You are on page 1of 22

1. What is firewall?

A firewall is a hardware or software installed to provide security to the private networks connected to the internet. They can be implemented in both hardware and software, or a combination of both. All data entering or leaving the Intranet passes through the firewall which allows only the data meeting the administrators rules to pass through it.

2. What are the types of firewalls?


1. Packet Filtering Firewall: This type of Firewall detects packets and block unnecessary packets and makes network traffic release. 2. Screening Router Firewalls: It's a software base firewall available in Router provides only light filtering. 3. Computer-based Firewall: It's a firewall stored in server with an existing Operating System like Windows and UNIX. 4. Hardware base Firewall: Its device like box allows strong security from public network. Mostly 5. Proxy Server: Proxy server allows with different access limits. Proxy which filters the all packet from web used by big networks. all clients to access Internet server has its own firewall server.

3. What is Pix Firewall Security? How does it differ from a firewall?


CISCO pix firewall security is stateful firewall. It uses ASA Technology.

4. What can't a firewall protect against?


Firewalls can't protect against attacks that don't go through the firewall. Many corporations that connect to the Internet are very concerned about proprietary data leaking out of the company through that route. Unfortunately for those concerned, a magnetic tape can just as effectively be

used to export data. Many organizations that are terrified (at a management level) of Internet connections have no coherent policy about how dial-in access via modems should be protected.

5. Will IPSEC make firewalls obsolete?


IPSEC (IP Security) refers to a set of standards developed by the Internet Engineering Task Force (IETF). There are many documents that collectively define what is known as ``IPSEC'' [4]. IPSEC solves two problems which have plagued the IP protocol suite for years: host-to-host authentication (which will let hosts know that they're talking to the hosts they think they are) and encryption (which will prevent attackers from being able to watch the traffic going between machines).

6. What is a network firewall?


A firewall is a system or group of systems that enforces an access control policy between two networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic. Some firewalls place a greater emphasis on blocking traffic, while others emphasize permitting traffic. Probably the most important thing to recognize about a firewall is that it implements an access control policy. If you don't have a good idea of what kind of access you want to allow or to deny, a firewall really won't help you. It's also important to recognize that the firewall's configuration, because it is a mechanism for enforcing policy, imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for a large number of hosts therefore have a heavy responsibility.

7.

What is synchronization and why is it important?


With respect to multithreading, synchronization is the capability to control the access of multiple threads to shared resources. Without synchronization, it is possible for one thread to modify a shared object while another thread is in the process of using or updating that object's value. This often leads to significant errors.

8. What are the critical resources in a firewall?


1. Service Critical Resource 2. 3. 4. 5. 6. 7. 8. 9. Email Disk I/O Netnews Disk I/O Web Host OS Socket Performance IP Routing Host OS Socket Performance Web Cache Host OS Socket Performance, Disk I/O

9. What are some common attacks, and how can I protect my system against them?
Each site is a little different from every other in terms of what attacks are likely to be used against it. Some recurring themes do arise, though.

10. What is the difference between gateway and firewall?


A network gateway joins two networks together through a combination of hardware and software. A network firewall guards a computer network against unauthorized incoming or outgoing access. Network firewalls may be hardware devices or software programs.

11.

What is the difference between router ACLs and Firewall ACLs?


Fundamental purpose: 1. Routers are designed to route traffic, not stop it. 2. Firewalls are designed to examine and accept/reject traffic. But the both ACL are do the same job. Depending upon our requirements we do our ACL configuration on it.

12. A trace route command work across the firewall? why?


Trace route is based on ICMP type 30 under Windows and UDP under NIX; trace route packets that would hit the firewall should be dropped similarly any echo replay coming from inside the firewall should be restricted outbound.

13. Can you define Packet filtering?


Packet filtering is the process of passing or blocking packets at a network interface based on source and destination addresses, ports, or protocols. The process is used in conjunction with packet mangling and Network Address Translation (NAT). Packet filtering is often part of a firewall program for protecting a local network from unwanted intrusion. The packet filter examines the header of each packet based on a specific set of rules, and on that basis, decides to prevent it from passing (called DROP) or allow it to pass (called ACCEPT).

