CHECK POINT INTERVIEW QUESTIONS

CHECK POINT INTERVIEW QUESTIONS:

 What is anti-spoofing?

Anti-spoofing is one of the features of Check point.  It is protect from attacker, who Generate the traffic from false Ip  packets or spoof source IPAddress. Its determine that whether traffic packets is proper or not.  If the traffic is not proper then the firewall block the traffic.

What is Asymmetric encryption?

Two keys are used in the Asymmetric. One key is used of encrypt the packets and another key user for decrypt. 

Note:

Symmetric Encryption:

One key is used for both Encrypt and decrypt.

What is Stealth Rule in the check point firewall?

Stealth rule protect the check point firewall from the direct access any traffic. Its rule should be place on the top of security rule base.

In this rule administrator denied all the traffic to access checkpoint firewall.

What is cleanup rule in check point firewall?

Clean up rules place at the last of the security rule base, its used to drop all the traffic which not  match with above rule and logged.

Clean up rule mainly created for log purpose.

In this rule administrator denied all the traffic and enable log.

What is different between ESP (50) and AH (51) protocol?

ESP (50) –Encapsulation Security payload – user in both mode tunnel mode and transport mode (encryption authentication and integrity)

AH (51)-it does not provided encryption. It also used two mode transport mode and tunnel mode.

Explicit rule in check point firewall?

Created by administrator, user based rules is called explicit rule.

Different between automatic NAT and Manual NAT?

Automatic NAT:

Automatically created by firewall

Can not modify.

Can not create  ‘No NAT ‘ rule

Can not create dual NAT

Port forwarding is not possible

Proxy arp by default enabled.

Manual  NAT:

 created by administrator

Can be modifying.

Can be create  ‘No NAT ‘ rule

Can be create dual NAT

Port forwarding is   possibl
Proxy arp by default not enabled.

What is different between standalone deployment and distributed deployment?

Standalone deployment- In standalone deployment, security Gateway and Security Management server installed in the same machine.

Distributed deployment - In distributed deployment, security Gateway and Security Management server installed in the different machine.

What is 3 tire architecture component of check point firewall?

Security management

Security gateway

Smart console

What is smart dashboard?

Its tool of smart console, it’s used to configure rule, policy object, create NAT policy, and configure VPN and cluster.

What is packet flow of checkpoint firewall?

SAM databse

Address spoofing

Session lookup

Policy lookup

Destination NAT

Route lookup

Source NAT

Layer 7 Inspection

VPN

Routing

What is SIC?

SIC- stand for “Secure Internal Communication”. It’s a check point firewall feature that is used to make secure communication between checkpoint firewall components.

It’s used when security gateway and secure management server installed in distributed deployment. Its authentication and encryption for secure communication.

How do you verify the manger finger print when using smart dashboard for the first time?

While installed smart console that time its will ask username and password and local address (Management server IP) after that we have to configure finger print. 

Note: command prompt you can configure.

#Cp config

#Option 7 is finger print.

#Exit

Ø   This symbol For super shell

What is needed to be configured on the gateway via https, before the manager takes over?

Interfaces IP address, default route (gateway need to be configure) & banners (optional)

How frequently is the SIC pass phase used between a manger and getway?

Where do you download the smart console utility, such as smart dashboard?

Smart console utilities are down load from management server.  Utility are smart log, smart console, smart monitor, smart track etc.…

Smart dashboard first time:

Username (management server admin)

Password

Local address (management server address)

Finger print

Smart console: (under network object)

Check point + right click and gateway creation (outside interface ip)

Based on the license we can enable the features. (Features are called blades) Need individual license for each feature.

Hardware: open server

Management gateway blades SG103

Management blades: sm 1003

SIC initiation   in the smart console only.

SIC password and initiations

What are the 3 interconnected components in a checkpoint system?

Console, smart management server (policy, log stored in the server- database store location. from management server you can push the policy multiple gateway fw), and gateway fw

What are the 3 check point os names and what device would run them?

IPSO, secure plat form (splat) based on Linux OS and latest Gaia (2012).

What does the inspect engine do?

Stateful inspection, INSPECT engine.  (Stateful table maintains the state of the request, based on the table will allow the traffic).

What are the methods of traffic filtering?

Packet filtering (working at transport and network layer based on the source ip, destination ip and ports or tags)

Stateful filtering (working at transport and network layer, fw maintain the stateful table, based on the traffic will permit or denied. It’s called stateful inspection or inspect engine.

Application-awareness.

What should be planned before starting the installation?

Which method you’re going to install – stand alone or distributed.

IP address of both the servers (management and gateway fw)

What protocol is used to connect to a newly installed management and gateway fw?

https://

thanks to Technet2u

what are the Gaia software versions?

Gaia software versions - R70 R71 R75 R75.4X R75.40VS R76 R77 & R80

Latest: R80