Escolar Documentos
Profissional Documentos
Cultura Documentos
A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators rules to pass through it.
used to export data. Many organizations that are terrified (at a management level) of Internet connections have no coherent policy about how dial-in access via modems should be protected.
7.
9. What are some common attacks, and how can I protect my system against them?
Each site is a little different from every other in terms of what attacks are likely to be used against it. Some recurring themes do arise, though.
11.
addresses of an organization, for example. This technique is also called Network Address Translation where the private IP addresses originating from the different clients inside the network are all mapped to the public IP address available through the internet service provider and then sent to the outside world (Internet). This way, the packets are tagged with only the Public IP address (Firewall level) and the internal private IP addresses are not exposed to potential intruders.
An application layer gateway (ALG) is a feature on ScreenOS gateways that enables the gateway to parse application layer payloads and take decisions on them. Although there are other ScreenOS features, such as deep inspection, in which the gateway inspects traffic at the application layer, ALGs are typically employed to support applications that use the application layer payload to communicate the dynamic Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) ports on which the applications open data connections. Such applications include the File Transfer Protocol (FTP) and various IP telephony protocols. The dynamic TCP, UDP, or other ports that are opened by the ScreenOS gateway to permit these data or secondary channels are referred to as pinholes, and are active strictly for the duration of activity on the data channel.
The bastion host processes and filters all incoming traffic and prevents malicious traffic from entering the network, acting much like a gateway. The most common examples of bastion hosts are mail, domain name system, Web and File Transfer Protocol (FTP) servers. Firewalls and routers can also become bastion hosts
2. Can only handle TCP connections new extensions proposed for UDP 3. TCP/IP stacks are mandatorily be modified by vendor for using CL Gateways.
separates the intranet and DMZ networks, making it more difficult to attack the intranet itself. When a properly configured firewall is combined with the use of private IP addresses on one or both of these subnets, attack becomes that much more difficult.
on the Dual-Homed Host machine, thus there is no direct TCP/IP connection between the Local Network and the Internet. You permit communication between Local Network and the Internet in either of two ways: 1. Users on the Local Network are given accounts on the DualHomed Host machine. In order to use Internet services the must rlogin on the Dual-Homed Host machine. The fact that you allow accounts on the machine weakens its security greatly (it now depends on each user and user that have access to it, more correctly it depends on the users' ability to choose "strong" passwords). Once the outsider succeeds to rlogin on the DualHomed Host machine he/she can access the entire Local Network. 2. Dual-Homed Host runs proxy program for each service you want to permit, thus there is no more need for users to rlogin to the machine in order to access the Internet. They can communicate via proxy software. The only host that can be accessed and thus attacked from the Internet is the Dual-Homed host machine. Thus it must have much greater level of security than the ordinary host on the Local Network. The excessive logging and auditing of system state must be performed, only secure software and necessary software installed and so on. This architecture is much more secure than the Screening Router Architecture. But still once the Dual-Homed Host is subverted the entire Local Network is vulnerable to attack.
newsgroup collected globally. A NTTP client is a part of the web browser also called as a news reader. It uses a reserve port no 119.
Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.
Your ability to secure data using the right mix of hardware and software is critical to a companys operations, and even its bottom line. Among the most important things recruiters and hiring managers look for during an interview seems basic: technical competence.
At the same time, they want to see that you can fit into the corporate culture. Thats the kind of thing many tech people struggle to demonstrate. This means you can expect your interview to cover areas that seem to have little relation to one another. So be ready to shift gears quickly as the conversation goes on. Here are some of the questions you should be ready to field. Whats the size of your network? What you should say: Your answer depends on whos asking the question. For example, if its a technical person conducting the interview, you might want to answer in terms of nodes. However the idea of a 1,300-node network probably wont mean anything to a businessperson. For an executive or someone in sales, its better to say you have 1,500 users. Why you should say it: You want to qualify your audience. Before you answer, be sure you understand how it will resonate with the person whos asking. If that executive doesnt know what youre talking about, hes got no
basis on which to judge some of your critical experience. Bottom line: Know your audience. Whats the most successful firewall project youve worked on? What was your role? What you should say: If youre a senior engineer, managers want to hear that you led the project and designed it, not that you just did what you were told to do. Structure your answer to identify the possible solutions you looked at, which one you chose and why, and then get into details of your role. Come prepared to get into detail about your biggest projects. Why you should say it: This is where the interviewer gets a sense of who you are. If you just say you were part of a team, that tells them you havent really worked on a lot of cutting-edge projects. Good interviewers are moving away from black-and-white questions and pat, right-or-wrong answers. A lot of their questions will be meant to gauge the complexity of your environment and how effective you were in working with it. Describe the biggest security breach youve encountered. How did you handle it, and what would you do differently? What you should say: Some might say theyve never had a breach, but that could imply you. Assuming you have experienced a breach, be sure to help the interviewer understand what controls and measures you put in place and, again, highlight your specific role. Dont just say you had a problem show how you overcame it. Why you should say it: Contrary to the usual advice to be a team player, its important to emphasize your individual contribution. You want the interviewer to know exactly what you bring to the table. Youre interviewing for you, not your team. What percentage of your responsibilities is dedicated to IT security? What you should say: Tell the truth, but bear in mind having security as just one of many roles could be a liability to some employers. If security is one of five or six responsibilities you have, you wont have knowledge thats as deep as someone who handles it full-time. So be sure to put it in perspective. If you have multiple responsibilities and security is the major one, emphasize that.