14. Can you explain circuit level gateway?


The circuit level gateway firewalls work at the session layer of the OSI model. They monitor TCP handshaking between the packets to determine if a requested session is legitimate. And the information passed through a circuit level gateway, to the internet, appears to have come from the circuit level gateway. So, there is no way for a remote computer or a host to determine the internal private ip

addresses of an organization, for example. This technique is also called Network Address Translation where the private IP addresses originating from the different clients inside the network are all mapped to the public IP address available through the internet service provider and then sent to the outside world (Internet). This way, the packets are tagged with only the Public IP address (Firewall level) and the internal private IP addresses are not exposed to potential intruders.

15. Can you explain stateful inspection?


Stateful inspection, also known as dynamic packet filtering, is a firewall technology that monitors the state of active connections and uses this information to determine which network packets to allow through the firewall. Stateful inspection has largely replaced an older technology, static packet filtering. In static packet filtering, only the headers of packets are checked -- which means that an attacker can sometimes get information through the firewall simply by indicating "reply" in the header. Stateful inspection, on the other hand, analyzes packets down to the application layer. By recording session information such as IP addresses and port numbers, a dynamic packet filter can implement a much tighter security posture than a static packet filter can.

16. Can you explain the concept of demilitarized zone?


The concept of the DMZ, like many other network security concepts, was borrowed from military terminology. Geopolitically, a demilitarized zone (DMZ) is an area that runs between two territories that are hostile to one another or two opposing forces' battle lines. The DMZ likewise provides a buffer zone that separates an internal network from the often hostile territory of the Internet. Sometimes it's called a "screened subnet" or a "perimeter network," but the purpose remains the same.

17. What is Application level Gateway?

An application layer gateway (ALG) is a feature on ScreenOS gateways that enables the gateway to parse application layer payloads and take decisions on them. Although there are other ScreenOS features, such as deep inspection, in which the gateway inspects traffic at the application layer, ALGs are typically employed to support applications that use the application layer payload to communicate the dynamic Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) ports on which the applications open data connections. Such applications include the File Transfer Protocol (FTP) and various IP telephony protocols. The dynamic TCP, UDP, or other ports that are opened by the ScreenOS gateway to permit these data or secondary channels are referred to as pinholes, and are active strictly for the duration of activity on the data channel.

18. Can you explain the concept of demilitarized zone?


The concept of the DMZ, like many other network security concepts, was borrowed from military terminology. Geopolitically, a demilitarized zone (DMZ) is an area that runs between two territories that are hostile to one another or two opposing forces' battle lines. The DMZ likewise provides a buffer zone that separates an internal network from the often hostile territory of the Internet. Sometimes it's called a "screened subnet" or a "perimeter network," but the purpose remains the same.

19. What is the meaning of bastion host?


A bastion host is a specialized computer that is deliberately exposed on a public network. From a secured network perspective, it is the only node exposed to the outside world and is therefore very prone to attack. It is placed outside the firewall in single firewall systems or, if a system has two firewalls, it is often placed between the two firewalls or on the public side of a demilitarized zone (DMZ).

The bastion host processes and filters all incoming traffic and prevents malicious traffic from entering the network, acting much like a gateway. The most common examples of bastion hosts are mail, domain name system, Web and File Transfer Protocol (FTP) servers. Firewalls and routers can also become bastion hosts

20. What are types of firewall architecture ?


1. Screening Router Architecture 2. Dual-Homed Host Architecture 3. Screened Host Architecture 4. Screened Subnet Architecture

21. Explain about Screening Router Architecture?


In this architecture a firewall consists of nothing more than a screening router. Host on the Local Network and hosts on the Internet are allowed to communicate directly. The communication is restricted to the type that is allowed by a screening router. The security of the whole Local Network depends on the correct ACL of the router and on the amount of services permitted.

22. Circuit level gateway advantages and disadvantages?


The following are the advantages of Circuit Level Gateways: 1. Private network data hiding 2. Avoidance of filtering individual packets 3. Flexible in developing address schemes 4. Don't need a separate proxy server for each application 5. Simpler to implement The following are the disadvantages of Circuit Level Gateways: 1. Active content cannot be scanned or disallowed commands.

2. Can only handle TCP connections new extensions proposed for UDP 3. TCP/IP stacks are mandatorily be modified by vendor for using CL Gateways.

