 | ||
 Don't Make The Mistake I Made With CCSA NGX | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-08-30 | |||
| |||
 Re: Don't make the mistake I made with CCSA NGX Quote:
I disagree with this as i have just tried to override the admin password in r60 and was able to do it so i believe the answer is B  |
| 2006-08-30 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hey guys I have just remebered some of a question on the exam that I failed. It mentioned use of the "cron" or "cron utility" I dont know if any of you guys had this question. Can we define what its used for and if anyone remembers the question itself? |
| 2006-08-30 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX "Cron or crontab is a Unix/GNU Linux task scheduler, it allows you to specify when to run certain cli commands or scripts. The system crontab is usually found in /etc/crontab, to view a particular users crontab use "crontab -u <userid> -l". As for TK question 101, R61 does have the option as mentioned in B. |
| 2006-08-30 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX QUESTION 101 How can you reset the password of the Security Administrator, which was created during initial installation of the SmartCenter Server on SecurePlatform? A. Launch cpconfig and select "Administrators". B. Launch SmartDashboard, click the admin user account, and overwrite the existing Check Point Password. C. Type cpm -a, and provide the existing administration account name. Reset the Security Administrator's password. D. Export the user database into an ASCII file with fwm dbexport. Open this file with an editor, and delete the "Password" portion of the file. The log in to the account without password. You will be prompted to assign a new password. E. Launch cpconfig and delete the Administrator's account. Recreate the account with the same name. Answer according to Testking it is B In windows version I tried to change the admin password which was created initially. We cannot change the password by Smartdashboard as there is no option to change the password the default administrator password created initally at the time of installation. We need to type cpconfig on the Enforcement module select administrators and then change the password. Please let me know your comments.... Thanks and Regards, Bhaskar Prasad |
| 2006-08-30 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hi guys, Regarding question 101 I've played with NGX R55, R60 and R61. According to CheckPoint_NGX_R61_WhatsNew.pdf, "Administrators can change their passwords through SmartDashboard", but only Administrators created from SmartDashboard (AdminAuth window). I think this was also possible in R55 but you couldn't do that in NGX R60. You cannot modify the administrator's password created from SecurePlatform->cpconfig. I also didn't understood this question in the beginning. I think after all, the right answer is E because you don't have "Administrators" in cpconfig, you only have "Administrator", and definatelly not B because is specified that the user was created during initial installation of the SmartCenter Server on SecurePlatform. |
| 2006-08-30 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Quote:
Yes, I am also agree your result. It should be E!!! |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hi, I just found the new thing in NGX R61 regarding administrator's password changing. Administrators created from SmartDashboard can change their password from Manage->Change my password. |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Regarding question 71: I think the right answer is B. Original Packet Translated Packet No Source Destination Service Source Destination Service 1 internal_net Any HTTP firewall(hide) Original Original 2 internal_net Any FTP firewall(hide) Original Original 3 internal_net Any SMTP firewall(hide) Original Original It is specified that the network addresses are translated only when they try to access HTTP,SMTP and FTP. |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hi , You are correct The Answer to Question No. 71. is B Manual Hide NAT rules for HTTP, FTP, and SMTP services for network 10.10.20.0/24. Thanks and Regards, Bhaskar Prasad |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hi FireSEC, I THINK THE EXAM IS BASED ON R60 AND NOT on R61. In What's New in NGX: SmartCenter http://www.checkpoint.com/ngx/upgrad...artcenter.html Regarding Question Number 101, It should be between A or E. Please let me know Please let me know your comments Regards, Bhaskar Prasad |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Regarding question no. 77: I think TestKing answer C is is right, because it's specified that Automatic Static NAT it's used, and when you use Automatic NAT you don't have Routing/ARP issues. |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hey guys, What do you think about question 85? How can you reset Secure Internal Communications (SIC) between SmartCenter and Security Gateway? A. Run the command fwm sic_reset to reinitialize the Internal Certificate Authority (ICA) of the SmartCenter Server. Then retype the activation key on the Security Gateway from SmartDashboard. B. From cpconfig on the SmartCenter Server, choose the Secure Internal Communication option and retype the activation key. Next, retpe the same key in the gateway object in SmartDashboard and reinitialize Secure Internal Communications (SIC). C. From the SmartCenter Server's command line type fw putkey -p <shared key> <IP Address of SmartCenter Server>. D. From the SmartCenter Server's command line type fw putkey -p <shared key> <IP Address of Security Gateway>. E. Reinstall the Security Gateway TestKing answer: B The problem is that in cpconfig, we don't have any Secure Internal Communication option. This option I think is available in NG R55 version. The right answer here I think is A. |
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Quote:
|
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Quote:
|
| 2006-08-31 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hey David, I just saw in NGX R61 documentation that that option is included. And yeah you are right I have the SmartCenter Server and the Security Gateway installed on the same machine, so there is not need for SIC. Thanks |
| 2006-09-01 | |||
| |||
| Re: Don't make the mistake I made with CCSA NGX Hi, If you want to reset SIC between SmartCenter Server and a specific Security Gateway you can do this in two ways: i. from SmartDashboard: Security Gateway's General Properties->Communication->Reset ii. from Security Gateway cpconfig: Secure Internal Communication If you want to reset SIC on all CheckPoint Components you have to run fwm sic_reset on the SmartCenter Server and after this: i. Re-initialize the internal Certificate Authority from cpconfig->Certificate Authority ii. Restart CheckPoint Services (cpstart, cpridstart) iii. Reset SIC on each specific component managed by the SmartCenter Server iv. Re-establish Trust with each component So, regarding that testking question, you can't run cpconfig->Secure Internal Communication on the SmartCenter Server. Also if you do like A. says, I think you also have to reset Secure Internal Communication from cpconfig. So ..I don't know which of this answers are more wrong. :) |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
