Copyright © Check Point Software Technologies Ltd. All rights reserved.

Printed by Check Point Press A Division of Check Point Software Technologies Ltd. First Printing December 2009
RESTRICTED RIGHTS LEGEND: Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19. © 2003-2010 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

TRADEMARKS ©2003-2010 Check Point Software Technologies Ltd. All rights reserved. Check Point, AlertAdvisor, Application Intelligence, Check Point Endpoint Security, Check Point Endpoint Security On Demand, Check Point Express, Check Point Express CI, the Check Point logo, ClusterXL, Confidence Indexing, ConnectControl, Connectra, Connectra Accelerator Card, Cooperative Enforcement, Cooperative Security Alliance, CoreXL, CoSa, DefenseNet, Dynamic Shielding Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Clientless Security, Integrity SecureClient, InterSpect, IPS-1, IQ Engine, MailSafe, NG, NGX, Open Security Extension, OPSEC, OSFirewall, Pointsec, Pointsec Mobile, Pointsec PC, Pointsec Protector, Policy Lifecycle Management,Power-1, Provider1, PureAdvantage, PURE Security, the puresecurity logo, Safe@Home, Safe@Office, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlatform, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL, SecureXL Turbocard, Security Management Portal, Sentivist, SiteManager-1, SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro, SmartCenter UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advi-

sor, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartProvisioning, SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView Status, SmartViewTracker, SMP, SMP On-Demand, SofaWare, SSL Network Extender, Stateful Clustering, Total Security, the totalsecurity logo, TrueVector, Turbocard, UAM, UserAuthority, User-to-Address Mapping, UTM-1, UTM-1 Edge, UTM-1 Edge Industrial, UTM-1 Total Security, VPN-1, VPN-1 Accelerator Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-1 Power, VPN-1 Power Multi-core, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1 SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VSX, Web Intelligence, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus, ZoneAlarm ForceField, ZoneAlarm Internet Security Suite, ZoneAlarm Pro, ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trademarks or registered trademarks of Check Point Software Technologies Ltd. or its affiliates. ZoneAlarm is a Check Point Software Technologies, Inc. Company. All other product names mentioned herein are trademarks or registered trademarks of their respective owners. The products described in this document are protected by U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943, and 7,165,076 and may be protected by other U.S. Patents, foreign patents, or pending applications. DISCLAIMER OF WARRANTY Check Point Software Technologies Ltd. makes no representation or warranties, either express or implied by or with respect to anything in this document, and shall not be liable for any implied warranties of merchantability or fitness for a particular purpose or for any indirect special or consequential damages.

International Headquarters:

5 Ha’Solelim Street Tel Aviv 67897, Israel Tel: +972-3-753 4555

U.S. Headquarters:

800 Bridge Parkway Redwood City, CA 94065 Tel: 650-628-2000 Fax: 650-654-4233

Technical Support, Education & Professional Services:

8333 Ridgepoint Drive, Suite 150 Irving, TX 75063 Tel: 972-444-6612 Fax: 972-506-7913 E-mail any comments or questions about our courseware to courseware@us.checkpoint.com. For questions or comments about other Check Point documentation, e-mail CP_TechPub_Feedback@checkpoint.com.

Document #: Revision: Content: Graphics:

CCSA R70 Study Guide R70001 Mark Hoefle Jeffery Holder

.

71 .Security Administrator R70 / R71 Study Guide Exam # 156-215.

.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Answer . . . . . . . . . . . 32 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40 . . . . . . . . . . . . . . 29 Chapter 5 Using SmartUpdate 31 Introduction to the SmartUpdate Topics . . . . . . . . . 17 Chapter 3 Introduction to the Security Policy 19 Introduction to the Security Policy Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Chapter 1 Check Point Technology Overview 7 Check Point Technology Overview Topics . . . . . . . 33 Answer . . . . . . . . . . . . . . . 34 Chapter 6 Upgrading to R71 35 Introduction to the Upgrading to R71 . . . . . . . . . . . . . . . . . . . . 23 Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 Chapter 4 Monitoring Traffic and Connections 25 Introduction to the Monitoring Traffic and Connections Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 Chapter 2 Deployment Platforms 13 Deployment Platforms Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Sample CCSA R70 Exam Question . . . . .Preface The Check Point Certified Security Administrator Exam 1 Frequently Asked Questions . . . . . . 36 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . 11 Answer . . . . . . . . . . . . . . . . . . . . . . . 38 Chapter 7 User Management and Authentication 39 Introduction to the User Management and Authentication Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 Answer . . . . . . . . . . . . . . . . . . . . . . . . 20 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

. . . . . . . . . . . . . . . . . . 52 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . 43 Chapter 8 Encryption and VPNs 45 Introduction to the Encryption and VPNs Topics . . . . . . . . . . . . . . . . 60 Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Sample CCSA R70 Exam Question . . . . . . . . . 58 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Chapter 9 Introduction to VPNs 51 Introduction VPNs Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Chapter 10 Messaging and Content Security 57 Introduction to the Messaging and Content Security Topics . . . . . . . . . 48 Answer . . . . . 55 Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

and the key elements of this architecture Design a distributed environment using the network detailed in the course topology Install the Security Gateway version R71 in a distributed environment using the network detailed in the course topology Given Check Point’s latest integration of CoreXL technology. The Check Point Certified Security Administrator R71exam covers the following topics: Describe Check Point’s unified approach to network management. The Check Point Security Administrator R70 / R71Study Guide supplements knowledge you have gained from the Security Administrator R70 / R71course. configure Security Policies. select the best security solution for your corporate environment Given network specifications.Preface The Check Point Certified Security Administrator Exam The Check Point Security Administrator R70 / R71course provides an understanding of basic concepts and skills necessary to configure the Check Point Security Gateway. and is not a sole means of study. perform a backup and restore the current Gateway installation from the command line 1 . and learn about managing and monitoring secure networks.

