Check Point Cybersecurity BootCamp R81.20

The certification for the CCSA R81.20 and CCSE R81.20 normally requires the attendance of two three-day courses. This BootCamp is suitable for participants who already have extensive experience with the Check Point Firewall and may have already completed an earlier certification for the CCSA / CCSE.

In order to achieve the certification goal more quickly, all five-day BootCamp will focus on examining all relevant content and laboratory exercises of the courses Check Point Certified Security Administrator R81.20 - CCSA and Check Point Certified Security Expert R81.20 - CCSE. The course times are extended to 8 am to 6 pm daily. For follow-up and self-study of the content, the participants will also have access to the laboratory around the clock during the course week. At the end of the course, participants will have the knowledge to pass the CCSA and CCSE R81.20 exams. Taking exams is not part of this BootCamp.

CCSA - Security Administrator

• Security Management
• SmartConsole
• Deployment
• Object Management
• Licenses and Contracts
• Policy Rules and Rulebase
• Policy Packages
• Policy Layers
• Traffic Inspection
• Network Address Translation
• Application Control
• URL Filtering
• Logging
• Snapshots
• Backup and Restore
• Gaia
• Permissions
• Policy Installation

CCSE - Security Expert

• Advanced Deployments
• Management High Availability
• Advanced Gateway Deployment
• Advanced Policy Configuration
• Advanced User Access Management
• Custom Threat Protection
• Advanced Site-to-Site VPN
• Remote Access VPN
• Mobile Access VPN
• Advanced Security Monitoring
• Performance Tuning
• Advanced Security Maintenance

You will receive the original course documentation as a Check Point e-Kit.

This course is aimed at participants who have experience working with Check Point Firewalls and would like to learn the knowledge from the CCSA R81.20 and CCSE R81.20 courses in a compact form.

One year experience with Check Point products. Working knowledge of Windows, UNIX, network technology, Internet and TCP/IP is recommended.

CCSA - Security Administrator

• Describe the primary components of a Check Point Three-Tier Architecture and explain how they work together in the Check Point environment.
• Explain how communication is secured and how traffic is routed in the Check Point  environment.
• Describe the basic functions of the Gaia operating system.
• Identify the basic workflow to install Security Management Server and Security Gateway for a single-domain solution.
• Create SmartConsole objects that correspond to the organization’s topology for use in policies and rules.
• Identify the tools available to manage Check Point licenses and contracts, including their purpose and use.
• Identify features and capabilities that enhance the configuration and management of the Security Policy.
• Explain how policy layers affect traffic inspection.
• Articulate how Network Address Translation affects traffic.
• Describe how to configure manual and automatic Network Address Translation (NAT).
• Demonstrate an understanding of Application Control & URL Filtering and Autonomous Threat Prevention capabilities and how to configure these solutions to meet an organization’s security requirements.
• Articulate how pre-shared keys and certificates can be configured to authenticate with third party and externally managed VPN Gateways.
• Describe how to analyze and interpret VPN tunnel traffic.
• Configure logging parameters.
• Use predefined and custom queries to filter log results.
• Identify how to monitor the health of supported Check Point hardware using the Gaia Portal and the command line.
• Describe the different methods for backing up Check Point system information and discuss best practices and recommendations for each method.

CCSE - Security Expert

• Identify basic interfaces used to manage the Check Point environment.
• Identify the types of technologies that Check Point supports for automation.
• Explain the purpose of the Check Management High Availability (HA) deployment.
• Identify the workflow followed to deploy a Primary and solution Secondary servers.
• Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness.
• Identify how to exclude services from synchronizing or delaying synchronization.
• Explain the policy installation flow.
• Explain the purpose of dynamic objects, updatable objects, and network feeds.
• Understand how to manage user access for internal and external users.
• Describe the Identity Awareness components and configurations.
• Describe different Check Point Threat Prevention solutions.
• Articulate how the Intrusion Prevention System is configured.
• Obtain knowledge about Check Point’s IoT Protect.
• Explain the purpose of Domain-based VPNs.
• Describe situations where externally managed certificate authentication is used.
• Describe how client security can be provided by Remote Access.
• Discuss the Mobile Access Software Blade.
• Explain how to determine if the configuration is compliant with the best practices.
• Define performance tuning solutions and basic configuration workflow.
• Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
• Identify supported upgrade methods and procedures for Security Gateways.