Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
51 Cards in this Set
- Front
- Back
|
(T/F) Software blades cannot be purchased independently and must be purchased in bundles.
|
False. Can be purchased independently or in bundles.
|
|
|
(T/F) Software blades are logical, not physical blades.
|
True
|
|
|
What are the key benefits of Software Blade Architecture? (5)
|
Flexibility
Manageability Total Security Lower TCO Guaranteed Performance |
|
|
(T/F) As business needs evolve, additional Software Blades can be quickly activated to extend security to an existing configuration/hardware foundation.
|
True
|
|
|
What are the two types of containers for Software Blades?
|
Security Gateway Container
Security Management Container |
|
|
What are the 3 types of hardware for Software Blade containers?
|
Check Point Appliance
Open Server Virtual Environment |
|
|
What platforms are supported by R-70? (5 Major with multiple releases)
|
SPLAT (2.6 kernel)
IPSO 6 (CoreXL supported) Windows Server (2003 & 2008 for SMS and firewall) RHEL5 for SMS and P-1 Solaris UltraSparc 8, 9, 10 for SMS |
|
|
What are the 5 areas that improve performance in R-70?
|
New IPS inspection (better scaling)
New high-performance pattern matching (more signatures on the same protocol) Multi-threaded to run accelerated IPS (Performance Pack) Optimized code Support for CoreXL |
|
|
What does CoreXL do?
|
Accelerates traffic on multi-core CPUs by load sharing traffic amongst the different cores.
|
|
|
What does CoreXL use to distribute traffic to multiple VPN-1 engines on multiple cores?
|
load balancers.
|
|
|
How are new Software Blades enabled?
|
In SmartDashboard
|
|
|
(T/F) Additional hardware, firmware, and drivers are necessary to enable Software Blades.
|
False
|
|
|
What are the 3 steps to create a system in R70?
|
Chose a Security Management or Security Gateway container
Select needed Software Blades Configure and deploy the system |
|
|
For Security Gateway systems, the number immediately following SG in the model number represents:
|
the number of cores
|
|
|
For Security Gateway systems, the last number in the model number represents:
|
the number of Software Blades included in the bundle
|
|
|
Security Gateway Series 100 is limited to ___ users, and recommended for ___ ports.
|
50, 8
|
|
|
Security Gateway Series 200 is limited to ___ cores, ___ users, and recommended for ___ ports.
|
2, 500, 12
|
|
|
Security Gateway Series 400 is limited to ___ cores, ___ users, and recommended for ___ ports.
|
4, unlimited, 16
|
|
|
Security Gateway Series 400 is optimized for ___ cores
|
8
|
|
|
What model of Security Gateway System is an ideal solution for a small office?
|
Series 100
|
|
|
What model of Security Gateway System is an ideal solution for mid-sized companies and offices?
|
Series 200
|
|
|
What model of Security Gateway System is an ideal solution for offices of any size that require high performance?
|
Series 400
|
|
|
What model of Security Gateway System is an ideal solution for the most demanding, highest-performing environments.
|
Series 800
|
|
|
If 2 numbers follow the SM in the Security Management System model number, it represents:
|
the maximum number of gateways it will manage.
|
|
|
If the letter U follows the SM in the Security Management System model number, it means:
|
it can manage an unlimited amount of gateways.
|
|
|
The number that follows SMV in the P-1 Security Management System model number represents:
|
The number of domains it can manage.
|
|
|
The last number in the Security Management System model number represents:
|
The number of blades included in the system.
|
|
|
The Security Gateway Software Blade that secures more than 200 applications, protocols, and services feature the mist adaptive and intelligent inspection technology?
|
Firewall
|
|
|
The Security Gateway Software Blade that provides secure connections between offices and for end users.
|
IPSec VPN
|
|
|
The Security Gateway Software Blade that provides the highest performing integrated intrusion protection solution with the industry's best threat covered is:
|
IPS
|
|
|
The Security Gateway Software Blade that provides advanced protection for the entire Web environment is:
|
Web Security
|
|
|
The Security Gateway Software Blade that provides best-of-breed Web filtering covering more tan 20 million sites and protects users and enterprises by restricting access to dangerous Web sites.
|
URL Filtering
|
|
|
The Security Gateway Software Blade that adds dynamic routing, multicast suooirt and QoS to security gateways is:
|
Advanced Networking
|
|
|
The Security Gateway Software Blade that addes SecureXL and ClusterXL is:
|
Acceleration & Clustering
|
|
|
The Security Management Software Blade that extends a browser-based view of security policies to outside groups while maintaining central policy control is:
|
Management Portal
|
|
|
The Security Management Software Blade that enables Check Point gateways to leverage LDAP-based user information stores, eliminating the need to maintain and synch redundant data stores is:
|
User Directory
|
|
|
In what year was a security Acceleration API (ClusterXL) added to provide highly optimized security processing?
|
2001
|
|
|
(T/F) SecureXL is only utilized in hardware.
|
False. Hardware or software (Performance Pack)
|
|
|
In what year was multi-nodal scalability provided when ClusterXL Load Sharing was released?
|
2002
|
|
|
In what year were ClusterXL enhancements made to provide multi-nodal, near-linear scalability with the VSX ClusterXL VSLS?
|
2006
|
|
|
In what year was CoreXL architecture developed?
|
2007
|
|
|
In what year was the new IPS engine and CoreXL fused with SecureXL Medium Path?
|
2008
|
|
|
What is the specific intent of the Medium Path in R70 Architecture?
|
to address IPS and INSPECT v2 processes.
|
|
|
What does the IPS engine do with first packets of a connection?
|
Determine if a connection needs to be inspected.
|
|
|
What does the IPS engine do with first packets of similar connections that have already been examined?
|
It does not examine them for initial context.
|
|
|
What happens to subsequent packets after the IPS engine determines that a connection should be inspected?
|
They will be forwarded to the Medium Path
|
|
|
(T/F) It is possibe to configure the number of instances and the amount of cores dedicated in any desired way
|
True
|
|
|
Medium Path processing is how many times faster than on the Firewall Path?
|
2
|
|
|
CoreXL processing is how many times faster than a single core?
|
5
|
|
|
How are Accelerated Path Cores allocated?
|
Interface IRQ Affinity
|
|
|
What queues packets to firewall instances running Firewall and Medium Paths?
|
Secure Network Dispatcher
|
