Check Point: CCSA & CCSE — TechExams Community Wed, 16 Jan 2019 18:59:00 +0000 en Check Point: CCSA & CCSE — TechExams Community CCSE R80 - study materials. Fri, 14 Dec 2018 18:58:59 +0000 Check Point: CCSA & CCSE Flick 134434@/discussions I try to find study materials for CCSE R80 and I couldnt find something that i can be satisfied
I prefer to watch some training videos and then read some books.
anybody got some good study materials ?
thank guys.]]>
CCSA R80 - passed! Sat, 01 Sep 2018 13:16:35 +0000 Check Point: CCSA & CCSE J_86 133521@/discussions

I took the course from an authorized training center about 3 months ago that my employer paid for. I used the manual and the labs from that as most of my study material. If you have some Check Point experience, I believe you could use several of the admin guides to pass the exam. I have about 9 month, every day hands on Check Point experience for reference. Some of the CCSA course material is directly from some of the administrative guides.

This is a helpful resource for self study:

This study guide is going to be your best friend. It covers almost ALL of the topics you might see on the exam:

I also used CBT Nuggets R80 video course, which I did find very helpful when I didn't feel like reading. It also has hands on labs associated with the course.]]>
CCSA R80 passed Fri, 09 Nov 2018 08:53:39 +0000 Check Point: CCSA & CCSE larkspur 134102@/discussions
if anyone is new to Checkpoint or wants to refresh on the knowledge great resources available here -

tons of info on automation and of course, security.]]>
Checkpoint ISO? Mon, 15 Feb 2016 09:04:00 +0000 Check Point: CCSA & CCSE PikeyMikey 117512@/discussions thanks]]> SmartMove Tools Thu, 21 Sep 2017 03:54:35 +0000 Check Point: CCSA & CCSE nkcedwin 129184@/discussions Need some advise on where else can i get the above mention tools use for migrating cisco asa to checkpoint.
Beside going to checkpoint website to download is there any other website i can download the tools.


Edwin Ng]]>
CCSA Study advice needed Thu, 18 Jan 2018 07:40:03 +0000 Check Point: CCSA & CCSE Fadakartel 130841@/discussions
I know checkpoint may not be popular around here, but I might as well ask, how do you guys study for your ccsa exams? Do you even bother to re-certify. A potential employer is looking for checkpoint stuff so im more than happy to study for this.

Any advice on what materials etc I may need? i know checkpoint has materials but damm it`s expensive.]]>
Setting up the CP CBTNuggets Lab Mon, 09 Jan 2017 07:11:19 +0000 Check Point: CCSA & CCSE allwynmasc 124536@/discussions

The diagram:


How do I figure out the "VMnets" as keith uses them to connect to the VM installations from his own windows PC?

I assign the 10 series IP to the checkpoint installation but then the VB network adapter retains its 192 range IP address, I'm not very familiar with how virtual adapters work and how to do the routing.

I then added the CP VM to GNS3 and used the cloud to add the VB adapter and gave it an addition IP in the 10 range which then worked, but how do I talk to my VB CP installations without using GNS?

Really appreciate any help! Thanks for the notes!]]>
CheckPoint skype studdy group? Mon, 27 Feb 2017 19:02:14 +0000 Check Point: CCSA & CCSE arcsky 125473@/discussions
Do you maybe know if there exists any Checkpoint skype or irc studdy group ?
Share knowledge and learn together CCSA and CCSE would be nice!

Thanks in advance]]>
How to enable Webui in Checkpoint power-1 5070? Fri, 15 Sep 2017 05:12:31 +0000 Check Point: CCSA & CCSE nkcedwin 129095@/discussions
I new to checkpoint, and currently I have the above mention firewall but I am not able to access it via webui.
I am able to console in via CLI.
Is there any process which I need to enable via CLI?
the current firmware verison is R75.40.

