CheckPoint Firewall Interview Question and Answer

Technet 2U > 80+ Computer Tips > CheckPoint Firewall Interview Question and Answer

I am share with Checkpoint Firewall Interview Question and Answer. These question generally ask in interview. its also my
personal experience. Checkpoint Firewall is award winner security firewall. Every Corporate organization used Checkpoint firewall for
Internal Network security purpose. Security engineer must have to aware about Checkpoint firewall for growth in their career. I am sure
that below Checkpoint Firewall Interview Question and Answer will help in Interview.

400 Computer Networking Tips and trick – Tech Tips, Windows Tips and Internet Tips

CISCO ASA Firewall Interview Question and Answer

Free Download Computer Networking Tutorial Material- PPT and PDF

Read Also

Checkpoint Firewall Self Practice Question and Answer.

Windows System Administrator Interview Question and Answer.
Computer Networking Interview Question and Answer.
Desktop Support Engineer Interview Question and Answer.

1. What is Anti-Spoofing.

Ans- Anti-Spoofing is the feature of Checkpoint Firewall. which is protect from attacker who generate IP Packet with Fake or Spoof source
address. Its determine that whether traffic is legitimate or not. If traffic is not legitimate then firewall block that traffic on interface of
firewall.

2. What is Asymmetric Encryption.

Ans – In Asymmetric Encryption there is two different key used for encrypt and decrypt to packet. Means that one key used for Encrypt
packet, and second key used to for decrypt packet. Same key can not encrypt and decrypt.
3. What is Stealth Rule in checkpoint firewall.

Ans – Stealth Rule Protect Checkpoint firewall from direct access any traffic. Its rule should be place on the top of Security rule base. In
this rule administrator denied all traffic to access checkpoint firewall.

4. What is Cleanup rule In Checkpoint Firewall.

Ans – Cleanup rule place at last of the security rule base, Its used to drop all traffic which not match with above rule and Logged. Cleanup
rule mainly created for log purpose. In this rule administrator denied all the traffic and enable log.

5. What is NAT.

Ans- NAT stand for Network Address Translation. Its used to map private IP address with Public IP Address and Public IP address map
with Private IP Address. Mainly its used for Provide Security to the Internal Network and Servers from Internet. NAT is also used to
connect Internet with Private IP Address. Because Private IP not route able on Internet.

6. What is Source NAT.

Ans- Source NAT used to initiate traffic from internal network to external network. In source NAT only source IP will translated in public
IP address.

7. What is VPN (Virtual Private Network).

Ans – VPN (Virtual Private Network) is used to create secure connection between two private network over Internet. Its used Encryption
authentication to secure data during transmission. There are two type of VPN

Site to Site VPN.

Remote Access VPN.

8. What is IP Sec.

Ans – IP Sec (IP Security) is a set of protocol. which is responsible for make secure communication between two host machine, or network
over public network such as Internet. IPSec Protocol provide Confidentiality , Integrity, Authenticity and Anti Replay protection. There is
two IPSec protocol which provide security 1. ESP (Encapsulation Security Payload) and 2. AH (Authentication Header).
9. What is Difference between ESP and AH IPSec Protocol.

Ans-

ESP – ESP Protocol is a part of IPsec suit , Its provide Confidentiality, Integrity and Authenticity. Its used in two mode Transport mode
and Tunnel mode.

AH – Its is also part of a IPsec suit, Its provide only Authentication and Integrity, Its does not provide Encryption. Its also used to two
mode Transport mode and Tunnel mode.

10. What is Explicit rule In Checkpoint Firewall.

Ans – Its a rule in ruse base which is manually created by network security administrator that called Explicit rule.

Checkpoint Firewall Interview Question and Answer

11. What is Hide NAT.

Ans – Hide NAT used to translate multiple private IP or Network with single public IP address. Means many to one translation. Its can
only be used in source NAT translation. Hide NAT can not be used in Destination NAT.

12. What is Destination NAT.

Ans – When request to translate Destination IP address for connect with Internal Private network from Public IP address. Only static NAT
can be used in Destination NAT.

13. Difference between Automatic NAT and Manual NAT.

Ans

Automatic NAT Manual NAT

Automatic created by Firewall Manually Created by Network Security Administrator

Can not modify Can be Modify

Can not create “No NAT” rule Can be Create “No NAT” rule

Can not create Dual NAT Can be Create Dual NAT

Port forwarding not possible Port forwarding possible

Proxy ARP by default enabled Proxy ARP by default not enable

14. What is SAM Database.

Ans-

15. What is difference between standalone deployment distributed deployment.

Standalone deployment – In standalone deployment, Security Gateway and Security management server installed on same Machine.

Distributed deployment – In Distributed deployment, Security Gateway and Security Management Server installed on different
machine.
16. What is SIC.

SIC – SIC stand for “Secure Internal Communication”. Its a checkpoint firewall feature that is used to make secure communication
between Checkpoint firewall component. Its used when Security Gateway and Security management server installed in Distributed
deployment. Its Authentication and Encryption for secure communication.

17. What is 3 trier architecture component of Checkpoint Firewall.

Smart Console.
Security Management.
Security Gateway.

18. What is the Packet Flow of Checkpoint firewall.

i. SAM Database.
ii. Address Spoofing.
iii. Session Lookup.
iv. Policy Lookup.
v. Destination NAT.
vi. Route Lookup.
vii. Source NAT.
viii. Layer 7 Inspection.
ix. VPN.
x. Routing.

19. What Advantage of NAT.

Save Public IP to save cost.

Security with hide Internal Network.
Avoid Routing.
 Publish Server over Internet.
Overlapping Network.
Access Internet from Private IP address.

20. What is Smart Dashboard.

Ans– Its tool of smart console. Its used to Configure Rule, Policy object, Create NAT Policy, Configure VPN and Cluster.

I sure this checkpoint firewall interview question and answer will help you to crack interview. If its really helpful for you then Share It on
Facebook, Twitter etc.

Related Post

How to Install Checkpoint GAIA firewallR77 on VMware part-1.

How to Configure Checkpoint GAIA firewallR77 on VMware part-2.
How to Install Checkpoint GAIA firewallR77 on VMware part-3.
How to Mount Router IOS Image with GNS3 Simulator.
What is NAT.
What is SSL (Secure Socket Layer) Protocol.

Share This on

CISCO ASA Firewall Interview Question and CheckPoint Firewall Self Practice Question CCNA Online Practice Test Free With Answer
Answer and Answer and Score points
May 11, 2017 February 25, 2016 June 30, 2017
In "400+ Tech Tips" In "80+ Computer Tips" In "400+ Tech Tips"
Rakesh Kumar

Rakesh Kumar is a Network engineer and a Blogger. He is crazy for learn and write about Technology , Tech and Computer Tips and
Tricks Blog.