title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.
Certified Security Expert (CCSE)
Course Description
Overview
This course provides students with the advanced knowledge, skills, and hands-on experience needed to deploy, manage, and monitor existing Quantum Security Environments. Students will learn how to deploy Management High Availability, provide advanced policy management, configure Site-to-Site VPN, provide advanced security monitoring, upgrade a Security ateway, use Central Deployment tool to install hotfixes, perform an import of a Primary Security Management Server, and Deploy ElasticXL Cluster.Objectives
- Use the management API to modify the Security Environment.
- Deploy a Secondary Security Management Server and Distributed Log Server.
- Use advanced techniques to configure dynamic objects, verify accelerated policy installation, and elevate security with HTTPS Inspection.
- Deploy Site-to-Site, Remote Access, and Mobile Access VPN solutions.
- Use SecureXL, CoreXL, Multi-Queue, and HyperFlow to optimize traffic flow through the Security Gateway.
- Implement Check Point Management High Availability to ensure environment stability and integrity.
- Use advanced techniques to manage user access, customize Threat Protection, and configure Remote Access solutions.
- Use tuning techniques to optimize the best Security Gateway performance.
- Identify basic interfaces used to manage the Check Point environment.
- Identify the types of technologies that Check Point supports for automation.
- Explain the purpose of the Check Management High Availability (HA) deployment.
- Identify the workflow followed to deploy a Primary and solution Secondary servers.
- Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness.
- Identify how to exclude services from synchronizing or delaying synchronization.
- Explain the policy installation flow.
- Explain the purpose of dynamic objects, updatable objects, and network feeds.
- Understand how to manage user access for internal and external users.
- Describe the Identity Awareness components and configurations.
- Describe different Check Point Threat Prevention solutions.
- Articulate how the Intrusion Prevention System is configured.
- Obtain knowledge about Check Point’s IoT Protect.
- Explain the purpose of Domain-based VPNs.
- Describe situations where externally managed certificate authentication is used.
- Describe how client security can be provided by Remote Access.
- Discuss the Mobile Access Software Blade.
- Explain how to determine if the configuration is compliant with the best practices.
- Define performance tuning solutions and basic configuration workflow.
- Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
- Identify supported upgrade methods and procedures for Security Gateways.
Audience
- Security Engineers
- Security Analysts
- Security Consultants
- Security Architects
Prerequisites
-
Before taking this course, the following prerequisites are strongly encouraged:
Base Knowledge:
- Unix-like and/or Windows OS
- Internet Fundamentals
- Networking Fundamentals
- Networking Security
- System Administration
- TCP/IP Networking
- Text Editors in Unix-like OS
- Minimum of 6-months of practical experience with the management of a Quantum Security Environment.
- CP-CCSA Check Point Certified Security Administrator (required)
- CP-CPDA Check Point Deployment Administrator (suggested)
Topics
- Explain the purpose of Management High Availability.
- Identify the essential elements of Management High Availability.
- Lab Tasks:
- Deploy and configure Management High Availability
- Ensure the failover process functions as expected
- Identify ways to enhance the Security Policy with more object types.
- Create dynamic objects to make policy updatable from the Gateway.
- Manually define NAT rules.
- Configure Security Management behind NAT.
- Lab Tasks:
- Use Updatable Objects
- Configure Network Address Translation for server and network objects
- Configure Management behind NAT for Branch Office connections
- Discuss site-to-site VPN basics, deployment, and communities.
- Describe how to analyze and interpret VPN tunnel traffic.
- Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways.
- Explain Link Selection and ISP Redundancy options.
- Explain tunnel management features.
- Lab Task:
- Configure Site-to-Site VPN with internally managed Security Gateways
- Describe the SmartEvent and Compliance Blade solutions, including their purpose and use.
- Lab Tasks:
- Configure a SmartEvent Server to monitor relevant patterns and events
- Demonstrate how to configure Events and Alerts in SmartEvent
- Demonstrate how to run specific SmartEvent reports
- Activate the Compliance Blade
- Demonstrate Security Best Practice settings and alerts
- Demonstrate Regulatory Requirements Compliance Scores
- Identify supported upgrade options.
- Lab Task
- Upgrade a Security Gateway
- Use Central Deployment tool to install Hotfixes
- Export/import a Management Database.
- Upgrade a Security Management Server by freshly deploying the new release or using a new appliance.
- Lab Task:
- Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment
- Perform an import of a Primary Security Management Server in a distributed Check Point environment
- Describe the ElasticXL Cluster solution, including its purpose and use.
- Lab Tasks:
- Deploy an ElasticXL Security Gateway Cluster
Related Courses
-
Security Administration R82 (CCSA)
CP-CCSA- Duration: 3
- Delivery Format: Classroom Training, Online Training
- Price: 3,000.00 USD
-
Cloud Network Security Expert for Azure R81
CP-CNSE-AZURE- Duration: 2
- Delivery Format: Classroom Training, Online Training
- Price: 2,000.00 USD
Self-Paced Training Info
Learn at your own pace with anytime, anywhere training
- Same in-demand topics as instructor-led public and private classes.
- Standalone learning or supplemental reinforcement.
- e-Learning content varies by course and technology.
- View the Self-Paced version of this outline and what is included in the SPVC course.
- Learn more about e-Learning
Course Added To Shopping Cart
bla
bla
bla
bla
bla
bla
Self-Paced Training Terms & Conditions
Exam Terms & Conditions
Sorry, there are no classes that meet your criteria.
Please contact us to schedule a class.

STOP! Before You Leave
Save 0% on this course!
Take advantage of our online-only offer & save 0% on any course !
Promo Code skip0 will be applied to your registration
Purchase Information
title
Please take a moment to fill out this form. We will get back to you as soon as possible.
All fields marked with an asterisk (*) are mandatory.