CCTE Check Point Troubleshooting Expert

Duration: 2 days
Price: $2000

The Check Point Certified Troubleshooting Expert (CCTE) provides advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point Security environment.

What you'll learn:

  • Demonstrate understanding how to use advanced troubleshooting tools and techniques including: Interpreting diagnostic data with CPInfo, Collecting and reading statistical data using CPView, and Advanced troubleshooting risks.
  • Describe the use of Logs and SmartEvent in troubleshooting.
  • Describe the log indexing system and issues that can occur.
  • Discuss methods to troubleshoot log indexing in SmartLog and SmartEvent.
  • Explain the databases used in Security Management operations.
  • Identify common troubleshooting database issues.
  • Discuss Management Processes.
  • Demonstrate understanding of advance troubleshooting tools and techniques including: How the kernel handles traffic, How to troubleshoot issues using chain modules, How to use the two main procedures for debugging the Firewall kernel, and How the two main procedures for debugging the Firewall kernel differ.
  • Demonstrate understanding of user mode debugging, including collecting and interpreting process debugs.
  • Debug user mode processes.
  • Discuss advanced Identity awareness troubleshooting.
  • Learn to run debugs on Identity Awareness.
  • Explain Unifed Access Control flow and processes.
  • Explain Access Control kernel debugs.
  • Describe Access Control process debugs.
  • Explain basic and advanced Site-to-Site VPN troubleshooting tools and techniques, including: Packet captures, IKE debugs, and VPN process debugs.
  • Explain Client-to-Site VPN troubleshooting tools and techniques, including: Remote access troubleshooting and Mobile access troubleshooting.

What you'll learn:

  • Demonstrate understanding how to use advanced troubleshooting tools and techniques including: Interpreting diagnostic data with CPInfo, Collecting and reading statistical data using CPView, and Advanced troubleshooting risks.
  • Describe the use of Logs and SmartEvent in troubleshooting.
  • Describe the log indexing system and issues that can occur.
  • Discuss methods to troubleshoot log indexing in SmartLog and SmartEvent.
  • Explain the databases used in Security Management operations.
  • Identify common troubleshooting database issues.
  • Discuss Management Processes.
  • Demonstrate understanding of advance troubleshooting tools and techniques including: How the kernel handles traffic, How to troubleshoot issues using chain modules, How to use the two main procedures for debugging the Firewall kernel, and How the two main procedures for debugging the Firewall kernel differ.
  • Demonstrate understanding of user mode debugging, including collecting and interpreting process debugs.
  • Debug user mode processes.
  • Discuss advanced Identity awareness troubleshooting.
  • Learn to run debugs on Identity Awareness.
  • Explain Unifed Access Control flow and processes.
  • Explain Access Control kernel debugs.
  • Describe Access Control process debugs.
  • Explain basic and advanced Site-to-Site VPN troubleshooting tools and techniques, including: Packet captures, IKE debugs, and VPN process debugs.
  • Explain Client-to-Site VPN troubleshooting tools and techniques, including: Remote access troubleshooting and Mobile access troubleshooting.

Exercises:

    • Collecting and Reading CPInfo
    • Collecting and Reading CPView Data
    • Troubleshooting SmartLog
    • Troubleshooting SmartEvent
    • Troubleshooting Database Issues
    • Debugging Security Gateway Kernel
    • Debugging User Mode Processes
    • Debugging Identity Awareness
    • Debugging Unified Policy Inspection
    • Troubleshooting Site-to-Site VPN
    • Debugging Remote Access VPN

This course is designed for security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments.

Prior to taking this course, you will need a working knowledge of UNIX and/or Windows operating systems, Working knowledge of Networking, TCP/IP, CCSE training/certification, Advanced knowledge of Check Point Security Products.

This course prepares learners for the CCTE certification.