CCSA R71 Study Guide

Copyright © Check Point Software Technologies
Ltd. All rights reserved.

Printed by Check Point Press
A Division of Check Point Software Technologies Ltd.
First Printing December 2009
RESTRICTED RIGHTS LEGEND:

Use, duplication, or disclosure by the government is subject to restrictions as set forth in
subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at
DFARS 252.227-7013 and FAR 52.227-19.
© 2003-2010 Check Point Software Technologies Ltd.

All rights reserved. This product and related documentation are protected by copyright and
distributed under licensing restricting their use, copying, distribution, and decompilation. No
part of this product or related documentation may be reproduced in any form or by any means
without prior written authorization of Check Point. While every precaution has been taken in
the preparation of this book, Check Point assumes no responsibility for errors or omissions.
This publication and features described herein are subject to change without notice.
TRADEMARKS
©2003-2010 Check Point Software Technologies Ltd. All rights reserved. Check
Point, AlertAdvisor, Application Intelligence, Check Point Endpoint Security,
Check Point Endpoint Security On Demand, Check Point Express, Check Point
Express CI, the Check Point logo, ClusterXL, Confidence Indexing, ConnectCon-
trol, Connectra, Connectra Accelerator Card, Cooperative Enforcement, Coopera-
tive Security Alliance, CoreXL, CoSa, DefenseNet, Dynamic Shielding
Architecture, Eventia, Eventia Analyzer, Eventia Reporter, Eventia Suite, FireWall-
1, FireWall-1 GX, FireWall-1 SecureServer, FloodGate-1, Hacker ID, Hybrid
Detection Engine, IMsecure, INSPECT, INSPECT XL, Integrity, Integrity Client-
less Security, Integrity SecureClient, InterSpect, IPS-1, IQ Engine, MailSafe, NG,
NGX, Open Security Extension, OPSEC, OSFirewall, Pointsec, Pointsec Mobile,
Pointsec PC, Pointsec Protector, Policy Lifecycle Management,Power-1, Provider-
1, PureAdvantage, PURE Security, the puresecurity logo, Safe@Home,
Safe@Office, SecureClient, SecureClient Mobile, SecureKnowledge, SecurePlat-
form, SecurePlatform Pro, SecuRemote, SecureServer, SecureUpdate, SecureXL,
SecureXL Turbocard, Security Management Portal, Sentivist, SiteManager-1,
SmartCenter, SmartCenter Express, SmartCenter Power, SmartCenter Pro, Smart-
Center UTM, SmartConsole, SmartDashboard, SmartDefense, SmartDefense Advi-
sor, Smarter Security, SmartLSM, SmartMap, SmartPortal, SmartProvisioning,
SmartUpdate, SmartView, SmartView Monitor, SmartView Reporter, SmartView
Status, SmartViewTracker, SMP, SMP On-Demand, SofaWare, SSL Network
Extender, Stateful Clustering, Total Security, the totalsecurity logo, TrueVector,
Turbocard, UAM, UserAuthority, User-to-Address Mapping, UTM-1, UTM-1
Edge, UTM-1 Edge Industrial, UTM-1 Total Security, VPN-1, VPN-1 Accelerator
Card, VPN-1 Edge, VPN-1 Express, VPN-1 Express CI, VPN-1 Power, VPN-1
Power Multi-core, VPN-1 Power VSX, VPN-1 Pro, VPN-1 SecureClient, VPN-1
SecuRemote, VPN-1 SecureServer, VPN-1 UTM, VPN-1 UTM Edge, VPN-1 VSX,
Web Intelligence, ZoneAlarm, ZoneAlarm Anti-Spyware, ZoneAlarm Antivirus,
ZoneAlarm ForceField, ZoneAlarm Internet Security Suite, ZoneAlarm Pro,
ZoneAlarm Secure Wireless Router, Zone Labs, and the Zone Labs logo are trade-
marks or registered trademarks of Check Point Software Technologies Ltd. or its
affiliates. ZoneAlarm is a Check Point Software Technologies, Inc. Company. All
other product names mentioned herein are trademarks or registered trademarks of
their respective owners. The products described in this document are protected by
U.S. Patent No. 5,606,668, 5,835,726, 5,987,611, 6,496,935, 6,873,988, 6,850,943,
and 7,165,076 and may be protected by other U.S. Patents, foreign patents, or pend-
ing applications.
DISCLAIMER OF WARRANTY
Check Point Software Technologies Ltd. makes no representation or warranties,
either express or implied by or with respect to anything in this document, and shall
not be liable for any implied warranties of merchantability or fitness for a particular
purpose or for any indirect special or consequential damages.
International Headquarters: 5 Ha’Solelim Street
Tel Aviv 67897, Israel
Tel: +972-3-753 4555
U.S. Headquarters: 800 Bridge Parkway
Redwood City, CA 94065
Tel: 650-628-2000
Fax: 650-654-4233
Technical Support, Education & Profes- 8333 Ridgepoint Drive, Suite 150
sional Services: Irving, TX 75063
Tel: 972-444-6612
Fax: 972-506-7913
E-mail any comments or questions about our
courseware to courseware@us.checkpoint.com.
For questions or comments about other Check
Point documentation, e-mail
CP_TechPub_Feedback@checkpoint.com.
Document #: CCSA R70 Study Guide
Revision: R70001
Content: Mark Hoefle
Graphics: Jeffery Holder

Security Administrator R70 / R71
Study Guide
Exam # 156-215.71
Preface The Check Point Certified Security Administrator Exam 1
Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Chapter 1 Check Point Technology Overview 7
Check Point Technology Overview Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Sample CCSA R70 Exam Question . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Chapter 2 Deployment Platforms 13
Deployment Platforms Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Chapter 3 Introduction to the Security Policy 19
Introduction to the Security Policy Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
Chapter 4 Monitoring Traffic and

Connections 25
Introduction to the Monitoring Traffic and Connections Topics . . . . . . . . . . . . . . . 26

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Chapter 5 Using SmartUpdate 31
Introduction to the SmartUpdate Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
Chapter 6 Upgrading to R71 35
Introduction to the Upgrading to R71 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Chapter 7 User Management and

