Check Point Certified Security Administrator (CCSA) & Troubleshooting Administrator (CCTA) Bundle R81.20

Objectives CCSA:

• Describe the primary components of a Check Point Three-Tier
• Architecture and explain how they work together in the Check Point environment.
• Explain how communication is secured and how traffic is routed in the Check Point environment.
• Describe the basic functions of the Gaia operating system.
• Identify the basic workflow to install Security Management Server and Security Gateway for a single-domain solution.
• Create SmartConsole objects that correspond to the organization’s topology for use in policies and rules.
• Identify the tools available to manage Check Point licenses and contracts, including their purpose and use.
• Identify features and capabilities that enhance the configuration and management of the Security Policy.
• Explain how policy layers affect traffic inspection.
• Articulate how Network Address Translation affects traffic.
• Describe how to configure manual and automatic Network Address Translation (NAT).
• Demonstrate an understanding of Application Control & URL Filtering and Autonomous Threat Prevention capabilities and how to configure these solutions to meet an organization’s security requirements.
• Articulate how pre-shared keys and certificates can be configured to
• authenticate with third party and externally managed VPN Gateways.
• Describe how to analyze and interpret VPN tunnel traffic.
• Configure logging parameters.
• Use predefined and custom queries to filter log results.
• Identify how to monitor the health of supported Check Point hardware using the Gaia Portal and the command line.
• Describe the different methods for backing up Check Point system information and discuss best practices and recommendations for each method.

Exercises CCSA:

• Deploying SmartConsole
• Installing a Security Management Server
• Installing a Security Gateway
• Configuring Objects in SmartConsole
• Establishing Secure Internal Communication
• Managing Administrator Access
• Managing Licenses
• Creating a Security Policy
• Configuring Order Layers
• Configuring a Shared Inline Layer
• Configuring NAT
• Integrating Security with a Unified Policy
• Elevating Security with Autonomous Threat Prevention
• Configuring a Locally Managed Site-to-Site VPN
• Elevating Traffic View
• Monitoring System States
• Maintaining the Security Environment

Objectives CCTA:

• Identify basic resources available to troubleshoot Check Point Security Gateways and Management Software Blades that run on the Gaia operating system.
• Discuss how to use the OSI (Open Systems Interconnection) model for problem isolation.
• Investigate and troubleshoot potential traffic flow issues.
• Monitor network activity and performance.
• Investigate and troubleshoot log collection issues.
• Investigate and troubleshoot SmartConsole issues.
• Investigate and troubleshoot Application Control and URL Filtering issues.
• Investigate and troubleshoot NAT (Network Address Translation) issues.
• Investigate and troubleshoot issues with basic Site-to-Site VPNs.
• Investigate and troubleshoot Autonomous Threat Prevention issues.
• Investigate and troubleshoot Licenses and Contracts issues.

Exercises CCTA:

• Troubleshoot with Linux and Check Point Commands
• Collect and Analyze Interface Packet Captures
• Troubleshoot Log Communication Issues
• Troubleshoot SmartConsole
• Troubleshoot Application Control and URL Filtering
• Investigate Network Address Translation Issues
• Troubleshoot Site-to-Site VPN
• Evaluate Threat Prevention Products
• Verify Licenses