23. What is IP spoofing and how can it be prevented?


IP spoofing is a mechanism used by attackers to gain unauthorized access to a system. Here, the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. This is done by forging the header so it contains a different address and make it appear that the packet was sent by a different machine. Prevention:1. Packet filtering: - to allow packets with recognized formats to enter the network 2. Using special routers and firewalls 3. Encrypting the session

24. What is the use of area and perimeter?


A lot of times, area and perimeter is used to help with a lot of home improvement projects like carpeting and hardwood flooring and painting. This is used to help give a good estimate of how much material you would need for these sort of projects. To find out what the outside of the shape is (perimeter), and to find out the inside size (area).

25. Can you explain screened subnet architecture?


A screened subnet (also known as a "triple-homed firewall") is a network architecture that uses a single firewall with three network interfaces. The purpose of the screened subnet architecture is to isolate the DMZ and its publicly-accessible resources from the intranet, thereby focusing external attention and any possible attack on that subnet. The architecture also

separates the intranet and DMZ networks, making it more difficult to attack the intranet itself. When a properly configured firewall is combined with the use of private IP addresses on one or both of these subnets, attack becomes that much more difficult.

26. Can you explain screened host architecture?


screened host architecture is a lower-security, lower-cost alternative to the screened subnet architecture discussed in the previous sections. The screened host architecture is often used by very small sites that are facing significant cost constraints. In a screened host architecture, there is no perimeter net, no interior router, and often no bastion host per se. (Obviously, there is a host that the outside world talks to, but this host is often not dedicated solely to that task.) What you have instead is a single router (most analogous to the exterior router in the dual-router screened subnet architecture) and a services host that provides Internet services to internal and external clients (and is often used for other tasks as well). The router is there to protect and control access to the internal net, and the services host is there to interact with the outside world, much like a bastion host. We call it a services host, rather than a bastion host, because it's often fulfilling many other roles. For example, it's probably the mail server, Usenet news server, and DNS server for the site; it might possibly be a file server, print server, and so on, as well; it might even be the only machine the site has.

27. Can you explain dual home architecture?


In this architecture a firewall consists of Dual-Homed Host machine (machine having two or more IP addresses each for specific physical port). One port of the machine connects to the Local Network and the other port/ports connect to the Internet. The IP datagram forwarding is turned off

on the Dual-Homed Host machine, thus there is no direct TCP/IP connection between the Local Network and the Internet. You permit communication between Local Network and the Internet in either of two ways: 1. Users on the Local Network are given accounts on the DualHomed Host machine. In order to use Internet services the must rlogin on the Dual-Homed Host machine. The fact that you allow accounts on the machine weakens its security greatly (it now depends on each user and user that have access to it, more correctly it depends on the users' ability to choose "strong" passwords). Once the outsider succeeds to rlogin on the DualHomed Host machine he/she can access the entire Local Network. 2. Dual-Homed Host runs proxy program for each service you want to permit, thus there is no more need for users to rlogin to the machine in order to access the Internet. They can communicate via proxy software. The only host that can be accessed and thus attacked from the Internet is the Dual-Homed host machine. Thus it must have much greater level of security than the ordinary host on the Local Network. The excessive logging and auditing of system state must be performed, only secure software and necessary software installed and so on. This architecture is much more secure than the Screening Router Architecture. But still once the Dual-Homed Host is subverted the entire Local Network is vulnerable to attack.

28. What is Routing table?


A routing table stores the routes of the various nodes in a network. Nodes can be any electronic device connected to the network. The table is usually stored in a router or the network computer as a database or file. This information helps to found the best possible path. The routing table has at least 3 fields: the destination network id, cost of the path, next hop or address to send the packet.

29. What is Routing Protocols?


Routing protocols are used to assist in achieving the basic purpose of routing. They specify the routers the method to communicate with each other. They help the routers select the best possible path between nodes. There are different types of protocols such as link-state routing protocols, path vector protocols and distance vector routing protocols. These protocols prevent routing loops to form or break if formed already. They help to decide preferred routes from a sequence of hop costs.

30. What is SNMP (Simple Network Management Protocol)?


SNMP or Simple Network Management Protocol is typically used for managing the network. Managing the network includes managing the nodes present in the network. These nodes may be server, routers, bridges and hubs. SNMP agents are used to achieve this. Managing the network is essential because it helps to monitor network performance, detect network faults or failures, audit network usage etc. the SNMP messages like TRAP, GET or SET may be invoked by network elements or network management system.

