Check Point Certified Troubleshooting Expert R81.10 (CCTE)

The Check Point Certified Troubleshooting Expert R81.10 course (CCTE) provides advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point security environment.

Audience

This course is designed for security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments.

About the instructor, Eric Anderson

Eric Anderson is Senior Engineer at Atlantic Data Security and has been working with Check Point products as a VAR for almost 20 years, and as a Check Point certified instructor for 18 years. 
Eric is one of the featured speakers at CPX360 in Las Vegas in February 2019.

Prerequisites

  • Working knowledge of UNIX and/or Windows operating systems
  • Working knowledge of Networking, TCP/IP
  • CCSE training/certification
  • Advanced knowledge of Check Point Security products

Course topics

  • Advanced Troubleshooting Techniques
  • Advanced Logs and and Monitoring Management
  • Database and Processes
  • Advanced Kernel Debugging
  • User Mode Troubleshooting
  • Advanced Identity Awareness Troubleshooting
  • Advanced Access Control
  • Site-to-Site VPN Troubleshooting
  • Client-to-Site VPN Troubleshooting

Course objectives

  • Demonstrate understanding how to use advanced troubleshooting tools and techniques including:
    • Interpreting diagnostic data with CPInfo
    • Collecting and reading statistical data using CPView
    • Advanced troubleshooting risks.
  • Describe the use of Logs and SmartEvent in troubleshooting.
  • Describe the log indexing system and issues that can occur.
  • Discuss methods to troubleshoot log indexing in SmartLog and SmartEvent.
  • Explain the databases used in Security Management operations.
  • Identify common troubleshooting database issues.
  • Discuss Management Processes.
  • Demonstrate understanding of advance troubleshooting tools and techniques including:
    • How the kernel handles traffic
    • How to troubleshoot issues using chain modules
    • How to use the two main procedures for debugging the Firewall kernel
    • How the two main procedures for debugging the Firewall kernel differ.
  • Demonstrate understanding of user mode debugging, including collecting and interpreting process debugs.
  • Debug user mode processes.
  • Discuss advanced Identity awareness troubleshooting.
  • Learn to run debugs on Identity Awareness.
  • Explain Unifed Access Control flow and processes.
  • Explain Access Control kernel debugs.
  • Describe Access Control process debugs.
  • Explain basic and advanced Site-to-Site VPN troubleshooting tools and techniques, including:
    • Packet captures
    • IKE debugs
    • VPN process debugs.
  • Explain Client-to-Site VPN troubleshooting tools and techniques, including Remote access troubleshooting and Mobile access troubleshooting.

Exercises

  • Collecting and Reading CPInfo
  • Collecting and Reading CPView Data
  • Troubleshooting SmartLog
  • Troubleshooting SmartEvent
  • Troubleshooting Database Issues
  • Debugging Security Gateway Kernel
  • Debugging User Mode Processes
  • Debugging Identity Awareness
  • Debugging Unified Policy Inspection
  • Troubleshooting Site-to-Site VPN
  • Debugging Remote Access VPN

Certification

This course is recommended as preparation for exam 156-586: Check Point Certified Troubleshooting Expert (CCTE) R81.

Other relevant courses

Check Point Certified Security Administrator (CCSA) R81.20
14. May
3 days
Classroom Virtual Guaranteed to run
Check Point Certified Security Expert (CCSE) – R81.20
4. June
3 days
Classroom Virtual
Check Point Certified Multi-Domain Security Specialist (CCMS)
2 days
Classroom Virtual
Check Point Certified VSX Specialist (CCVS) R81.1
28. May
2 days
Classroom Virtual