and ensure network functionality Using SmartView Monitor. analyze tunnel activity and monitor remote user access based on corporate requirements Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades. and LAN outbound use Configure NAT rules on Web and Gateway servers Evaluate existing policies and optimize the rules based on current corporate requirements Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades and minimal downtime Use queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data Using packet data on a given corporate network. and license modifications Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways Upgrade and attach product licenses using SmartUpdate 2 Check Point Security Administrator R70 / R71 Study Guide . troubleshoot system and security issues. new installations. generate reports. create and configure network. configure alerts and traffic counters. external services. monitor suspicious activity rules. host and gateway objects Verify SIC establishment between the SmartCenter Server and the Gateway using SmartDashboard Create a basic Rule Base in SmartDashboard that includes permissions for administrative users. import and export users and groups and add or delete administrators from the command line Deploy Gateways using sysconfig and cpconfig from the Gateway command line Use the Command Line to assist support in troubleshooting common problems on the Security Gateway Given the network topology. view a Gateway's status.Preface: The Check Point Certified Security Administrator Exam Identify critical files needed to purge or backup.

Preface: The Check Point Certified Security Administrator Exam Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely Manage users to access to the corporate LAN by using external databases Select the most appropriate encryption algorithm when securing communication over a VPN. content based anti-spam. and zero hour virus detection Based on network analysis disclosing threats by specific sites. based on corporate requirements Establish VPN connections to partner sites in order to establish access to a central database by configuring Advanced IKE properties Configure a pre-shared secret site-to-site VPN with partner sites Configure a certificate based site-to-site VPN using one partner's internal Configure a certificate based site-to-site VPN using a third-party CA Configure permanent tunnels for remote access to corporate resources Configure VPN tunnel sharing. configure a Web-filtering and antivirus policy to filter and scan traffic Implement default or customized profiles to designated Gateways in the corporate network Check Point Security Administrator R70 / R71Study Guide 3 . subnet-based and gateway-based tunnels Configure Check Point Messaging Security to test IP Reputation. given the difference between host-based.

To locate an ATC.checkpoint. Registrations at a testing center may be made in advance or on the day you wish to test. In addition. see: http://atc.com What is the exam structure? The exams are composed of multiple-choice and scenario questions. Register via the Web or visit a specific testing center.500 testing centers worldwide. For sameday testing.Preface: The Check Point Certified Security Administrator Exam Frequently Asked Questions Frequently Asked Questions The table below provides answers to commonly asked questions about the CCSA R70 / R71exam: Question What are the Check Point recommendations and prerequisites? Answer Check Point recommends you have at least 6 months to 1 year of experience with the products.com/ atclocator/locateATC How do I register? Check Point exams are offered through Pearson VUE. There is no partial credit for incorrectly marked questions. knowledge of Windows Server and/or UNIX. contact the testing center directly. 4 Check Point Security Administrator R70 / R71 Study Guide . We recommend you take this class before taking the CCSA R70 exam. a third-party testing vendor with more than 3. Pearson VUE offers a variety of registration options. and experience with TCP/IP and the Internet. Check Point also recommends you take the Check Point Security Administrator R70 class from a Check Point Authorized Training Center (ATC). you should also have basic networking knowledge.pearsonvue. Locate a testing center from the VUE Pearson Web site: www. subject to availability. before attempting to take the CCSA R70 exam.

com/services/education/ 5 Check Point Security Administrator R70 / R71 Study Guide . see: http://www.Preface: The Check Point Certified Security Administrator Exam Question How long is the exam? Do I get extra time.checkpoint. All other regions get 150 minutes: Australia Bermuda Canada Japan New Zealand Ireland South Africa UK US For more exam and course information. if I am not a native English speaker? Frequently Asked Questions Answer The following countries are given 120 minutes to complete the exam.

Preface: The Check Point Certified Security Administrator Exam Frequently Asked Questions 6 Check Point Security Administrator R70 / R71 Study Guide .

This course is lab-intensive. and provides the foundation for technologies involved in the Check Point Software Blade Architecture. administrative flexibility and critical accessibility. and in this chapter. This chapter introduces the basic concepts of network security and management based on Check Point’s three-tier structure. as discussed in the introduction. Objectives: Describe Check Point’s unified approach to network management. you will begin your hands-on approach with a first-time installation using standalone and distributed topologies.Chapter Check Point Technology Overview 1 Check Point technology is designed to address network exploitation. and the key elements of this architecture Design a distributed environment using the network detailed in the course topology Install the Security Gateway version R71 in a distributed environment using the network detailed in the course topology 7 .

07 p. 05 p. 10 p. 11 p. 04 p. and is not meant to be a sole means of study. 15 p.p. 08 tecture INSPECT Engine Packet Flow Deployment Considerations The DMZ Bridge Mode Bridge Mode and STP Security Policy Management SmartConsole Components SmartDashboard SmartView Tracker Table 1-1: Check Point Technology Overview Topics p. 14 p. 12 8 Check Point Security Administrator R70 / R71 Study Guide . This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook. 13 p. 03 p. 17 p.Chapter 1: Check Point Technology Overview Check Point Technology Overview Topics Check Point Technology Overview Topics The following table outlines the topics covered in the “Check Point Technology Overview” chapter of the Check Point Security Administrator R70 / R71 Course. 06 p. Topic Network Access Control The Check Point Firewall Mechanisms for Controlling Network Traffic Packet Filtering Stateful Inspection Application Intelligence Key Element Page Number p. 09 p. 08 Security Gateway Inspection Archi.

