 | ||
 Don't Make The Mistake I Made With CCSA NGX | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2006-07-02 | |||
| |||
 Don't Make The Mistake I Made With CCSA NGX I failed my CCSA with 60% : ( ..I read Boson (which is the biggest bullsh*t of all..becuase it comes with real easy questions which are NOTHING compared to what you'll get in the exam..I was scoring 90%+ with boson!) Anyway i read Boson and Syngress book and other checkpoint documents..BUTTT....i shouldve read the Testking exam sheet 156-215 (which I had with me before the exam and never touched it). Man this sheet covered EXACTLY atleast 60% of questions I had in the exam...even the same wordings!!..Contact me if you need this sheet sent to you..i'm rescheduling this exam next week after reading testking and heaps and heaps of NATing questions.. Anyway guys, if it helps..these are the questions i had: -- NATing - You need to be a NATting KING before you can sit this exam...expect atleast 30-40% of question on nat...which can be static, dynamic and ESPECIALLY bi-directional natting -- Expect lots and lots of questions relating to SmartView Monitor, Tracker and Audit mode. You need to know and memorize the SmartView windows...(Under Windows -> SmartView *) and how theyr're all different from each other ...know where your licensing is.. -- Web Intelligence - Need to know how to configure your servers for web intelligence and cross-site scrpting attacks..(Memorize the host objects window--they asked me..what will you configure within the hosts properties to make it ready for WI..two of the options were-- Configure servers, Manage Servers...I chose manage servers which is obviolsy wrong!) -- smart defense - know the common attacks like small PMTU, ping, teardrop -- Know your Firewall Status modes in monitor...and know what Collision is.. -- LDAP... Expect 3-4 questions on LDAP and its schema -- VPNs..Inplace and standard ecryption...which is better? - diffie-hellman..asymmetric or symm **UPDATE: To all the boys and girls I didnt mail the Testking to..I been on holidays..anyways I'm back and heres the link TO THE NEW TESTKING Version14 RELEASED 9 AUGUST.2006...courtesy of one of the members DATURAX..owe you one man.. http://rapidshare.de/files/28774842/...5_V14.pdf.html Last edited by silverblade; 2006-08-15 at 01:19.  |
| 2006-07-05 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Hi, i'm failed too with 58% in 156-215.1. I would like to know if i get this exam again, it would have same questions then the first or normally they would be newer questions ? Who failed and get it again, what was the experience about the questions mode between the first exam? Regards |
| 2006-07-09 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Hi, Can you plz post the link for this testking dump download here, so that everyone can benefit from your experience. __________________ Thankx & Regards, Digital_Frost |
| 2006-07-24 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Hi folks, Testking covered 20 of the 73 questions. exact wording ! so, why do you want to get this for free ? ok - we all save money where we can - but skip your beer or whiskey for a fortnight and you are in ... invest a few bucks and keep testking alive. next time we will need them again :-) btw: do you know, how you can reset the admin password ? you should or how to change the kernel's parameters without editing a file ? just an idea - but I'm convinced that the investment was ok. - īgot about 80 % ;-) |
| 2006-07-27 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX I would also love a copy of the testking i just got a 66 about an hour and a half ago gregtb@gmail.com I'll second the CL for backups and schema. Also does anyone know what in-place encryption Check Point uses? thanks a lot |
| 2006-07-30 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Quote:
__________________ I desire to know all things -Leonardo da Vinci |
| 2006-08-02 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Quote:
what topics u got in the exam & can u pl share ur experience . with regards karia |
| 2006-08-02 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX i think its quite sad seeing dozens of posts from people who have only registered on the forums to try and get a free copy of the testking cheat sheet. i'm with ivanhoe, either pay for it yourselves and stop being so cheap - or use the product and gain the experience you need to pass. If you take this exam so you can apply for a Check Point related job you're only going to find that you don't know nearly enough to do your job properly. The exams are a lot easier if you understand how the product works... |
| 2006-08-02 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Yep, agree with you 'stuartgreen' but I'd go a bit further - it might be difficult to resist a cram sheet with exact wordings of the questions but it's cheating, plain & simple. Get some hands on with the product and research the material you need to pass. Otherwise join the ranks of all those 'paper MCSEs' |
