Check Point Certified Security Administrator Examcram

(156-205)

The Check Point Certified Security Administrator (CCSA)  certification is a foundation level certification. CCSA certified professionals are expected to be able to do installation and management of   Check Pointís VPN-1/FireWall-1 product. The objectives covered by this exam are as below:  

 

objectives:

v       

Install, configure VPN-1/FireWall-1

v       

Log management

v       

Intrusion detection and prevention

v       

Set up and configure user, client, and session authentication

v       

VPN-1/FireWall-1 performance optimization

v       

Security gateways deployment and management

v       

Install and configure network address translation

There are two versions of CCSA. One is CCSA CP 2000 (156-205) and the other is CCSA NG (156-210). Duration of the exam is 90 minutes (120 minutes for non-English) and a minimum score of 70%. For further details, visit the official website of CCSA, CheckPoint Software, click here.

1.      The purpose of a firewall is to ensure security in communications between internal and external networks. A firewall allows or disallows communication across the firewall in accordance with a pre-defined security policy.

2.      Firewall implementations: There are different implementations of firewalls. Most notable among these are:

a.     A firewall implemented with the Packet Filters work at Network Layer of ISO/OSI stack.

b.     A firewall implemented with the Application Layer Gateways work at the Application Layer of ISO/OSI stack.

c.     A Firewall implemented with stateful technology (like Checkpoint Firewall-1) works at all layers of IS/OSI model.

3.      A firewall implemented with stateful inspection technology (FireWall-1 uses stateful inspection) has several advantages over packet filter:

 

Application Layer Gateway

Packet Filters

Stateful Inspection

Communication Information

Partial

Partial 

Yes

Communication Derived State

No  

Partial    

Yes

Application Derived State

No

Yes    

Yes 

Information Manipulation

No 

Yes

Yes

4. The following information are used by Firewall-1 that uses stateful inspection technology:

a.      Communication information from different layers of TCP/IP stack

b.      The state derived from previous communications

c.      The state derived from other applications, for example, a previously authenticated user would be allowed to access through the firewall for authorized services only.

5. Hardware / software requirements:

-         The following are FireWall-1 GUI Management Clients Minimum Requirements:

a.       Platforms: Windows 9x,  Windows NT 4.0 SP4, 5, 6, and X/Motif Client.

b.      Disk Space: 40 Mbytes

c.       Memory: 32 MB Minimum and 64 MB recommended.

-         The minimum requirements for installing Management Server are:

a.       Windows: Windows NT 4.0 (SP4, SP5, SP6)

b.      Solaris 2.6 and Solaris Operating Environment 7 (32 bit installation mode only)

c.       IBM AIX 4.3.1 and 4.3.2

d.      Red Hat Linux 6.1

e.       SPARC x86 HP-UX 10.20, HP-UX 11.0

6.1 The essential components of a FireWall-1 Single Gateway Product are:

a.       Management Module - Security management module with graphical user interface.

b.      Inspection Module - This module is responsible for implementing access control, Client authentication, and session authentication. Network Address Translation is also done here.

c.       Firewall Module - User authentication, and content security

 

6.2 FireWall-1's FireWall Module contains the following components:

d.      FireWall-1 Daemon: This is responsible for communication modules, clients and hosts.

e.       Inspection Module: Access control, Authentication, NAT and auditing are the responsibility of Inspection Module. Inspection module contains INSPECT engine.

f.        Security Server: This is responsible for handling authentication of packets for any specific service or protocol.

For Single Gateway product, the FireWall Module and Management Module must be installed on the same machine. However, GUI can be installed on another machine.

7. CP 2000 FireWall-1 has 3 GUI programs:

1.      Security Policy Editor

2.      System Status

3.      Log Viewer

 

8. FireWall-1 is based on Client - Server model of operation. Note that in FireWall-1, the modules like Management Server can be separated from the GUI.

9. The basic components of a FireWall-1 Single Gateway Product are:

1.    Management Module - Security management module with graphical user interface.

2.    Inspection Module - This module is responsible for implementing access control, Client authentication, and session authentication. Network Address Translation is also done here.

3.    Firewall Module - User authentication, and content security.

It is possible that a single Management module manages one or more FireWall modules. The Management module consists of a GUI client and a Management Server.

10. The FireWall-1 module sits in between the Data Link and the Network layers ( layer 2 and layer 3).

Please visit our sponsor:

Check Point CCSA Practice Tests

Retired CCSA exam notes

      Privacy Policy             Legal              Copyright © 2015 Examguides.com            Contact Webmaster             Web Design by Anandsoft