Check Point Security Expert R82
Course code
CCSE
Duration
3 Days, 24 Acad. Hours
Course Overview
Objectives
Prerequisites
Course Outline
Course Overview
Course Overview
This course provides students with the advanced knowledge, skills, and hands-on experience needed to deploy, manage, and monitor existing Quantum Security Environments. Students will learn how to deploy Management High Availability, provide advanced policy management, configure Site-to-Site VPN, provide advanced security monitoring, upgrade a Security Gateway, use Central Deployment tool to install hotfixes, perform an import of a Primary Security Management Server, and Deploy ElasticXL Cluster.
Certification
Exam: 156-315.82
vue.com/checkpoint
NIST/NICE Work Role Categories
• Implementation & Operation
• Protection & Defense
Objectives
Learn How To
- Deploy Management High Availability.
- Provide advanced policy management.
- Configure Site-to-Site VPN.
- Provide advanced security monitoring
- Upgrade a Security Gateway and use Central Deployment tool to install hotfixes.
- Perform an import of a Primary Security Management Server.
- Deploy ElasticXL Cluster
Prerequisites
Prerequisites
Base Knowledge
• Unix-like and/or Windows OS
• Internet Fundamentals
• Networking Fundamentals
• Networking Security
• System Administration
• TCP/IP Networking
• Text Editors in Unix-like OS
• Minimum of 6-months of practical experience with the management of a Quantum Security Environment.
Check Point Courses
• Check Point Certified Security Administrator (required)
• Check Point Deployment Administrator (suggested)
Target Audience
• Security Engineers
• Security Analysts
• Security Consultants
• Security Architects
Course Outline
Agenda
Module 1: Management High Availability
• Explain the purpose of Management High Availability.
• Identify the essential elements of Management High Availability.
Lab Tasks
• Deploy and configure Management High Availability
• Ensure the failover process functions as expected
Module 2: Advanced Policy Management
• Identify ways to enhance the Security Policy with more object types.
• Create dynamic objects to make policy updatable from the Gateway.
• Manually define NAT rules.
• Configure Security Management behind NAT.
Lab Tasks
• Use Updatable Objects
• Configure Network Address Translation for server and network objects
• Configure Management behind NAT for Branch Office connections
Module 3: Site-to-Site VPN
• Discuss site-to-site VPN basics, deployment, and communities.
• Describe how to analyze and interpret VPN tunnel traffic.
• Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways.
• Explain Link Selection and ISP Redundancy options.
• Explain tunnel management features.
Lab Task
• Configure Site-to-Site VPN with internally managed Security Gateways
Module 4: Advanced Security Monitoring
• Describe the SmartEvent and Compliance Blade solutions, including their purpose and use.
Lab Tasks
• Configure a SmartEvent Server to monitor relevant patterns and events
• Demonstrate how to configure Events and Alerts in SmartEvent
• Demonstrate how to run specific SmartEvent reports
• Activate the Compliance Blade
• Demonstrate Security Best Practice settings and alerts
• Demonstrate Regulatory Requirements Compliance Scores
Module 5: Upgrades
• Identify supported upgrade options.
Lab Task
• Upgrade a Security Gateway
• Use Central Deployment tool to install Hotfixes
Module 6: Advanced Upgrades and Migrations
• Export/import a Management Database.
• Upgrade a Security Management Server by freshly deploying the new release or using a new appliance.
Lab Task
• Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment
• Perform an import of a Primary Security Management Server in a distributed Check Point environment
Module 7: ElasticXL Cluster
• Describe the ElasticXL Cluster solution, including its purpose and use.
Lab Tasks
• Deploy an ElasticXL Security Gateway Cluster