Please advise me guys.

thank you

Edwin Ng]]>
ARP issue, I see same IP on all interfaces Thu, 04 Feb 2016 05:22:10 +0000 Check Point: CCSA & CCSE himanshudelhite 117262@/discussions
Please see below:

[Expert@HQ-FW1:0]# arp -a? ( at 00:0C:29:4F:C8:22 [ether] on eth1
? ( at 00:0C:29:0F:5A:D5 [ether] on eth2
? ( at 00:0C:29:0F:5A:D5 [ether] on eth0
? ( at 00:0C:29:0F:5A:D5 [ether] on eth1
? ( at 00:0C:29:E0:CE:8A [ether] on eth2
? ( at <incomplete> on eth0
? ( at 00:50:56:C0:00:02 [ether] on eth1
? ( at 00:0C:29:4E:72:3E [ether] on eth1]]>
How to make a full limitaion connection to mailserver? Sat, 06 May 2017 22:45:09 +0000 Check Point: CCSA & CCSE duchoang 126809@/discussions I'm new in checkpoint management. My mail server working behind the checkpoint is recently attacked many times by DoS. The POP3 service receives many connections at a time that makes all mail services suspended.
I'd like to configure a protection at IPS to block any IP that will be accessing to my mail server with exceeding a connection limitation.
Can anyone guide me how to configure the checkpoint?]]>
Anti-spoofing in same network segment Sun, 16 Apr 2017 21:18:36 +0000 Check Point: CCSA & CCSE ankda 126398@/discussions
Please help me to understand anti-spoofing on checkpoint in same network segment. For example:- I have two hosts ( Host 1:- & Host 2:- both resides on internal side. My firewall internal port IP is Now if host 2 spoofed host 1 IP address and send traffic towards outside. How anti-spoofing will work in this case and how firewall will detect this.

My Check Point CCSA R76 Study Sat, 15 Feb 2014 20:41:50 +0000 Check Point: CCSA & CCSE atech 97911@/discussions
Long time lurker and love this site, so I thought i would give a little back.... I have seen people asking about the CCSA and lab setup, exam cost, course value and the like so I thought i would pot up my studies to date. I plan to take this exam in the next 1-2 weeks so hopefully this thread will be of some benefit to someone! I also have my own blog that i will be posting on, so feel free to check it out (mods I hope this is ok to link?) -

I’m starting down the path to increase my networking security knowledge and having worked with a great guy on a previous project from Check Point, I think I’ve found a nice way to get some new knowledge and potentially a CCSA certification! Now if I’m going to do this then I’ll need to get cracking and get serious!

Study Resources:
R76 Security Administration - Student Manual

R76 Security Administration - Lab Manual

CBT Nuggets CCSA Gaia 156-215.76 Videos - cannot recommend these enough!

Check Point Security Administration - Study Guide - 2013 Edition

I’ll have to look around to see if I can find any practice exams…. any ideas guys?

Lab setup:
Although I had initially intended to use XenServer 6.2 and XenCenter, it has been initially scrapped as it just didnt play nicely with the Realtek 8111E onboard NIC. XS installs but the networking on it is horrid for this board that I have… I’ve chosen to download and install VMWare ESXi 5.1 U1 as it has much better support for my hardware and so far I havent run into any trouble. With all that said here is the hardware list - its not a pricey build!

Physical ESXi Host:
  • MB: Asrock 970 Extreme 4 - Supports AMD-V (AMD’s equivilent of VT-x)
  • CPU: AMD FX(tm)-4300 Quad-Core Processor - this lab isnt CPU intensive, so something basic
  • RAM: 16GB generic
  • PSU: Corsair 860 Plat
  • GFX: Old AMD 3450 as MB doesnt have onboard
  • Drives: 1xSeagate Constellation 1tb - enterprise class drive. This will have ESXi installed on it and will also be used as the main Datastore. If I find a SSD in the future I may add it in to speed things up.
  • OS: ESXi 5.1
I’ll be using my current media server (HP N54L) to access the ESXi host with the vSphere client.

This setup easily runs the following VM's:

2 x R76 Gaia Gateway Firewalls. Each has 3 interfaces.