26 Managing Users in SmartDashboard p. 30 p. 43 p. 30 p. 21 Topic Key Element SmartView Monitor SmartEvent Real-Time Threat Analysis and Pro. 20 Centralized Event Correlation p.Check Point Technology Overview Topics Chapter 1: Check Point Technology Overview Page Number p. 26 Users Database Creating Administrators in SmartDashboard Securing Channels of Communication SIC The Internal Certificate Authority (ICA) ICA Clients SIC Between Security Management Servers and Components Administrative Login Using SIC p. 21 tection Intelligent Event Management The SmartEvent Architecture SmartProvisioning SmartUpdate Security Management Server p. 29 p.21 p. 28 p. 24 p. 18 p. 32 p. 27 p. 25 p.p. 33 Table 1-1: Check Point Technology Overview Topics Check Point Security Administrator RR70 / 71 Study Guide 9 . 30 p. 22 p.

Chapter 1: Check Point Technology Overview

Check Point Technology Overview Topics Page Number L-p. 1

Topic Lab 1: Distributed Installation

Key Element

Install Security Management Server L-p. 3 Configure Security Management Server - sysconfig Install Secure Platform on the Corporate Security Gateway Configure the Corporate Security Gateway using the WebUI Install SmartConsole Launch SmartDashboard Lab 2: Branch Office Security Gateway Installation Install SecurePlatform on Branch Gateway Configure Branch Gateway WebUI Table 1-1: Check Point Technology Overview Topics L-p. 11 L-p. 28 L-p. 30 L-p. 39 L-p. 45 L-p. 49 L-p. 50 L-p. 56

10

Check Point Security Administrator R70 / R71 Study Guide

Sample CCSA R70 Exam Question

Chapter 1: Check Point Technology Overview

Sample CCSA R70 Exam Question
What would be the benefit of upgrading from SmartDefense to IPS R70?: 1. Completely rewritten engine provides improved security performance and reporting. 2. There is no difference - IPS R70 is the new name. 3. The SmartDefense technology expands IPS-1 to IPS R70. 4. The SmartDefense is replaced by the technology of IPS-1.

Check Point Security Administrator RR70 / 71 Study Guide

11

Chapter 1: Check Point Technology Overview

Answer

Answer
What would be the benefit of upgrading from SmartDefense to IPS R71?: 1. Completely rewritten engine provides improved security performance and reporting. 2. There is no difference - IPS R70 is the new name. 3. The SmartDefense technology expands IPS-1 to IPS R70. 4. The SmartDefense is replaced by the technology of IPS-1

12

Check Point Security Administrator R70 / R71 Study Guide

it is beneficial to know about Check Point’s different deployment platforms. perform a backup and restore the current Gateway installation from the command line.Chapter Deployment Platforms 2 Before delving into the intricacies of creating and managing Security Policies. Deploy Gateways using sysconfig and cpconfig from the Gateway command line. For those familiar with Linux and UNIX this section will be a review. But for those with little to no Linux/UNIX experience. Identify critical files needed to purge or backup. 13 . import and export users and groups and add or delete administrators from the command line. and understand the basic workings of Check Point’s UNIX-based and Linux operating systems (IPSO and SecurePlatform) that support many Check Point products. this will be a welcome guide Objectives: Given network specifications.

54 14 Check Point Security Administrator R71 Study Guide . 42 p.Chapter 2: Deployment Platforms Deployment Platforms Topics Deployment Platforms Topics The following table outlines the topics covered in the “Deployment Platforms” chapter of the Check Point Security Administrator R70 / R71 Course. 46 p. 41 p. 40 p. 43 p. 39 p. and is not meant to be a sole means of study. 40 p. Topic UTM-1 Edge Appliance Managing UTM-1 Edge — Security Management Server SmartProvisioning Managing UTM-11 Edge — Provider-1 Power-1 Appliances IP Appliances IP Network Voyager IPSO IPSO Command Line Interface (CLI) SecurePlatform Hardware Compatibility Testing Tool Managing Your SecurePlatform System Critical Check Point Directories CoreXL Multicore Acceleration CoreXL Architecture Table 2-2: Deployment Platforms Topics Key Element Page Number p. 50 p. 49 p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook. 53 p. 47 p. 50 p. 51 p. 44 p.

71 L-p. 68 L-p. 55 p.Deployment Platforms Topics Chapter 2: Deployment Platforms Page Number p. 72 L-p 74 Topic Key Element CoreXL and Performance Pack Working with CoreXL Lab 3: Command Line Interface Tool Table 2-2: Deployment Platforms Topics Check Point Security Administrator R71 Study Guide 15 . 56 L-p. 67 Set Expert Password Apply Other Useful Commands Add and Delete Administrators via the CLI Perform backkup and restore L-p.

and manual ARP configurations. upgrade_export has an option to backup the system and SmartView Tracker logs while backup and snapshot will not. 3. upgrade_export will back up routing tables. 4. The backup and snapshot commands can take a long time to run whereas upgrade_export will take a much shorter amount of time. 16 Check Point Security Administrator R71 Study Guide . 2. upgrade_export is operating system independent and can be used when backup or snapshot is not available. hosts files.Chapter 2: Deployment Platforms Sample CCSA R70 Exam Question Sample CCSA R70 Exam Question What is the primary benefit of using upgrade_export over either backup or snapshot? 1. where backup and snapshot will not.

and manual ARP configurations. 4. The backup and snapshot commands can take a long time to run whereas upgrade_export will take a much shorter amount of time. hosts files. 3. where backup and snapshot will not.Answer Chapter 2: Deployment Platforms Answer What is the primary benefit of using upgrade_export over either backup or snapshot? 1. upgrade_export will back up routing tables. Check Point Security Administrator R71 Study Guide 17 . 2. upgrade_export has an option to backup the system and SmartView Tracker logs while backup and snapshot will not. upgrade_export is operating system independent and can be used when backup or snapshot is not available.

