
  • DInternal user Group

How the community answered

(42 responses)
  • A
    81% (34)
  • B
    12% (5)
  • C
    2% (1)
  • D
    5% (2)

Why each option

When integrating RSA SecurID with Check Point, you define a group containing a single generic user in SmartDashboard to represent all token-authenticated users rather than creating individual internal accounts.

AA group with generic userCorrect

RSA SecurID authentication is handled externally by the RSA Authentication Manager; Check Point does not store individual user credentials. A 'generic user' object acts as a template that matches any user authenticated by the external RSA server, and placing it inside a group allows that group to be referenced in security rules. This avoids the administrative overhead of replicating every RSA user inside the Check Point user database.

BAll users

Defining all users individually as internal Check Point users is unnecessary and incorrect - RSA SecurID users are authenticated by the RSA server, not by Check Point's internal database.

CLDAP Account Unit Group

An LDAP Account Unit Group is used when integrating with an LDAP directory (such as Active Directory), not with RSA SecurID token-based authentication.

DInternal user Group

An 'Internal user Group' composed of internal Check Point user accounts would bypass RSA SecurID entirely and does not support token-based authentication.

Concept tested: RSA SecurID integration using generic user in Check Point

Source: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_IdentityAwareness_AdminGuide/Topics-IDAG/RSA-SecurID.htm

Topics

#RSA SecurID#generic user#user integration#SmartDashboard

Community Discussion

No community discussion yet for this question.

Full 156-215.80 Practice