Check Point Certified Security Administrator and Expert Boot Camp

Check Point Certified Security Administrator and Expert Boot CampCCSA/CCSERCPCheck PointCP-CCSA/CCSERR82<p>This course is recommended for technical professionals and experts who support, install, and deploy Check Point products.</p><h4>Module 1: Introduction to Quantum Security</h4><ul> <li>Identify the primary components of the Check Point Three-Tier Architecture and explain how they work together.</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Explore Gaia on Security Management Server</li><li>Explore Gaia on Dedicated Log Server</li><li>Explore Gaia on Security Gateway Cluster Members</li><li>Connect to SmartConsole</li><li>Navigate GATEWAYS & SERVERS Vies</li><li>Navigate SECURITY POLICIES Views</li><li>Navigate LOGS & EVENTS Views</li><li>Navigate MANAGE & SETTINGS Views</li></ul><h4>Module 2: Administrator Account Management</h4><ul> <li>Explain the purpose of SmartConsole administrator accounts</li><li>Identify features for collaboration: session management, concurrent administration, policy installation</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Create new administrators and assign profiles</li><li>Test administrator profile assignments</li><li>Manage concurrent sessions</li><li>Take over another session and verify status</li></ul><h4>Module 3: Object Management</h4><ul> <li>Explain the purpose of SmartConsole objects</li><li>Provide examples of physical and logical objects</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>View and modify GATEWAYS & SERVERS objects</li><li>View and modify network objects</li><li>View and modify service objects</li></ul><h4>Module 4: Security Policy Management</h4><ul> <li>Explain the purpose of Security Policies</li><li>Identify the essential elements of a Security Policy.</li><li>Identify features and capabilities that enhance the configuration and management of the Security Policy.</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Verify and modify the Security Policy.</li><li>Install the standard Security Policy.</li><li>Test the Security Policy.</li></ul><h4>Module 5: Policy Layers</h4><ul> <li>Demonstrate an understanding of the Check Point policy layer concept.</li><li>Explain how layers affect traffic inspection.</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Add an Ordered Layer</li><li>Configure and deploy Ordered Layer rules</li><li>Test Ordered Layer policy</li><li>Create Inline DMZ Layer</li><li>Test Inline DMZ Layer</li></ul><h4>Module 6: Security Operations Monitoring</h4><ul> <li>Explain the purpose of security operations monitoring</li><li>Tune log server configuration</li><li>Use predefined and custom queries to filter the logging results.</li><li>Monitor the state of Check Point systems.</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Configure log management</li><li>Enhance rulebase view, rules, and logging</li><li>Review logs and search for data</li><li>Configure Monitoring Blade</li><li>Monitor status of the systems</li></ul><h4>Module 7: Identity Awareness</h4><ul> <li>Explain the purpose of the Identity Awareness solution</li><li>Identify the essential elements of Identity Awareness.</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Adjust security policy for Identity Awareness</li><li>Configure Identity Collector</li><li>Define the user access role</li><li>Test Identity Awareness</li></ul><h4>Module 8: HTTPS Inspection</h4><ul> <li>Explain the purpose of HTTPS Inspection solution</li><li>Identify the essential elements of HTTPS Inspection</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Enable HTTPS Inspection</li><li>Adjust access control rules</li><li>Deploy Security Gateway certificate</li><li>Test and analyze policy with HTTPS Inspection</li></ul><h4>Module 9: Application Control and URL Filtering</h4><ul> <li>Explain the purpose of the Application Control and URL Filtering solutions</li><li>Identify the essential elements of Application Control and URL Filtering</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Adjust the Access Control Policy</li><li>Create and adjust Application Control and URL</li><li>Test and adjust the Application Control and URL Filtering Rules</li></ul><h4>Module 10: Threat Prevention Fundamentals</h4><ul> <li>Explain the purpose of the Threat Prevention solution</li><li>Identify the essential elements of Autonomous Threat Prevention</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Enable Autonomous Threat Prevention</li><li>Test Autonomous Threat Prevention</li></ul><h4>Module 11: Management High Availability</h4><ul> <li>Explain the purpose of Management High Availability</li><li>Identify the essential elements of Management High Availability</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Deploy and configure Management High Availability</li><li>Ensure the failover process functions as expected</li></ul><h4>Module 12: Advanced Policy Management</h4><ul> <li>Identify ways to enhance the Security Policy with more object types</li><li>Create dynamic objects to make policy updatable from the Gateway</li><li>Manually define NAT rules</li><li>Configure Security Management behind NAT</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Use Updatable Objects</li><li>Configure Network Address Translation for server and network objects</li><li>Configure Management behind NAT for Branch Office connections</li></ul><h4>Module 13: Site-to-Site VPN</h4><ul> <li>Discuss site-to-site VPN basics, deployment, and communities</li><li>Describe how to analyze and interpret VPN tunnel traffic</li><li>Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways</li><li>Explain Link Selection and ISP Redundancy options</li><li>Explain tunnel management features</li></ul><p> <strong>Lab Task:</strong> </p> <ul> <li>Configure Site-to-Site VPN with internally managed Security Gateways</li></ul><h4>Module 14: Advanced Security Monitoring</h4><ul> <li>Describe the SmartEvent and Compliance Blade solutions, including their purpose and use</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Configure a SmartEvent Server to monitor relevant patterns and events</li><li>Demonstrate how to configure Events and Alerts in SmartEvent</li><li>Demonstrate how to run specific SmartEvent reports</li><li>Activate the Compliance Blade</li><li>Demonstrate Security Best Practice settings and alerts</li><li>Demonstrate Regulatory Requirements Compliance Scores</li></ul><h4>Module 15: Upgrades</h4><ul> <li>Identify supported upgrade