ExamTopics Logo
Mail Us[email protected]
Menu
Checkpoint Discussions
exam questions

Exam 156-215.80 All Questions

View all questions & answers for the 156-215.80 exam
Go to Exam

Exam 156-215.80 topic 1 question 167 discussion

Actual exam question from Checkpoint's 156-215.80
Question #: 167
Topic #: 1
[All 156-215.80 Questions]

Sally has a Hot Fix Accumulator (HFA) she wants to install on her Security Gateway which operates with GAiA, but she cannot SCP the HFA to the system. She can SSH into the Security Gateway, but she has never been able to SCP files to it. What would be the most likely reason she cannot do so?

  • A. She needs to edit /etc/SSHd/SSHd_config and add the Standard Mode account.
  • B. She needs to run sysconfig and restart the SSH process.
  • C. She needs to edit /etc/scpusers and add the Standard Mode account.
  • D. She needs to run cpconfig to enable the ability to SCP files.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by C4rlos at April 11, 2020, 1:59 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
C4rlos
Highly Voted 2 years, 3 months ago
There is no correct answer, to make SCP connections, the GAiA’s user shell must be set to /bin/bash That can either be done via GAiA UI or via chsh command. By default, user shell is set to /etc/cli.sh
upvoted 6 times
babochnik
1 month, 2 weeks ago
only for R75.40-R80.20 https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk93085
upvoted 1 times
...
C4rlos
2 years, 2 months ago
But option C seems to be the best from available answers. SSH login is allowed using the Standard Mode account user name and password, only. SCP service and client files can be copied to and from SecurePlatform, using SCP client software. Access to SCP is controlled, by editing /etc/scpusers. https://sc1.checkpoint.com/documents/R76/CP_R76_Splat_AdminGuide/51551.htm
upvoted 2 times
...
Kurp
2 years, 2 months ago
i'd agree with you although it scpusers file used to be true until R76 at least. I've tried on R80 no joy but then i've tried very hard neither. sk30569
upvoted 1 times
...
...
babochnik
Most Recent 2 months ago
Selected Answer: C
when you create a user there is a shell: /usr/bin/scponly User is not allowed to log in to Gaia. User can only connect to Gaia over SCP and transfer files to and from the system. Other commands are forbidden. but you may need to assign an administrator role or specify a UID 0 when creating. I found a discussion and in my opinion this question is outdated or not quite correctly formed. https://community.checkpoint.com/t5/Security-Gateways/HowTo-Creating-an-scpuser-account-on-Gaia-Clish/td-p/5819
upvoted 1 times
babochnik
2 months ago
links to the description /usr/bin/scponly: https://sc1.checkpoint.com/documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_Gaia_AdminGuide/html_frameset.htm?topic=documents/R80.20_GA/WebAdminGuides/EN/CP_R80.20_Gaia_AdminGuide/198184 https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_Gaia_AdminGuide/Topics-GAG/Users-Gaia-Portal.htm
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago