Tag Archives: Exam

Bring Check Point CCSE cert to my bag

Since i achieved my Check Point CCSA i´ve decided to go to next level which means CCSE. I used old CBT Nuggets for R65/R70 , Student/Lab guide for R77, and also the Study guide provided by Check Point. I also read a few SKs to help to understand concepts and Blades which i’ve never touched before.

You can find the study guide here.

SK’s

 

Videos Overview

1. CCSE Welcome
2. Mgmt High Availability
This will present the student with the concept of deploying a backup Smart Center (Mgmt Server)
3. HA Cluster
This will give the student the first must have skill set and that is clustering Check Point firewalls using an New mode HA multicast configuration.
4. Load Sharing Clusters
This nugget will give the student the skills required to deploy load sharing clusters with unicast and multicast protocols.
5. Smart Update & Local upgrades
This nugget will give the student the skills to upgrade local and remote Check Point firewall deployments.
6. Cluster Trouble Shooting
This nugget will cover the process needed to perform health checks & ensure proper configuration of Check Point Firewalls.
7. Encryption
This nugget will cover the process of what encryption protocols are needed to maintain confidentiality, Integrity and availability of data over VPN’s
8. Domain Based VPN
This nugget will cover the first and most common Check Point VPN using encryption domains.
9. SSL VPN
This nugget will cover the deployment of an SSL remote access VPN using Check Point SSL Network Extender.
10. Remote Access VPN (IKE)
This nugget will cover the deployment of a remote access VPN using Check Point secure client on Windows pc
11. Route Based VPN (VTI)
This nugget will cover configuring point-to-point vpn using VTI. A VTI is an operating system level virtual interface that can be used as a gateway
12. Peer VPN’s
This nugget will cover the options need to setup a VPN with a peer company.
13. SCP on Splat
This nugget will cover the most secure way of transferring files to and from your Check Point Secure Platform devices.
14. Smart Center Recovery
This nugget will cover how to recover a Smart Center Mgmt server from a cpinfo or cpbackup file.
15. Disaster Recovery of Cluster Member
This nugget will cover how to recover a cluster member that has suffered a failure while keeping the organization online.
16. Final Note
In this final nugget we cover some study skills for CCSE prep and some housekeeping tips to maintain your Smart Center mgmt server.
17. CCSE Welcome
What’s new in R70. About this updated series.
18. Mgmt Portal
Virtual machine configuration. Software installation steps. Smart dashboard configuration. Navigation of portal settings.
19. R70 Cluster
SPLAT FW installation. Sysconfig of FW. Cluster object configuration. Policy configuration. Policy installation and verification.
20. Command Line World Part 1
Review of core XL. FW monitor troubleshooting.
21. Command Line World Part 2
Troubleshooting with TCP dump. FW troubleshooting and verification commands.
22. Smart Provisioning
FW object settings. Provisioning profiles. Review of SP gui settings. Deploying FW settings.
23. Smart Analyzer
Software installation. Dashboard object configuration. Server components configuration.
24. Smart Reporter
Gui reporter configuration. Review of report settings

Exam

Exam: 156-315.77
Duration
: 100 +30 extension
Questions: 70 to 100
Minimum to Pass:70%
Valid for: 2 Years

This time i got 89 questions, and i was scared because i mixed concepts of SmartEvent and i forgot about a few daemons/processes.

I leave here my notes guys to help you out.

And yes, i PASSED! So now i need to wait for my certificate and kit, Check Point needs 6 to 8 weeks to issue that. Shall i go to CCMSE? Maybe later, now it´s time to jump to VMware stuff, because any conversation which has cloud keyword becomes an Hot Topic!

 

CCSE

References:

Check Point Certified Security Expert (CCSE) R77

Check Point Training FAQ

 

I got my Check Point CCSA cert on R77

I´ve been working for a long time with Check Point but i did not take any exam, but this was in my objectives for a long time…. So i decided about 1 month ago to start studying for this and was not hard to be honest. The funny thing on Check Point is every Major release it changes the exam Title but that doesn´t mean you don´t know how to work with.

Material

I used the CBT Nuggets GAIA R76 for this and was enough to pass even not be for R77 (minor changes),  i would play more with authentication stuff when i will have time.  This was the first time i used CBT and worth every euro i spent.

Check Point also provide a study guide for this exam, which you can find here.

