| Question |
| |
| What is checkpoint? |
| Answer |
| |
| Checkpoint is a firewall vendor, this will accept/denies the traffic passing through it according to the rules created |
| |
| Question |
| What is f/w-1 model of operation..? |
| |
| Answer |
| Firewall Model works on Client-Server Model |
| |
| Question |
| NAT can be done from checkpoint? |
| Answer |
| Yes |
| |
| Question |
| What are the auths schemes types supported by fw ? |
| Answer |
| |
| There are 3 types User Authentication, Session Authentication and Client Authentication |
| |
| Question |
| What is the current version for checkpoint? |
| |
| Answer |
| The current checkpoint version is R77.30 |
| |
| Question |
| |
| What are the major differences between SPLAT and GAIA |
| Answer |
| GAIA is the latest version of Checkpoint which is combination of SPLAT and IPSO |
| |
| Question |
| What is the main different between cpstop/cpstart and fwstop/fwstart? |
| |
| Answer |
| |
| Using CPstop and CPstart will restart all Checkpoint components. The fwstop and fwstart will only restart the VPN/Firewall |
| |
| Question |
| what is the command for debug the logs? |
| Answer |
| The command for debug is fw ctl zdebug |
| |
| Question |
| What we should do when we observe the tracker has stopped receiving logs from the enforcement module ? |
| Answer |
| Need to verify the var/log directory on the gateways, need to verify the port 257 which is responsible for logs to forward on Gateway & Management Server. |
| |
| Question |
| |
| Does CheckPoint 2000 VPN-1/FW-1 support Kerberos ? |
| Answer |
| |
| No Checkpoint 2000 VPN dosent support Kerberos |
| |
| Question |
| What are basic check point commands like assigning a IP address, checking memory, port status…etc???? |
| Answer |
| To Check Memory – free cpstat -f memory os To check port status – ifconfig -a To Assign IP address – We can do it through webui |
| |
| Question |
| Which are the services supported by VPN / F/w-1 user auth ? |
| Answer |
| |
| Services Supported by VPN/FW-1 are TELNET,FTP,HTTP,HTTPS,RLOGIN |
| |
| Question |
| How to see the current connection counts in firewall ? |
| Answer |
| To view the current connections use the command fw tab -t connections – s |
| |
| Question |
| Checkpoint will support VM ? |
| |
| Answer |
| |
| yes Checkpoint will support VM |
| |
| Question |
| |
| What are the backup procedures in Checkpoint? |
| |
| Answer |
| There are 3 different backup Procedures in Checkpoint Snapshot, Backup and upgrade_export |
| |
| Question |
| |
| How to see the status of power supply units in checkpoint UTM firewalls ? |
| Answer |
| |
| To view the Power supply status run the command cpstat os -f power_supply |
| |
| Question |
| |
| How to see whether the OS is 32 bit or 64 bit ? |
| |
| Answer |
| to view OS bit run uname -a For 64 bit mode you will see 2.6.18-92cpx86_64 # promt For 32 bit mode, you’l see 2.6.18-92cp #1 prompt |
| |
| Question |
| |
| What are the parameters required for f/w-1 security policy login by admin? |
| |
| Answer |
| The parameters required for firewall are Username, Management Server Name and Password |
| |
| Question |
| |
| What are the two types of Check Point NG licenses? |
| Answer |
| The 2 Tyes of Checkpoint NG Licenses are, Central – these are the new model licensing for NG and are bound to the smart center server. Local Licenses – These are the legacy license model and are bound to the enforecement model |
| |
| Question |
| |
| Tell me the architecture of checkpoint firewall ? |
| Answer |
| Checkpoint Arch comprises of 4 main components Core Technology,Central Management, Open Architecture and Universal-update ability |
| |
| Question |
| Why checkpoint & fortigate are implemented in same environment? |
| Answer |
| |
| It mainly depends on the customer requirement to implement Checkpoint & Fortigate |
| |
| Question |
| |
| How many types of NAT are there in Check Point? |
| Answer |
| |
| The types of NAT are Static NAT Dynamic NAT Automatic NAT Manual NAT Server side NAT Client Side NAT |
| |
| Question |
| What are the different types of VPN? |
| |
| Answer |
| |
| The different types of VPN are Remote Access VPN Site to Site VPN (Intranet Based) & (Extranet Based) |
| |
| Question |
| Which of the applications in Check Point technology can be used to configure security objects ? |
| Answer |
| Smartdashboard is used to configure security objects in checkpoint |
| |
| Question |
| Why do we configure Cleanup rule in Checkpoint ? Is it really require ? |
| Answer |
