Braindumps.com.ua: Forum -> Check Point Certified Security Administrator NG, Management I

Explanation:

The User Properties Dialog 1
General Allows you to configure the name of the user object. In Figure above, you can see that a user object called alice is being created.
2.

Personal Allows you to configure the following parameters for the user. Expiration Date The date on which the user account will expire and is no longer considered valid. This date must be specified in dd-mmm-yyyy format.
Comment Describes the user object. This is normally the full name of the user.
Color Can be used to differentiate the role of the user. For example, you might configure accounting user objects with one color, and VPN user objects with another color.
3.

Groups Allows you to configure the groups to which the user belongs. Groups are used in security rules, which means you can control the access privileges of a user object by placing it in the appropriate groups.
Figure above demonstrates the Groups tab. In Figure above you can see that the user object currently belongs to no groups, and a group called accounting is present in the users database.
4.

Authentication Allows you to configure the authentication schemes that are valid for the users. Available schemes include SecurID, VPN-1/ FireWall-1 Password, OS Password, RADIUS, S/Key, and TACACS.
Figure above shows the Authentication tab, with the option of VPN-1 & FireWall-1 Password chosen.
Notice in Figure above that you can configure the password for the user object when the VPN-1 & FireWall-1 authentication scheme is selected. To configure a password, click the Change Password button, which displays the Enter Password dialog box. From this screen you can specify a password for the user that will be stored locally in the VPN-1/FireWall-1 users database. It is important that you understand that you must configure an authentication scheme for a user object, so that users can be authenticated appropriately. 5.

Location Allows you to configure the source objects (IP addresses) from which the user can authenticate, as well as the destination objects (IP addresses) the user can access once authenticated. By default, the user can authenticate from any IP address and can also access any destination IP address. Figure above shows the Location tab.
6. Time Allows you to configure the days of the week and the time of theday during which the user is permitted access. By default, a user can connect at any time on any day of the week.
7.

Certificates Allows you to generate certificates for the user object that are signed by the internal CA, which means that the certificate will be trusted as a means of identifying the user on any enforcement module managed by the local management server. Figure 6.17 shows the Certificates tab in the User Properties dialog box. To generate a certificate for a user, click the Generate and Save button.
At this point you will be prompted for a password, which is a one-time password that is used to lock the certificate until it reaches the user. Once the certificate is received, the same one-time password configured during certificate creation must be specified by the user receiving the certificate to unlock the certificate. This process ensures the security of the certificate.
9.
Encryption The final tab allows you to configure the valid encryption schemes that the user is permitted to use. This tab is solely for the configuration of remote access VPN users. Once you have completed configuring a user object, you must install the users database on the management server and enforcement modules. This installation is separate from the security policy installation, and can be performed without reinstallation of the normal security policy.