options</li></ul><p> <strong>Lab Task:</strong> </p> <ul> <li>Upgrade a Security Gateway</li><li>Use Central Deployment tool to install Hotfixes</li></ul><h4>Module 16: Advanced Upgrades and Migrations</h4><ul> <li>Export/import a Management Database</li><li>Upgrade a Security Management Server by freshly deploying the new release or using a new appliance</li></ul><p> <strong>Lab Task:</strong> </p> <ul> <li>Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment</li><li>Perform an import of a Primary Security Management Server in a distributed Check Point environment</li></ul><h4>Module 17: ElasticXL Cluster</h4><ul> <li>Describe the ElasticXL Cluster solution, including its purpose and use</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Deploy an ElasticXL Security Gateway Cluster</li></ul>This course is recommended for technical professionals and experts who support, install, and deploy Check Point products.Module 1: Introduction to Quantum Security - Identify the primary components of the Check Point Three-Tier Architecture and explain how they work together. Lab Tasks: - Explore Gaia on Security Management Server - Explore Gaia on Dedicated Log Server - Explore Gaia on Security Gateway Cluster Members - Connect to SmartConsole - Navigate GATEWAYS & SERVERS Vies - Navigate SECURITY POLICIES Views - Navigate LOGS & EVENTS Views - Navigate MANAGE & SETTINGS Views Module 2: Administrator Account Management - Explain the purpose of SmartConsole administrator accounts - Identify features for collaboration: session management, concurrent administration, policy installation Lab Tasks: - Create new administrators and assign profiles - Test administrator profile assignments - Manage concurrent sessions - Take over another session and verify status Module 3: Object Management - Explain the purpose of SmartConsole objects - Provide examples of physical and logical objects Lab Tasks: - View and modify GATEWAYS & SERVERS objects - View and modify network objects - View and modify service objects Module 4: Security Policy Management - Explain the purpose of Security Policies - Identify the essential elements of a Security Policy. - Identify features and capabilities that enhance the configuration and management of the Security Policy. Lab Tasks: - Verify and modify the Security Policy. - Install the standard Security Policy. - Test the Security Policy. Module 5: Policy Layers - Demonstrate an understanding of the Check Point policy layer concept. - Explain how layers affect traffic inspection. Lab Tasks: - Add an Ordered Layer - Configure and deploy Ordered Layer rules - Test Ordered Layer policy - Create Inline DMZ Layer - Test Inline DMZ Layer Module 6: Security Operations Monitoring - Explain the purpose of security operations monitoring - Tune log server configuration - Use predefined and custom queries to filter the logging results. - Monitor the state of Check Point systems. Lab Tasks: - Configure log management - Enhance rulebase view, rules, and logging - Review logs and search for data - Configure Monitoring Blade - Monitor status of the systems Module 7: Identity Awareness - Explain the purpose of the Identity Awareness solution - Identify the essential elements of Identity Awareness. Lab Tasks: - Adjust security policy for Identity Awareness - Configure Identity Collector - Define the user access role - Test Identity Awareness Module 8: HTTPS Inspection - Explain the purpose of HTTPS Inspection solution - Identify the essential elements of HTTPS Inspection Lab Tasks: - Enable HTTPS Inspection - Adjust access control rules - Deploy Security Gateway certificate - Test and analyze policy with HTTPS Inspection Module 9: Application Control and URL Filtering - Explain the purpose of the Application Control and URL Filtering solutions - Identify the essential elements of Application Control and URL Filtering Lab Tasks: - Adjust the Access Control Policy - Create and adjust Application Control and URL - Test and adjust the Application Control and URL Filtering Rules Module 10: Threat Prevention Fundamentals - Explain the purpose of the Threat Prevention solution - Identify the essential elements of Autonomous Threat Prevention Lab Tasks: - Enable Autonomous Threat Prevention - Test Autonomous Threat Prevention Module 11: Management High Availability - Explain the purpose of Management High Availability - Identify the essential elements of Management High Availability Lab Tasks: - Deploy and configure Management High Availability - Ensure the failover process functions as expected Module 12: Advanced Policy Management - Identify ways to enhance the Security Policy with more object types - Create dynamic objects to make policy updatable from the Gateway - Manually define NAT rules - Configure Security Management behind NAT Lab Tasks: - Use Updatable Objects - Configure Network Address Translation for server and network objects - Configure Management behind NAT for Branch Office connections Module 13: Site-to-Site VPN - Discuss site-to-site VPN basics, deployment, and communities - Describe how to analyze and interpret VPN tunnel traffic - Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways - Explain Link Selection and ISP Redundancy options - Explain tunnel management features Lab Task: - Configure Site-to-Site VPN with internally managed Security Gateways Module 14: Advanced Security Monitoring - Describe the SmartEvent and Compliance Blade solutions, including their purpose and use Lab Tasks: - Configure a SmartEvent Server to monitor relevant patterns and events - Demonstrate how to configure Events and Alerts in SmartEvent - Demonstrate how to run specific SmartEvent reports - Activate the Compliance Blade - Demonstrate Security Best Practice settings and alerts - Demonstrate Regulatory Requirements Compliance Scores Module 15: Upgrades - Identify supported upgrade options Lab Task: - Upgrade a Security Gateway - Use Central Deployment tool to install Hotfixes Module 16: Advanced Upgrades and Migrations - Export/import a Management Database - Upgrade a Security Management Server by freshly deploying the new release or using a new appliance Lab Task: - Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment - Perform an import of a Primary Security Management Server in a distributed Check Point environment Module 17: ElasticXL Cluster - Describe the ElasticXL Cluster solution, including its purpose and use Lab Tasks: - Deploy an ElasticXL Security Gateway Cluster5 days2500.003950.003950.003950.0013700.004937.50