Interview Questions for Check Point Firewall Technology

Question 1 – Which of the applications in Check Point technology can be used to configure security objects?

Answer:SmartDashboard

Question 2 – Which of the applications in Check Point technology can be used to view who and what the administrator do to the security policy?

Answer:SmartView Tracker

Question 3 – What are the two types of Check Point NG licenses?

Answer:Central and Local licenses

Central licenses are the new licensing model for NG and are bound to the SmartCenter server. Local licenses are the legacy licensing model and are bound to the enforcement module.

Question 4 – What is the main different between cpstop/cpstart and fwstop/fwstart?

Answer:Using cpstop and then cpstart will restart all Check Point components, including the SVN foundation. Using fwstop and then fwstart will only restart VPN-1/FireWall-1.

Question 5 – What are the functions of CPD, FWM, and FWD processes?

Answer:CPD – CPD is a high in the hierarchichal chain and helps to execute many services, such as Secure Internal Communcation (SIC), Licensing and status report.

FWM – The FWM process is responsible for the execution of the database activities of the SmartCenter server. It is; therefore, responsible for Policy installation, Management High Availability (HA) Synchronization, saving the Policy, Database Read/Write action, Log Display, etc.

FWD – The FWD process is responsible for logging. It is executed in relation to logging, Security Servers and communication with OPSEC applications.

Question 6 – What are the types of NAT and how to configure it in Check Point Firewall?

Answer:Static Mode (Manually Defined)

Network and Security interview questions (Cisco)

Cisco Firewall


0.What is Stateful Inspection & Packet Filtering.Whats the difference ?
1.What is Adaptive Security Algorithm?
2.what are the default security levels for interfaces in firewall?
2.How would the firewall treat a TCP and UDP packets when it crosses the firewall ?
3.Tell me abt the different types of NAT?
3.What is the order of NAT ?
4.what is NAT Control ?
5.What are the troubleshooting mechanism to be followed in Cisco Firewalls?
a) different flow lookups in the output of Packet Tracer?
6.What is Stateful Failover ? (command to enable failover)
7.what is Transparent Firewall ?
8.how to check the the connections and NAT Translations?
9.How would you trouble shoot the high utilization issue in firewall ?
10.one of the best issues u have troubleshooted with firewall ?
11.Diff between a IPS & Firewall ?


VPN


1.What is Site-Site and Remote Access VPN?
2.What is phase 1 tunnel and the paramters involved ?
3.What is phase 2 tunnel and the paramters involved ?
4.What is PFS ?
5.Why would a DH is required ?
6.How to check the status of the tunnel in phase 1 & 2 ?
7.what are the commands required to troubleshoot VPN?
8.what is GRE and why its required?
9.How can we carry routing updates via IPSEC without GRE?
10.What is NAT Traversal?
11.What are the ports involved in NAT Traversal ?


General


1.Diff between TCP & UDP?
2.What is ARP & RARP?
3.Firewall works at what Layer?
4.What is DNS doctoring?
5.What is proxy & Gratituous ARP?
6.Active & Passive FTP?
7.What is DHCP relay agent ? if DHCP server locates in a different subnet , how would the process works?
8 What is MTU and fragmentation ?
9.What is DoS Attack , Spoofing attack ? how can be Prevented?




Routing


1.What is Subneting and Superneting ?
2.What is Static Route and a Default Route ?
3.What is Classful and Class less Routing
4.what is Dynamic Routing? 


A)OSPF

1.Metric Used for OSPF?
2.What are the Parameters required for OSPF neighbourship?
3.What is NSSA , stubby ,total stubby ?
4.How would the cost of the interfaces is calculated?
5.Commands to view the OSPF neighbour?


B)EIGRP


1.Metric for EIGRP and its AD ?
2.What is stuck in active?
3.How would the un equal load balancing works with EIGRP?
4.diff between EIGRP and OSPF ?
5.Commands to view the eigrp neighbour ?


