Use this quick start guide to collect all the information about Check Point CCSE (156-915.77) Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the 156-915.77 Security Expert Update exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual Check Point CCSE R77 certification exam.
The Check Point CCSE certification is mainly targeted to those candidates who want to build their career in Security domain. The Check Point Certified Security Expert (CCSE) R77.30 Update exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of Check Point CCSE R77.
Check Point CCSE Exam Summary:
| Exam Name | Check Point Certified Security Expert (CCSE) R77.30 Update |
| Exam Code | 156-915.77 |
| Exam Price | $250 (USD) |
| Duration | 90 mins |
| Number of Questions | 90 |
| Passing Score | 70% |
| Books / Training | CCSE Training |
| Schedule Exam | 156-915.77 |
| Sample Questions | Check Point CCSE Sample Questions |
| Practice Exam | Check Point 156-915.77 Certification Practice Exam |
Check Point 156-915.77 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Upgrading |
Objectives:
|
|
Backup and Restore Security Gateways and Management Servers
|
- Snapshot management
- Upgrade Tools
- Backup Schedule Recommendations
- Upgrade Tools
- Performing Upgrades
- Support Contract
|
|
Upgrading Standalone Full High Availability
|
|
| Lab 1: Upgrading to Check Point R77 |
- Install Security Management Server
- Migrating Management server Data
- Importing the Check Point Database
- Launch SmartDashboard
- Upgrading the Security Gateway
|
| Advanced Firewall |
Objectives:
|
| Check Point Firewall Infrastructure |
- GUI Clients
- Management
|
| Security Gateway |
- User and Kernel Mode Processes
- CPC Core Process
- FWM
- FWD
- CPWD
- Inbound and Outbound Packet Flow
- Inbound FW CTL Chain Modules
- Outbound Chain Modules
- Columns in a Chain
- Stateful Inspection
|
| Kernel Tables |
- Connections Table
- Connections Table Format
|
| Check Point Firewall Key Features |
- Packet Inspection Flow
- Policy Installation Flow
- Policy Installation Process
- Policy Installation Process Flow
|
| Network Address Translation |
- How NAT Works
- Hide NAT Process
- Security Servers
- How a Security Server Works
- Basic Firewall Administration
- Common Commands
|
| FW Monitor |
- What is FW Monitor
- C2S Connections and S2C Packets fw monitor
|
|
Lab 2: Core CLI Elements of Firewall Administration
|
- Policy Management and Status
- Verification from the CLI
- Using cpinfo
- Run cpinfo on the Security Management Server
- Analyzing cpinfo in InfoView
- Using fw ctl pstat
- Using tcpdump
|
| Clustering and Acceleration |
Objectives:
|
| VRRP |
- VRRP vs ClusterXL
- Monitored Circuit VRRP
- Troubleshooting VRRP
|
| Clustering and Acceleration |
- Clustering Terms
- ClusterXL
- Cluster Synchronization
- Synchronized-Cluster Restrictions
- Securing the Sync Interface
- To Synchronize or Not to Synchronize
|
| ClusterXL: Load Sharing |
- Multicast Load Sharing
- Unicast Load Sharing
- How Packets Travel Through a Unicast
- LS Cluster
- Sticky Connections
|
| Maintenance Tasks and Tools |
- Perform a Manual Failover of the FW Cluster
- Advanced Cluster Configuration
|
| Management HA |
- The Management High Availability Environment
- Active vs. Standby
- What Data is Backed Up?