Chapter 2: Deployment Platforms Answer 18 Check Point Security Administrator R71 Study Guide .

Create a basic Rule Base in SmartDashboard that includes permissions for administrative users. Evaluate existing policies and optimize the rules based on current corporate requirements. and modify a Security Policy’s properties. external services. create and configure network. and LAN outbound use. to decrease the burden of management when working with rules and objects. In addition. Objectives: Given the network topology. host and gateway objects. Configure NAT rules on Web and Gateway servers. This chapter examines how to create rules based on network objects. 19 . this chapter will teach you how to apply Database Revision Control and Policy Package management.Chapter Introduction to the Security Policy 3 The Security Policy is essential in administrating security for your organization’s network. Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard. Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades and minimal downtime.

63 p. 77 p. 69 p. 63 p. 76 p. 69 p. 80 20 Check Point Security Administrator R70 Study Guide .Chapter 3: Introduction to the Security Policy Introduction to the Security Policy Topics Introduction to the Security Policy Topics The following table outlines the topics covered in the “Introductions to the Security Policy” chapter of the Check Point Security Administrator R70 / R71 Course. 75 p. 74 p. 78 p. Topic Security Policy Basics The Rule Base Managing Objects in SmartDashboard SmartDashboard and Objects Managing Objects Creating the Rule Base Basic Rule Base Concepts Default Rule Basic Rules Implicit/Explicit Rules Control Connections Detecting IP Spoofing Rule Base Management Understanding Rule Base Order Completing the Rule Base Policy Management and Revision Control Policy Package Management Database Revision Control Table 3-3: Security Policy Topics Key Element Page Number p. 73 p. 79 p. 79 p. and is not meant to be a sole means of study. 65 p. 67 p. 64 p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook. 70 p. 72 p.

Hide NAT Hide NAT Using Another Interface IP Address Manual NAT p. 97 L-p. 89 p. 83 p. 87 p. 92 p. 107 21 . 79 L-p. 103 L-p. 82 IP Addressing Hide NAT Static NAT NAT . 85 p. 99 L-p.Global Properties Configuring Automatic NAT Object Configuratin . 84 p. 92 L-p. 90 p.Introduction to the Security Policy Topics Chapter 3: Introduction to the Security Policy Page Number p. 89 p. 85 Topic Network Address Translation Key Element Multicasting Lab 4: Building a Security Policy Create Rules for Corporate Gateway L-p. 77 Create Security Gateway Object Create GUIclient Object L-p. 94 L-p. 86 Save the Policy Install the Policy Test the Corporate Policy Create the Remote Security Gateway Object Establish SIC with the Branch Office Create a New Policy for the Branch Office Combine Policies Table 3-3: Security Policy Topics Check Point Security Administrator R70 Study Guide L-p 91 L-p. 96 L-p.

Chapter 3: Introduction to the Security Policy Introduction to the Security Policy Topics Page Number L-p. 130 L-p. 127 L-p. 115 Create DMZ Objects in SmartDash. 133 Topic Lab 5: Configure the DMZ Key Element Lab 6: Configuring NAT Table 3-3: Security Policy Topics 22 Check Point Security Administrator R70 Study Guide . 118 L-p. 128 L-p. 116 board Create DMZ Access Rule Test the Policy L-p. 118 L-p.L-p. 120 L-p. 119 Configure Hide NAT on the Corporate Network Test the Hide NAT Address Open SmartView Tracker Configure Static NAT on the DMZ Server Test the Static NAT Address Observe Hide NAT Traffic Using fw monitor Configure Wireshark Observe the Traffic Observe Static NAT Traffic Using fw monitor L-p. 122 L-p 123 L-p. 132 L-p. 125 L-p.

Automatic ARP must be unchecked in the Global Properties. Nothing else must be configured. what other configuration must be done to allow the traffic to reach the Web server? 1. A static route for the NAT IP must be added to the Gateway's upstream router. 4. 3. A client on the Internet initiates a session to the Web Server. Check Point Security Administrator R70 Study Guide 23 . Client side NAT is not checked in the Global Properties. A static route must be added on the Security Gateway to the internal host. 2. Assuming there is a rule allowing this traffic.Sample CCSA R70 Exam Question Chapter 3: Introduction to the Security Policy Sample CCSA R70 Exam Question A Web server behind the Security Gateway is set to Automatic Static NAT.

A client on the Internet initiates a session to the Web Server. Assuming there is a rule allowing this traffic. Nothing else must be configured.Chapter 3: Introduction to the Security Policy Answer Answer A Web server behind the Security Gateway is set to Automatic Static NAT. 24 Check Point Security Administrator R70 Study Guide . what other configuration must be done to allow the traffic to reach the Web server? 1. Client side NAT is not checked in the Global Properties. A static route for the NAT IP must be added to the Gateway's upstream router. 3. 4. A static route must be added on the Security Gateway to the internal host. 2. Automatic ARP must be unchecked in the Global Properties.

view a Gateway's status. Using packet data on a given corporate network. generate reports. troubleshoot system and security issues. you need to gather information on the network’s traffic patterns. 25 . Using SmartView Monitor. Objectives: Use queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data. monitor suspicious activity rules.Chapter Monitoring Traffic and Connections 4 To manage your network effectively and to make informed decisions. configure alerts and traffic counters. analyze tunnel activity and monitor remote user access based on corporate requirements. and ensure network functionality.