| Clean up Rule is configured in order to view the traffic which are getting dropped. If not enabled then by default it will drop but there wont be log triggered in Tracker. |
| |
| Question |
| What is the difference between Stealth Rule & Clean up Rule in Checkpoint ? |
| Answer |
| Stealth rule is the first rule in rule base that prevents traffic from directly accessing the firewall itself. Cleanup rule is the last rule in the rule base that will capture the log which are dropped after go through all the policies configured. |
| |
| Question |
| Tell me the process to run and read the TCPDUMP on checkpoint firewall. |
| Answer |
| To run the TCPDUMP run the command tcpdump -s 1500 -i -w /var/log/.cap To read use wireshark as the output is saved in *.cap extension |
| |
| Question |
| What is default username and password? |
| |
| Answer |
| |
| The default usr and pwd are admin / admin |
| |
| Question |
| What are the benefits of Gaia compared to SPLAT/IPSO |
| |
| Answer |
| The benefits of GAIA are web based UI with search navigation High connection capacity IPV4 & IPV6 Native support Role based Admin access Full software blade support VRRP Cluster support IPSO and secure platform compatability |
| |
| Question |
| Hi what is the difference between web filtering and content filtering in firewalls ? |
| Answer |
| Web Filtering & Content filtering in Checkpoint require separate license to enable it. Web filtering is the one where we will configure the URL’s that have to be blocked under categories. Content filtering is the one which will help us block the content hosted in the Webpage. |
| |
| Question |
| |
| What is Dash Board And which model of Cisco check point widely used at industry level.. |
| Answer |
| |
| Dashboard is a Smart Console application from checkpoint which we will use to create objects, rule base, NAT etc and that will be used for managing the policies which will be pushed to the gateways. Checkpoint there are multiple models, it basically depends on customer requirement. |
| |
| Question |
| What happens on policy installation, database installation , saving after deleting something on rulebase etc? What are the differences? |
| Answer |
| Policy install is for applying those changes made in the rule base & “install database” is for changes you made in the User properties, it saves it to management server. Here is the definition from CheckPoint… The User Database contains information about each user, including authentication schemes and encryption keys. The User Database resides on the SmartCenter machine and on the firewalled workstations. When a user’s properties change, the change does not take effect immediately. The VPN-1 gateways on which the security policy is installed must be notified of the change by installing the User Database. |
| |
| Question |
| Can we get free checkpoint simulator software like packet tracer(cisco0? |
| Answer |
| |
| No we cannot get free checkpoint simulator as it requires user center access |
| |
| Question |
| |
| What are the types of NAT and how to configure it in Check Point Firewall? |
| Answer |
| The types of NAT is already been answered and to configure the same We can enable NAT by selecting NAT tab under object which we are creating. |
| |
| Question |
| What is the Differnce between TCPDUMP and FWMONITOR on checkpoint? |
| Answer |
| tcpdump, this will show the request & reply packets on the interface level whereas fwmonitor will show each and every step of packet processing done on the firewall. |
| |
| Question |
| |
| What are the different authentication methods used in VPNs? |
| |
| Answer |
| |
| The authentication methods used in VPN’s are EAP auth mehtod, MS-CHAP auth method, Unencrypted passowrds and SPAP |
| |
| Question |
| How Checkpoint Component communicate and Syncs with each other? |
| Answer |
| |
| Through SIC checkpoint component communicate |
| |
| Question |
| Diff between Check point and asa or ohter fw which one is better?? |
| Answer |
| In my view, i will prefer Checkpoint as it has very good features & it provides multiple functionality which are not available in other Security Vendor. |
| |
| Question |
| |
| Can we create virtual gateway on Checkpoint ? If yes .. How ? |
| Answer |
| |
| Yes, we can create Virtual Gateways on checkpoint. There are separate hardware model available VSX platform which can be used for virtual gateways. |
| |
| Question |
| |
| Can we configure TACACS+ auth for gaia portal/SSH? |
| Answer |
| No, accessing gaia portal through TACACS+ is not supported. |
| |
| Question |
| Which encryption algorithm has the highest bit strength |
| Answer |
| AES has the highest strength |
