CCSA R81.20

• Describe the primary components of a Check Point Three-Tier Architecture and explain how they work together in the Check Point environment.
• Explain how communication is secured and how traffic is routed in the Check Point environment.
• Describe the basic functions of the Gaia operating system.
• Identify the basic workflow to install Security Management Server and Security Gateway for a single-domain solution.
• Create SmartConsole objects that correspond to the organization’s topology for use in policies and rules.
• Identify the tools available to manage Check Point licenses and contracts, including their purpose and use.
• Identify features and capabilities that enhance the configuration and management of the Security Policy.
• Explain how policy layers affect traffic inspection.
• Articulate how Network Address Translation affects traffic.
• Describe how to configure manual and automatic Network Address Translation (NAT)
• Demonstrate an understanding of Application Control & URL Filtering and Autonomous Threat Prevention capabilities and how to configure these solutions to meet an organization’s security requirements.
• Articulate how pre-shared keys and certificates can be configured to authenticate with third party and externally managed VPN Gateways.
• Describe how to analyze and interpret VPN tunnel traffic.
• Configure logging parameters.
• Use predefined and custom queries to filter log results.
• Identify how to monitor the health of supported Check Point hardware using the Gaia Portal and the command line.
• Describe the different methods for backing up Check Point system information and discuss best practices and recommendations for each method.

CCTA R81.20

• Identify basic resources available to troubleshoot Check Point Security Gateways and Management Software Blades that run on the Gaia operating system.
• Discuss how to use the OSI (Open Systems Interconnection) model for problem isolation.
• Investigate and troubleshoot potential traffic flow issues.
• Monitor network activity and performance.
• Investigate and troubleshoot log collection issues.
• Investigate and troubleshoot SmartConsole issues.
• Investigate and troubleshoot Application Control and URL Filtering issues.
• Investigate and troubleshoot NAT (Network Address Translation) issues.
• Investigate and troubleshoot issues with basic Site-to-Site VPNs.
• Investigate and troubleshoot Autonomous Threat Prevention issues.
• Investigate and troubleshoot Licenses and Contracts issues.

CCSA R81.20

• Security Management
• SmartConsole
• Deployment
• Object Management
• Licenses and Contracts
• Policy Rule and Rulebase
• Policy Packages
• Policy Layers
• Traffic Inspection
• Network Address Translation
• Application Control
• URL Filtering
• Logging
• Snapshots
• Backup and Restore
• Gaia
• Permissions
• Policy Installation

CCTA R81.20

• Introduction to Troubleshooting
• Fundamentals of Traffic Monitoring
• Log Collection Troubleshooting
• SmartConsole Troubleshooting
• Application Control & URL Filtering Troubleshooting
• NAT Troubleshooting
• Basic Site-to-Site VPN Troubleshooting
• Autonomous Threat Prevention Troubleshooting
• Licenses and Contract Troubleshooting

Exercises:

CCSA R81.20

• Deploying SmartConsole
• Installing a Security Management Server
• Installing a Security Gateway
• Configuring Objects in SmartConsole
• Establishing Secure Internal Communication
• Managing Administrator Access
• Managing Licenses
• Creating a Security Policy
• Configuring Order Layers
• Configuring a Shared Inline Layer
• Configuring NAT
• Integrating Security with a Unified Policy
• Elevating Security with Autonomous Threat Prevention
• Configuring a Locally Managed Site-to-Site VPN
• Elevating Traffic View
• Monitoring System States
• Maintaining the Security Environment

CCTA R81.20

• Troubleshoot with Linux and Check Point Commands
• Collect and Analyze Interface Packet Captures
• Troubleshoot Log Communication Issues
• Troubleshoot SmartConsole
• Troubleshoot Application Control and URL Filtering
• Investigate Network Address Translation Issues
• Troubleshoot Site-to-Site VPN
• Evaluate Threat Prevention Products
• Verify Licenses

• Technical professionals who support, install deploy or administer Check Point products.
• Security administrators and Check Point resellers who need to manage and monitor issues that may occur within their Security Management environment.

• Working knowledge of UNIX and/or Windows operating systems.
• Working knowledge of Networking TCP/IP.
• Advanced knowledge of Check Point Security products.