CCSE R81.20
Identify basic interfaces used to manage the Check Point environment.
Identify the types of technologies that Check Point supports for automation.
Explain the purpose of the Check Management High Availability (HA) deployment.
Identify the workflow followed to deploy a Primary and solution Secondary servers.
Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness.
Identify how to exclude services from synchronizing or delaying synchronization.
Explain the policy installation flow.
Explain the purpose of dynamic objects, updatable objects, and network feeds.
Understand how to manage user access for internal and external users.
Describe the Identity Awareness components and configurations.
Describe different Check Point Threat Prevention solutions.
Articulate how the Intrusion Prevention System is configured.
Obtain knowledge about Check Point’s IoT Protect.
Explain the purpose of Domain-based VPNs.
Describe situations where externally managed certificate authentication is used.
Describe how client security can be provided by Remote Access.
Discuss the Mobile Access Software Blade.
Explain how to determine if the configuration is compliant with the best practices.
Define performance tuning solutions and basic configuration workflow.
Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
Identify supported upgrade methods and procedures for Security Gateways.
CCTE R81.10
Demonstrate understanding how to use advanced troubleshooting tools and techniques including: Interpreting diagnostic data with CPInfo, Collecting and reading statistical data using CPView, and Advanced troubleshooting risks.
Describe the use of Logs and SmartEvent in troubleshooting.
Describe the log indexing system and issues that can occur.
Discuss methods to troubleshoot log indexing in SmartLog and SmartEvent.
Explain the databases used in Security Management operations.
Identify common troubleshooting database issues.
Discuss Management Processes.
Demonstrate understanding of advance troubleshooting tools and techniques including:
- How the kernel handles traffic,
- How to troubleshoot issues using chain modules,
- How to use the two main procedures for debugging the Firewall kernel, and
- How the two main procedures for debugging the Firewall kernel differ.
Demonstrate understanding of user mode debugging, including collecting and interpreting process debugs.
Debug user mode processes.
Discuss advanced Identity awareness troubleshooting.
Learn to run debugs on Identity Awareness.
Explain Unified Access Control flow and processes.
Explain Access Control kernel debugs.
Describe Access Control process debugs.
Explain basic and advanced Site-to-Site VPN troubleshooting tools and techniques, including:
- Packet captures, IKE debugs, and VPN process debugs.
Explain Client-to-Site VPN troubleshooting tools and techniques, including:
- Remote access troubleshooting and Mobile access troubleshooting.