Authentication 39
Introduction to the User Management and Authentication Topics . . . . . . . . . . . . . . 40

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Chapter 8 Encryption and VPNs 45
Introduction to the Encryption and VPNs Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Chapter 9 Introduction to VPNs 51
Introduction VPNs Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
Chapter 10 Messaging and Content Security 57
Introduction to the Messaging and Content Security Topics . . . . . . . . . . . . . . . . . . . 58

Answer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Preface
The Check Point Certified Security
Administrator Exam
The Check Point Security Administrator R70 / R71course provides an understand-

ing of basic concepts and skills necessary to configure the Check Point Security
Gateway, configure Security Policies, and learn about managing and monitoring se-
cure networks. The Check Point Security Administrator R70 / R71Study Guide sup-
plements knowledge you have gained from the Security Administrator R70 /
R71course, and is not a sole means of study.
The Check Point Certified Security Administrator R71exam covers the following
topics:
Describe Check Point’s unified approach to network management, and the key
elements of this architecture
Design a distributed environment using the network detailed in the course
topology
Install the Security Gateway version R71 in a distributed environment using
the network detailed in the course topology
Given Check Point’s latest integration of CoreXL technology, select the best
security solution for your corporate environment
Given network specifications, perform a backup and restore the current
Gateway installation from the command line
1
Preface: The Check Point Certified Security Administrator Exam
Identify critical files needed to purge or backup, import and export users and
groups and add or delete administrators from the command line
Deploy Gateways using sysconfig and cpconfig from the Gateway command
line
Use the Command Line to assist support in troubleshooting common problems
on the Security Gateway
Given the network topology, create and configure network, host and gateway
objects
Verify SIC establishment between the SmartCenter Server and the Gateway
using SmartDashboard
Create a basic Rule Base in SmartDashboard that includes permissions for
administrative users, external services, and LAN outbound use
Configure NAT rules on Web and Gateway servers
Evaluate existing policies and optimize the rules based on current corporate
requirements
Maintain the Security Management Server with scheduled backups and policy
versions to ensure seamless upgrades and minimal downtime
Use queries in SmartView Tracker to monitor IPS and common network traffic
and troubleshoot events using packet data
Using packet data on a given corporate network, generate reports, troubleshoot
system and security issues, and ensure network functionality
Using SmartView Monitor, configure alerts and traffic counters, view a
Gateway's status, monitor suspicious activity rules, analyze tunnel activity and
monitor remote user access based on corporate requirements
Monitor remote Gateways using SmartUpdate to evaluate the need for
upgrades, new installations, and license modifications
Use SmartUpdate to apply upgrade packages to single or multiple VPN-1
Gateways
Upgrade and attach product licenses using SmartUpdate
2 Check Point Security Administrator R70 / R71 Study Guide

Preface: The Check Point Certified Security Administrator Exam
Centrally manage users to ensure only authenticated users securely access the
corporate network either locally or remotely
Manage users to access to the corporate LAN by using external databases
Select the most appropriate encryption algorithm when securing
communication over a VPN, based on corporate requirements
Establish VPN connections to partner sites in order to establish access to a
central database by configuring Advanced IKE properties
Configure a pre-shared secret site-to-site VPN with partner sites
Configure a certificate based site-to-site VPN using one partner's internal
Configure a certificate based site-to-site VPN using a third-party CA
Configure permanent tunnels for remote access to corporate resources
Configure VPN tunnel sharing, given the difference between host-based,
subnet-based and gateway-based tunnels
Configure Check Point Messaging Security to test IP Reputation, content based
anti-spam, and zero hour virus detection
Based on network analysis disclosing threats by specific sites, configure a
Web-filtering and antivirus policy to filter and scan traffic
Implement default or customized profiles to designated Gateways in the
corporate network
Check Point Security Administrator R70 / R71Study Guide 3

Preface: The Check Point Certified Security Administrator Exam Frequently Asked Questions
Frequently Asked Questions

The table below provides answers to commonly asked questions about
the CCSA R70 / R71exam:
Question Answer
What are the Check Point rec- Check Point recommends you have at least 6
ommendations and prerequi- months to 1 year of experience with the prod-
sites? ucts, before attempting to take the CCSA R70
exam. In addition, you should also have basic
networking knowledge, knowledge of Win-
dows Server and/or UNIX, and experience with
TCP/IP and the Internet.
Check Point also recommends you take the
Check Point Security Administrator R70 class
from a Check Point Authorized Training Cen-
ter (ATC). We recommend you take this class
before taking the CCSA R70 exam. To locate
an ATC, see:
http://atc.checkpoint.com/
atclocator/locateATC
How do I register? Check Point exams are offered through Pearson
VUE, a third-party testing vendor with more
than 3,500 testing centers worldwide.
Pearson VUE offers a variety of registration
options. Register via the Web or visit a specific
testing center. Registrations at a testing center
may be made in advance or on the day you
wish to test, subject to availability. For same-
day testing, contact the testing center directly.
Locate a testing center from the VUE Pearson
Web site:
www.pearsonvue.com
What is the exam structure? The exams are composed of multiple-choice
and scenario questions. There is no partial
credit for incorrectly marked questions.

Question Answer
How long is the exam? The following countries are given 120 minutes
Do I get extra time, if I am not to complete the exam. All other regions get 150
a native English speaker? minutes:
Australia
Bermuda
Canada
Japan
New Zealand
Ireland
South Africa
UK
US
For more exam and course information, see:

http://www.checkpoint.com/services/education/


Chapter
Check Point Technology Overview 1
Check Point technology is designed to address network exploitation, administrative
flexibility and critical accessibility. This chapter introduces the basic concepts of
network security and management based on Check Point’s three-tier structure, and
provides the foundation for technologies involved in the Check Point Software
Blade Architecture, as discussed in the introduction. This course is lab-intensive,
and in this chapter, you will begin your hands-on approach with a first-time instal-
lation using standalone and distributed topologies.
Objectives:
Describe Check Point’s unified approach to network management, and the key
elements of this architecture
Design a distributed environment using the network detailed in the course
topology
Install the Security Gateway version R71 in a distributed environment using the
network detailed in the course topology
7
Chapter 1: Check Point Technology Overview Check Point Technology Overview Topics
Check Point Technology Overview Topics

