Check Point
Check Point Training
General
Check Point Cybersecurity Boot Camp (CCSA+CCSE)

Learn basic and advanced concepts and develop skills necessary to administer IT security fundamental and intermediate tasks.

This course prepares learners for both CCSA exam #156-215.80 and CCSE exam #156-315.80.

About the course

Prerequisites:

The knowledge and skills that the learner should have before attending this course are as follows:

  • One-year experience on Check Point products. Working knowledge of Windows, UNIX, networking technology, the Internet and TCP/IP is recommended.

Course Objectives:

Upon completing this course, the learner will be able to meet these overall objectives:

Security Administrator

  • Describe the primary components of a Check Point Three-Tier Architecture and explain how they work together in the Check Point environment.
  • Identify the basic workflow to install Security Management Server and Security Gateway for a single-domain solution
  • Create SmartConsole objects that correspond to the organization?s topology for use in policies and rules.
  • Identify the tools available to manage Check Point licenses and contracts, including their purpose and use.
  • Identify features and capabilities that enhance the configuration and management of the Security Policy.
  • Demonstrate an understanding of Application Control & URL Filtering and Autonomous Threat Prevention capabilities and how to configure these solutions to meet an organization?s security requirements.
  • Describe how to analyze and interpret VPN tunnel traffic.
  • Identify how to monitor the health of supported Check Point hardware using the Gaia Portal and the command line.
  • Describe the different methods for backing up Check Point system information and discuss best practices and recommendations for each method.

Security Expert

  • Identify the types of technologies that Check Point supports for automation.
  • Explain the purpose of the Check Management High Availability (HA) deployment.
  • Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, and connection stickyness.
  • Explain the purpose of dynamic objects, updatable objects, and network feeds.
  • Describe the Identity Awareness components and configurations.
  • Describe different Check Point Threat Prevention solutions.
  • Articulate how the Intrusion Prevention System is configured.
  • Explain the purpose of Domain-based VPNs
  • Describe situations where externally managed certificate authentication is used.
  • Describe how client security can be provided by Remote Access.
  • Discuss the Mobile Access Software Blade.
  • Define performance tuning solutions and basic configuration workflow.
  • Identify supported upgrade methods and procedures for Security Gateways.
Course content
Security Administrator Exercises
  • Deploy SmartConsole
  • Install a Security Management Server
  • Install a Security Gateway
  • Configure Objects in SmartConsole
  • Establish Secure Internal Communication
  • Manage Administrator Access
  • Manage Licenses
  • Create a Security Policy
  • Configure Order Layers
  • Configure a Shared Inline Layer
  • Configure NAT
  • Integrate Security with a Unified Policy
  • Elevate Security with Autonomous Threat Prevention
  • Configure a Locally Managed Site-to-Site VPN
  • Elevate Traffic View
  • Monitor System States
  • Maintain the Security Environment
Security Expert Exercises
  • Navigate the Environment and Use the Management API
  • Deploy Secondary Security Management Server
  • Configure a Dedicated Log Server
  • Deploy SmartEvent
  • Configure a High Availability Security Gateway Cluster
  • Work with ClusterXL
  • Configure Dynamic and Updateable Objects
  • Verify Accelerated Policy Installation and Monitoring Status
  • Elevate Security with HTTPS Inspection
  • Deploy Identity Awareness
  • Customize Threat Prevention
  • Configure a Site-to-Site VPN with an Interoperable Device
  • Deploy Remote Access VPN
  • Configure Mobile Access VPN
  • Monitor Policy Compliance
  • Report SmartEvent Statistics
  • Tune Security Gateway Performance
Who Should Attend

Technical professionals and experts who support, administer, or perform advanced deployment configurations of Check Point products.