Professional Documents
Culture Documents
1. What is Anti-Spoofing.
Ans – In Asymmetric Encryption there is two different key used for encrypt and
decrypt to packet. Means that one key used for Encrypt packet, and second key used
to for decrypt packet. Same key can not encrypt and decrypt.
Ans – Stealth Rule Protect Checkpoint firewall from direct access any traffic. Its rule
should be place on the top of Security rule base. In this rule administrator denied all
traffic to access checkpoint firewall.
Ans – Cleanup rule place at last of the security rule base, Its used to drop all traffic
which not match with above rule and Logged. Cleanup rule mainly created for log
purpose. In this rule administrator denied all the traffic and enable log.
5. What is NAT.
Ans- NAT stand for Network Address Translation. Its used to map private IP
address with Public IP Address and Public IP address map with Private IP Address.
Mainly its used for Provide Security to the Internal Network and Servers from
Internet. NAT is also used to connect Internet with Private IP Address. Because
Private IP not route able on Internet.
Ans- Source NAT used to initiate traffic from internal network to external network.
In source NAT only source IP will translated in public IP address.
Ans – VPN (Virtual Private Network) is used to create secure connection between
two private network over Internet. Its used Encryption authentication to secure data
during transmission. There are two type of VPN
Ans – IP Sec (IP Security) is a set of protocol. which is responsible for make secure
communication between two host machine, or network over public network such as
Internet. IPSec Protocol provide Confidentiality , Integrity, Authenticity and Anti
Replay protection. There is two IPSec protocol which provide security 1. ESP
(Encapsulation Security Payload) and 2. AH (Authentication Header).
Ans-
ESP – ESP Protocol is a part of IPsec suit , Its provide Confidentiality, Integrity and
Authenticity. Its used in two mode Transport mode and Tunnel mode.
AH – Its is also part of a IPsec suit, Its provide only Authentication and Integrity, Its
does not provide Encryption. Its also used to two mode Transport mode and Tunnel
mode.
Ans – Its a rule in ruse base which is manually created by network security
administrator that called Explicit rule.
Ans – Hide NAT used to translate multiple private IP or Network with single public
IP address. Means many to one translation. Its can only be used in source NAT
translation. Hide NAT can not be used in Destination NAT.
Ans – When request to translate Destination IP address for connect with Internal
Private network from Public IP address. Only static NAT can be used in Destination
NAT.
Ans
Ans-
SIC – SIC stand for “Secure Internal Communication”. Its a checkpoint firewall
feature that is used to make secure communication between Checkpoint firewall
component. Its used when Security Gateway and Security management server
installed in Distributed deployment. Its Authentication and Encryption for secure
communication.
Smart Console.
Security Management.
Security Gateway.
i. SAM Database.
ii. Address Spoofing.
iii. Session Lookup.
iv. Policy Lookup.
v. Destination NAT.
vi. Route Lookup.
vii. Source NAT.
viii. Layer 7 Inspection.
ix. VPN.
x. Routing.
Ans– Its tool of smart console. Its used to Configure Rule, Policy object, Create NAT
Policy, Configure VPN and Cluster.