Q1 : What is Explicit rule In Checkpoint Firewall.
A : Its a rule in rule base which is manually created by network security administrator that called Explicit rule.
Q2 : Which environment are supported by Test Checkpoint?
A : Text Checkpoint are supported all add-in environments
Recommended Training : Checkpoint.
Q3 : What’s the Image Checkpoint?
Image Checkpoint check the value of an image in your application or web page.
Q4 : What’s the Standard Checkpoint?
A : Standard Checkpoints checks the property value of an object in your application or web page.
Q5 : What is 3 trier architecture component of Checkpoint Firewall.
- Smart Console.
- Security Management.
- Security Gateway.
Q6 : What is Check Point Firewall?
A : The Check Point Firewall is part of the Software Blade architecture that supplies “next-generation” firewall features, including:
VPN and mobile device connectivity
Identity and computer awareness
Internet access and filtering
Application control
Intrusion and threat prevention
Data Loss Prevention
Q7 : What is Cleanup rule In Checkpoint Firewall.
A : Cleanup rule place at last of the security rule base, Its used to drop all traffic which not match with above rule and Logged. Cleanup rule mainly created for log purpose. In this rule administrator denied all the traffic and enable log.
Q8 : What’s the Table Checkpoints?
A : Table Checkpoint checks the information with in a table.
Q9 : What are the primary components of the Check Point solution?
A : These are the primary components of a Check Point solution:
Security Gateway – The engine that enforces the organization’s security policy, is an entry point to the LAN and is managed by the Security Management Server.
Security Management Server – The application that manages, stores, and distributes the security policy to Security Gateways.
SmartDashboard – A Check Point client used to create and manage the security policy.
Q10 : What is the use of Firewall Rule Base?
A : The firewall is the core of a well-defined network security policy. The goal of the Check Point Firewall Rule Base is to create rules that only allow the specified connections.
Q11 : What are the Basic Access Control Rules for all Rule Bases?
A : These are basic access control rules we recommend for all Rule Bases:
1. Stealth rule that prevents direct access to the Security Gateway.
2. Cleanup rule that drops all traffic that is not allowed by the earlier rules.
3. There is also an implied rule that drops all traffic, but you can use the Cleanup rule to log the traffic.
Q12 : How do you define Security Zones?
A : Networks use different security zones to protect very important resources and to defend against malware. Create rules that allow only the applicable traffic in and out of a security zone. Make sure that there are different rules in the Firewall Rule Base that define traffic to and from the security zones.
Q13 : How do you prevent IP Spoofing?
A : Attackers use IP spoofing to make the IP address of a packet appear to be from a trusted source. This can bypass the Firewall to introduce malicious content and actions (malware and bot downloads, DoS attacks, unauthorized access, and so on) to your network.
Anti-Spoofing detects if a packet with an IP address that is, according to the topology, behind one interface, actually arrives from a different interface. For example, if a packet from an external network has an internal IP address, Anti-Spoofing blocks the packet.
Q14 : What’s the Bitmap Checkpoint?
A : Bitmap Checkpoint checks the bitmap images in your web page or application.
Q15 : How do you prevent IP Spoofing?
A : Attackers use IP spoofing to make the IP address of a packet appear to be from a trusted source. This can bypass the Firewall to introduce malicious content and actions (malware and bot downloads, DoS attacks, unauthorized access, and so on) to your network.
Anti-Spoofing detects if a packet with an IP address that is, according to the topology, behind one interface, actually arrives from a different interface. For example, if a packet from an external network has an internal IP address, Anti-Spoofing blocks the packet.
Q16 : What kind of connections are allowed by a firewall on the perimeter?
A : These are some of the connections that are usually allowed by a Firewall on the perimeter:
1. Outgoing connections to the Internet
2. Connections to the DNS server
3. Specified external connections
4. Connections to servers in the DMZ
5. Connections from the internal network to the internal network
6. VPN connections
Q17 : Which environment are supported by Bitmap Checkpoints?
A : Bitmap checkpoints are supported all add-in environment.
Q18 : What is Stealth Rule in checkpoint firewall.
A : Stealth Rule Protect Checkpoint firewall from direct access to any traffic. Its rule should be placed on the top of the Security rule base. In this rule, administrator denied all traffic to access checkpoint firewall.
Q19 : Where you can view the results of the checkpoint?
A :You can view the results of the checkpoints in the Test Result Window.
Q20 : Explain How do virtual corporations maintain confidentiality?
A : Encryption
Q21 : Explain Which of the following is the BEST method for managing users in an enterprise?
A :Place them in a centralized Lightweight Directory Access Protocol.
Q22 : What is the Packet Flow of Checkpoint firewall.
A : Layer 7 Inspection happens right after Destination NAT. If the traffic is to pass through the Medium-path, i.e. IPS/ ThreatPrevention/ UserCheck/ AppCheck/ URL Filtering. Streaming Library, Pattern matching, Sequence Check, etc…
After this Route Lookup happens and then Source NAT is done, followed by VPN-Encrypt and then L2 Lookup.
Q23 : Give an example for simple, physical-access control?
A : Lock
Q24 : Which environments are supported by Image Checkpoint?
A : Image Checkpoint are supported only Web environment.
Q25 : Explain how a biometric device performs in measuring metrics, when attempting to authenticate subjects?
- False Rejection Rate
- Crossover Error Rate
- False Acceptance Rate.