1 x R76 Gaia Management Server. 1 interface
2 x Windows 7 “HQ” and “Branch” VM’s. 1 Interface each
2 x W2K8 R2 “DMZ” servers. 1 interface each

Other Considerations:

You need to take into consideration how a Check Point deployment might work in the real world. For example, you might have LDAP integration (read: AD, OpenLDAP, etc.) which means you need to know how to get these running in you lab, you might have multiple internal networks and multiple firewalls. You will need to look through firewall logs, so you will need to generate traffic on your virtual network and by this i mean a web server or ftp server (Tinyweb is great little web server for labs).

Study Plan:

I will be going through each of Keith Barkers CBT nuggets videos and answering the example questions (mods, is it ok to post those questions and answers?) as well as questions and answers from the Check Point study material. If there is any interest, I can post these up... I will also be using the study guide provided by Check Point for the exam.]]>
Please Help!! CCSA R77.30 exam. Fri, 22 Jul 2016 10:08:02 +0000 Check Point: CCSA & CCSE GMac89 121300@/discussions
I've recently got a new job in IT Security from my previous 2nd line post. In my new role I assist in management of a Checkpoint environment. A few months back I attended a 5 day fast track course funded by my employer for Checkpoint ccsa/ccse.

Upon Completion of the course and some reading and the Keith Barker cbt nuggets videos I took the exam.... and failed! 64% the pass mark being 70%.

The 2nd attempt about a month later I brushed up on areas I was weakest on and booked my 2nd exam.

Again.. I failed! this time 66%!! Here are my scores...

1st Exam:
Introduction to Check Point Technology - Objectives 1-2 100
Introduction to Check Point Technology - Objective 3 100
Deployment Platforms - Objective 1 33
Deployment Platforms - Objective 2 100
Deployment Platforms - Objective 3 100
Introduction to the Security Policy - Objecitves 1-2 70
Introduction to the Security Policy - Objective 3 100
Introduction to the Security Policy - Objective 5 66
Introduction to the Security Policy - Objective 5 66
Introduction to the Security Policy - Objecitve 4 40
Monitoring Traffic and Connections - Objective 1 50
Monitoring Traffic and Connections - Objective 2 50
Monitoring Traffic and Connections - Objective 3 80
Using SmartUpdate - Objectives 1-3 50
User Management and Authentication - Objective 1 40
User Management and Authentication - Objective 2 40
Identity Awareness - Objective 1 71
Identity Awareness - Objective 2 100
Identity Awareness - Objective 3 50
Identity Awareness - Objective 4 66
Introduction to Check Point VPNs - Objective 1 60
Introduction to Check Point VPNs - Objective 2-3 100
SmartLog 50

2nd exam:

Introduction to Check Point Technology - Objectives 1-2 100
Introduction to Check Point Technology - Objective 3 100
Deployment Platforms - Objective 1 50
Deployment Platforms - Objective 2 100
Deployment Platforms - Objective 3 100
Introduction to the Security Policy - Objecitves 1-2 80
Introduction to the Security Policy - Objective 3 66
Introduction to the Security Policy - Objective 5 33
Introduction to the Security Policy - Objective 5 66
Introduction to the Security Policy - Objecitve 4 100
Monitoring Traffic and Connections - Objective 1 100
Monitoring Traffic and Connections - Objective 2 100
Monitoring Traffic and Connections - Objective 3 80
Using SmartUpdate - Objectives 1-3 50
User Management and Authentication - Objective 1 60
User Management and Authentication - Objective 2 60
Identity Awareness - Objective 1 57
Identity Awareness - Objective 2 50
Identity Awareness - Objective 3 50
Identity Awareness - Objective 4 100
Introduction to Check Point VPNs - Objective 1 20
Introduction to Check Point VPNs - Objective 2-3 33
SmartLog 50

After attending the 5 day course,
watching the CBT nuggets, albeit the R76 videos
making notes from the book I received on the course
I still just miss the pass mark by a few %!