| 2006-08-04 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Quote:
hi in my opinion that everyone was saying checkpoint as changed the examination pattern (july 1 st onwards ) & added to these u can check so many posts that i failed after reading document ,syngress book & eventhough having a experience.so everyone searching for avialable resources may be it's testking (some peoples r rich to buy from testking or few doesn't have a bucks to buy testking ). if u doesn't want to give uploaded updated testking link leave it.there r are peoples who can post it.Don't tease & every member as self respect. checkpoint certifications & exams forum is there for that purpose to share there exam experience & it may help to other peoples who r going to take. if u doesn't participate it's ok.just watch the show. i think we will leave it these discussion from here onwards. with regards karia |
| 2006-08-09 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX |
| 2006-08-13 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX geez, the link to download the dump is all over the place, but some people still 'insist' somebody send it by email to them like a baby asking for someone to feed them. anyway, if you think just by reading the tesking dump you will pass the test, FORGET IT!, YOU WON'T !, PERIOD ! :) |
| 2006-08-15 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX QUESTION NO: 77 You are a Security Administrator configuring Static NAT on an internal host-node object. You clear the box "Translate destination on client side", accessed from Global Properties > NAT settings > Automatic NAT. Assuming all other Global Properties NAT settings are selected, what else must be configured for automatic Static NAT to work? A. The NAT IP address must be added to the anti-spoofing group of the external Gateway interface B. Two address-translation rules in the Rule Base C. No extra configuring needed D. A proxy ARP entry, to ensure packets destined for the public IP address will reach the Security Gateway's external interface E. A static route, to ensure packets destined for the public NAT IP address will reach the Gateway's internal interface ------------------------------------- What do you guys reckon? Testking Says C a collegue that passed with 80% reckons E and I am thinking B. What do you guys think and why? |
| 2006-08-15 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Quote:
the correct answer is E. otherwise the packets will be send back out to the internet as the firewall will see the public address as the destination & route back out. so if you had the following publc_ip=1.2.3.4 xlate_ip=192.1.2.3, you would need a static route to point 1.2.3.4 to your internal interface |
| 2006-08-15 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Hi, I passed last Friday. I put C. my opinion: It's not B because the question says it's automatic NAT i.e. not requiring rules to be manually added to the rule base. It's not A as there is no such thing. It's not D because ARP entries aren't required for automatic static NATs, only manual static NAT. |
| 2006-08-15 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Quote:
|
| 2006-08-15 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Quote:
if you clear/untick "Translate destination on client side" the nat will be performed on the internal interface of your firewall, rather than the external interface. if this is the case the packet will not get to the firewalls internal interface as the routing on the firewall would send packets bound for public IP to the external interface. so you need to add a static to point the nat rules public ip to the internal interface of the firewall so that the nat can be performed. |
| 2006-08-15 | |||
| |||
| Re: Dont make the mistake I made with CCSA NGX Thanks guys I got my exam again on Thursday! Another question which got me is a smartdefence one. You create two Policy Packages for two NGX Security Gateways. For the first Policy Package, you select Security and Address Translation and QoS Policy. For the second Policy Package, you selected Security and Address Translation and Desktop Security Policy. In the first Policy Package, you enable host-based port scan from the SmartDefense tab. You save and install the policy to the relevant Gateway object. How is the port scan configured on the second Policy Package's SmartDefense tab? A. Host-based port scan is disabled by default. B. Host-based port scan is enabled, because SmartDefense settings are global. C. Host-based port scan is enabled but it is not highlighted. D. There is no SmartDefense tab in the second Policy Package. Now I am only playing around in Demo mode and I know for definate that host pbased port scan is disabled by default (So the answer would be A) but the question is if you got different policys does the settings in smart defence stay the same? In that case testking would be right with B |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