31. What is POP3 (Post Office Protocol 3)?


POP3 or Post Office Box 3 is used for receiving emails. It is a client server protocol which holds the email. Once the email is downloaded from the server, POP3 deletes it from the server. Ordinal numbers are used to identify specific messages.

32. What is NNTP (Network News Transfer Protocol)?


NNTP or Network News Transfer Protocol is used to manage the notes posted on Unset newsgroup (a collection of posted notes on a subject posted by different users). NNTP servers are responsible for managing Usenet

newsgroup collected globally. A NTTP client is a part of the web browser also called as a news reader. It uses a reserve port no 119.

33. What is HTTP (Hypertext Transfer Protocol)?


HTTP or Hyper Text Transfer Protocol is provides a set of rules to transfer files, videos, images over the world wide web. When the web browser is opened, a HTTP request call is made. A web server contains a HTTP daemon. This daemon is used to wait for HTTP requests and handle them when they arrive. The web browser from where HTTP requests are made is called as a client. These requests are sent to the server. It uses a reserved port no 80.

34. What is IGMP protocol?


Internet Group Management Protocol, allows internet hosts to multicast. i.e. to send messages to a group of computers. There may be a group of internet hosts interested to multicast. IGMP allows router to determine which host groups have members on a given network segment. It helps to establish group memberships. It is commonly used for streamlining videos and gaming. The protocol can be implemented both as a host side and router side. The host side is responsible to notify its membership in a group. The notification is made to a local router. This local router (router side) in turn sends out queries.

35. What is NetBIOS protocol?


NetBIOS (Network Basic Input/output System) Protocol allows applications on separate computers to communicate over a LAN. It runs over TCP/IP giving each computer in the network a NetBIOS name and IP address. E.g. It can be used for computers running Windows 2000 (or before) to join a computer network running Windows 2000 (or later).

36. What is Data encryption?

Data encryption ensures data safety and very important for confidential or critical data. It protect data from being read, altered or forged while transmission.

37. What is the Public Key Encryption?


Public key encryption use public and private decryption. In this mechanism, public key is used only the corresponding private key can be used to a message, a sender has to know recipient's public key for encryption and to encrypt messages and decrypt them. To encrypt key.

38. Define Digital Signatures.


Digital signature is an attachment to an electronic message used for security purpose. It is used to verify the authenticity of the sender.

39. What is CSMA and CD concept?


In CSDA (carrier sense multiple access), presence of any digital signal in a network is checked before transmission. Data transmission occurs only when no signal is sensed. CD, Collision detection is responsible for monitoring carrier in order to avoid signal jam.

40. What is Ethernet technology?


Ethernet technology is a high speed broadcast bus technology. In this type, all the station shares a single ether channel and receives every single transmitted signal.

5 Interview Questions for Firewall Engineers

Your ability to secure data using the right mix of hardware and software is critical to a companys operations, and even its bottom line. Among the most important things recruiters and hiring managers look for during an interview seems basic: technical competence.

At the same time, they want to see that you can fit into the corporate culture. Thats the kind of thing many tech people struggle to demonstrate. This means you can expect your interview to cover areas that seem to have little relation to one another. So be ready to shift gears quickly as the conversation goes on. Here are some of the questions you should be ready to field. Whats the size of your network? What you should say: Your answer depends on whos asking the question. For example, if its a technical person conducting the interview, you might want to answer in terms of nodes. However the idea of a 1,300-node network probably wont mean anything to a businessperson. For an executive or someone in sales, its better to say you have 1,500 users. Why you should say it: You want to qualify your audience. Before you answer, be sure you understand how it will resonate with the person whos asking. If that executive doesnt know what youre talking about, hes got no