The following table outlines the topics covered in the “Check Point
Technology Overview” chapter of the Check Point Security Administrator
R70 / R71 Course. This table is intended as a supplement to knowledge
you have gained from the Security Administrator R70 / R71 Courseware
handbook, and is not meant to be a sole means of study.
Page
Topic Key Element
Number
Network Access Control p. 03

The Check Point Firewall p. 04
Mechanisms for Controlling Net- p. 05
work Traffic
Packet Filtering p. 06
Stateful Inspection p. 07
Application Intelligence p. 08
Security Gateway Inspection Archi- p. 08
tecture
INSPECT Engine Packet Flow p. 09
Deployment Consider- p. 10
ations
The DMZ p. 11
Bridge Mode p. 12
Bridge Mode and STP
Security Policy Manage- p. 13
ment
SmartConsole Components p. 14
SmartDashboard p. 15
SmartView Tracker p. 17
Table 1-1: Check Point Technology Overview Topics

Check Point Technology Overview Topics Chapter 1: Check Point Technology Overview
Page
Topic Key Element
Number
SmartView Monitor p. 18
SmartEvent p. 20
Centralized Event Correlation p. 21
Real-Time Threat Analysis and Pro- p. 21
tection
Intelligent Event Management p.21
p. 43
The SmartEvent Architecture p. 22
SmartProvisioning p. 24
SmartUpdate p. 25
Security Management p. 26
Server
Managing Users in SmartDashboard p. 26
Users Database p. 27
Creating Administrators in Smart- p. 28
Dashboard
Securing Channels of Communica- p. 29
tion
SIC p. 30
The Internal Certificate Authority p. 30
(ICA)
ICA Clients p. 30
SIC Between Security Manage- p. 32
ment Servers and Components
Administrative Login Using SIC p. 33
Check Point Security Administrator RR70 / 71 Study Guide 9

Chapter 1: Check Point Technology Overview Check Point Technology Overview Topics
Page
Topic Key Element
Number
Lab 1: Distributed Installa- L-p. 1

tion
Install Security Management Server L-p. 3
Configure Security Management L-p. 11
Server - sysconfig
Install Secure Platform on the Cor- L-p. 28
porate Security Gateway
Configure the Corporate Security L-p. 30
Gateway using the WebUI
Install SmartConsole L-p. 39
Launch SmartDashboard L-p. 45
Lab 2: Branch Office Secu- L-p. 49
rity Gateway Installation
Install SecurePlatform on Branch L-p. 50
Gateway
Configure Branch Gateway - L-p. 56
WebUI

Sample CCSA R70 Exam Question Chapter 1: Check Point Technology Overview
Sample CCSA R70 Exam Question

What would be the benefit of upgrading from SmartDefense to IPS
R70?:
1. Completely rewritten engine provides improved security
performance and reporting.
2. There is no difference - IPS R70 is the new name.
3. The SmartDefense technology expands IPS-1 to IPS R70.
4. The SmartDefense is replaced by the technology of IPS-1.
Check Point Security Administrator RR70 / 71 Study Guide 11

Chapter 1: Check Point Technology Overview Answer
Answer
What would be the benefit of upgrading from SmartDefense to IPS
R71?:
1. Completely rewritten engine provides improved security
performance and reporting.
2. There is no difference - IPS R70 is the new name.
3. The SmartDefense technology expands IPS-1 to IPS R70.
4. The SmartDefense is replaced by the technology of IPS-1

Chapter
Deployment Platforms 2
Before delving into the intricacies of creating and managing Security Policies, it is
beneficial to know about Check Point’s different deployment platforms, and under-
stand the basic workings of Check Point’s UNIX-based and Linux operating sys-
tems (IPSO and SecurePlatform) that support many Check Point products. For
those familiar with Linux and UNIX this section will be a review. But for those with
little to no Linux/UNIX experience, this will be a welcome guide
Objectives:
Given network specifications, perform a backup and restore the current Gateway
installation from the command line.
Identify critical files needed to purge or backup, import and export users and
groups and add or delete administrators from the command line.
Deploy Gateways using sysconfig and cpconfig from the Gateway command line.
13
Chapter 2: Deployment Platforms Deployment Platforms Topics
Deployment Platforms Topics

The following table outlines the topics covered in the “Deployment
Platforms” chapter of the Check Point Security Administrator R70 / R71
Course. This table is intended as a supplement to knowledge you have
gained from the Security Administrator R70 / R71 Courseware
Page
Topic Key Element
Number
UTM-1 Edge Appliance p. 39

Managing UTM-1 Edge — Security p. 40
Management Server
SmartProvisioning p. 40
Managing UTM-11 Edge — Pro- p. 41
vider-1
Power-1 Appliances p. 42
IP Appliances p. 43
IP Network Voyager p. 44
IPSO p. 46
IPSO Command Line Interface p. 47
(CLI)
SecurePlatform p. 49
Hardware Compatibility Testing p. 50
Tool
Managing Your SecurePlatform p. 50
System
Critical Check Point Directories p. 51
CoreXL Multicore Acceler- p. 53
ation
CoreXL Architecture p. 54
Table 2-2: Deployment Platforms Topics
14 Check Point Security Administrator R71 Study Guide

Deployment Platforms Topics Chapter 2: Deployment Platforms
Page
Topic Key Element
Number
CoreXL and Performance Pack p. 55

Working with CoreXL p. 56
Lab 3: Command Line L-p. 67
Interface Tool
Set Expert Password L-p. 68
Apply Other Useful Commands L-p. 71
Add and Delete Administrators via L-p. 72
the CLI
Perform backkup and restore L-p 74
Table 2-2: Deployment Platforms Topics
Check Point Security Administrator R71 Study Guide 15

Chapter 2: Deployment Platforms Sample CCSA R70 Exam Question

What is the primary benefit of using upgrade_export over either
backup or snapshot?
1. upgrade_export will back up routing tables, hosts files, and manual

ARP configurations, where backup and snapshot will not.
2. upgrade_export has an option to backup the system and
SmartView Tracker logs while backup and snapshot will not.
3. The backup and snapshot commands can take a long time to run
whereas upgrade_export will take a much shorter amount of time.
4. upgrade_export is operating system independent and can be used
when backup or snapshot is not available.