C)BGP


1.What is IBGP and EBGP ?
2.What is LOcal prefernce and MED?
3.What is BGP synchronization ?
4.what is AD of IBG and EBGP?
5.we have two entries in the routing table , say for an example


192.168.1.0 /24 --> 1.1.1.1
192.168.1.128/25 --->2.2.2.2


what is the next hop to reach 192.168.1.200 ?


6.Why is Redistribution required?
7.How would you filter the routes being Redistributed?


Cisco IPS


1.What is IPS and IDS .Tell me the difference between them ?
2.What are the IPS modules you have worked?
3.What is AIP-SSM?
4.What is Promiscuous and Inline Mode?
5.What is a Signature ?Tell me some signature engines?
6.How would you implement an IPS in a Network?
7.How would you manage IPS?
8.What is False Positive and False Negative?
9.What are the event action involved in Inline Mode?

STATEFUL INSPECTION TECHNOLOGY

Stateful Inspection, invented by Check Point Software Technologies, has emerged as the industry standard for enterprise-class network security solutions. Stateful Inspection is able to meet all the security requirements defi ned above while traditional fi rewall technologies, such as packet fi lters and application-layer gateways, each fall short in some areas. With Stateful Inspection, packets are intercepted at the network layer for best performance (as in packet fi lters), but then data derived from all communication layers is accessed and analyzed for improved security (compared to layers 4–7 in application-layer gateways). Stateful Inspection then introduces a higher level of security by incorporating communication- and application-derived state and context information which is stored and updated dynamically. This provides cumulative data against which subsequent communication attempts can be evaluated. It also delivers the ability to create virtual session information for tracking connectionless protocols (for example, RPC and UDP-based applications), something no other firewall technology can accomplish.

Ref - www.checkpoint.com

Checkpoint Interview questions

As per my experience i am trying to share CP interview question

Before going to start i suggest you that never try to make fool to your interviewer.

1)From which was the first version of Checkpoint you worked?

2)What is the difference between CP NG and CP NGX?

3)In how many mode we can install the checkpoint?

4)What is architecture of Checkpoint?

5)What is SIC ?

6)What is NAT and how many type of NAT supported by CP explain ?

7)What is the unicast and multicast?

8)What is the rules define Stealth and Clean up rule ?

9)Can we configure rules above stealth rule?

10)What is the purpose of clean up rule ?

11)How you can configure smart view client in new pc?

12)How you are taking backup of CP?

13)How you can take manual backup and which folders are necessary ?

14)How you can configure Log server and where in CP we configure it?

15)How you use smart view tracker tell about three pannes of it.

16)Have you ever configure smart defence if yes tell us the few feature of it.

17)What are the important communication ports of the checkpoint ?

18)Tell me about licence part of the CP and types of it.

19)How you can integrate gateway boxes with CP like Nokia and Nortel or UTM boxes?

20)How you can bring up Nokia box integration with CP server.

21)Have you configure Cluster in CP if yes then tell us process?

22)What is VRRP?

23)What is FW monitor ?

24)Try to give 5 important CLI commands which are helpful for CP admin ?

25)Have you done CCSA if yes then what is the career path for it and how 

many question were there .

26)What is Bi directional NAT?

27)If log folder is crossed the threshold value which you had defined in CP server then what will happen?

28)What is the use of database revision control?

29)Have you ever configure VPN if yes then tell us about Site to Site with IPSEC in CP?

30)Have you ever upgrade the R60 to R62 or R65 if yes then tell us the process?

31)What is FW unloadlocal?

32)If log tracker is showing green means accepted even though defined rule is not working then what causes might be tell us.?

33)What is SYNC in cluster ?

35)What is statefull inspection technology ?

36)Apart from Statefull which other technology firewall belongs too?

37)Difference between ASA and Checkpoint firewall?

38)What is ICMP default setting in global properties of CP?

39)How you can reconfigure SIC password ?

40)If you restarted the remote gateway then what will happen in CP network ?