Check Point Certified Security Administrator R77 (CC-CCSA)

This course provides an understanding of the basic concepts and skills necessary to configure the Check Point Security Gateway and Management Software Blades.

Type

Certified Training Course

Level

Associate

Cost

R 11 900 p.p. (Excl. VAT)

SATV Redeemable 

Yes

Delivery Method

Classroom-based, Instructor-led with emphasis on hands-on exercises

Duration

5 days

Start time: 09:00 (Registration will commence at 08:30 on the first day)

Prerequisites

The knowledge and skills that a learner must have before attending this course is as follows:

  • Persons attending this course should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet.

Course Objectives

At the end of this course, you should be able to do the following:

  • Describe Check Point’s unified approach to network management, and the key elements of it 
  • Design a distributed environment
  • Install the Security Gateway in a distributed environment
  • Perform a backup and restore the current Gateway installation from the command line
  • Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
  • Deploy Gateways using the Gaia web interface
  • Create and configure network, host and gateway objects
  • Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
  • Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
  • Configure NAT rules on Web and Gateway servers
  • Evaluate existing policies and optimize the rules based on current corporate requirements
  • Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
  • Use Queries in SmartView Tracker to  monitor IPS and common network traffic  and troubleshoot events using packet data
  • Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
  • Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
  • Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications 
  • Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways • Upgrade and attach product licenses using SmartUpdate
  • Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely 
  • Manage users to access the corporate LAN by using external databases
  • Use Identity Awareness to provide  granular level access to network resources 
  • Acquire user information used by the Security Gateway to control access 
  • Define Access Roles for use in an Identity Awareness rule
  • Implement Identity Awareness in the Firewall Rule Base
  • Configure a pre-shared secret site-to-site VPN with partner sites
  • Configure permanent tunnels for remote access to corporate resources
  • Configure VPN tunnel sharing, given  the difference between host-based,  subunit-based and gateway-based tunnels

Exam & Certifications

  • This course helps prepare for CCSA exam #156-215.77.
  • The exam contains 90 multiple-choice, scenario-based questions.
  • The required  passing score is 70% or higher.
  • The exam is based on 80% course materials and 20% hands-on experience with Check Point products.
  • Students should have at least 6 months experience with Check Point products before challenging the exam.