CHECK POINT CERTIFIED SECURITY ADMINISTRATOR (CCSA)- R81

The Check Point CCSA training and certification is mainly targeted to those candidates who want to build their career in Security domain. The Check Point Certified Security Administrator (CCSA) R81 exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of Check Point CCSA R81

PREREQUISITES

Working knowledge of Windows, UNIX, networking technology, the Internet and TCP/IP

AUDIENCE

• Technical professionals who support, install deploy or administer Check Point products

• Network and security Engineers

 COURSE TOPICS:

 Module 1: Overview of Firewall Technologies

• What is a Firewall

• Firewall Technologies

• Legacy or Traditional Firewalls

• Next Generation Firewalls

Module 2: Introduction to Checkpoint Technology

• Security Management Architecture – SMART

• Checkpoint Core Systems – 3 Tier Architecture

• Secure Internal Communication – SIC

• Internal Certificate Authority – ICA

• Initializing trust

Module 3: Checkpoint Security Solutions and Licensing

• Software Blade Architecture

• Security Gateway Software Blades

• Management Server Software Blades

• Licensing overview

Module 4: Checkpoint Firewall Deployment

• Deployment Platforms

• Checkpoint Gaia OS

• Standalone Deployment

• Distributed Deployment

Module 5: Gaia OS Installation and Configuration

• Preparing for LAB

• Gaia OS Installation

• Initial Configuration – WebUI

• Downloading and Installing Smart Console

Module 6: Secure Internal communication (SIC)

• Smart console access to management Server

• Creating Security gateway object

• SIC establishment

• Verifying Policy installation

Module 7:  Anti spoofing

• Understanding IP spoofing

• Prevention and tracking

• Network group

Module 8: Security Policy Management

• Security Policy Basics

• Implicit and Explicit Security rules

• Publishing Security Policy

• Installing Security Policy

Module 9: Logging and Monitoring

• Security and Audit Logs

• Smart View Monitor

• Monitoring Traffic and Connections

Module 10: HTTPS Inspection

• SSL Handshake

• Digital Certificate

• Inbound and outbound Inspection

• Enabling HTTPS Inspection

• HTTPS Inspection Policy

Module 11: Application Control and URL Filtering

• Application and URL Filtering Blades

• Editing Policy Layer

• Creating Security Rule

• Monitoring Application and URL Filtering

Module 12: Zone Based Security Rule

• Understanding Security Zone

• Creating Zone Based security Rule

Module 13: Inline Layer Policy

• Benefits of Inline Layer Policy

• Creating Inline Layer Policy

Module 14: Suspicious Activity Rules

• Understanding SAM Rule

• Creating SAM Rule from Smart View Monitor

Module 15: Network Address Translation – NAT

• Introduction to NAT

• Types of NAT – Static and Hide NAT

• Automatic Vs Manual NAT

• Manual Proxy ARP – Local.arp

• NAT – Global Properties

Module 16: Managing User Access

• Identity Awareness

• Methods for Acquiring Identity

• Light Weight Directory Access Protocol – LDAP

Module 17: Threat Prevention Solution

• Threat Prevention Components

• Threat Prevention Profiles

Module 18: Intrusion Prevention System (IPS)

• IPS Software Blade

• IPS Protection

Module 19: Anti Virus and Anti Bot

• Anti Virus

• Anti Bot

Module 20: Sand Blast

• Sandblast – Threat Emulation

• Sandblast – Threat extraction

Module 21: Adding a Second Security Gateway

• Creating Security Rule for SIC

• Control connections and NAT

• Policy Packages

Module 22: Virtual Private Network

• VPN Overview

• IPsec site to site VPN

• Internet Key Exchange (IKE)

• Phase 1 and Phase 2 Tunnels

• Domain Based VPN Vs Route Based VPN

• VPN Community and Domain

 Module 23: IPsec site to Site VPN Configuration

• Creating VPN Community

• Encryption Domains

• IKE Phase 1 and Phase 2 Attributes

Module 24: IPsec S2S VPN between Checkpoint and Cisco

• Configuring Cisco Router

• Interoperable Device Object

• Checkpoint Gateway Configuration

Module 25: Troubleshooting IPsec VPN

• VPN Debug

• Analyzing debug log with Ikeview tool

Module 26: Remote Access VPN

• Clientless Vs Client based

• SSL VPN

• Split Tunnelling

Module 27: Backup and Snapshot

• Database Revisions

• Backup and Restore

• Snapshot and Revert

Module 28: CLI and Troubleshooting

• Clish and Bash (Expert Mode)

• Important commands

• TCPDUMP and fw monitor

Module 29: Packet Flow