111 p. 116 p. 103 p. and is not meant to be a sole means of study.Chapter 4: Monitoring Traffic and ConnectionsIntroduction to the Monitoring Traffic and Connec- Introduction to the Monitoring Traffic and Connections Topics The following table outlines the topics covered in the “Monitoring Traffic and Connections” chapter of the Check Point Security Administrator R70 / R71Course. 110 p. 106 p. 101 p. Topic SmartView Tracker Log Types SmartView Tracker Tabs Action Icons Log-File Management Administrator Auditing Global Logging and Alerting Time Settings Blocking Connections SmartView Monitor SmartView Monitor Login Customizable Views Monitoring Suspicious Activity Rules Monitoring Alerts Gateway Status SmartView Tracker vs. 108 p. 109 p. 104 p. SmartView Monitor Table 4-4: Monitoring Traffic and Connections Topics Key Element Page Number p. 111 p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71Courseware handbook. 121 26 Check Point Security Administrator R71 Study Guide . 118 p. 102 p. 105 p. 116 p. 228 p.

138 L-p.Introduction to the Monitoring Traffic and Connections Topics Chapter 4: Monitoring Traffic and Page Number L-p. 137 Launch SmartView Tracker Track by Source and Destination Modify the Gateway to Activate SmartView Monitor View Traffic Using SmartView Monitor Table 4-4: Monitoring Traffic and Connections Topics L-p. 144 L-p 146 Topic Lab 7: Monitoring with SmartView Tracker Key Element Check Point Security Administrator R71 Study Guide 27 . 142 L-p.

Chapter 4: Monitoring Traffic and Connections Sample CCSA R70 Exam Question Sample CCSA R70 Exam Question A third-shift Security Administrator configured and installed a new Security Policy early this morning. Which SmartConsole component would you use to verify this? 1. You suspect the Security Gateway virtual memory might be the problem. SmartView Tracker. Eventia Analyzer. SmartView Monitor 28 Check Point Security Administrator R71 Study Guide . When you arrive. This information can only be viewed with fw ctl pstat command from the CLI. he tells you that he has been receiving complaints that Internet access is very slow. 3. 4. 2.

You suspect the Security Gateway virtual memory might be the problem. This information can only be viewed with fw ctl pstat command from the CLI. 4. 2. SmartView Tracker. SmartView Monitor Check Point Security Administrator R71 Study Guide 29 .Answer Chapter 4: Monitoring Traffic and Connections Answer A third-shift Security Administrator configured and installed a new Security Policy early this morning. 3. Eventia Analyzer. When you arrive. he tells you that he has been receiving complaints that Internet access is very slow. Which SmartConsole component would you use to verify this? 1.

Chapter 4: Monitoring Traffic and Connections Answer 30 Check Point Security Administrator R71 Study Guide .

31 . SmartUpdate can deliver automated software and license updates to hundreds of distributed Security Gateways from a single management console. Objectives: Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades.Chapter Using SmartUpdate 5 SmartUpdate extends your organization’s ability to provide centralized policy management across enterprise-wide deployments. Upgrade and attach product licenses using SmartUpdate. Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways. and license modifications. new installations.

140 p.Chapter 5: Using SmartUpdate Introduction to the SmartUpdate Topics Introduction to the SmartUpdate Topics The following table outlines the topics covered in the “SmartUpdate” chapter of the Check Point Security Administrator R70 / R71Course. 141 32 Check Point Security Administrator R70 / R71 Study Guide . This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71Courseware handbook. 127 p. 128 p. 130 p. 141 p. 140 p. and is not meant to be a sole means of study. 141 p. Topic SmartUpdate and Managing Licenses SmartUpdate Architecture SmartUpdate Introduction Overview of Managing Licenses Service Contracts Licensing R71 Obtaining a License Key Upgrading Licenses SmartUpdate Options The SmartUpdate Command Line Table 5-5: Using SmartUpdate Topics Key Element Page Number p. 138 p. 132 p.

Sample CCSA R70 Exam Question Chapter 5: Using SmartUpdate Sample CCSA R70 Exam Question You are a Security Administrator preparing to deploy a new HFA (Hotfix Accumulator) to ten Security Gateways at five geographically separate locations. 4. Use SmartUpdate to install the packages to each of the Security Gateways remotely. Send a CD-ROM with the HFA to each location and have local personnel install it. Use a SSH connection to SCP the HFA to each Security Gateway. 3. Once copied locally. 2. Check Point Security Administrator R70 / R71 Study Guide 33 . initiate a remote installation command and monitor the installation progress with SmartView Monitor. What is the BEST method to implement this HFA? 1. Send a Certified Security Engineer to each site to perform the update.

Once copied locally. initiate a remote installation command and monitor the installation progress with SmartView Monitor. 3. 34 Check Point Security Administrator R70 / R71 Study Guide . 4. Send a Certified Security Engineer to each site to perform the update. What is the BEST method to implement this HFA? 1. Use SmartUpdate to install the packages to each of the Security Gateways remotely.Chapter 5: Using SmartUpdate Answer Answer You are a Security Administrator preparing to deploy a new HFA (Hotfix Accumulator) to ten Security Gateways at five geographically separate locations. 2. Use a SSH connection to SCP the HFA to each Security Gateway. Send a CD-ROM with the HFA to each location and have local personnel install it.

