Check Point Certified Security Administrator (CCSA)

This course is designed for anyone seeking Check Point Certified Security Administrator (CCSA) certification. This core course covers the fundamentals needed to deploy and manage daily operations of Check Point Security Gateways and Software Blades that run on the Gaia operating system as well as describes the primary components of a Check Point Three-Tier Architecture and explains how they work together in the Check Point environment, explain how communication is secured and how traffic is routed, identify the basic workflow to install Security Management Server and Security Gateway for a single-domain solution, create SmartConsole objects that correspond to the organization’s topology for use in policies, identify the tools available to manage Check Point licenses and contracts, describe how to configure manual and automatic Network Address Translation (NAT), describe VPN traffic inspection.

This 90hrs (Lectures + hands-on Lab) training is for anyone seeking Check Point Certified Security Administrator (CCSA) certification and training is designed for personnel involved in deploying, configuring, and managing Check Point firewalls including device configuration, routing, traffic control, and NAT. Candidates will learn how to install a Security Management Server and a Security Gateway in a distributed environment, configure objects, rules and settings to define a security policy, work with multiple concurrent administrators and define permission profiles, perform administrative tasks, as specified in administrator job descriptions.

The key to a high success rate is based on the program’s objectives as follows:

• Course contents are based on Check Point (CCSA) course outlines.
• Dedicated Monitoring to evaluate and report candidate’s progress.
• Extensive hands-on lab exercises.
• Industry acclaimed, experienced and certified instructors.

Objectives:

• Describe the primary components of a Check Point Three-Tier Architecture and explain how they work together in the Check Point environment.
• Explain how communication is secured and how traffic is routed in the Check Point environment.
• Describe the basic functions of the Gaia operating system.
• Identify the basic workflow to install Security Management Server and Security Gateway for a single-domain solution.
• Create SmartConsole objects that correspond to the organization’s topology for use in policies and rules.
• Identify the tools available to manage Check Point licenses and contracts, including their purpose and use.
• Identify features and capabilities that enhance the configuration and management of the Security Policy.
• Explain how policy layers affect traffic inspection.
• Articulate how Network Address Translation affects traffic.
• Describe how to configure manual and automatic Network Address Translation (NAT).
• Demonstrate an understanding of Application Control & URL Filtering and Autonomous Threat Prevention capabilities and how to configure these solutions to meet an organization’s security requirements.
• Articulate how pre-shared keys and certificates can be configured to authenticate with third party and externally managed VPN Gateways.
• Describe how to analyze and interpret VPN tunnel traffic.
• Configure logging parameters.
• Use predefined and custom queries to filter log results.
• Identify how to monitor the health of supported Check Point hardware using the Gaia Portal and the command line.
• Describe the different methods for backing up Check Point system information and discuss best practices and recommendations for each method.

Topics:

• Describing Information Security Concepts
• Information Security Overview.
• Assets, vulnerabilities, threat and countermeasures.
• Describing Network Security Technologies.
• Defense-in-Depth Strategy.
• Defending across the attack continuum.
• Statefull firewall overview.
• Threat information standardization.
• Network-based malware protection overview.
• Intrusion Prevention System (IPS) overview.
• Next Generation firewall.
• Check Point Security Concepts and Deployment
• Interpret the concept of firewall and understand the mechanisms used for controlling network traffic.
• Describe the key elements of Check Point’s unified, 3-tiered architecture.
• Describe the essential elements of a unified security policy.
• Understand Check Point deployment options.
• Gateway installation.
• Management Server installation.
• Smart Console installation.
• Recognize Smart Console features, functions and tools.
• Adding gateway into management server.
• Create and configure network, host and gateway objects.
• Create and confirm admin users for the network.
• Create multiple administrators and apply different roles/permissions for concurrent administration.
• Create and configure network, host and gateway objects.
• Evaluate and manipulate rules in a unified Access Control Security Policy.
• Apply policy layers and analyze how they affect traffic inspection.
• Prepare and schedule backups for the gateway.
• Recall how to implement Check Point backup techniques.
• Understand how traffic inspection takes place in a unified security policy.
• Validate existing licenses for products installed on your network.
• Generate network traffic and use traffic visibility tools to monitor the data
• Compare and contrast various tools available for viewing traffic.
• Prepare and scheduled backups for the gateway.
• Recall how to implement Check Point backup techniques.
• Deploying NAT (STATIC, HIDE, MANUAL).
• Identity awareness.
• Recognize how to define users and user groups for your environment.
• Describe the basic concept of ClusterXL technology and its advantages.
• Install and configure ClusterXL with a High Availabilty Configuration.
• Recognize how to effectively create, customize and generate network activity reports.
• URL filtering.
• Understand VPN deployments and Check Point Communities.
• Configure and deploy a site-to-site VPN.
• Test the VPN connection and analyze the tunnel traffic.