Answer Chapter 2: Deployment Platforms
Answer
What is the primary benefit of using upgrade_export over either
backup or snapshot?
1. upgrade_export will back up routing tables, hosts files, and manual

ARP configurations, where backup and snapshot will not.
2. upgrade_export has an option to backup the system and
SmartView Tracker logs while backup and snapshot will not.
3. The backup and snapshot commands can take a long time to run
whereas upgrade_export will take a much shorter amount of time.
4. upgrade_export is operating system independent and can be
used when backup or snapshot is not available.

Chapter 2: Deployment Platforms Answer

Chapter
Introduction to the Security Policy 3
The Security Policy is essential in administrating security for your organization’s
network. This chapter examines how to create rules based on network objects, and
modify a Security Policy’s properties. In addition, this chapter will teach you how
to apply Database Revision Control and Policy Package management, to decrease
the burden of management when working with rules and objects.
Objectives:
Given the network topology, create and configure network, host and gateway
objects.
Verify SIC establishment between the Security Management Server and the
Gateway using SmartDashboard.
Create a basic Rule Base in SmartDashboard that includes permissions for
administrative users, external services, and LAN outbound use.
Configure NAT rules on Web and Gateway servers.
Evaluate existing policies and optimize the rules based on current corporate
requirements.
Maintain the Security Management Server with scheduled backups and policy
versions to ensure seamless upgrades and minimal downtime.
19
Chapter 3: Introduction to the Security Policy Introduction to the Security Policy Topics
Introduction to the Security Policy Topics

The following table outlines the topics covered in the “Introductions to
the Security Policy” chapter of the Check Point Security Administrator R70
/ R71 Course. This table is intended as a supplement to knowledge you
have gained from the Security Administrator R70 / R71 Courseware
Page
Topic Key Element
Number
Security Policy Basics p. 63

The Rule Base p. 63
Managing Objects in p. 64
SmartDashboard
SmartDashboard and Objects p. 65
Managing Objects p. 67
Creating the Rule Base p. 69
Basic Rule Base Concepts p. 69
Default Rule p. 70
Basic Rules p. 72
Implicit/Explicit Rules p. 73
Control Connections p. 74
Detecting IP Spoofing p. 75
Rule Base Management p. 76
Understanding Rule Base Order p. 77
Completing the Rule Base p. 78
Policy Management and p. 79
Revision Control
Policy Package Management p. 79
Database Revision Control p. 80
Table 3-3: Security Policy Topics

Introduction to the Security Policy Topics Chapter 3: Introduction to the Security Policy
Page
Topic Key Element
Number
Network Address Transla- p. 82

tion
IP Addressing p. 83
Hide NAT p. 84
Static NAT p. 85
NAT - Global Properties p. 87
Configuring Automatic NAT p. 89
Object Configuratin - Hide NAT p. 89
Hide NAT Using Another Interface p. 90
IP Address
Manual NAT p. 92
Multicasting p. 94
Lab 4: Building a Security L-p. 77
Policy
Create Security Gateway Object L-p. 79
Create GUIclient Object L-p. 85
Create Rules for Corporate Gateway L-p. 86
Save the Policy L-p 91
Install the Policy L-p. 92
Test the Corporate Policy L-p. 96
Create the Remote Security Gate- L-p. 97
way Object
Establish SIC with the Branch L-p. 99
Office
Create a New Policy for the Branch L-p. 103
Office
Combine Policies L-p. 107

Chapter 3: Introduction to the Security Policy Introduction to the Security Policy Topics
Page
Topic Key Element
Number
Lab 5: Configure the DMZ L-p. 115

Create DMZ Objects in SmartDash- L-p. 116
board
Create DMZ Access Rule L-p. 118
Test the Policy L-p. 118
Lab 6: Configuring NAT L-p. 119
Configure Hide NAT on the Corpo- L-p. 120
rate Network
Test the Hide NAT Address L-p. 122
Open SmartView Tracker L-p 123
Configure Static NAT on the DMZ L-p. 125
Server
Test the Static NAT Address L-p. 127
Observe Hide NAT Traffic Using L-p. 128
fw monitor
Configure Wireshark L-p. 130
Observe the Traffic L-p. 132
Observe Static NAT Traffic Using L-p. 133
fw monitor

Sample CCSA R70 Exam Question Chapter 3: Introduction to the Security Policy

A Web server behind the Security Gateway is set to Automatic Static
NAT. Client side NAT is not checked in the Global Properties. A client
on the Internet initiates a session to the Web Server. Assuming there is a
rule allowing this traffic, what other configuration must be done to allow
the traffic to reach the Web server?
1. Nothing else must be configured.
2. Automatic ARP must be unchecked in the Global Properties.
3. A static route must be added on the Security Gateway to the internal
host.
4. A static route for the NAT IP must be added to the Gateway's
upstream router.

Chapter 3: Introduction to the Security Policy Answer
Answer
A Web server behind the Security Gateway is set to Automatic Static
NAT. Client side NAT is not checked in the Global Properties. A client
on the Internet initiates a session to the Web Server. Assuming there is a
rule allowing this traffic, what other configuration must be done to allow
the traffic to reach the Web server?
1. Nothing else must be configured.
2. Automatic ARP must be unchecked in the Global Properties.
3. A static route must be added on the Security Gateway to the
internal host.
4. A static route for the NAT IP must be added to the Gateway's
upstream router.