Chapter Upgrading to R71 6 This chapter shows how to upgrade an existing Security Management server and security gateway to R71. Security Policies. obtain a license key. 35 . Solaris and IPSO. Objectives: Based on current products or platforms used in an enterprise network. Given R71 licensing restrictions. This chapter lists guidelines for deciding when to upgrade. SecurePlatform. Linux. Install a Contract File on platforms such as Windows. versus doing a new installation. and objects. Upgrades are used to save Check Point product configurations. so that Security Administrators do not need to recreate Gateway and Security Management Server configurations. perform a pre installation compatibility assessment before upgrading to R71.

154 36 Check Point Security Administrator R71 Study Guide .p. 148 p. 151 L-p. Topic Backward Compatibility for Gateways Upgrading Security Management Server Key Element Page Number p. 151 p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71Courseware handbook. 147 p. 148 ability Upgrade Notes Upgrade Configuration Distributed Installation Web Intelligence Licnese Enforcement Lab 8: Upgrading a Security Gateway Locally Upgrade SecurePlatform Using a CDROM Table 6-6: Upgrading to R70 Topics p. 149 p. 153 L-p. and is not meant to be a sole means of study.Chapter 6: Upgrading to R71 Introduction to the Upgrading to R71 Introduction to the Upgrading to R71 The following table outlines the topics covered in the “Upgrading to R71” chapter of the Check Point Security Administrator R70 / R71 Course. 147 IPS-1 Upgrade Paths and Interoper.

3. What will happen if you attempt to upgrade the license for this product? 1. The license is not upgraded. The license will be upgraded with a warning. but cannot be activated. 4. Check Point Security Administrator R71 Study Guide 37 . It is upgraded with new available features.Sample CCSA R70 Exam Question Chapter 6: Upgrading to R71 Sample CCSA R70 Exam Question You currently do not have a Check Point software subscription for one of your products. It is deleted. 2.

It is deleted. The license is not upgraded. 3. 2. but cannot be activated. 4. 38 Check Point Security Administrator R71 Study Guide . What will happen if you attempt to upgrade the license for this product? 1.Chapter 6: Upgrading to R71 Answer Answer You currently do not have a Check Point software subscription for one of your products. The license will be upgraded with a warning. It is upgraded with new available features.

Objectives: Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely. SecurID and TACACS.Chapter User Management and Authentication 7 If you do not have a user-management infrastructure in place. but also allow you to control security by allowing some users access and disallowing others. according to the scheme specified under a Gateway authentication scheme. Users authenticate by proving their identities. such as LDAP. such as LDAP. RADIUS. If you have a large user count. Manage users to access to the corporate LAN by using external databases 39 . Check Point recommends opting for an external user-management database. Check Point authentication features enable you to verify the identity of users logging in to the Security Gateway. you can make a choice between managing the internal-user database or choosing to implement an LDAP server.

169 Configuring Session Authentication p. 168 p. and is not meant to be a sole means of study. 175 Table 7-7: User Management and Authentication Topics 40 Check Point Security Administrator R70 / R 71 Study Guide .Chapter 7: User Management and AuthenticationIntroduction to the User Management and Authen- Introduction to the User Management and Authentication Topics The following table outlines the topics covered in the “User Management and Authentication” chapter of the Check Point Security Administrator R70 / R71 Course. 170 Client Authentication Configuring Client Authentication Resolving Access Conflicts p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook. Topic Creating Users and Groups in SmartDashboard User Types Security Gateway Authentication Introduction to Authentication Methods Authentication Schemes Remote User Authentication Authentication Methods User Authentication Configuring User Authentication Session Authentication Key Element Page Number p. 159 p. 161 p. 174 Configuring Authentication Tracker p. 165 p. 159 p. 165 p. 170 p. 173 p. 163 p. 161 p. 166 p.

179 L-p. 178 p. 179 p. 167 L-p. 188 L-p. 175 LDAP Features Multiple LDAP Servers Using an Existing LDAP Server Configuring Entities to Work with the Gateway Managing Users SmartDirectory Groups Lab 9: Client Authentication Use Manual Client Authentication with FTP and Local User Modify the Rule Base Test Manual Client Authentication Use Partially Automatic Client Auth with a Local User Use Partially Automatic Client Auth with LDAP Verify SmartDashboard Integration Test Active Directory Authentication Create a Database Revision Table 7-7: User Management and Authentication Topics p. 189 Topic LDAP User Management with SmartDirectory Key Element Check Point Security Administrator R70 / R71 Study Guide 41 . 183 L-p. 182 p. 178 p. 186 L-p.Introduction to the User Management and Authentication Topics Chapter 7: User Management and Page Number p. 170 L-p. 174 L-p. 173 L-p. 165 L-p. 176 p.

Configure a server object for the LDAP Account Unit. 2. and configure a server object for the LDAP Account Unit. configure a host-node object for the LDAP server. Enable LDAP in Global Properties. 4. using an LDAP server. configure a server object for the LDAP Account Unit. and create an LDAP resource object. Configure a server object for the LDAP Account Unit. Configure a workstation object for the LDAP server. enable LDAP in Global Properties. 42 Check Point Security Administrator R70 / R 71 Study Guide . and enable LDAP in Global Properties.Chapter 7: User Management and Authentication Sample CCSA R70 Exam Question Sample CCSA R70 Exam Question Choose the BEST sequence for configuring user management in SmartDashboard. 3. and create an LDAP resource object. 1.

