Certified Troubleshooting Expert (CCTE R81.1)

User-added image

The Check Point Certified Troubleshooting Expert (CCTE) provides advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point security environment.

 

Who should attend?

This course is designed for security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments.

 

Course goal

Provide advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point Security environment.

 

Prerequisites

  • Working knowledge of UNIX and/or Windows operating systems
  • Working knowledge of Networking TCP/IP
  • CCSE training/certification
  • Advanced knowledge of Check Point Security products

 

Course topics

  • Advanced Troubleshooting Techniques
  • Advanced Logs and Monitoring
  • Management Database and Processes
  • Advanced Kernel Debugging
  • User Mode Troubleshooting
  • Advanced Identity Awareness Troubleshooting
  • Advanced Access Control
  • Site-to-Site VPN Troubleshooting
  • Client-to-Site VPN Troubleshooting

 

Course Objectives 

  • Demonstrate understanding how to use advanced troubleshooting tools and techniques including: Interpreting diagnostic data with CPInfo, Collecting and reading statistical data using CPView, and Advanced troubleshooting risks.
  • Describe the use of Logs and SmartEvent in troubleshooting.
  • Describe the log indexing system and issues that can occur.
  • Discuss methods to troubleshoot log indexing in SmartLog and SmartEvent.
  • Explain the databases used in Security Management operations.
  • Identify common troubleshooting database issues.
  • Discuss Management Processes.
  • Demonstrate understanding of advance troubleshooting tools and techniques including: How the kernel handles traffic, How to troubleshoot issues using chain modules, How to use the two main procedures for debugging the Firewall kernel, and How the two main procedures for debugging the Firewall kernel differ.
  • Demonstrate understanding of user mode debugging, including collecting and interpreting process debugs.
  • Debug user mode processes.
  • Discuss advanced Identity awareness troubleshooting.
  • Learn to run debugs on Identity Awareness.
  • Explain Unifed Access Control flow and processes.
  • Explain Access Control kernel debugs. 
  • Describe Access Control process debugs. 
  • Explain basic and advanced Site-to-Site VPN troubleshooting tools and techniques, including: Packet captures, IKE debugs, and VPN process debugs. 
  • Explain Client-to-Site VPN troubleshooting tools and techniques, including: Remote access troubleshooting and Mobile access troubleshooting.


Lab Exercises

  • Collecting and Reading CPInfo 
  • Collecting and Reading CPView Data 
  • Troubleshooting SmartLog 
  • Troubleshooting SmartEvent
  • Troubleshooting Database Issues 
  • Debugging Security Gateway Kernel
  • Debugging User Mode Processes 
  • Debugging Identity Awareness 
  • Debugging Unified Policy Inspection 
  • Troubleshooting Site-to-Site VPN 
  • Debugging Remote Access VPN


 Length

2 days