Chapter
Monitoring Traffic and
Connections
4
To manage your network effectively and to make informed decisions, you need to
gather information on the network’s traffic patterns.
Objectives:
Use queries in SmartView Tracker to monitor IPS and common network

traffic and troubleshoot events using packet data.
Using packet data on a given corporate network, generate reports,
troubleshoot system and security issues, and ensure network
functionality.
Using SmartView Monitor, configure alerts and traffic counters, view a
Gateway's status, monitor suspicious activity rules, analyze tunnel activity
and monitor remote user access based on corporate requirements.
25
Chapter 4: Monitoring Traffic and ConnectionsIntroduction to the Monitoring Traffic and Connec-
Introduction to the Monitoring Traffic and

Connections Topics
The following table outlines the topics covered in the “Monitoring
Traffic and Connections” chapter of the Check Point Security Administrator
R70 / R71Course. This table is intended as a supplement to knowledge
you have gained from the Security Administrator R70 / R71Courseware
Page
Topic Key Element
Number
SmartView Tracker p. 101

Log Types p. 102
SmartView Tracker Tabs p. 103
Action Icons p. 104
Log-File Management p. 105
Administrator Auditing p. 106
Global Logging and Alerting p. 228
Time Settings p. 108
Blocking Connections p. 109
SmartView Monitor p. 110
SmartView Monitor Login p. 111
Customizable Views p. 111
Monitoring Suspicious Activity p. 116
Rules
Monitoring Alerts p. 116
Gateway Status p. 118
SmartView Tracker vs. SmartView p. 121
Monitor
Table 4-4: Monitoring Traffic and Connections Topics

Introduction to the Monitoring Traffic and Connections Topics Chapter 4: Monitoring Traffic and
Page
Topic Key Element
Number
Lab 7: Monitoring with L-p. 137

SmartView Tracker
Launch SmartView Tracker L-p. 138
Track by Source and Destination L-p. 142
Modify the Gateway to Activate L-p. 144
SmartView Monitor
View Traffic Using SmartView L-p 146
Monitor
Table 4-4: Monitoring Traffic and Connections Topics

Chapter 4: Monitoring Traffic and Connections Sample CCSA R70 Exam Question

A third-shift Security Administrator configured and installed a new
Security Policy early this morning. When you arrive, he tells you that he
has been receiving complaints that Internet access is very slow. You
suspect the Security Gateway virtual memory might be the problem.
Which SmartConsole component would you use to verify this?
1. This information can only be viewed with fw ctl pstat command from
the CLI.
2. SmartView Tracker.
3. Eventia Analyzer.
4. SmartView Monitor

Answer Chapter 4: Monitoring Traffic and Connections
Answer
A third-shift Security Administrator configured and installed a new
Security Policy early this morning. When you arrive, he tells you that he
has been receiving complaints that Internet access is very slow. You
suspect the Security Gateway virtual memory might be the problem.
Which SmartConsole component would you use to verify this?
1. This information can only be viewed with fw ctl pstat command from
the CLI.
2. SmartView Tracker.
3. Eventia Analyzer.
4. SmartView Monitor

Chapter 4: Monitoring Traffic and Connections Answer

Chapter
Using SmartUpdate 5
SmartUpdate extends your organization’s ability to provide centralized policy man-
agement across enterprise-wide deployments. SmartUpdate can deliver automated
software and license updates to hundreds of distributed Security Gateways from a
single management console.
Objectives:
Monitor remote Gateways using SmartUpdate to evaluate the need for

upgrades, new installations, and license modifications.
Use SmartUpdate to apply upgrade packages to single or multiple VPN-1
Gateways.
Upgrade and attach product licenses using SmartUpdate.
31
Chapter 5: Using SmartUpdate Introduction to the SmartUpdate Topics
Introduction to the SmartUpdate Topics

The following table outlines the topics covered in the “SmartUpdate”
chapter of the Check Point Security Administrator R70 / R71Course. This
table is intended as a supplement to knowledge you have gained from
the Security Administrator R70 / R71Courseware handbook, and is not
meant to be a sole means of study.
Page
Topic Key Element
Number
SmartUpdate and Manag- p. 127

ing Licenses
SmartUpdate Architecture p. 128
SmartUpdate Introduction p. 130
Overview of Managing Licenses p. 132
Service Contracts p. 138
Licensing R71 p. 140
Obtaining a License Key p. 140
Upgrading Licenses p. 141
SmartUpdate Options p. 141
The SmartUpdate Command Line p. 141
Table 5-5: Using SmartUpdate Topics

Sample CCSA R70 Exam Question Chapter 5: Using SmartUpdate

You are a Security Administrator preparing to deploy a new HFA
(Hotfix Accumulator) to ten Security Gateways at five geographically
separate locations. What is the BEST method to implement this HFA?
1. Send a Certified Security Engineer to each site to perform the update.
2. Use SmartUpdate to install the packages to each of the Security
Gateways remotely.
3. Use a SSH connection to SCP the HFA to each Security Gateway.
Once copied locally, initiate a remote installation command and
monitor the installation progress with SmartView Monitor.
4. Send a CD-ROM with the HFA to each location and have local
personnel install it.
Check Point Security Administrator R70 / R71 Study Guide 33

Chapter 5: Using SmartUpdate Answer
Answer
You are a Security Administrator preparing to deploy a new HFA
(Hotfix Accumulator) to ten Security Gateways at five geographically
separate locations. What is the BEST method to implement this HFA?
1. Send a Certified Security Engineer to each site to perform the update.
2. Use SmartUpdate to install the packages to each of the Security
Gateways remotely.
3. Use a SSH connection to SCP the HFA to each Security Gateway.
Once copied locally, initiate a remote installation command and
monitor the installation progress with SmartView Monitor.
4. Send a CD-ROM with the HFA to each location and have local
personnel install it.

