CheckPoint Exam Questions

One to allow the destination machine to send information back to the client.

Assume there has been no change made to default policy properties. To allow a telnet connection
into your network, you must create two rules.
One to allow the initial Telnet connection in.
One to allow the destination machine to send information back to the client.

A.
True

B.
False

Explanation:
by default, in the case of Telnet (Port TCP 23) you only need one rule allowing the traffic from the
inside or from the outside of the firewall, any reply to that Telnet connection request will be allowed
by the firewall because of the connection tracker database located at the gateway. This behavior
can be configured to work in a different fashion depending on the implementation requirements.
Incorrect Answers:
A: You don’t need 2 rules for a Telnet request and a Telnet reply because if the connection is
allowed with the first rule through the gateway, the reply is expected in connection tracker
database inside the gateway.