basis on which to judge some of your critical experience. Bottom line: Know your audience. Whats the most successful firewall project youve worked on? What was your role? What you should say: If youre a senior engineer, managers want to hear that you led the project and designed it, not that you just did what you were told to do. Structure your answer to identify the possible solutions you looked at, which one you chose and why, and then get into details of your role. Come prepared to get into detail about your biggest projects. Why you should say it: This is where the interviewer gets a sense of who you are. If you just say you were part of a team, that tells them you havent really worked on a lot of cutting-edge projects. Good interviewers are moving away from black-and-white questions and pat, right-or-wrong answers. A lot of their questions will be meant to gauge the complexity of your environment and how effective you were in working with it. Describe the biggest security breach youve encountered. How did you handle it, and what would you do differently? What you should say: Some might say theyve never had a breach, but that could imply you. Assuming you have experienced a breach, be sure to help the interviewer understand what controls and measures you put in place and, again, highlight your specific role. Dont just say you had a problem show how you overcame it. Why you should say it: Contrary to the usual advice to be a team player, its important to emphasize your individual contribution. You want the interviewer to know exactly what you bring to the table. Youre interviewing for you, not your team. What percentage of your responsibilities is dedicated to IT security? What you should say: Tell the truth, but bear in mind having security as just one of many roles could be a liability to some employers. If security is one of five or six responsibilities you have, you wont have knowledge thats as deep as someone who handles it full-time. So be sure to put it in perspective. If you have multiple responsibilities and security is the major one, emphasize that.

Why you should say it: People want to get to the core of how much of your day is devoted to IT security. If its simply 20 percent of your role, face the fact that this jobs probably not for you. Bottom line: Make sure youre a perfect fit when targeting this position. Why do you want to work here? What you should say: Avoid a cookie-cutter answer like to grow my career or Im fascinated by your business. Show that youve researched the company, that youre motivated, interested and have ideas about how you can contribute. Prepare by following the basics: Get onto the companys website, look at its press releases and financials, and incorporate relevant details into your answers. Why you should say it: First, you want to impress the interviewers with how much you know about the company and tie it back to how you can contribute. That shows your interest in the job. Second, as important as it is to demonstrate your technical skills, proving that you can fit into the employers culture can be even more critical. Recruiters say successful hiring decisions are 60 percent about technical skills and 40 percent cultural fit. While the technical skills will get you the interview, its the cultural fit that lands you the job.

Which of the applications in Check Point technology can be used to configure security objects? Answer: Smart Dashboard Question 2 Which of the applications in Check Point technology can be used to view who and what the administrator do to the security policy? Answer: SmartView Tracker Question 3 What are the two types of Check Point NG licenses? Answer: Central and Local licenses Central licenses are the new licensing model for NG and are bound to the Smart

Center server. Local licenses are the legacy licensing model and are bound to the enforcement module. Question 4 What is the main different between cpstop/cpstart and fwstop/fwstart? Answer: Using cpstop and then cpstart will restart all Check Point components, including the SVN foundation. Using fwstop and then fwstart will only restart VPN-1/FireWall-1. Question 5 What are the functions of CPD, FWM, and FWD processes? Answer: CPD CPD is a high in the hierarchical chain and helps to execute many services, such as Secure Internal Communication (SIC), Licensing and status report. FWM The FWM process is responsible for the execution of the database activities of the Smart Center server. It is; therefore, responsible for Policy installation, Management High Availability (HA) Synchronization, saving the Policy, Database Read/Write action, Log Display, etc. FWD The FWD process is responsible for logging. It is executed in relation to logging, Security Servers and communication with OPSEC applications. Question 6 How to Install Checkpoint Firewall NGX on SecurePlatform? Answer: 1. Insert the Checkpoint CD into the computers CD Drive. 2. You will see a Welcome to Checkpoint SecurePlatform screen. It will prompt you to press any key. Press any key to start the installation; otherwise it will abort the installation. 3.You will now receive a message saying that your hardware was scanned and found suitable for installing secureplatform. Do you wish to proceed with the installation of Checkpoint SecurePlatform. Of the four options given, select OK, to continue. 4.You will be given a choice of these two: SecurePlatform SecurePlatform Pro

Select Secure platform Pro and enter ok to continue. 5.Next it will give you the option to select the keyboard type. Select your Keyboard type (default is US) and enter OK to continue. 6.The next option is the Networking Device. It will give you the interfaces of your machine and you can select the interface of your choice. 7.The next option is the Network Interface Configuration. Enter the IP address, subnet mask and the default gateway. For this tutorial, we will set this IP address as 1.1.1.1 255.255.255.0 and the default gateway as 1.1.1.2 which will be the IP address of your upstream router or Layer 3 device. 8.The next option is the HTTPS Server Configuration. Leave the default and enter OK. 9.Now you will see the Confirmation screen. It will say that the next stage of the installation process will format your hard drives. Press OK to Continue. 10.Sit back and relax as the hard disk is formatted and the files are being copied. Once it is done with the formatting and copying of image files, it will prompt you reboot the machine and importantly REMOVE THE INSTALLATION CD. Press Enter to Reboot. Note: Secure platform disables your Num Lock by overriding System BIOS settings, so you press Num LOck to enable your Num Lock. For the FIRST Time Login, the login name is admin and the password is also admin. 11.Start the firewall in Normal Mode. 12. Configuring Initial Login: Enter the user name and password as admin, admin. It will prompt you for a new password. Chose a password. Enter new password: check$123 Enter new password again: check$123 You may choose a different user name:

Enter a user name:fwadmin Now it will prompt you with the [cpmodule]# prompt. 13. The next step is to launch the configuration wizard. To start the configuration wizard, type sysconfig. You have to enter n for next and q for Quit. Enter n for next. 14.Configuring Host name: Press 1 to enter a host name. Press 1 again to set the host name. Enter host name: checkpointfw You can either enter an ip address of leave it blank to associate an IP address with this hostname. Leave it blank for now. Press 2 to show host name. It now displays the name of the firewall as checkpointfw. Press e to get out of that section. 15.Configuring the Domain name. Press 2 to enter the config mode for configuring the domain mode. Press 1 to set the domain name. Enter domain name:yourdomain.com Example: Enter domain name: checkpointfw.com You can press 2 to show the domain name. 16. Configuring Domain Name Servers. You can press 1 to add a new domain name server. Enter IP Address of the domain name server to add: Enter your domain name server IP Address HERE. Press e to exit. Network Connections.

17. Press 4 to enter the Network Connections parameter. Enter 2 to configure a new connection. Your Choice: 1) 2) 3) 4) eth0 eth1 eth2 eth3

Press 2 to configure eth1. (We will configure this interface as the inside interface with an IP address of 192.168.1.1 and a subnet mask of 255.255.255.0. The default gateway will be configured as 1.1.1.1.) Press 1) Change IP settings. Enter IP address for eth1 (press c to cancel): 192.168.1.1 Enter network Mask for interface eth2 (press c to cancel): 255.255.255.0 Enter broadcast address of the interface eth2 (leave empty for default): Enter Pres Enter to continue. Similarly configure the eth2 interface, which will be acting as a DMZ in this case with 10.10.10.1 255.255.255.0. Press e to exit the configuration menu. 18.Configuring the Default Gateway Configuration. Enter 5 which is the Routing section to enter information on the default gateway configuration. 1.Set default gateway. 2.Show default gateway. Press 1 to enter the default gateway configuration. Enter default gateway IP address: 1.1.1.2 19. Choose a time and date configuration item. Press n to configure the time zone, date and local time.

This part is self explanatory so you can do it yourself. The next prompt is the Import Checkpoint Products Configuration. You can n for next to skip this part as it is not needed for fresh installs. 20. Next is the license agreement. You have the option of V for evaluation product, U for purchased product and N for next. If you enter n for next. Press n for next. Press Y and accept the license agreement. 21.The next section would show you the product Selection and Installation option menu. Select Checkpoint Enterprise/Pro. Press N to continue. 22. Select New Installation from the menu. Press N to continue. 23. Next menu would show you the products to be installed. Since this is a standalone installation configuration example, select VPN Pro and Smart center Press N for next 24.Next menu gives you the option to select the Smart center type you would like to install. Select Primary Smart center. Press n for next. A validation screen will be seen showing the following products: VPN-1 Pro and Primary Smart center. Press n for next to continue. Now the installation of VPN-1 Pro NGX R60 will start.

25. The set of menu is as follows: Do you want to add license (y/n) You can enter Y which is the default and enter your license information. 26. The next prompt will ask you to add an administrator. You can add an administrator. 27.The next prompt will ask you to add a GUI Client. Enter the IP Address of the machine from where you want to manage this firewall. 28. The final process of installation is creation of the ICA. It will prompt you for the creation of the ICA and follow the steps. The ICA will be created. Once the random is configured (you dont have to do anything), the ICA is initialized. After the ICA initialized, the fingerprint is displayed. You can save this fingerprint because this will be later used while connecting to the smart center through the GUI. The two fingerprints should match. This is a security feature. The next step is reboot. Reboot the firewall. Question 7 What are the types of NAT and how to configure it in Check Point Firewall? Answer: Static Mode manually defined