CCSECPCheck PointCP-CCSER82<p>Base Knowledge </p> <ul> <li>Unix-like and/or Windows OS</li><li>Internet Fundamentals</li><li>Networking Fundamentals</li><li>Networking Security</li><li>System Administration</li><li>TCP/IP Networking</li><li>Text Editors in Unix-like OS</li><li>Minimum of 6-months of practical experience with the management of a Quantum Security Environment</li></ul><ul> <li>Security Engineers</li><li>Security Analysts</li><li>Security Consultants</li><li>Security Architects</li></ul><h4>Module 1: Management High Availability</h4><ul> <li>Explain the purpose of Management High Availability</li><li>Identify the essential elements of Management High Availability</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Deploy and configure Management High Availability</li><li>Ensure the failover process functions as expected</li></ul><h4>Module 2: Advanced Policy Management</h4><ul> <li>Identify ways to enhance the Security Policy with more object types</li><li>Create dynamic objects to make policy updatable from the Gateway</li><li>Manually define NAT rules</li><li>Configure Security Management behind NAT</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Use Updatable Objects</li><li>Configure Network Address Translation for server and network objects</li><li>Configure Management behind NAT for Branch Office connections</li></ul><h4>Module 3: Site-to-Site VPN</h4><ul> <li>Discuss site-to-site VPN basics, deployment, and communities</li><li>Describe how to analyze and interpret VPN tunnel traffic</li><li>Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways</li><li>Explain Link Selection and ISP Redundancy options</li><li>Explain tunnel management features</li></ul><p> <strong>Lab Task:</strong> </p> <ul> <li>Configure Site-to-Site VPN with internally managed Security Gateways</li></ul><h4>Module 4: Advanced Security Monitoring</h4><ul> <li>Describe the SmartEvent and Compliance Blade solutions, including their purpose and use</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Configure a SmartEvent Server to monitor relevant patterns and events</li><li>Demonstrate how to configure Events and Alerts in SmartEvent</li><li>Demonstrate how to run specific SmartEvent reports</li><li>Activate the Compliance Blade</li><li>Demonstrate Security Best Practice settings and alerts</li><li>Demonstrate Regulatory Requirements Compliance Scores</li></ul><p><strong>Module 5: Upgrades</strong> </p> <ul> <li>Identify supported upgrade options</li></ul><p> <strong>Lab Task:</strong> </p> <ul> <li>Upgrade a Security Gateway</li><li>Use Central Deployment tool to install Hotfixes</li></ul><h4>Module 6: Advanced Upgrades and Migrations</h4><ul> <li>Export/import a Management Database</li><li>Upgrade a Security Management Server by freshly deploying the new release or using a new appliance</li></ul><p> <strong>Lab Task:</strong> </p> <ul> <li>Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment</li><li>Perform an import of a Primary Security Management Server in a distributed Check Point environment</li></ul><h4>Module 7: ElasticXL Cluster</h4><ul> <li>Describe the ElasticXL Cluster solution, including its purpose and use</li></ul><p> <strong>Lab Tasks:</strong> </p> <ul> <li>Deploy an ElasticXL Security Gateway Cluster</li></ul>Base Knowledge - Unix-like and/or Windows OS - Internet Fundamentals - Networking Fundamentals - Networking Security - System Administration - TCP/IP Networking - Text Editors in Unix-like OS - Minimum of 6-months of practical experience with the management of a Quantum Security Environment- Security Engineers - Security Analysts - Security Consultants - Security ArchitectsModule 1: Management High Availability - Explain the purpose of Management High Availability - Identify the essential elements of Management High Availability Lab Tasks: - Deploy and configure Management High Availability - Ensure the failover process functions as expected Module 2: Advanced Policy Management - Identify ways to enhance the Security Policy with more object types - Create dynamic objects to make policy updatable from the Gateway - Manually define NAT rules - Configure Security Management behind NAT Lab Tasks: - Use Updatable Objects - Configure Network Address Translation for server and network objects - Configure Management behind NAT for Branch Office connections Module 3: Site-to-Site VPN - Discuss site-to-site VPN basics, deployment, and communities - Describe how to analyze and interpret VPN tunnel traffic - Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways - Explain Link Selection and ISP Redundancy options - Explain tunnel management features Lab Task: - Configure Site-to-Site VPN with internally managed Security Gateways Module 4: Advanced Security Monitoring - Describe the SmartEvent and Compliance Blade solutions, including their purpose and use Lab Tasks: - Configure a SmartEvent Server to monitor relevant patterns and events - Demonstrate how to configure Events and Alerts in SmartEvent - Demonstrate how to run specific SmartEvent reports - Activate the Compliance Blade - Demonstrate Security Best Practice settings and alerts - Demonstrate Regulatory Requirements Compliance Scores Module 5: Upgrades - Identify supported upgrade options Lab Task: - Upgrade a Security Gateway - Use Central Deployment tool to install Hotfixes Module 6: Advanced Upgrades and Migrations - Export/import a Management Database - Upgrade a Security Management Server by freshly deploying the new release or using a new appliance Lab Task: - Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment - Perform an import of a Primary Security Management Server in a distributed Check Point environment Module 7: ElasticXL Cluster - Describe the ElasticXL Cluster solution, including its purpose and use Lab Tasks: - Deploy an ElasticXL Security Gateway Cluster3 days