Cart 0
To take the certification exam, simply register on the Check Point website. You can then take the exam either online or at an authorized testing center.
Check Point | Learning
Training: CCSA – Check Point Certified Security Administrator R81, Certification Preparation
This training will enable you to acquire all the techniques and methods necessary to pass the exam for the CCSA R81 certification. You will learn how to implement a security policy, configure Network Address Translation (NAT), and work with the Intrusion Prevention System (IPS) module.
By the end of the training, the participant will be able to:
Install and configure the Check Point R81 product.
Implementation Network Address Translation (NAT).
Deploy a security policy and monitor traffic.
Prepare for the official exam leading to the CSAC certification.
Implementation application control policies, URL filtering, and user management.
Technicians, administrators, and system/network/security engineers.
Good knowledge of TCP/IP and a basic understanding of IT security.
Check that you have the necessary prerequisites to make the most of this training by taking this test.
Check that you have the necessary prerequisites to make the most of this training by taking this test.
Presentation of Check Point R81 Architecture
Check Point products.
New features of version R81.
Gaia Deployment: Installation of Check Point Appliances
Presentation of the Gaia system.
Elements of the three-tier architecture.
Modular architecture of "Software Blades."
Check Point Infinity.
Architecture in distributed mode and standalone mode.
The management server. The SIC protocol.
Practical Work: Installation of Check Point R81.
Managing the Security Management Server
Introduction to SmartConsole R81.
Security policy. Rule management.
Unified Policies.
Packet inspection.
Inline policies (sub-rules).
Practical Work: Installing SmartConsole. Creating objects. Building a security policy. Enabling anti-spoofing.
Network Address Translation (NAT)
Address translation rules with IPv4 and IPv6.
Static NAT (One-to-One NAT) and dynamic NAT (Many-to-One NAT)/PAT.
Manual NAT.
ARP issues and routing.
Practical Work: Setting up automatic static NAT, Hide NAT, and manual translation rules.
Visibility: Log Management, Monitoring, and Reporting
Log management policy.
Tracking connections with Logs & Monitor (formerly SmartView Tracker).
SmartView Monitor: features and alert thresholds.
Practical Work: Enabling monitoring, using the Suspicious Activity Monitoring Protocol, living traffic, monitoring security policy status.
License and Multi-Site Management
Licensed structure.
Managing licenses in SmartUpdate and SmartConsole.
Types of licences.
Managing contracts and services.
Monitoring license status.
Defining Policy Packages.
Managing Policy Packages.
Definition and types of "Layers."
Packet inspection in an "Ordered Layer."
Sharing Layers.
Administrator Management
"Permission Profiles."
Limiting administrator action scope.
Managing competitor users.
Management session.
Practical Work: Creating a new "Permission Profile" with limited permissions.
HTTPS Decryption
Creating rules.
Certificate management.
Server Name Indications (SNI).
Practical Work: Implementing HTTPS inspection.
Application Control / URL Filtering
Limitations of a classic firewall by IP and port.
Access control.
AppWiki. Filtering URL.
UserCheck.
Practical Work: Web and Application Filtering—create and share the "Web and Applications Filtering" policy as an "Inline Layer" and "Ordered Layer."
User-Based / Threat Prevention Policy
Need to retrieve user identity.
Identity Awareness R81 authentication methods.
"Access Role" objects.
Threat Prevention policy and its "Software Blades."
Rule management.
Security profiles.
Autonomous Threat Prevention.
Practical Work: Authentication—Identity Awareness, create roles and access. Anti-Virus and Anti-Bot.
The trainer evaluates the participant
The participant also completes a placement test before and after the training to validate the skills acquired.