3.Answer Chapter 7: User Management and Authentication Answer Choose the BEST sequence for configuring user management in SmartDashboard. enable LDAP in Global Properties. using an LDAP server. Configure a workstation object for the LDAP server. Check Point Security Administrator R70 / R71 Study Guide 43 . and enable LDAP in Global Properties. Enable LDAP in Global Properties. and create an LDAP resource object. 1. configure a server object for the LDAP Account Unit. 2. 4. and configure a server object for the LDAP Account Unit. and create an LDAP resource object. Configure a server object for the LDAP Account Unit. Configure a server object for the LDAP Account Unit. configure a host-node object for the LDAP server.

Chapter 7: User Management and Authentication Answer 44 Check Point Security Administrator R70 / R 71 Study Guide .

Chapter Encryption and VPNs 8 The Check Point Security Gateway enables you to create site-to-site Virtual Private Networks (VPNs) that provide secure communication between two defined participants. by encrypting the communication on unsecured public networks. Objectives: Select the most appropriate encryption algorithm when securing communication over a VPN. 45 . based on corporate requirements. Configure a certificate-based site-to-site VPN using one partner's internal CA. Establish VPN connections to partner sites in order to establish access to a central database by configuring Advanced IKE properties. such as the Internet.

and is not meant to be a sole means of study. 200 p.Chapter 8: Encryption and VPNs Introduction to the Encryption and VPNs Topics Introduction to the Encryption and VPNs Topics The following table outlines the topics covered in the “Encryption and VPNs” chapter of the Check Point Security Administrator R70 / R71 Course. 198 p. 194 p. 197 p. 196 p. 199 p. 197 p. 193 p. Topic Securing Communication Privacy Symmetric Encryption Asymmetric Encryption Diffie-Hellman Integrity Authentication Two-Phases of Encryption Encryption Algorithms IKE ISAKMP Oakley ISAKMP/Oakley Phase 1 Phase 2 How a VPN Works Tunneling-Mode Encryption Certificate Authorities Table 8-8: Encryption and VPNs Topics Key Element Page Number p. 197 p. 197 p. 202 p. 189 p. 192 p. 190 p. 203 46 Check Point Security Administrator R70 / R71 Study Guide . 191 p. 195 p. 196 p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook.

209 Check Point Security Administrator R70 / R71 Study Guide 47 . 205 p. 204 p. 206 p. 205 L-p. 202 L-p. 204 p. 193 L-p.Introduction to the Encryption and VPNs Topics Chapter 8: Encryption and VPNs Page Number p. 207 L-p. 206 p. 191 Topic Key Element Certificates Multiple Certificate Authorities Local Certificate Authority CA Service via the Internet Internal Certificate Authority Creating Certificates Lab 10: Site-to-Site VPN Between Corporate and Branch Offfice Define the VPN Domain Create the VPN Community Create the VPN Rule and Modifying the Rule Base Test VPN Connection Failed Negotiation Example Table 8-8: Encryption and VPNs Topics L-p. 196 L-p.

4. Executives in your organization want to know which mechanism Security Gateway R70 uses to guarantee the authenticity and integrity of messages. Which technology should you explain to the executives? 1.Chapter 8: Encryption and VPNs Sample CCSA R70 Exam Question Sample CCSA R70 Exam Question Your organization maintains several IKE VPNs. Key-exchange protocols. 48 Check Point Security Administrator R70 / R71 Study Guide . 3. Digital signatures. Certificate Revocation Lists 2. Application Intelligence.

Answer Chapter 8: Encryption and VPNs Answer Your organization maintains several IKE VPNs. Certificate Revocation Lists 2. Application Intelligence. Which technology should you explain to the executives? 1. Executives in your organization want to know which mechanism Security Gateway R70 uses to guarantee the authenticity and integrity of messages. Check Point Security Administrator R70 / R71 Study Guide 49 . Digital signatures. Key-exchange protocols. 4. 3.

Chapter 8: Encryption and VPNs Answer 50 Check Point Security Administrator R70 / R71 Study Guide .

Siteto-site BPN ensures secure links between Gateways. Configure permanent tunnels for remote access to corporate resources. sup-unit-based. given the difference between host-based.Chapter Introduction to VPNs 9 Virtual Private Ntworking technology leverages the Internet to build and enhance secure network connectivity. A Remote Access VPN ensures secure links between Gateways and remote access clients. and gateway-based tunnels. a VPN enables secure links between special types of network nodes: the Gateways. Objectives: Configure a pre-shared secret site-to-site VPN with partner sites. Configure VPN tunnel sharing. 51 .. Based on standard Internet secure protocols.

226 p. 216 p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook. 225 p. 217 p. 229 52 Check Point Security Administrator R70 / R71 Study Guide . 213 p. 215 p. 221 p. 220 p. 218 p. 213 p. Topic The Check Point VPN VPN Deployments Site-to-Site VPNs Remote Access VPNs VPN Implementation VPN Setup Understanding VPN Deployment VPN Communities VPN Topologies Meshed VPN Community Star VPN Community Choosing a Topology Topology and Encryption Issues Special VPN Gateway Conditions Authenticating Between Community Members Domain and Route-Based VPNs Access Control and VPN Communites Accepting all Encrypted Traffic Table 9-9: Check Point Introduction to VPNs Topics Key Element Page Number p. 223 p. 214 p. 217 p. and is not meant to be a sole means of study. 224 p. 220 p.Chapter 9: Introduction to VPNs Introduction VPNs Topics Introduction VPNs Topics The following table outlines the topics covered in the “Introduction to VPNs” chapter of the Check Point Security Administrator R70 / R71 Course. 227 p. 221 p.