- Synchronization Modes
- Synchronization Status
|
| SecureXL: Security Acceleration |
- What SecureXL Does
- Packet Acceleration
- Session Rate Acceleration
- Masking the Source Port
- Application Layer Protocol - An Example with HTTP HTTP 1.1
- Factors that Preclude Acceleration
- Factors that Preclude Templating (Session Acceleration)
- Packet Flow
- VPN Capabilities
|
| CoreXL: Multicore Acceleration |
- Supported Platforms and Features
- Default Configuration
- Processing Core Allocation
- Allocating Processing Cores
- Adding Processing Cores to the Hardware
- Allocating an Additional Core to the SND
- Allocating a Core for Heavy Logging
- Packet Flows with SecureXL Enabled
|
| Lab 3 Migrating to a Clustering Solution |
- Installing and Configuring the Secondary Security Gateway Re-configuring the Primary Gateway
- Configuring Management Server Routing
- Configuring the Cluster Object
- Testing High Availability
- Installing the Secondary Management Server
- Configuring Management High Availability
|
| Advanced User Management |
Objectives:
|
| User Management |
- Active Directory OU Structure
- Using LDAP Servers with Check Point
- LDAP User Management with User Directory
- Defining an Account Unit
- Configuring Active Directory Schemas
- Multiple User Directory (LDAP) Servers
- Authentication Process Flow
- Limitations of Authentication Flow
- User Directory (LDAP) Profiles
|
|
Troubleshooting User Authentication and User Directory (LDAP)
|
- Common Configuration Pitfalls
- Some LDAP Tools
- Troubleshooting User Authentication
|
| Identity Awareness |
- Enabling AD Query
- AD Query Setup
- Identifying users behind an HTTP Proxy
- Verifying there’s a logged on AD user at the source IP
- Checking the source computer OS
- Using SmartView Tracker
|
|
Lab 4: Configuring SmartDashboard to Interface with Active Directory
|
- Creating the Active Directory Object in SmartDashboard
- Verify SmartDashboard Communication with the AD Server
|
| Advanced IPsec VPN and Remote Access |
Objectives:
|
| Advanced VPN Concepts and Practices |
- IPsec
- Internet Key Exchange (IKE)
- IKE Key Exchange Process – Phase 1/ Phase 2 Stages
|
| Remote Access VPNs |
- Connection Initiation
- Link Selection
|
| Multiple Entry Point VPNs |
- How Does MEP Work
- Explicit MEP
- Implicit MEP
|
| Tunnel Management |
- Permanent Tunnels
- Tunnel Testing
- VPN Tunnel Sharing
- Tunnel-Management Configuration
- Permanent-Tunnel Configuration
- Tracking Options
- Advanced Permanent-Tunnel configuration
- VPN Tunnel Sharing Configuration
|
| Troubleshooting | - VPN Encryption Issues |
| VPN Debug |
- vpn debug Command
- vpn debug on | off
- vpn debug ikeon |ikeoff
- vpn Log Files
- vpn debug trunc
- VPN Environment Variables
- vpn Command
- vpn tu
- Comparing SAs
|
|
Lab 5: Configure Site-to-Site VPNs with Third Party Certificates
|
- Configuring Access to the Active Directory Server
- Creating the Certificate
- Importing the Certificate Chain and Generating Encryption Keys
- Installing the Certificate
- Establishing Environment Specific Configuration
- Testing the VPN Using 3rd Party Certificates
|
|
Lab 6: Remote Access with Endpoint Security VPN
|
- Defining LDAP Users and Groups
- Configuring LDAP User Access
- Defining Encryption Rules
- Defining Remote Access Rules
- Configuring the Client Side
|
| Auditing and Reporting |
Objectives:
|
| Auditing and Reporting Process | - Auditing and Reporting Standards |
| SmartEvent | - SmartEvent Intro |
| SmartEvent Architecture |
- Component Communication Process
- Event Policy User Interface
|
| SmartReporter | - Report Types |
| Lab 7: SmartEvent and SmartReporter |
- Configure the Network Object in SmartDashboard
- Configuring Security Gateways to work with SmartEvent
- Monitoring Events with SmartEvent
- Generate Reports Based on Activities
|
To ensure success in Check Point CCSE R77 certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for Security Expert Update (156-915.77) exam.