Check Point Certified Security Administrator R77 (CC-CCSA)
This course provides an understanding of the basic concepts and skills necessary to configure the Check Point Security Gateway and Management Software Blades.
Certified Training Course
R 11 900 p.p. (Excl. VAT)
Classroom-based, Instructor-led with emphasis on hands-on exercises
Start time: 09:00 (Registration will commence at 08:30 on the first day)
The knowledge and skills that a learner must have before attending this course is as follows:
- Persons attending this course should have general knowledge of TCP/IP, and working knowledge of Windows, UNIX, network technology and the internet.
At the end of this course, you should be able to do the following:
- Describe Check Point’s unified approach to network management, and the key elements of it
- Design a distributed environment
- Install the Security Gateway in a distributed environment
- Perform a backup and restore the current Gateway installation from the command line
- Identify critical files needed to purge or backup, import and export users and groups and add or delete administrators from the command line
- Deploy Gateways using the Gaia web interface
- Create and configure network, host and gateway objects
- Verify SIC establishment between the Security Management Server and the Gateway using SmartDashboard
- Create a basic Rule Base in SmartDashboard that includes permissions for administrative users, external services, and LAN outbound use
- Configure NAT rules on Web and Gateway servers
- Evaluate existing policies and optimize the rules based on current corporate requirements
- Maintain the Security Management Server with scheduled backups and policy versions to ensure seamless upgrades with minimal downtime
- Use Queries in SmartView Tracker to monitor IPS and common network traffic and troubleshoot events using packet data
- Use packet data to generate reports, troubleshoot system and security issues, and ensure network functionality
- Using SmartView Monitor, configure alerts and traffic counters, view a Gateway’s status, monitor suspicious activity rules, analyze tunnel activity and monitor remote user access
- Monitor remote Gateways using SmartUpdate to evaluate the need for upgrades, new installations, and license modifications
- Use SmartUpdate to apply upgrade packages to single or multiple VPN-1 Gateways • Upgrade and attach product licenses using SmartUpdate
- Centrally manage users to ensure only authenticated users securely access the corporate network either locally or remotely
- Manage users to access the corporate LAN by using external databases
- Use Identity Awareness to provide granular level access to network resources
- Acquire user information used by the Security Gateway to control access
- Define Access Roles for use in an Identity Awareness rule
- Implement Identity Awareness in the Firewall Rule Base
- Configure a pre-shared secret site-to-site VPN with partner sites
- Configure permanent tunnels for remote access to corporate resources
- Configure VPN tunnel sharing, given the difference between host-based, subunit-based and gateway-based tunnels
Exam & Certifications
- This course helps prepare for CCSA exam #156-215.77.
- The exam contains 90 multiple-choice, scenario-based questions.
- The required passing score is 70% or higher.
- The exam is based on 80% course materials and 20% hands-on experience with Check Point products.
- Students should have at least 6 months experience with Check Point products before challenging the exam.