[Top 30] Checkpoint Firewall Questions with Answers

firewall questions answers checkpoint tech hyme

Checkpoint is a cyber security architecture which offers the perfect combination of proven security, easy deployment, and effective management by consolidating key security applications (firewall, VPN, intrusion prevention, and antivirus and more) into a single, efficiently managed solution.

This question-answer based article provides an understanding of basic concepts and skills necessary to configure the Check Point Security Gateway, configure Security Policies, and learn about managing and monitoring secure networks.

Also Read:

Check Point technology is designed to address network exploitation, administrative flexibility and critical accessibility. Check Point software can run on a variety of different operating systems and platforms.

Below is the list of top 30 questions and answers related to Checkpoint Firewall:

1. What is Anti-spoofing?

Anti-Spoofing is the feature of Checkpoint Firewall which protects from attacker who generate IP packet with Fake or Spoof source address. The actual function is to determine that whether network traffic is legitimate or not. If not, then it will immediately block that traffic on interface of firewall.

2. What is Asymmetric Encryption?

In Asymmetric Encryption there is two different key used for encrypt and decrypt to packet. Means that one key used for Encrypt packet, and second key used to for decrypt packet. Same key cannot encrypt and decrypt.

3. What is Stealth Rule in Checkpoint Firewall?

Stealth Rule Protect Checkpoint firewall from direct access any traffic. Its rule should be place on the top of Security rule base. In this rule administrator denied all traffic to access checkpoint firewall.

4. What is clean Rule in Checkpoint Firewall?

Stealth Rule Protect Checkpoint firewall from direct access any traffic. Its rule should be place on the top of Security rule base. In this rule administrator denied all traffic to access checkpoint firewall.

5. What is Nat?

NAT stand for Network Address Translation. Its used to map private IP address with public IP Address and Public IP address map with private IP Address. Mainly its used for Provide Security to the Internal Network and Servers from Internet. NAT is also used to connect Internet with Private IP Address. Because Private IP not route able on Internet.

6. What is Source Nat?

Source NAT used to initiate traffic form internal network to external network. In source NAT only source IP will translated in public IP address.

7. What is VPN (virtual Private Network)?

VPN (Virtual Private Network) is used to create secure connection between two private network over Internet. Its used Encryption authentication to secure data during transmission. There are two type of VPN

  • Site to Site VPN.
  • Remote Access VPN.

8. What is IP Sec?

IP Sec (IP Security) is a set of protocol. Which is responsible for make secure communication between two host machine, or network over public network such as Internet.IPSec Protocol provide Confidentiality, Integrity, Authenticity and Anti Replay protection. There is two IPSec protocol which provide security

  • ESP (Encapsulation Security Payload)
  • AH (Authentication Header).

9. What is Difference Between Esp and Ah IPsec Protocol?

ESP: – ESP Protocol is a part of IPsec suit, its provide Confidentiality, Integrity and Authenticity. Its used in two mode Transport mode and Tunnel mode.

AH :-Its is also part of a IPsec suit, Its provide only Authentication and Integrity, its does not provide Encryption. Its also used to two mode Transport mode and Tunnel mode.

10. What is Explicit Rule in checkpoint Firewall?

It’s a rule in ruse base which is manually created by network created by network security administrator that called Explicit rule.

11. What is Hide Nat?

Hide NAT used to translate multiple private IP or Network with single public IP address. Means many to one translation. Its can only be used in source NAT translation. Hide NAT can not be used in Destination NAT.

12. What is Destination NAT?

When request to translate Destination IP address for connect with Internal Private network from Public IP address. Only static NAT can be used in Destination NAT.

13. Difference between Automatic Nat and Manual NAT?

Automatic NAT:

  • Automatic created by Firewall Network Security Administrator
  • Can not modify
  • Can not create “NO NAT” rule
  • Can not create Dual NAT
  • Port forwarding not possible
  • Proxy ARP by default enabled

Manual NAT:

  • Manually Created by Network Security
  • Can be Modify
  • Can be Create Dual NAT
  • Port forwarding possible
  • Proxy ARP by default not enable

14. What is difference between Standalone Deployment and Distributed Deployment?

Standalone deployment : In standalone deployment, Security Gateway and Security management server installed on same machine.