Someone mentioned Admin guides as the key to passing this exam? is it true? where can I find them?

Any Help and advice would be greatly appreciated as I just can't understand where i'm going wrong! I can't fail a 3rd time. PLEASE!!

Many Thanks

Check Point Certified Security Principles Associate (CCSPA) Fri, 20 May 2005 09:31:06 +0000 Check Point: CCSA & CCSE ja5983 7440@/discussions
I'm thinking about this next as i am in the security field currently or possibly my CCNA as that will help with my cisco knowledge (though i am not really in contact with cisco products ALL too often). I cant get the CISSP yet as i only have 2 years exp and i dont think sec+ and TICSA would count to them as another 2 years. any ideas suggestions?]]>
study book CheckPoint Firewall certification or CBT Nuggets?? Tue, 20 Oct 2015 05:41:22 +0000 Check Point: CCSA & CCSE tfmarques 114789@/discussions
Anyone know where I can get the study book CheckPoint Firewall certification CCSA r77???

I have already seen the videos CBT Nuggets but did not know if it's enough for the exam CCSA R77. Can someone help?]]>
Booked CCSA for October 22nd having not looked at study material at all Tue, 20 Sep 2016 03:07:34 +0000 Check Point: CCSA & CCSE seabro 122546@/discussions
I scraped through CCNA on Saturday (having booked the re-sit on Wednesday) and told my wife it was too stressful, I need to be more prepared next time.

Then yesterday I went on the Pearson Vue website to see if they offer Checkpoint exams and I booked my CCSA for a month away. Oops. But the deadline helps motivate me to study.

I used the Gaia GUI at work for changing and pushing policies but I have never touched the CLI. General maintenance, backing up and monitoring is not in my remit. I don't setup or manage VPN's so there is a lot of new material.

I am going to use r76 CBT nuggets, and the Checkpoint Administrators Guide and I also have two official looking manuals 'Security Administration Student Manual' and 'Security Administration Lan Manual' kindly lent to me by a colleague who did a course.

Here we go!]]>
Stateful Inspection Wed, 17 Aug 2016 01:06:03 +0000 Check Point: CCSA & CCSE bharath917 121831@/discussions
I have doubt in stateful inspection, As per checkpoint "Stateful Inspection technology implements all necessary firewall capabilities between the data and network layers. Packets are intercepted at the network layer for best performance (as in packet filters), but the data derived from layers 3-7 is accessed and analyzed for improved security".

As per my understanding stateful inspection checks source and Destination IP address, ports, flags, sequence numbers and it also understands the context of communication but when exactly it checks the data upto Layer 7. Does it checks for all new packets,
Can anyone explain???

Passed CCSA R77.30 Fri, 05 Aug 2016 09:43:38 +0000 Check Point: CCSA & CCSE WonTonDon 121588@/discussions
Just thought I would share.

Took the exam on Wednesday afternoon and barely passed with a mark of 71!

Was a very tough exam and would definitely recommend labbing and going through the study guide.

Also went through the following which I found to be helpful.

Check Point Certified System Administrator (CCSA) Study Notes - R77 - Geeky Nick]]>
CCSA R77.30 Pass Tue, 31 May 2016 21:13:36 +0000 Check Point: CCSA & CCSE neoryan08 120141@/discussions
Have experience in Checkpoint since 2008-2011 (stop Checkpoint after changed to non-related job)
Return back to IT Field (2015-present) involved at R75.40 version.

Not much changes from previous last R55-R65 from previous company.
Am interested, and lucky to be involved in R77.30 Deployment, small box appliance 4800 series.