Chapter
Upgrading to R71 6
This chapter shows how to upgrade an existing Security Management server and se-
curity gateway to R71. Upgrades are used to save Check Point product configura-
tions, Security Policies, and objects, so that Security Administrators do not need to
recreate Gateway and Security Management Server configurations. This chapter
lists guidelines for deciding when to upgrade, versus doing a new installation.
Objectives:
Based on current products or platforms used in an enterprise network,

perform a pre installation compatibility assessment before upgrading to
R71.
Given R71 licensing restrictions, obtain a license key.
Install a Contract File on platforms such as Windows, SecurePlatform,
Linux, Solaris and IPSO.
35
Chapter 6: Upgrading to R71 Introduction to the Upgrading to R71
Introduction to the Upgrading to R71

The following table outlines the topics covered in the “Upgrading to
R71” chapter of the Check Point Security Administrator R70 / R71 Course.
This table is intended as a supplement to knowledge you have gained
from the Security Administrator R70 / R71Courseware handbook, and
is not meant to be a sole means of study.
Page
Topic Key Element
Number
Backward Compatibility p. 147

for Gateways
Upgrading Security Management p. 147
Server
IPS-1 Upgrade Paths and Interoper- p. 148
ability
Upgrade Notes p. 148
Upgrade Configuration p. 149
Distributed Installation p. 151
Web Intelligence Licnese Enforce- p. 151
ment
Lab 8: Upgrading a Secu- L-p. 153
rity Gateway Locally
Upgrade SecurePlatform Using a L-p. 154
CDROM
Table 6-6: Upgrading to R70 Topics

Sample CCSA R70 Exam Question Chapter 6: Upgrading to R71

You currently do not have a Check Point software subscription for one
of your products. What will happen if you attempt to upgrade the license
for this product?
1. The license is not upgraded.
2. It is upgraded with new available features, but cannot be activated.
3. It is deleted.
4. The license will be upgraded with a warning.

Chapter 6: Upgrading to R71 Answer
Answer
You currently do not have a Check Point software subscription for one
of your products. What will happen if you attempt to upgrade the license
for this product?
1. The license is not upgraded.
2. It is upgraded with new available features, but cannot be activated.
3. It is deleted.
4. The license will be upgraded with a warning.

Chapter
User Management and
Authentication
7
If you do not have a user-management infrastructure in place, you can make a
choice between managing the internal-user database or choosing to implement an
LDAP server. If you have a large user count, Check Point recommends opting for
an external user-management database, such as LDAP.
Check Point authentication features enable you to verify the identity of users log-
ging in to the Security Gateway, but also allow you to control security by allowing
some users access and disallowing others. Users authenticate by proving their iden-
tities, according to the scheme specified under a Gateway authentication scheme,
such as LDAP, RADIUS, SecurID and TACACS.
Objectives:
Centrally manage users to ensure only authenticated users securely access

the corporate network either locally or remotely.
Manage users to access to the corporate LAN by using external databases
39
Chapter 7: User Management and AuthenticationIntroduction to the User Management and Authen-
Introduction to the User Management and

Authentication Topics
The following table outlines the topics covered in the “User
Management and Authentication” chapter of the Check Point Security
Administrator R70 / R71 Course. This table is intended as a supplement to
knowledge you have gained from the Security Administrator R70 / R71
Courseware handbook, and is not meant to be a sole means of study.
Page
Topic Key Element
Number
Creating Users and Groups p. 159

in SmartDashboard
User Types p. 159
Security Gateway Authenti- p. 161
cation
Introduction to Authentication p. 161
Methods
Authentication Schemes p. 163
Remote User Authentication p. 165
Authentication Methods p. 165
User Authentication p. 166
Configuring User Authentication p. 168
Session Authentication p. 169
Configuring Session Authentication p. 170
Client Authentication p. 170
Configuring Client Authentication p. 173
Resolving Access Conflicts p. 174
Configuring Authentication Tracker p. 175
Table 7-7: User Management and Authentication Topics
40 Check Point Security Administrator R70 / R 71 Study Guide

Introduction to the User Management and Authentication Topics Chapter 7: User Management and
Page
Topic Key Element
Number
LDAP User Management p. 175

with SmartDirectory
LDAP Features p. 176
Multiple LDAP Servers p. 178
Using an Existing LDAP Server p. 178
Configuring Entities to Work with p. 179
the Gateway
Managing Users p. 182
SmartDirectory Groups p. 183
Lab 9: Client Authentica- L-p. 165
tion
Use Manual Client Authentication L-p. 167
with FTP and Local User
Modify the Rule Base L-p. 170
Test Manual Client Authentication L-p. 173
Use Partially Automatic Client L-p. 174
Auth with a Local User
Use Partially Automatic Client L-p. 179
Auth with LDAP
Verify SmartDashboard Integration L-p. 186
Test Active Directory Authentica- L-p. 188
tion
Create a Database Revision L-p. 189
Table 7-7: User Management and Authentication Topics

Chapter 7: User Management and Authentication Sample CCSA R70 Exam Question

Choose the BEST sequence for configuring user management in
SmartDashboard, using an LDAP server.
1. Configure a server object for the LDAP Account Unit, and create an
LDAP resource object.
2. Configure a workstation object for the LDAP server, configure a
server object for the LDAP Account Unit, and enable LDAP in
Global Properties.
3. Configure a server object for the LDAP Account Unit, enable LDAP
in Global Properties, and create an LDAP resource object.
4. Enable LDAP in Global Properties, configure a host-node object
for the LDAP server, and configure a server object for the LDAP
Account Unit.

Answer Chapter 7: User Management and Authentication
Answer
Choose the BEST sequence for configuring user management in
SmartDashboard, using an LDAP server.
1. Configure a server object for the LDAP Account Unit, and create an
LDAP resource object.
2. Configure a workstation object for the LDAP server, configure a
server object for the LDAP Account Unit, and enable LDAP in
Global Properties.
3. Configure a server object for the LDAP Account Unit, enable LDAP
in Global Properties, and create an LDAP resource object.
4. Enable LDAP in Global Properties, configure a host-node
object for the LDAP server, and configure a server object for the
LDAP Account Unit.

