Checkpoint® CCSA-NG (Next Generation) Exam Cram Notes

(156-205)

(CCSA: Checkpoint® Certified Systems Administrator)

Download CCNA NG practice tests from SimulationExams.com

Previous      0  1 2  3 4     

41. Spoofing makes it appear as if the packets have come from a genuine IP address, where as in reality they came from an unauthorized IP address.

42. Network Objects are defined as elements that come into contact with the network. Only Network Objects, that are used in the Rule Base, need to be defined in FireWall-1.

43. The available Server Objects are:

  • UFP Server (URL Filtering Protocol Server): Used in defining a URI Resource.
  • CVP Server (Content Vectoring Protocol Server): Used to examine the contents of packets.
  • RADIUS Server: Used to provide authentication service and is based on UDP.
  • TACACS: Also used to provide authentication services and is based on TCP.
  • AXENT Defender: Used to provide authentication services.
  • LDAP Account Units: This enables the Security Manager to integrate an LDAP compliant user database with FireWall-1 Authentication.
  • CA (Certificate Authority) Server: Used to provide certificate authentication.
  • Policy Servier: A SecuRemote Server, with added features.

OPSEC Servers:

  • UFP Server (URL Filtering Protocol Server): Used in defining a URI Resource.
  • CVP Server (Content Vectoring Protocol Server): Used to examine the contents of packets.
  • AMON (Application Monitoring): This service enables network applications to report their status to Check Point Management.

44. If a new Log File is created, the currently open (old) Log File is closed and the is written to disk. The old Log File will have a name that contains the current date and time. Also, only one log file can be open at any given time in the Log Viewer.

45. The Log Viewer events can be viewed in any one one the three modes:

  • Accouting
  • Active Connections
  • Security Log

46.1 There are four status conditions that a firewalled object can be placed in the System Status GUI. These are:

  • Installed: VPN/FireWall-1 is installed on this object and working properly.
  • Not installed: VPN/FireWall-1 Module is not installed on this object.
  • Disconnected: VPN/FireWall-1 Module is installed but not responding
  • Untrusted: The management server you logged into is not the master of this object.

46.2 The following information is displayed in the System Status for each firewalled object:

  • Policy name, and status of the policy
  • Time and date that the security policy was installed on the firewalled object.
  • Packets accepted, packets dropped and packets logged.
  • Status update time and date
  • Identification information of the firewalled object (Name, IP address).
  • Type of installed module. Here four options available:
    • VPN-1/FireWall
    • FloodGate-1
    • Compression
    • High Availability

47. The Log Viewer consists of three different modes:

1. Log Mode - Default log that shows all security related events.

2. Active Mode - connections currently open.

3. Audit Mode - Shows the audit entries in the log viewer.

48. An external group is a user group, the members of which are defined in an external LDAP directory server. An external group can also be used in a Security Policy in the same manner as that of a VPN-1/ FireWall-1 group.

49. CVP, Content Vectoring Protocol is used for content security.

50. There are two most commonly used FTPs. One is Active FTP and the other Passive FTP. The difference between active FTP and passive FTP is primarily on control and data ports used between the FTP server and the FTP client. FireWall-1 supports passive FTP.

51. The following steps uninstall a security policy:

  • Select Policy -> Uninstall from the Security Policy GUI
  • Ensure that all items are selected (all are selected by default)
  • Click OK.

52. SYNDefender is a Check Point proprietary application that defends a corporate network from external denial-of-service attacks.

53. Content Vectoring Protocol (CVP) uses port number 18181.

URI Filtering Protocol (UFP) uses port number 18182.

54. There are three ways that a User Database can be loaded into the FireWall-1 modules:

  • Install the User Database by selecting Install Database from the Policy menu.
  • Install the User Database by clicking on Install button in the Users window.
  • You can also re-install the Security Policy (this includes User Database) by selecting Install from the Policy menu.

Previous      0  1 2  3 4     


Please visit SimulationExams.com for CCSA, CCSA NG and other practice tests: images-used/se-banner125X125.gif