Documente Academic
Documente Profesional
Documente Cultură
Internal Data
Master Certification Written-Exam Beta
Introduction:
The following study points are organized by topic and objective. Each of the following is formed as a statement,
allowing you to formulate a reply. Each of these topics might be covered on the exam you take. Items are pooled by
topic and objective, and the exam engine picks random selections from each pool. There are over one million
versions of the exam, and it is unlikely that any two candidates will see all the same items. Based on the randomness
of the selection, you might not be tested on every topic in every objective.
Section 1:
1.
List the forms of data communication. What are the risks and security requirements for each? Which Check
Point products address each of these? Be specific.
List the common modes of attack. Which Check Point features address these attacks, and how would you
use those features in a secure enterprise network?
List the critical components of a risk analysis. What are the functions of such an analysis? Where are the
greatest threats in any enterprise network? What are the controls that might be recommended as a result of
your risk-analysis activities?
Which IT security standards will impact your definition of risk and security requirements? How do these
impact your design?
How do various types of information and their associated protocols travel through the enterprise network?
At which strategic locations can you implement security safeguards to protect the information and intended
recipients?
Internal Data
1 of 7
Internal Data
Internal Data
Internal Data
Master Certification Written-Exam Beta
1.2. Design a secure enterprise-network compliance plan, based on documented organizational risk and
security requirements.
List how Security Gateways protect enterprise networks, meet security requirements, and mitigate
organizational risks.
List the common third-party attacks, their potential financial impacts, and how Check Point products can
protect against them.
Section 2:
2.
Describe how various Check Point products fit into an existing architecture. What are the important pieces
for preventing intrusion detection, and how are they integrated?
Given any of the deployment scenarios you study, how do you develop a system of logging that enables
organizations to determine the attacks they are experiencing, evaluate possible strategies for improving
tracking, and evaluate potential resolutions?
Given that each solution in the online case studies is unique, apply one case-study solution to other case
studies. Will the second solution meet the customer requirements of the first? If not, why not?
2.2. Create and implement a disaster-recovery plan and supporting infrastructure to restore networked Security
Gateways, given corporate operational requirements.
NOTE: One of the better ways to prepare for this objective is to review the detailed success stories
provided on the Web: http://www.checkpoint.com/corporate/success/index.html
List the backup and restore requirements for all Check Point products.
List the requirements and protocols for adding any Check Point product into an existing network.
Section 3:
3.
Review best practices for dealing with network attacks, implementing secure telecommunications and
overall design objectives.
Traffic restrictions
Penetration tests
Traffic-statistic compilations
Internal Data
2 of 7
Internal Data
Internal Data
Internal Data
Master Certification Written-Exam Beta
3.2. Test and verify functionality and achievement of stated objectives of a pilot network-security
implementation.
Outline the differences between authorization and authentication. How do these impact a security
implementation?
Which security best practices impact design considerations for implementing a VPN?
When executing a security implementation, under which conditions would it be appropriate to implement
Network Address Translation (NAT)? When would each form of NAT be most appropriate?
Which design trade-offs are required when balancing security with performance? Which security
implementations have the greatest impact on performance?
Section 4:
4.
Review the functions of InterSpect, Integrity, Eventia Reporter, Provider-1, VPN-1 VSX, and Connectra.
Section 5:
5.
Describe a VLAN implementation. At which level does it communicate? How is VLAN Tagging
accomplished? How are ports managed?
List the capabilities of VPN-1 UTMs intrusion prevention system/intrusion detection system (Web
Intelligence, Application Intelligence, and SmartDefense).
Given a Check Point UTM deployment, how can you use other Check Point products to enhance the
implementation? Which combinations simplify logging, access to network resources, and Internet access?
How do Virtual Systems function within a Check Point solution? What happens when the topology
changes?
5.2. Perform initial installation and configuration of a virtual-security infrastructure for a widely dispersed
organization with divergent security requirements and implementations.
List the definition of the Virtual System commands and their functions.
Outline a variety of VSX configurations. Study the configurations suggested in the detailed success stories
provided on the Web: http://www.checkpoint.com/corporate/success/index.html
Internal Data
3 of 7
Internal Data
Internal Data
Internal Data
Master Certification Written-Exam Beta
5.3. Given a widely dispersed organization with divergent security requirements and implementations, design
and implement a plan that guarantees a secure network communication and minimizes downtime.
NOTE: One of the better ways to prepare for this objective is to review the detailed success stories
provided on the Web: http://www.checkpoint.com/corporate/success/index.html
Review the Application Intelligence technologies. How does each feature protect/warn against internal and
external attacks? For which attack is each technology focused? For which attack is each feature not
suitable?