Chapter 7: User Management and Authentication Answer

Chapter
Encryption and VPNs 8
The Check Point Security Gateway enables you to create site-to-site Virtual Private
Networks (VPNs) that provide secure communication between two defined partic-
ipants, by encrypting the communication on unsecured public networks, such as the
Internet.
Objectives:
Select the most appropriate encryption algorithm when securing

communication over a VPN, based on corporate requirements.
Configure a certificate-based site-to-site VPN using one partner's internal
CA.
Establish VPN connections to partner sites in order to establish access to
a central database by configuring Advanced IKE properties.
45
Chapter 8: Encryption and VPNs Introduction to the Encryption and VPNs Topics
Introduction to the Encryption and VPNs

Topics
The following table outlines the topics covered in the “Encryption and
VPNs” chapter of the Check Point Security Administrator R70 / R71 Course.
from the Security Administrator R70 / R71 Courseware handbook, and
Page
Topic Key Element
Number
Securing Communication p. 189

Privacy p. 190
Symmetric Encryption p. 191
Asymmetric Encryption p. 192
Diffie-Hellman p. 193
Integrity p. 194
Authentication p. 195
Two-Phases of Encryption p. 196
Encryption Algorithms p. 196
IKE p. 197
ISAKMP p. 197
Oakley p. 197
ISAKMP/Oakley p. 197
Phase 1 p. 198
Phase 2 p. 199
How a VPN Works p. 200
Tunneling-Mode Encryption p. 202
Certificate Authorities p. 203
Table 8-8: Encryption and VPNs Topics

Introduction to the Encryption and VPNs Topics Chapter 8: Encryption and VPNs
Page
Topic Key Element
Number
Certificates p. 204
Multiple Certificate Authorities p. 204
Local Certificate Authority p. 205
CA Service via the Internet p. 206
Internal Certificate Authority p. 206
Creating Certificates p. 207
Lab 10: Site-to-Site VPN L-p. 191
Between Corporate and
Branch Offfice
Define the VPN Domain L-p. 193
Create the VPN Community L-p. 196
Create the VPN Rule and Modify- L-p. 202
ing the Rule Base
Test VPN Connection L-p. 205
Failed Negotiation Example L-p. 209
Table 8-8: Encryption and VPNs Topics

Chapter 8: Encryption and VPNs Sample CCSA R70 Exam Question

Your organization maintains several IKE VPNs. Executives in your
organization want to know which mechanism Security Gateway R70
uses to guarantee the authenticity and integrity of messages. Which
technology should you explain to the executives?
1. Certificate Revocation Lists
2. Application Intelligence.
3. Digital signatures.
4. Key-exchange protocols.

Answer Chapter 8: Encryption and VPNs
Answer
Your organization maintains several IKE VPNs. Executives in your
organization want to know which mechanism Security Gateway R70
uses to guarantee the authenticity and integrity of messages. Which
technology should you explain to the executives?
1. Certificate Revocation Lists
2. Application Intelligence.
3. Digital signatures.
4. Key-exchange protocols.

Chapter 8: Encryption and VPNs Answer

Chapter
Introduction to VPNs 9
Virtual Private Ntworking technology leverages the Internet to build and enhance
secure network connectivity. Based on standard Internet secure protocols, a VPN
enables secure links between special types of network nodes: the Gateways. Site-
to-site BPN ensures secure links between Gateways. A Remote Access VPN en-
sures secure links between Gateways and remote access clients.
Objectives:
Configure a pre-shared secret site-to-site VPN with partner sites.

Configure permanent tunnels for remote access to corporate resources.
Configure VPN tunnel sharing, given the difference between host-based,
sup-unit-based, and gateway-based tunnels..
51
Chapter 9: Introduction to VPNs Introduction VPNs Topics
Introduction VPNs Topics

The following table outlines the topics covered in the “Introduction to
VPNs” chapter of the Check Point Security Administrator R70 / R71 Course.
from the Security Administrator R70 / R71 Courseware handbook, and
Page
Topic Key Element
Number
The Check Point VPN p. 213

VPN Deployments p. 213
Site-to-Site VPNs p. 214
Remote Access VPNs p. 215
VPN Implementation p. 216
VPN Setup p. 217
Understanding VPN Deployment p. 217
VPN Communities p. 218
VPN Topologies p. 220
Meshed VPN Community p. 220
Star VPN Community p. 221
Choosing a Topology p. 221
Topology and Encryption Issues p. 223
Special VPN Gateway Conditions p. 224
Authenticating Between Commu- p. 225
nity Members
Domain and Route-Based VPNs p. 226
Access Control and VPN p. 227
Communites
Accepting all Encrypted Traffic p. 229
Table 9-9: Check Point Introduction to VPNs Topics

Introduction VPNs Topics Chapter 9: Introduction to VPNs
Page
Topic Key Element
Number
Excluding Services p. 229

Integrating VPNs into a p. 230
Rule Base
Simplified vs. Traditional Mode p. 231
VPNs
VPN Tunnel Management p. 231
Permanent Tunnels p. 232
VPN Tunnel Sharing p. 233
Remote Access VPNs p. 234
SecuRemote p. 234
Multiple Remote Access VPN Con- p. 235
nectivity Modes
Office Mode p. 235
Visitor Mode p. 235
Hub Mode p. 235
Establishing a Connection Between p. 236
a Remote User and a Gateway
Lab 11: Two-Gateway IKE L-p. 215
Encryption Using Certifi-
cates
Save Certificate for Export L-p. 216
Add Partner Machine to VPN Com- L-p. 218
munity
Creating Object for Partner Gate- L-p. 218
way
Modify VPN Domain for Partner L-p. 222
Gateway

Chapter 9: Introduction to VPNs Introduction VPNs Topics
Page
Topic Key Element
Number
Add the Partner Network to the L-p. 225

VPN Community
Create Partner Site Certificate L-p. 226
Authority
Modify the Rule Base L-p. 229
Install and Verify Security Gateway L-p. 230
Configuration
Test Encryption with Certificates L-p. 231
Revert to Standard Security Policy L-p. 235
Lab 12: Remote Access and L-p. 237
Office Mode
Create Remote-Access Group L-p. 239
Configure Gateway for IKE L-p 240
Encryption
Create a Remote User Group L-p. 240
Configure Remote Access Commu- L-p. 241
nity Ojbect
Configure VPN Domain for Remote L-p. 244
Access
Configure Office Mode IP Pool L-p. 245
Modify the Rule Base for Remote L-p. 247
Access
Create a Site Using the Site Wizard L-p. 249
Verify Office Mode IP Assignment L-p. 255
Test the Remote Connection L-p. 256

Sample CCSA R70 Exam Question Chapter 9: Introduction to VPNs

When using an encryption algorithm, which is generally considered the
best encryption method?
1. DES.
2. AES
3. Triple DES
4. CAST cipher

Chapter 9: Introduction to VPNs Answer
Answer
When using an encryption algorithm, which is generally considered the
best encryption method?
1. DES.
2. AES
3. Triple DES
4. CAST cipher

