Threat Prevention Specialist R81.20 (CTPS)

Learn How To:

• Customize IPS Protections for specific security needs.
• Identify ways to optimize Threat Prevention performance.

How You Will Benefit:

• Apply Threat Prevention technologies to customize and strengthen your security posture and stay ahead of emerging threats.

Security professionals who want to customize IPS and Anti-Bot/Anti-Virus Protections for specific security needs and identify ways to optimize Threat Prevention performance.
 

Before taking this course, the following prerequisites are strongly encouraged: Base knowledge of:
• Internet Fundamentals
• Networking Fundamentals
• Networking Security
• System Administration
• Check Point Training/Certification:
• Check Point Certified Security Administrator (CCSA) - required
• Check Point Certified Security Expert (CCSE) - recommended

Module 1: History of Threat Prevention Lab Tasks

• Verify the Security Environment
• Verify Connectivity Between Systems

Module 2: IPS Protections Lab Tasks

• Enable and Configure Custom Threat Prevention
• Configure the Inspection Settings
• Update IPS Protections
• Configure General and Specific Protections
• Configure and Test Core Protections

Module 3: Anti-Virus and Anti-Bot Protections Lab Tasks

• Enable Anti-Bot and Anti-Virus
• Configure Anti-Bot and Anti-Virus

Module 4: Threat Prevention Policy Profiles Lab Tasks

• Create Custom Threat Prevention Profiles
• Configure the Custom Profiles
• Configure Anti-Bot and Anti-Virus in the Custom Profiles

Module 5: Threat Prevention Policy Layers Lab Tasks

• Configure Gateway Interface Settings
• Configure Threat Prevention Policy Layers
• Configure Threat Prevention Rules with Custom Profiles

Module 6: Threat Prevention Logs and Traffic Analysis Lab Tasks

• Modify Threat Prevention Logs and Configure SmartEvent Settings
• Test Threat Prevention Protections
• View Threat Prevention Logs and Events
• Use Web SmartConsole to View Logs and Events.

Module 7: Threat Prevention Exceptions and Exclusions Lab Tasks

• Use IPS and Threat Prevention Exceptions
• Create an Inspection Settings Exception
• Create a Core Activations Exception

Module 8: Correlated Threat Prevention Views and Reports Lab Tasks

• Verify SmartEvent Activation
• Generate and Verify Logs for Reporting
• Configure SmartEvent Views and Reports

Module 9: Threat Prevention Updates Lab Tasks

• Verify Recent Updates
• Configure Update Settings

Module 10: Threat Prevention Performance Optimization Lab Tasks

• Analyze Threat Prevention Performance
• Create Penalty Box Exceptions and Null Profiles
• Test the Panic Button Protocol

Module 11: Advanced Threat Prevention Features and Troubleshooting Lab Tasks

• Add a Custom SNORT Rule
• Create and Test a Custom Threat Indicator
• Observe Traffic Drops in Real Time
• Audit Configuration Changes