Security Expert (CCSE R81.2)

This course is recommended for Security Experts and other technical professionals with prior training and/or practical experience with Check Point Management Servers and Security Gateways that run on the Gaia operating system.

Learn How To

  • Use the management API to modify the Security Environment.
  • Deploy a Secondary Security Management Server and Distributed Log Server.
  • Use advanced techniques to configure dynamic objects, verify accelerated policy installation, and elevate security with HTTPS Inspection.
  • Deploy Site-to-Site, Remote Access, and Mobile Access VPN solutions.
  • Use SecureXL, CoreXL, Multi-Queue, and HyperFlow to optimize traffic flow through the Security Gateway.


Before taking this course, the following prerequisites are strongly encouraged:

  • Knowledge Base:
    • Working knowledge of :
      • Unix-like and/or Windows operating systems
      • Networking Fundamentals
      • Networking Security
      • CP/IP Networking
  • Check Point Training Certification:
    • Check Point Certified Security Administrator (CCSA)

How You Will Benefit

  • Implement Check Point Management High Availability to ensure environment stability and integrity.
  • Use advanced techniques to manage user access, customize Threat Protection, and configure Remote Access solutions.
  • Use tuning techniques to optimize the best Security Gateway performance.


  • Exam #156-315.81.20


  • Identify basic interfaces used to manage the Check Point environment.
  • Identify the types of technologies that Check Point supports for automation.
  • Explain the purpose of the Check Management High Availability (HA) deployment.
  • Identify the workflow followed to deploy a Primary and solution Secondary servers. 
  • Explain the basic concepts of Clustering and ClusterXL, including protocols, synchronization, connection stickyness.
  • Identify how to exclude services from synchronizing or delaying synchronization.
  • Explain the policy installation flow.
  • Explain the purpose of dynamic objects, updatable objects, and network feeds.
  • Understand how to manage user access for internal and external users.
  • Describe the Identity Awareness components and configurations.
  • Describe different Check Point Threat Prevention solutions.
  • Articulate how the Intrusion Prevention System is configured.
  • Obtain knowledge about Check Point’s IoT Protect.
  • Explain the purpose of Domain-based VPNs.
  • Describe situations where externally managed certificate authentication is used.
  • Describe how client security can be provided by Remote Access.
  • Discuss the Mobile Access Software Blade.
  • Explain how to determine if the configuration is compliant with the best practices.
  • Define performance tuning solutions and basic configuration workflow.
  • Identify supported upgrade and migration methods and procedures for Security Management Servers and dedicated Log and SmartEvent Servers.
  • •Identify supported upgrade methods and procedures for Security Gateways.


  • Navigating the Environment and Using the Management API
  • Deploying Secondary Security Management Server
  • Configuring a Dedicated Log Server
  • Deploying SmartEvent
  • Configuring a High Availability Security Gateway Cluster
  • Working with ClusterXL
  • Configuring Dynamic and Updateable Objects
  • Verifying Accelerated Policy Installation and Monitoring Status
  • Elevating Security with HTTPS Inspection
  • Deploying Identity Awareness
  • Customizing Threat Prevention
  • Configuring a Site-to-Site VPN with an Interoperable Device
  • Deploying Remote Access VPN
  • Configuring Mobile Access VPN
  • Monitoring Policy Compliance
  • Reporting SmartEvent Statistics
  • Tuning Security Gateway Performance