Why you should say it: People want to get to the core of how much of your day is devoted to IT security. If its simply 20 percent of your role, face the fact that this jobs probably not for you. Bottom line: Make sure youre a perfect fit when targeting this position. Why do you want to work here? What you should say: Avoid a cookie-cutter answer like to grow my career or Im fascinated by your business. Show that youve researched the company, that youre motivated, interested and have ideas about how you can contribute. Prepare by following the basics: Get onto the companys website, look at its press releases and financials, and incorporate relevant details into your answers. Why you should say it: First, you want to impress the interviewers with how much you know about the company and tie it back to how you can contribute. That shows your interest in the job. Second, as important as it is to demonstrate your technical skills, proving that you can fit into the employers culture can be even more critical. Recruiters say successful hiring decisions are 60 percent about technical skills and 40 percent cultural fit. While the technical skills will get you the interview, its the cultural fit that lands you the job.
Which of the applications in Check Point technology can be used to configure security objects? Answer: Smart Dashboard Question 2 Which of the applications in Check Point technology can be used to view who and what the administrator do to the security policy? Answer: SmartView Tracker Question 3 What are the two types of Check Point NG licenses? Answer: Central and Local licenses Central licenses are the new licensing model for NG and are bound to the Smart
Center server. Local licenses are the legacy licensing model and are bound to the enforcement module. Question 4 What is the main different between cpstop/cpstart and fwstop/fwstart? Answer: Using cpstop and then cpstart will restart all Check Point components, including the SVN foundation. Using fwstop and then fwstart will only restart VPN-1/FireWall-1. Question 5 What are the functions of CPD, FWM, and FWD processes? Answer: CPD CPD is a high in the hierarchical chain and helps to execute many services, such as Secure Internal Communication (SIC), Licensing and status report. FWM The FWM process is responsible for the execution of the database activities of the Smart Center server. It is; therefore, responsible for Policy installation, Management High Availability (HA) Synchronization, saving the Policy, Database Read/Write action, Log Display, etc. FWD The FWD process is responsible for logging. It is executed in relation to logging, Security Servers and communication with OPSEC applications. Question 6 How to Install Checkpoint Firewall NGX on SecurePlatform? Answer: 1. Insert the Checkpoint CD into the computers CD Drive. 2. You will see a Welcome to Checkpoint SecurePlatform screen. It will prompt you to press any key. Press any key to start the installation; otherwise it will abort the installation. 3.You will now receive a message saying that your hardware was scanned and found suitable for installing secureplatform. Do you wish to proceed with the installation of Checkpoint SecurePlatform. Of the four options given, select OK, to continue. 4.You will be given a choice of these two: SecurePlatform SecurePlatform Pro
Select Secure platform Pro and enter ok to continue. 5.Next it will give you the option to select the keyboard type. Select your Keyboard type (default is US) and enter OK to continue. 6.The next option is the Networking Device. It will give you the interfaces of your machine and you can select the interface of your choice. 7.The next option is the Network Interface Configuration. Enter the IP address, subnet mask and the default gateway. For this tutorial, we will set this IP address as 1.1.1.1 255.255.255.0 and the default gateway as 1.1.1.2 which will be the IP address of your upstream router or Layer 3 device. 8.The next option is the HTTPS Server Configuration. Leave the default and enter OK. 9.Now you will see the Confirmation screen. It will say that the next stage of the installation process will format your hard drives. Press OK to Continue. 10.Sit back and relax as the hard disk is formatted and the files are being copied. Once it is done with the formatting and copying of image files, it will prompt you reboot the machine and importantly REMOVE THE INSTALLATION CD. Press Enter to Reboot. Note: Secure platform disables your Num Lock by overriding System BIOS settings, so you press Num LOck to enable your Num Lock. For the FIRST Time Login, the login name is admin and the password is also admin. 11.Start the firewall in Normal Mode. 12. Configuring Initial Login: Enter the user name and password as admin, admin. It will prompt you for a new password. Chose a password. Enter new password: check$123 Enter new password again: check$123 You may choose a different user name:
