Check Point CCSA Exam Cram 2 (Exam 156-210.4)

Sean Walberg is currently a network engineer for a large Canadian financial services company. His responsibilities include maintaining two large Internet hosting centers that make extensive use of Check Point products. Over his career thus far, Sean has focused on networks and Internet security, with a brief diversion as a Unix developer. The love of Unix, especially Linux, has stuck with him since, and he has found numerous uses for it in his network and security roles. Although this is Sean's first book-length project, he served a two-year stint as the author of a weekly Linux newsletter for Cramsession.com, a popular IT certification portal. When not digging into routers and firewalls, Sean enjoys cooking and tinkering with electronics. He's also been known to lock himself in a room while trying to break World War II–era ciphers. Sean is a graduate of computer engineering, where his undergraduate thesis focused on the Secure Sockets Layer, which today secures eCommerce transactions all over the Internet. He is also a registered Professional Engineer with the province of Manitoba. He lives in Winnipeg, Canada, with his wife, two sons, and two cats. © Copyright Pearson Education. All rights reserved.

Introduction.

Self-Assessment.

1. FireWall-1 Installation and Platforms.

    A Brief Look at the Platforms.

    Installing Under Windows.

    Installing Under SecurePlatform.

      Installing the OS.

      Configuring SecurePlatform.

    Installing Under Nokia’s IPSO.

      Installing IPSO.

      Installing Check Point.

    After the FireWall-1 Installation.

      Default Policy.

      Establishing Management Connectivity.

    Exam Prep Questions.

2. FireWall-1 Basics and Architecture.

    Firewall Introduction.

    The OSI Model.

    Firewall Architectures.

      Packet Filter.

      Application Proxy.

      Stateful Inspection.

    FireWall-1 Architecture.

      SmartConsole.

      SmartCenter Server.

      Enforcement Point.

      INSPECT Engine.

      Secure Virtual Network.

      Secure Internal Communications.

    Exam Prep Questions.

3. SmartDashboard.

    Working Within SmartDashboard.

      Objects Tree.

    The Rule Base.

      Examining a Rule.

      Creating and Deleting Rules.

      Hiding and Unhiding Rules.

      Querying the Rule Base.

    The Security Policy.

      A Skeleton Rule Base.

      Implicit and Explicit Rules.

    Global Properties.

      FireWall-1 Implied Rules.

      Security Servers.

      Stateful Inspection Properties.

      Log and Alert.

    Anti-Spoofing.

    Verifying and Installing a Security Policy.

    Rule Processing Order.

    Command-Line Utilities.

      Getting Basic Information.

      Managing Services.

      Managing the Policy.

      Logs.

    Performance Considerations.

    Exam Prep Questions.

4. SmartView Tracker.

    How Logs Are Handled.

    Using SmartView Tracker.

      Log Mode.

      Active Mode.

      Audit Mode.

    Saving Logs.

    Exam Prep Questions.

5. Ancillary Utilities–Status, Update.

    Working with SmartView Status.

      System Status.

      System Alert.

    Using SmartUpdate.

      Managing Products with SmartUpdate 

      Managing FireWall-1 Licenses.

    Exam Prep Questions

6. Application Intelligence.

    The Solution: Application Intelligence.

    SmartDefense.

      General.

      Anti-Spoofing Configuration Status.

    Network Security Capabilities.

      Denial of Service.

      IP and ICMP.

      TCP.

      Fingerprint Scrambling.

      Successive Events.

    Application Intelligence Capabilities.

      Web Defenses.

      Mail Defenses.

      FTP Defenses.

      Microsoft Networks.

      DNS.

      VoIP.

    Storm Center.

      Sending Logs.

      Receiving the Block List.

    Exam Prep Questions

7. Authentication and Users.

    Users, Templates, and Groups.

      Templates.

      Users.

      User Groups.

    Three Types of Authentication.

      User Authentication.

      Session Authentication.

      Client Authentication.

      Comparison of Authentication Types.

    Configuring Authentication.

      Configuring User Authentication.

      Configuring Session Authentication.

      Configuring Client Authentication.

      Authentication and Rule Base Order.

    Choosing the Correct Authentication Method.

    Creating Administrative Users.

    Administrative Certificates.

    Exam Prep Questions.

8. Network Address Translation.

    NAT Terminology.

    NAT in a Nutshell.

    NAT In-Depth.

      Packet Processing in the FireWall-1 Kernel.

      Static Source NAT.

      Static Destination NAT.

      Source and Destination NAT.

      Dynamic NAT.

    Configuring NAT.

      Before You Begin.

      Global Properties.

      Object Properties.

      Manual NAT Rules.

    Exam Prep Questions.

9. Backups and Licensing.

    Backups.

      Important Files on the SmartCenter Server.

      Important Files on the Enforcement Point.

    Licensing.

      Central Versus Local Licensing.

      Using SmartUpdate.

    Exam Prep Questions.

10. Practice Exam 1.

11. Answer Key to Practice Exam 1.

12. Practice Exam 2

13. Answer Key to Practice Exam 2.

Appendix A: What’s on the CD-ROM.

    The CramMaster Engine.

    Multiple Test Modes.

      Pretest Mode.

      Adaptive Drill Mode.

      Simulated Exam Mode.

    Installing CramMaster for the Check Point CCSA Exam.

    Using CramMaster for the CCSA Exam.

    Customer Support.

Appendix B: Important TCP/IP Ports You Should Know.

    FireWall-1 Related.

    IP Protocols.

    TCP Ports.

    UDP Ports.

Appendix C: Setting Up a Lab with VMWare.

    Network Overview.

    Creating the Virtual Machines.

    Configuring the Host.

    Testing and Troubleshooting.

    Installing Check Point.

Appendix D: Troubleshooting with fw monitor.

    A Simple Capture.

    Writing Filters.

    Capturing NATted Flows.

    Problem Diagnosis with fw monitor.

Appendix E: Need to Know More?

    Exam Information.

    Installation and Hardware.

    Architecture and Operation.

    Troubleshooting.

    Application Intelligence and Security Threats.

    Lab Work and PC Virtualization.

Glossary.

Index