Section 6:
6.
List the Internet protocols. Which protocol provides strong authentication for Web servers? What is the
standard for secure communication for each communication type?
Describe the functions of ClusterXL. What are the advantages? How does a cluster configuration respond
to various Internet demands?
Section 7:
7.
What are the strengths/weaknesses of intrusion detection systems and intrusion prevention systems?
What are the security concerns of each of the layers of the ISO/OSI model? Which security solution works
best at each layer?
What are the differences between network-level and application-level attacks? Which strategies would you
employ to protect against both types of attacks? Which Check Point product or feature aids in this
protection?
List the possible causes of a Management High Availability configurations synchronization failure.
7.3. Analyze logs to discover and plan the recovery of specific compromised systems.
List the various sources of logs within Check Point systems. What are the advantages of each? How does
each support intrusion-detection and intrusion-prevention functions?
If you are using Integrity as an intrusion prevention system, which logs provide the most useful
information, and where are they stored?
What are the components of Eventia Analyzer, and what are their jobs? Which queries can you initiate
within Eventia Analyzer?
List the Automatic Reactions that Eventia can provide when triggered by an event. What is the function of
each? What are the advantages and disadvantages of each?
Internal Data
4 of 7
Internal Data
Internal Data
Internal Data
Master Certification Written-Exam Beta
Section 8:
8.
Given complex network integration, what would you monitor to maintain optimum network function?
How does Integrity Client function? Where does it store its policies? Where do you store your
configuration?
Which backups allow you to restore a SmartCenter Server to a new machine with a different IP address?
How do you do a Provider-1 migration? Which files are required, and where are they stored?
Outline a variety of configurations suggested in the detailed success stories provided on the Web:
http://www.checkpoint.com/corporate/success/index.html
What is the best method to install the Eventia Reporter add-on?
Outline a variety of configurations suggested in the detailed success stories provided on the Web:
http://www.checkpoint.com/corporate/success/index.html
What is the best method to leverage a performance pack on a VPN-1 UTM device?
8.2. Analyze and validate results of an implemented upgrade on a specific, complex network integration.
How do you troubleshoot the latest version of Integrity and Integrity Client?
How do you implement and verify the effectiveness of a Hotfix Accumulator (HFA)?
Section 9:
9.
Which error messages can you receive from SmartView Tracker? What is each telling you? Where should
you look to resolve these errors?
Which commands are useful for troubleshooting VSX Gateways? What are their functions?
Where would you find the files to define the following macros: ip_src, ip_p, or ip_p6?
Internal Data
5 of 7
Internal Data
Internal Data
Internal Data
Master Certification Written-Exam Beta
9.2. Given a specific internal or client problem, troubleshoot and correct the issue.
Where do the following operate within the ISO/OSI layer model: Network Address Translation, Wide Area
Networks, Ethernet, MAC addresses, routers, and switches?
Which attacks are addressed by SmartDefense? Which settings are the default, and what happens if any
setting is cleared?
How do you import a configuration from your previous NG with Application Intelligence R55 SmartCenter
Server?
9.3. Given a specific internal or client need, analyze and apply the appropriate Hotfix, and evaluate its
effectiveness.
Which precautions should you follow to integrate Integrity Client with installed anti-virus software on a
client workstation?
When a Security Gateway is dropping packets, which troubleshooting steps would you follow? What
information would you look for in SmartView Tracker?
While troubleshooting a connection problem, you run fw tab -t connections on the Security
Gateway. What does the output tell you? How can you tell from the output which type of connection you
are observing?
List common problems in site-to-site VPN tunnels. How do you troubleshoot each, and what is the
common solution?
Section 10:
10. Create backup and recovery strategies.
10.1. Design/plan a strategy for backup and disaster recovery of a specific, complex network environment.
What type of backup transmission medium would be the best choice to back up/restore security
components?
10.2. Implement a strategy for backup and disaster recovery of a specific, complex network environment.
When configuring a VSX Gateway for single Virtual System failover, which systems will not fail over?
Internal Data
6 of 7
Internal Data
Internal Data
Internal Data
Master Certification Written-Exam Beta
10.3. Analyze and validate the effectiveness of an implemented strategy for backup and disaster recovery in a
specific, complex network environment.
Which Check Point product features aid in your strategies for backup and disaster recovery?
What is the correct order to restore a SmartCenter Server configuration on SecurePlatform with an HFA
installed, due to a failed hard drive?
Internal Data
7 of 7
Internal Data