Check Point Certified Security Expert (CCSE) R82
Cybersecurity
Course Overview
This course provides students with the advanced knowledge, skills, and hands-on experience needed to deploy, manage, and monitor existing Quantum Security Environments. Students will learn how to deploy Management High Availability, provide advanced policy management, configure Site-to-Site VPN, provide advanced security monitoring, upgrade a Security Gateway, use Central Deployment tool to install hotfixes, perform an import of a Primary Security Management Server, and Deploy ElasticXL Cluster.
Duration: 3 days / 24 hours
Delivery Method: Classroom-based, Virtual Instructor Led Training
PRE-REQUISITES
Base Knowledge
· Unix-like and/or Windows OS
· Internet Fundamentals
· Networking Fundamentals
· Networking Security
· System Administration
· TCP/IP Networking
· Text Editors in Unix-like OS
· Minimum of 6-months of practical experience with the management of a Quantum Security Environment.
Check Point Courses
· Check Point Certified Security Administrator (required)
· Check Point Deployment Administrator (suggested)
TARGET AUDIENCE
· Security Engineers
· Security Analysts
· Security Consultants
· Security Architects
CERTIFICATION
· Exam: 156-315.82vue.com/checkpoint
NIST/NICE WORK ROLE CATEGORIES
· Implementation & Operation
· Protection & Defense
COURSE OUTLINE
Module 1: Management High Availability
· Explain the purpose of Management High Availability.
· Identify the essential elements of Management High Availability.
· Lab Tasks:
o Deploy and configure Management High Availability
o Ensure the failover process functions as expected
Module 2: Advanced Policy Management
· Identify ways to enhance the Security Policy with more object types.
· Create dynamic objects to make policy updatable from the Gateway.
· Manually define NAT rules.
· Configure Security Management behind NAT.
· Lab Tasks:
o Use Updatable Objects
o Configure Network Address Translation for server and network objects
o Configure Management behind NAT for Branch Office connections
Module 3: Site-to-Site VPN
· Discuss site-to-site VPN basics, deployment, and communities.
· Describe how to analyze and interpret VPN tunnel traffic.
· Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways.
· Explain Link Selection and ISP Redundancy options.
· Explain tunnel management features.
· Lab Task:
o Configure Site-to-Site VPN with internally managed Security Gateways
Module 4: Advanced Security Monitoring
· Describe the SmartEvent and Compliance Blade solutions, including their purpose and use.
· Lab Tasks:
o Configure a SmartEvent Server to monitor relevant patterns and events
o Demonstrate how to configure Events and Alerts in SmartEvent
o Demonstrate how to run specific SmartEvent reports
o Activate the Compliance Blade
o Demonstrate Security Best Practice settings and alerts
o Demonstrate Regulatory Requirements Compliance Scores
Module 5: Upgrades
· Identify supported upgrade options.
· Lab Task:
o Upgrade a Security Gateway
o Use Central Deployment tool to install Hotfixes
Module 6: Advanced Upgrades and Migrations
· Export/import a Management Database.
· Upgrade a Security Management Server by freshly deploying the new release or using a new appliance.
· Lab Task:
o Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment
o Perform an import of a Primary Security Management Server in a distributed Check Point environment
Module 7: ElasticXL Cluster
· Describe the ElasticXL Cluster solution, including its purpose and use.
· Lab Tasks:
o Deploy an ElasticXL Security Gateway Cluster
REGISTER NOW
