NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Re: Boson FW-1 Admnistrator Exam



> I have reviewed the Boson test and found that it was horrible.  I wouldn't
> use it to blow my nose on.  I am writing an HTML test right now.  It will
be
> done by the end of the week for CCSA and hopefully CCSE material.  The
> information for tests I am writing comes directly from Check Point's eval
> Admin Guide and I cite pages as well as just answers.  The test will not
be
> based off of Check Points tests, but it will cover all of Firewall-1.  I
> will ask specific people to review and add material as well.
>
> As a Check Point test review team member I cannot provide anything not
> specifically documented as public knowledge as I know all of the actual
test
> questions.  However, my work will be cited directly from their manuals and
> not from my memory or from the actual tests.
>
> Stay tuned.
>
> ----- Original Message -----
> From: "Lance Spitzner" <[email protected]>
> To: <[email protected]>
> Sent: Wednesday, January 17, 2001 8:25 AM
> Subject: [FW1] Boson FW-1 Admnistrator Exam
>
>
> >
> > Recently,  I was asked a question about a "Boson"
> > FW-1 Administrator exam.  I have no idea what this
> > exam is, nor who sponsors it.  However, if the
> > material quouted below is true, then this question
> > greatly disturbs me.  I wanted to know if anyone
> > else has ran into this.
> >
> > --- snip snip ---
> >
> > I have always thought that it is necessary to harden the OS for the
> > firewall
> > server. However, I was doing the Boson Checkpoint FW-1 Administrator
> > practice exams when I came across this question:
> >
> > Question: Why is it unnecessary for Firewall-1 to harden the OS?
> >
> > Answer: Firewalls that do not analyze the packet until it gets to the
> > application layer need to protect themselves from the lower layer
> > attacks.
> > Firewall-1 protects itself by analyzing all the layers of the packet.
> > Therefore it is unncessary for the administrator to harden the OS for
> > Firewall-1 server.
> >
> > Is this true????
> >
> > --- snip snip ---
> >
> > This is absolutely NOT true.  If an exam is making these assumptions,
> > then it shows that the author has a total lack of security knowledge.
> > No firewall is impervious to vulnerabilities, Bugtraq demonstrates this
> > again and again.  Also, base OS armoring protects the firewall against
> > rulebase or administrative misconfigurations.  I highly recommend OS
> > armoring for all firewalls, regardless of the vendor.  Part of security
> > is reducing risk at all levels.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.