Managed to study, thru the Lab Book and Admin Book provided by Training-Partners Sg.
final 1 week before exam, study on the **** (just curious on the exam questions and multiple answer if got )

1st attempt, pass with score of 85%, quite a lot of tricky question but with same answer as at the ****.
Latest **** being readed is 2015-11-27 Adam]]>
CPUG - Check Point User Group Wed, 09 Mar 2016 09:40:57 +0000 Check Point: CCSA & CCSE Network_Engineer 118140@/discussions]]>
Check Point’s 215.77 exam Study Material Mon, 08 Feb 2016 09:23:31 +0000 Check Point: CCSA & CCSE PikeyMikey 117349@/discussions Issue with captial portal, checkpoint ccsa issue Thu, 04 Feb 2016 05:24:25 +0000 Check Point: CCSA & CCSE himanshudelhite 117263@/discussions
However when i config captive portal and everything required.

When i hit a http IP , the firewall instantly redirect it to the https (firewall's ip where the portal is running).

I get error, the webpage cannot be displayed.

I have verified the portal is running on firewall using - mpclient status nac. however no help, i cant see the captive portal login page.]]>
Issues with SmartEvent Thu, 28 Jan 2016 12:12:02 +0000 Check Point: CCSA & CCSE coledamilola 117096@/discussions
So I am having issues accessing my smart event, seems to be licensing issues but that seems to be fine when I use the cplic print -x command

I switched to NGSE.01 from R77.20 and the error msg changes, I will appreciate any help/suggestions. Thanks

Which cert to start and study for? Thu, 05 Nov 2015 10:37:39 +0000 Check Point: CCSA & CCSE PikeyMikey 115184@/discussions
I passed my CCNA cert last week and am now thinking of what else i can study to increase my chances of getting a job after university.

As I am still at uni and currently working on a IT help desk on my placement year I feel it would be better to have a wider range of experience rather than just going straight for my CCNP.

What is the current entry level checkpoint cert and what learning materials should I acquire?

CCSE R77 labsetup info help please! Fri, 15 May 2015 21:54:28 +0000 Check Point: CCSA & CCSE wannabeCCSE 110903@/discussions
I am going to start preparing for CCSE R77(I have a valid CCSA R75 certification).

Thanks a lot for your help!]]>
Can we self study CheckPoint Firewall certification? Sat, 11 Oct 2014 05:33:11 +0000 Check Point: CCSA & CCSE chopsticks 104725@/discussions
2. If we are allowed to self study and then take the exams, how can we go about doing the labs on our own?

Thanks in advance for your help.]]>
CCSA GAiA 156-215.76 Vs 156-215.77 Wed, 19 Nov 2014 21:27:04 +0000 Check Point: CCSA & CCSE moinuq 105785@/discussions
I have been preparing for CCSA 156-215.76 but when I tried to book the exam, PeasonVUE or CheckPoint sites do not have this exam option anymore, instead they have 156-215.77! I am wondering will there be huge difference between these versions?

Kind regards

Those sneaky people... Sun, 14 Apr 2013 22:40:47 +0000 Check Point: CCSA & CCSE SephStorm 88308@/discussions
Anyway, anyone have experience with any and/or all of these? I'll admit I am not a fan of the CCSA/E program because there is limited training material for it (There are a few books, but i'm not reading a book from 07 or even 11 to pass an exam in 2013.) Their official material appears to be DRM heavy, Not an issue normally except I have no idea if I can only read it on my PC or can I put it on my Kindle, or IPod... I don't know because I don't know what format it is in.

I like what I can see of the Dell program, it looks like a free online program. if you attend the Global Knowledge courses, you can receive appliances I assume to be on the level of the exam. Thats a promotion I haven't seen elsewhere from any vendor.

I'd also be interested in how people view these in comparison to the Cisco Security and Juniper Security certs/courses.]]>
CCSA gaia r.77 Mon, 10 Nov 2014 14:25:38 +0000 Check Point: CCSA & CCSE StussyNz 105501@/discussions
Just a quick question that some of your Checkpoint certified personnel may be able to assist with. I am looking at Studying for the Checkpoint CCSA Gaia r.77 exam. I am just wondering; What text books/study material is out there for this exam?

I've managed to find the CBT nuggets r.76 videos and have visited the Checkpoint website which provides a brief Study guide (Ideally just tells you the topics/content you are required to know for the exam.)

Any input would be greatly appreciated!]]>