Check Point^® CCSA NG Exam cram

(CCSA: Checkpoint(R) Certified Systems Administrator)

(156-210)  

41. Spoofing makes it appear as if the packets have come from a genuine IP address, where as in reality they came from an unauthorized IP address.

42. Network Objects are defined as elements that come into contact with the network. Only Network Objects, that are used in the Rule Base, need to be defined in FireWall-1.

43. The available Server Objects are:

a.       RADIUS Server: Used to provide authentication service and is based on UDP.

 b. RADIUS Server Group: Consists of several RADIUS Servers.

c.      TACACS: Also used to provide authentication services and is based on TCP.

d.       AXENT Pathways Defender Servers: Used to provide authentication services.

e.    ACE (SecureID) Server: Used for authenticating SecureID users.

 f.        LDAP Account Units: This enables the Security Manager to integrate an LDAP compliant user database with FireWall-1 Authentication.

g.       CA (Certificate Authority) Server: Used to provide certificate authentication.

h.       SecuRemote DNS: Configure DNS redirections and encryption SecuRemote DNS GUI.

OPSEC Servers:

a.       UFP Server (URL Filtering Protocol Server): Used in defining a URI Resource.

b.      CVP Server (Content Vectoring Protocol Server): Used to examine the contents of packets.

 c.   AMON (Application Monitoring): This service enables network applications to report their status to Check Point Management.

44. If a new Log File is created, the currently open (old) Log File is closed and the is written to disk. The old Log File will have a name that contains the current date and time. Also, only one log file can be open at any given time in the Log Viewer.

45. The Log Viewer events can be viewed in any one one the three modes:

a.       Accouting

b.      Active Connections

c.       Security Log

46.1 There are four status conditions that a work station object can be placed in the System Status GUI. These are:

Waiting: waiting for connection.

Connected: Work station has been connected

Disconnected: Work station has not been disconnected.

Untrusted: Secure Internal Communication failed

46.2 The following information is displayed in the System Status for each firewalled object:

1.      Policy name, and status of the policy

2.      Time and date that the security policy was last installed on the firewalled object.

3.      Packets accepted, packets dropped and packets logged.

4.      Status update time and date

5.      Identification information of the firewalled object (Name, IP address).

 

47. The Log Viewer consists of three different modes:

1. Log Mode - Default log that shows all security related events.

2. Active Mode - connections currently open.

3. Audit Mode - Shows the audit entries in the log viewer.

48. An external group is a user group, the members of which are defined in an external LDAP directory server. An external group can also be used in a Security Policy in the same manner as that of a VPN-1/ FireWall-1 group.

49. CVP, Content Vectoring Protocol is used for content security.

50. There are two most commonly used FTPs. One is Active FTP and the other Passive FTP. The difference between active FTP and passive FTP is primarily on control and data ports used between the FTP server and the FTP client. FireWall-1 supports passive FTP.

51. The following steps uninstall a security policy:

1.      Select Policy -> Uninstall from the Security Policy GUI

2.      Ensure that all items are selected (all are selected by default)

3.      Click OK.

52. SYNDefender is a Check Point proprietary application that defends a corporate network from external denial-of-service attacks.

53. Content Vectoring Protocol (CVP) uses port number 18181.

      URI Filtering Protocol (UFP) uses port number 18182.

54. There are three ways that a User Database can be loaded into the FireWall-1 modules:

i)        Install the User Database by selecting Install Database from the Policy menu.

ii)      Install the User Database by clicking on Install button in the Users window.

iii)     You can also re-install the Security Policy (this includes User Database) by selecting Install from the Policy menu.

---00---                                                              Netlearner

The above notes is provided AS IS. ExamGuides.com assumes no responsibility about the accuracy.