Distributed deployment : In Distributed deployment, Security Gateway and Security Management Server installed on different machine.

15. What is Sic?

SIC stand for “Secure Internal Communication”. It’s a checkpoint firewall feature that is used to make secure communication between Checkpoint firewall component. Its used when Security Gateway and Security management server installed in Distributed deployment. Its Authentication and Encryption for secure communication.

16. What is 3 Tier Architecture Component of Checkpoint Firewall?

  • Smart Console
  • Security Management
  • Security Gateway

17. What is the Packet Flow of Checkpoint Firewall?

  • SAM Database
  • Address Spoofing
  • Session Lookup
  • Policy Lookup
  • Destination NAT
  • Route Lookup
  • Source NAT
  • Layer 7 Inspection
  • VPN
  • Routing

18. What Advantage of NAT?

  • Save Public IP to save cost
  • Security with hide Internal Network
  • Avoid Routing
  • Publish Server over Internet
  • Overlapping Network
  • Access Internet from Private IP address

19. What is Smart Dashboard?

Its tool of smart console.Its used to configure Rule, Policy object, Create NAT Policy, Configure VPN and Cluster.

20. Which of the Application in Check Point Technology Can be used to Configure Security Objects?

Smart Dashboard

21. Which of the Applications in check point technology can be used to view who and what the administrator do to the Security Policy?

Smart View Tracker

22. What are the two types of Check Point Ng Licenses?

Central and Local licenses: Central licenses are the new licensing are the new licensing model for NG and are bound to the SmartCenter server. Local licenses are the legacy licensing model and are bound to the enforcement module.

23. What is the main different between Cpstop/cpstart and Fwstop/fwstart?

Using cpstop and then cpstart will restart all check point components, including the SVN foundation. Using fwstop and then fwstart will only restart VPN-1/FireWall-1.

24. What are the Functions of Cpd, Fwm, and Fwd Processes?

CPD : CPD is a high in the hierarchical chain and helps to execute many services,  such as Secure Internal Communication (SIC), Licensing and status report.

FWM : The FWM process is responsible for Policy installation, Management High Availability (HA) Synchronization, saving the policy, Database Read/Write action, Log Display, etc.

FWD : The FWD process is responsible for logging. It is executed in relation to logging, Security Servers and communication with OPSEC applications.

25. What are the types of Nat and How to Configure it in check point Firewall?

Static Mode and manually defined.

26. Is SSL Enough for your security?

SSL is meant to verify the sender’s identity but it doesn’t search in a hard way for more hazards. SSL will be able to track down the real person you are talking to but that too can be tricked at times. TLS is another identity verification tool which works the same as SSL but better than it. This provides some additional protection to the data so that no breaches are formed.

27. SSL and Https: which is more secure?

SSL (Secure Sockets Layer) is a protocol which enables safe conversations between two or more parties over the internet. HTTPS ( Hypertext Transfer Protocol Secure) is HTTP combined with SSL which provides you with a safer browsing experience with encryption. So, this is a very tricky question but SSL wins in terms of security.

28. Provide a reason as to why https should be used Instead of Http?

HTTP sends data in clear text whereas HTTPS sends data encrypted.

29. What is a Firewall?

A Firewall is software that blocks unauthorized users from connecting to your computer. All computers at Bank Street are protected by a firewall which is monitored and updated by CIS.

30. Checkpoint Packet flow for SNAT and DNAT?

In case of SNAT

  • Antispoofing
  • Session lookup
  • Policy lookup
  • Routing
  • Netting

In case of DNAT

  • Antispoofing
  • Session lookup
  • Policy lookup
  • Netting
  • Routing

Leave a Reply