Check Point Certified Security Expert (CCSE) R82 (includes 180 days' lab access) [ARR_CKT_CCSE_R82]

OVERVIEW

This course provides students with the advanced knowledge, skills, and hands-on experience needed to deploy, manage, and monitor existing Quantum Security Environments.

Students will learn how to deploy Management High Availability, provide advanced policy management, configure Site-to-Site VPN, provide advanced security monitoring, upgrade a Security Gateway, use Central Deployment tool to install hotfixes, perform an import of a Primary Security Management Server, and Deploy ElasticXL Cluster.

AUDIENCE

·       Security Engineers

·       Security Analysts

·       Security Consultants

·       Security Architects  

 

NIST/NICE Work Role Categories

 

·       Implementation & Operation

·       Protection & Defense

CERTIFICATION

Certification/Accreditation

Certification Exam: 156-315.82

Please contact us for exam voucher pricing.

CONTENT

Module 1: Management High Availability

·       Explain the purpose of Management High Availability.

·       Identify the essential elements of Management High Availability.

Lab Tasks

·       Deploy and configure Management High Availability

·       Ensure the failover process functions as expected

Module 2: Advanced Policy Management

·       Identify ways to enhance the Security Policy with more object types.

·       Create dynamic objects to make policy updatable from the Gateway.

·       Manually define NAT rules.

·       Configure Security Management behind NAT.

Lab Tasks

·       Use Updatable Objects

·       Configure Network Address Translation for server and network objects

·       Configure Management behind NAT for Branch Office connections

Module 3: Site-to-Site VPN

·       Discuss site-to-site VPN basics, deployment, and communities.

·       Describe how to analyze and interpret VPN tunnel traffic.

·       Articulate how pre-shared keys and certificates can be configured to authenticate with third-party and externally managed VPN Gateways.

·       Explain Link Selection and ISP Redundancy options.

·       Explain tunnel management features.

Lab Task

Configure Site-to-Site VPN with internally managed Security Gateways

Module 4: Advanced Security Monitoring

·       Describe the SmartEvent and Compliance Blade solutions, including their purpose and use.

Lab Tasks

·       Configure a SmartEvent Server to monitor relevant patterns and events

·       Demonstrate how to configure Events and Alerts in SmartEvent

·       Demonstrate how to run specific SmartEvent reports

·       Activate the Compliance Blade

·       Demonstrate Security Best Practice settings and alerts

·       Demonstrate Regulatory Requirements Compliance Scores

Module 5: Upgrades

·       Identify supported upgrade options.

Lab Task

·       Upgrade a Security Gateway

·       Use Central Deployment tool to install Hotfixes

Module 6: Advanced Upgrades and Migrations

·       Export/import a Management Database.

·       Upgrade a Security Management Server by freshly deploying the new release or using a new appliance.

Lab Task

·       Prepare to perform an Advanced Upgrade with Database Migration on the Primary Security Management Server in a distributed environment

·       Perform an import of a Primary Security Management Server in a distributed Check Point environment

Module 7: ElasticXL Cluster

·       Describe the ElasticXL Cluster solution, including its purpose and use.

Lab Tasks

·       Deploy an ElasticXL Security Gateway Cluster