Chapter
Messaging and Content Security 10
Access control firewalls prevent unauthorized traffic from passing through the
Gateway. However, hackers also attempt to misuse allowed traffic and services.
Some of the most serious threats in today's Internet environment come from attacks
that attempt to exploit the application layer. Access control devices cannot easily
detect malicious attacks aimed at these services.
Objectives:
Configure Check Point Messaging Security to test IP Reputation, content

based anti-spam, and zero hour virus detection.
Based on network analysis disclosing threats by specific sites, configure a
Web-filtering and antivirus policy to filter and scan traffic.
57
Chapter 10: Messaging and Content Security Introduction to the Messaging and Content Security
Introduction to the Messaging and Content

Security Topics
The following table outlines the topics covered in the “Messaging and
Content Security” chapter of the Check Point Security Administrator R70 /
R71 Course. This table is intended as a supplement to knowledge you
have gained from the Security Administrator R70 / R71 Courseware
Page
Topic Key Element
Number
Antivirus Protection p. 243

Anti-Virus Signature Database p. 244
Updates
Antivirus Scanning p. 245
Content Security Scanning in Prac- p. 246
tice
POP3 Protocol Example p. 247
FTP Protocol Example p. 248
HTTP Protocol Example p. 249
DMZ Example p. 250
Scan by Direction Options p. 251
File Type Recognition p. 254
Continuous Download p. 255
Logging and Monitoring p. 256
File Size Limitations and Scanning p. 256
UTM-1 Edge Antivirus p. 258
Basic URL Filtering p. 259
Architecture p. 260
Anti-Spam and Mail p. 261
Table 10-10: Messaging and Content Security Topics

Introduction to the Messaging and Content Security TopicsChapter 10: Messaging and Content Se-
Page
Topic Key Element
Number
Architecture p. 263
Logging and Monitoring p. 265
Lab 13: Messaging and L-p. 259
Content Security
Revert to Standard Security Policy L-p. 261
Configure Mail Server Object L-p. 262
Modify Rule Base L-p. 264
Observe Mail Traffic L-p. 265
Modify the Gateway Properties L-p. 267
Configure Anti-Spam for Monitor L-p. 268
Only
Analyze to Gateway L-p. 270
Analyze Logs L-p. 272
Reconfigure Policy to Block L-p. 274
Attacks
Table 10-10: Messaging and Content Security Topics

Chapter 10: Messaging and Content Security Sample CCSA R70 Exam Question

Which antivirus scanning method does not work if the Gateway is
connected as a node in proxy mode?
1. Scan by Direction
2. Scan by File Type
3. Scan by Server
4. Scan by IP Address

Answer Chapter 10: Messaging and Content Security
Answer
Which antivirus scanning method does not work if the Gateway is
connected as a node in proxy mode?
1. Scan by Direction
2. Scan by File Type
3. Scan by Server
4. Scan by IP Address

Chapter 10: Messaging and Content Security Answer

CCSA R71 Study Guide

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCSA R71 Study Guide

Uploaded by

Copyright:

Available Formats

Copyright © Check Point Software Technologies

Ltd. All rights reserved.

RESTRICTED RIGHTS LEGEND:

© 2003-2010 Check Point Software Technologies Ltd.

Document #: CCSA R70 Study Guide

Content: Mark Hoefle

Graphics: Jeffery Holder

Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Chapter 1 Check Point Technology Overview 7

Check Point Technology Overview Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Chapter 2 Deployment Platforms 13

Deployment Platforms Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Chapter 3 Introduction to the Security Policy 19

Introduction to the Security Policy Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Chapter 4 Monitoring Traffic and

Introduction to the Monitoring Traffic and Connections Topics . . . . . . . . . . . . . . . 26

Chapter 5 Using SmartUpdate 31

Introduction to the SmartUpdate Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Chapter 6 Upgrading to R71 35

Introduction to the Upgrading to R71 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Chapter 7 User Management and

Introduction to the User Management and Authentication Topics . . . . . . . . . . . . . . 40

Chapter 8 Encryption and VPNs 45

Introduction to the Encryption and VPNs Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Chapter 9 Introduction to VPNs 51

Introduction VPNs Topics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52

Chapter 10 Messaging and Content Security 57

Introduction to the Messaging and Content Security Topics . . . . . . . . . . . . . . . . . . . 58

The Check Point Security Administrator R70 / R71course provides an understand-

2 Check Point Security Administrator R70 / R71 Study Guide

Check Point Security Administrator R70 / R71Study Guide 3

Frequently Asked Questions

4 Check Point Security Administrator R70 / R71 Study Guide

For more exam and course information, see:

5 Check Point Security Administrator R70 / R71 Study Guide

6 Check Point Security Administrator R70 / R71 Study Guide

Check Point Technology Overview Topics

Network Access Control p. 03

Table 1-1: Check Point Technology Overview Topics

8 Check Point Security Administrator R70 / R71 Study Guide

Table 1-1: Check Point Technology Overview Topics

Check Point Security Administrator RR70 / 71 Study Guide 9

Lab 1: Distributed Installa- L-p. 1

Table 1-1: Check Point Technology Overview Topics

10 Check Point Security Administrator R70 / R71 Study Guide

Sample CCSA R70 Exam Question

Check Point Security Administrator RR70 / 71 Study Guide 11

12 Check Point Security Administrator R70 / R71 Study Guide

Deployment Platforms Topics

UTM-1 Edge Appliance p. 39

Table 2-2: Deployment Platforms Topics

14 Check Point Security Administrator R71 Study Guide

CoreXL and Performance Pack p. 55

Table 2-2: Deployment Platforms Topics

Check Point Security Administrator R71 Study Guide 15

Sample CCSA R70 Exam Question

1. upgrade_export will back up routing tables, hosts files, and manual

16 Check Point Security Administrator R71 Study Guide

1. upgrade_export will back up routing tables, hosts files, and manual

Check Point Security Administrator R71 Study Guide 17

18 Check Point Security Administrator R71 Study Guide

Introduction to the Security Policy Topics

Security Policy Basics p. 63