Checkpoint® CCSA-NG (Next Generation) Exam Cram Notes


(CCSA: Checkpoint® Certified Systems Administrator)

44. If a new Log File is created, the currently open (old) Log File is closed and the is written to disk. The old Log File will have a name that contains the current date and time. Also, only one log file can be open at any given time in the Log Viewer.

45. The Log Viewer events can be viewed in any one one the three modes:

  • Accouting
  • Active Connections
  • Security Log

46.1 There are four status conditions that a firewalled object can be placed in the System Status GUI. These are:

  • Installed: VPN/FireWall-1 is installed on this object and working properly.
  • Not installed: VPN/FireWall-1 Module is not installed on this object.
  • Disconnected: VPN/FireWall-1 Module is installed but not responding
  • Untrusted: The management server you logged into is not the master of this object.

46.2 The following information is displayed in the System Status for each firewalled object:

  • Policy name, and status of the policy
  • Time and date that the security policy was installed on the firewalled object.
  • Packets accepted, packets dropped and packets logged.
  • Status update time and date
  • Identification information of the firewalled object (Name, IP address).
  • Type of installed module. Here four options available:
    • VPN-1/FireWall
    • FloodGate-1
    • Compression
    • High Availability

47. The Log Viewer consists of three different modes:

1. Log Mode - Default log that shows all security related events.

2. Active Mode - connections currently open.

3. Audit Mode - Shows the audit entries in the log viewer.

48. An external group is a user group, the members of which are defined in an external LDAP directory server. An external group can also be used in a Security Policy in the same manner as that of a VPN-1/ FireWall-1 group.

49. CVP, Content Vectoring Protocol is used for content security.

50. There are two most commonly used FTPs. One is Active FTP and the other Passive FTP. The difference between active FTP and passive FTP is primarily on control and data ports used between the FTP server and the FTP client. FireWall-1 supports passive FTP.

51. The following steps uninstall a security policy:

  • Select Policy -> Uninstall from the Security Policy GUI
  • Ensure that all items are selected (all are selected by default)
  • Click OK.

52. SYNDefender is a Check Point proprietary application that defends a corporate network from external denial-of-service attacks.

53. Content Vectoring Protocol (CVP) uses port number 18181.

URI Filtering Protocol (UFP) uses port number 18182.

54. There are three ways that a User Database can be loaded into the FireWall-1 modules:

  • Install the User Database by selecting Install Database from the Policy menu.
  • Install the User Database by clicking on Install button in the Users window.
  • You can also re-install the Security Policy (this includes User Database) by selecting Install from the Policy menu.

Previous      0  1 2  3 4     

Please visit for CCSA, CCSA NG and other practice tests: images-used/se-banner125X125.gif