Check Point Firewall-1 Administration and CCSA Study Guide

Description

• Copyright 2002
• Edition: 1st

• Book
• ISBN-10: 0-13-093863-7
• ISBN-13: 978-0-13-093863-3

• Discover the complete FireWall-1 administration manual and CCSA prep guide!
• Explore FireWall-1 architecture, installation, and day-to-day management-in detail
• Utilize this complete network security primer for new FireWall-1 administrators
• Master the challenging sample exam questions and lab exercises

The first complete guide to FireWall-1 administration and Check Point's latest certification exam!

Check Point's FireWall-1 is the world's leading firewall—and these skills are in unprecedented demand! This is one of the only expert guides to FireWall-1 administration that also offers authoritative preparation for Check Point's hot new CCSA certification exam. Long-time FireWall-1 netadmin Steven Dangerfield begins with a thorough review of the challenges IT professionals face in securing their private networks and Internet presences. Dangerfield identifies today's most serious forms of attack, then systematically introduces the most effective FireWall-1 security practices and countermeasures. Coverage includes:

• FireWall-1's Stateful Inspection Architecture: maximizing security without compromising performance or scalability
• How and where to deploy FireWall-1 for maximum effectiveness
• Day-to-day firewall administration, security policy generation, and management using FireWall-1's automated tools
• Working with the Network Objects Manager, Services Manager, Resources Manager, Server Manager, Users Manager, and Time Objects Manager
• Simple, modular techniques for building more effective rule bases
• Practical techniques for managing authentication and Network Address Translation (NAT)

Check Point FireWall-1 Administration and CCSA Study Guide contains an extensive collection of lab and operational exercises, plus a thorough test preparation section covering every exam objective and providing realistic sample questions.

Whether you're managing FireWall-1, preparing for your CCSA certification exam, or both, this is the authoritative, comprehensive, practical resource you're searching for.



Sample Content

Table of Contents

Preface.


1. Internetwork Security Overview.

Summary.

2. Security Threats.

No User Training. Physical Security. Hacker's Toolbox. Summary.

3. Policies and Procedures.

Security Balance. Security Policy Development. Typical Security Policies. ABC & Co. Procedures. Nondisclosure Agreement. Physical Security Breach. Demand for Access. Computer/Information Theft. Internetworking Security Breach. Summary.

4. Policing the Security Domain.

Knowing Your Security Domain. Interesting Packets. Detecting Intrusion. Response. Summary.

5. FireWall-1 Overview.

Definition. Types of Firewall. FireWall-1 Overview. Summary.

6. Architecture.

Graphical User Interface. Distributed Enterprise Management. Firewall Module. Third-Party Integration-OPSEC. Virtual Private Network-VPN. Open Security Extension. Intrusion Detection. Load Balancing. High Availability. Reporting Module. Check Point Products. Summary.

- 7. Installation and Setup.

Windows NT. FireWall-1 Installation. Solaris. Solaris FireWall-1 Installation. Solaris GUI Client Installation. Nokia. Summary.

8. Graphical User Interface.

The Policy Editor GUI. The Log Viewer GUI. The System Status GUI. Summary.

9. Object Creation and Management.

Standards. Lab Network. Network Objects Manager. Domain Object. VLANs Tab. Services Objects Manager. Resources Objects Manager. Server Objects Manager. User Manager. Time Objects Manager. Navigating the Time Objects Window. Summary.

10. Policy Properties.

Security Policy Tab. Services Tab. Log and Alert Tab. Security Servers Tab. Authentication Tab. High Availability Tab. IP Pool NAT Tab. Access List. Desktop Security. Syn Defender. LDAP. Encryption. Connect Control. Summary.

11. Rulebase.

Rulebase Operation. Rulebase Development. Creating a New Rulebase. Navigating the Rulebase and Creating Rules. Installing and Uninstalling the Security Policy. Summary.

12. Authentication.

Authentication Schemes. Authentication Types. Authentication Implementation. Summary.

13. Network Address Translation.

Static Mode NAT. Hide Mode NAT. Issues with Network Address Translation. Summary.

14. Practical Lab Exercises. LAB Network Configuration. Security Definitions. Firewall Object Definitions. Rulebase Definitions. Install the Rulebase. Test the Rulebase. Authentication. Solution. Network Address Translation. Summary.


15. Penetration Testing.

Technique. Penetration of the Lab Network. Summary.

16.Exam Preparation.

Certification Plan. Answering Questions. What to Do If You Fail. Summary.

17. CCSA Objective Essentials.

FireWall-1 Architecture. System Requirements. Installation Process. GUI. Rulebase Construction. Rulebase Efficiency. Authentication. NAT. Policy Properties. Summary.

Appendix.

Exam 1. Exam 2. Exam 3. Correct Answers-Exam 1. Correct Answers-Exam 2. Correct Answers-Exam 3.

Preface

Preface

Welcome to the world of Information Security. This may be the first book you have read on the subject of IT security, firewalls, and hackers. Then again this could be the tenth. Either way, you are here. So, why is Information Security such a hot topic? Are you the right person to read this book? And what should you gain from reading it?

The power of the computer has grown significantly over the last 15 years. Now computer users transmit their information over the public Internet, be it a small message discussing the next social event, part of an online banking transaction, or the transmission of confidential documents. The term "public" has great significance, as this is part of the reason for security, as you will read later. That money transfers of one kind or another have entered into the equation and that this money can be lost or stolen has caused Information Security to move higher up on the IT agenda.

This book broadly covers three areas; security fundamentals, Check Point FireWall-1 administration, and a study guide for the Check Point Certified Security Administrator exam. No one, but no one, should feel exempt from reading the first part of the book on security fundamentals. If you are new to security, read it twice! Some readers may find that this covers familiar ground, but it's still worth reading. After completing this part of the book, you should have a clear grasp of security.

If you are going to be installing and configuring Check Point FireWall-1 then the second part is for you. Here you will be taken through the steps to prepare the firewall's platform and then the installation of FireWall-1. It will become apparent that no firewall is effective if it is not configured correctly. To this end, all the necessary configurations will be explained and that all-important security policy will be put into effect.

Check Point Software Technologies, like many other vendors, has developed a series of certifications that allows security professionals to demonstrate their abilities. Holding the Check Point Certified Security Administrator certification will gain you respect among peers and can aid your career development.

The final part of this book guides the reader through the necessary stages to successfully pass the CCSA exam.



Updates

Submit Errata