Enter a user name:fwadmin Now it will prompt you with the [cpmodule]# prompt. 13. The next step is to launch the configuration wizard. To start the configuration wizard, type sysconfig. You have to enter n for next and q for Quit. Enter n for next. 14.Configuring Host name: Press 1 to enter a host name. Press 1 again to set the host name. Enter host name: checkpointfw You can either enter an ip address of leave it blank to associate an IP address with this hostname. Leave it blank for now. Press 2 to show host name. It now displays the name of the firewall as checkpointfw. Press e to get out of that section. 15.Configuring the Domain name. Press 2 to enter the config mode for configuring the domain mode. Press 1 to set the domain name. Enter domain name:yourdomain.com Example: Enter domain name: checkpointfw.com You can press 2 to show the domain name. 16. Configuring Domain Name Servers. You can press 1 to add a new domain name server. Enter IP Address of the domain name server to add: Enter your domain name server IP Address HERE. Press e to exit. Network Connections.
17. Press 4 to enter the Network Connections parameter. Enter 2 to configure a new connection. Your Choice: 1) 2) 3) 4) eth0 eth1 eth2 eth3
Press 2 to configure eth1. (We will configure this interface as the inside interface with an IP address of 192.168.1.1 and a subnet mask of 255.255.255.0. The default gateway will be configured as 1.1.1.1.) Press 1) Change IP settings. Enter IP address for eth1 (press c to cancel): 192.168.1.1 Enter network Mask for interface eth2 (press c to cancel): 255.255.255.0 Enter broadcast address of the interface eth2 (leave empty for default): Enter Pres Enter to continue. Similarly configure the eth2 interface, which will be acting as a DMZ in this case with 10.10.10.1 255.255.255.0. Press e to exit the configuration menu. 18.Configuring the Default Gateway Configuration. Enter 5 which is the Routing section to enter information on the default gateway configuration. 1.Set default gateway. 2.Show default gateway. Press 1 to enter the default gateway configuration. Enter default gateway IP address: 1.1.1.2 19. Choose a time and date configuration item. Press n to configure the time zone, date and local time.
This part is self explanatory so you can do it yourself. The next prompt is the Import Checkpoint Products Configuration. You can n for next to skip this part as it is not needed for fresh installs. 20. Next is the license agreement. You have the option of V for evaluation product, U for purchased product and N for next. If you enter n for next. Press n for next. Press Y and accept the license agreement. 21.The next section would show you the product Selection and Installation option menu. Select Checkpoint Enterprise/Pro. Press N to continue. 22. Select New Installation from the menu. Press N to continue. 23. Next menu would show you the products to be installed. Since this is a standalone installation configuration example, select VPN Pro and Smart center Press N for next 24.Next menu gives you the option to select the Smart center type you would like to install. Select Primary Smart center. Press n for next. A validation screen will be seen showing the following products: VPN-1 Pro and Primary Smart center. Press n for next to continue. Now the installation of VPN-1 Pro NGX R60 will start.
25. The set of menu is as follows: Do you want to add license (y/n) You can enter Y which is the default and enter your license information. 26. The next prompt will ask you to add an administrator. You can add an administrator. 27.The next prompt will ask you to add a GUI Client. Enter the IP Address of the machine from where you want to manage this firewall. 28. The final process of installation is creation of the ICA. It will prompt you for the creation of the ICA and follow the steps. The ICA will be created. Once the random is configured (you dont have to do anything), the ICA is initialized. After the ICA initialized, the fingerprint is displayed. You can save this fingerprint because this will be later used while connecting to the smart center through the GUI. The two fingerprints should match. This is a security feature. The next step is reboot. Reboot the firewall. Question 7 What are the types of NAT and how to configure it in Check Point Firewall? Answer: Static Mode manually defined