Videos Overview

1. Welcome! (7 min)
2. Check Point Fundamentals (16 min)
3. Installing GAiA (31 min)
4. Linking the Manager & Firewall (26 min)
5. Pushing Policy (34 min)
6. NAT (34 min)
7. Policy Packages & Database Versions (32 min)
8. SmartView Tracker (28 min)
9. SmartView Monitor (20 min)
10. LDAP (22 min)
11. Identity Awareness (35 min)
12. App Control and URL Filtering (31 min)
13. HTTPS Inspection (26 min)
14. CLI (27 min)
15. IPsec VPNs (Site to Site) (36 min)
16. Backup and Recovery (16 min)
17. Smart Update (14 min)
18. Additional Check Point Features (27 min)
19. CCSA Exam Success (16 min)

Exam

Exam: 156-215.77
Duration
: 100 +30 extension
Questions: 70 to 100
Minimum to Pass:70%
Valid for: 2 Years

The questions are a random number and because i´m a lucky man i got 100 questions, it freezes me at the beginning but after do 75 of them and with spare time to review i thought i would have a good chance to pass.

I leave here my notes guys to help you out.

And yes, i PASSED! Check Point needs 6 to 8 weeks to issue your certificate and Kit, so keep calm and you will get soon your certification in UserCenter.CCSAReferences:

Security Administration (Check Point Certified Security Administrator (CCSA) R77)

CBT Check Point Security

Check Point Training FAQ

 

Update exame CCNP Routing and Switching v2

A certificação CCNP Routing and Switching será renovada em breve para a versão 2, consultar o link CCNP Routing and Switching para mais detalhes. A Cisco disponibiliza a CCNP exam combination tool para facilitar os exames necessários para quem realizou alguns do antigo curso.
A versão do IOS para esta nova versão é a 15.2

Recommended Training
642-902 ROUTE
Last day to test January 29, 2015
OR
300-101 ROUTE
Implementing Cisco IP Routing (ROUTE)
Implementing Cisco IP Routing (ROUTE) v2.0
AND
642-813 SWITCH
Last day to test January 29, 2015
OR
300-115 SWITCH
Implementing Cisco IP Switched Networks (SWITCH)
Implementing Cisco IP Switched Networks (SWITCH) v2.0
AND
642-832 TSHOOT
Last day to test January 29, 2015

OR
300-135 TSHOOT
Troubleshooting and Maintaining Cisco IP Networks (TSHOOT)
Troubleshooting and Maintaining Cisco IP Networks (TSHOOT) v2.0


Objectivos Exame 300-101 ROUTE inclui:

  • Network Principles
  • Layer 2 Technologies
  • Layer 3 Technologies
  • VPN Technologies
  • Infrastructure Security
  • Infrastructure Services

**Clique para expandir/colapsar os objectivos em detalhe**
Objectivos Exame 300-115 SWITCH inclui:
  • Layer 2 Technologies
  • Infrastructure Security
  • Infrastructure Services

**Clique para expandir/colapsar os objectivos em detalhe**
Objectivos Exame 300-135 TSHOOT inclui:
  • Network Principles
  • Layer 2 Technologies
  • Layer 3 Technologies
  • VPN Technologies
  • Infrastructure Security
  • Infrastructure Services

**Clique para expandir/colapsar os objectivos em detalhe**

Referências:

ROUTE Exam

ROUTE Exam v2.0

SWITCH Exam

SWITCH Exam v2.0

TSHOOT Exam

TSHOOT Exam v2.0

Update Exames CCNP Security

A certificação CCNP Security da Cisco será renovada em breve com uma nova estrutura, consultar o link CCNP Security para mais detalhes

 

Required Exam(s) Recommended Training Required Exam(s) Recommended Training
642-637 SECURE v1.0
Last day to test April 21, 2014
Secure v1.0 Securing Networks with Cisco Routers and Switches (SECURE v1.0) 300-208 SISAS Implementing Cisco  Secure Access Solutions (SISAS)

642-627 IPS v7.0
Last day to test April 21, 2014

Implementing Cisco Intrusion Prevention System v7.0 (IPS v7.0) 300-207 SITCS Implementing Cisco Edge Network Security  Solutions  (SITCS)
642-618 FIREWALL v2.0
Last day to test April 21, 2014
Deploying Cisco ASA Firewall Solutions (FIREWALL  v2.0) 300-206 SENSS Implementing Cisco Secure Mobility Solutions  (SENSS)
642-648 VPN v2.0
Last day to test April 21, 2014
Deploying Cisco ASA VPN Solutions (VPN v2.0) 300-209 SIMOS Implementing Cisco Threat Control Solutions (SIMOS)

 

As apresentações sobre os novos exames no Cisco Live Milan 2014:

BRKCRT-2203 – Implementing Cisco Secure Access Solutions – Preparing for the SISAS Exam

BRKCRT-2211 – Title: BRKCRT-2211 Implementing Cisco Threat Control Solutions – Preparing for the SITCS Exam

BRKCRT-2204 – Implementing Cisco Edge Network Security Solutions – Preparing for the SENSS Exam

BRKCRT-2205 – Implementing Cisco Secure Mobility Solutions – Preparing for the SIMOS Exam