232 p. 235 p. 235 p. 215 L-p. 236 L-p. 222 Check Point Security Administrator R70 / R71 Study Guide 53 .Introduction VPNs Topics Chapter 9: Introduction to VPNs Page Number p. 235 p.L-p. 216 Add Partner Machine to VPN Com. 235 nectivity Modes Office Mode Visitor Mode Hub Mode Establishing a Connection Between a Remote User and a Gateway Lab 11: Two-Gateway IKE Encryption Using Certificates Save Certificate for Export p. 234 Topic Key Element Excluding Services Integrating VPNs into a Rule Base VPN Tunnel Management Remote Access VPNs Multiple Remote Access VPN Con. 231 p. 229 p. 218 L-p. 231 Permanent Tunnels VPN Tunnel Sharing p. 234 SecuRemote p.p. Traditional Mode VPNs p. 218 munity Creating Object for Partner Gateway Modify VPN Domain for Partner Gateway Table 9-9: Check Point Introduction to VPNs Topics L-p. 230 Simplified vs. 233 p.

240 L-p.Chapter 9: Introduction to VPNs Introduction VPNs Topics Page Number L-p. 230 L-p. 225 L-p. 229 L-p. 249 L-p. 237 Create Remote-Access Group Configure Gateway for IKE Encryption Create a Remote User Group Configure Remote Access Community Ojbect L-p. 231 L-p. 226 L-p. 245 L-p. 256 54 Check Point Security Administrator R70 / R71 Study Guide . 239 L-p 240 L-p. 247 L-p. 235 L-p. 241 Topic Key Element Add the Partner Network to the VPN Community Create Partner Site Certificate Authority Modify the Rule Base Install and Verify Security Gateway Configuration Test Encryption with Certificates Revert to Standard Security Policy Lab 12: Remote Access and Office Mode Configure VPN Domain for Remote L-p. 244 Access Configure Office Mode IP Pool Modify the Rule Base for Remote Access Create a Site Using the Site Wizard Verify Office Mode IP Assignment Test the Remote Connection Table 9-9: Check Point Introduction to VPNs Topics L-p. 255 L-p.

DES. CAST cipher Check Point Security Administrator R70 / R71 Study Guide 55 . AES 3. which is generally considered the best encryption method? 1. Triple DES 4. 2.Sample CCSA R70 Exam Question Chapter 9: Introduction to VPNs Sample CCSA R70 Exam Question When using an encryption algorithm.

Triple DES 4. which is generally considered the best encryption method? 1. 2. CAST cipher 56 Check Point Security Administrator R70 / R71 Study Guide . AES 3.Chapter 9: Introduction to VPNs Answer Answer When using an encryption algorithm. DES.

Objectives: Configure Check Point Messaging Security to test IP Reputation. hackers also attempt to misuse allowed traffic and services. configure a Web-filtering and antivirus policy to filter and scan traffic. Some of the most serious threats in today's Internet environment come from attacks that attempt to exploit the application layer. content based anti-spam. However. 57 .Chapter Messaging and Content Security 10 Access control firewalls prevent unauthorized traffic from passing through the Gateway. and zero hour virus detection. Based on network analysis disclosing threats by specific sites. Access control devices cannot easily detect malicious attacks aimed at these services.

261 58 Check Point Security Administrator R70 / R71 Study Guide . 248 p.Chapter 10: Messaging and Content Security Introduction to the Messaging and Content Security Introduction to the Messaging and Content Security Topics The following table outlines the topics covered in the “Messaging and Content Security” chapter of the Check Point Security Administrator R70 / R71 Course. 245 p. 255 p. 256 p. 250 p. 246 p. 260 p. Topic Antivirus Protection Anti-Virus Signature Database Updates Antivirus Scanning Content Security Scanning in Practice POP3 Protocol Example FTP Protocol Example HTTP Protocol Example DMZ Example Scan by Direction Options File Type Recognition Continuous Download Logging and Monitoring File Size Limitations and Scanning UTM-1 Edge Antivirus Basic URL Filtering Architecture Anti-Spam and Mail Table 10-10: Messaging and Content Security Topics Key Element Page Number p. This table is intended as a supplement to knowledge you have gained from the Security Administrator R70 / R71 Courseware handbook. 249 p. 256 p. and is not meant to be a sole means of study. 251 p. 247 p. 258 p. 254 p. 244 p. 259 p. 243 p.

263 p. 262 L-p.Introduction to the Messaging and Content Security TopicsChapter 10: Messaging and Content SePage Number p. 272 L-p. 274 Topic Key Element Architecture Logging and Monitoring Lab 13: Messaging and Content Security Check Point Security Administrator R70 / R71 Study Guide 59 . 261 L-p. 270 L-p. 265 L-p. 264 L-p. 267 L-p. 259 Revert to Standard Security Policy Configure Mail Server Object Modify Rule Base Observe Mail Traffic Modify the Gateway Properties Configure Anti-Spam for Monitor Only Analyze to Gateway Analyze Logs Reconfigure Policy to Block Attacks Table 10-10: Messaging and Content Security Topics L-p. 265 L-p. 268 L-p.

Scan by IP Address 60 Check Point Security Administrator R70 / R71 Study Guide .Chapter 10: Messaging and Content Security Sample CCSA R70 Exam Question Sample CCSA R70 Exam Question Which antivirus scanning method does not work if the Gateway is connected as a node in proxy mode? 1. Scan by Direction 2. Scan by File Type 3. Scan by Server 4.

Answer Chapter 10: Messaging and Content Security Answer Which antivirus scanning method does not work if the Gateway is connected as a node in proxy mode? 1. Scan by Direction 2. Scan by File Type 3. Scan by IP Address Check Point Security Administrator R70 / R71 Study Guide 61 . Scan by Server 4.

Chapter 10: Messaging and Content Security Answer 62 Check Point Security Administrator R70 / R71 Study Guide .

Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.