The Check Point CCSA Exam Cram 2 provides a concise overview of the latest version of Check Point's certification exam, 156-210.4. Written by an experienced and CCSA, CCSE and CCSE Plus certified network security consultant, this comprehensive review guide maps to the exam objectives for easy study. All of the new features are covered, including:
"synopsis" may belong to another edition of this title.
Sean Walberg is currently a network engineer for a large Canadian financial services company. His responsibilities include maintaining two large Internet hosting centers that make extensive use of Check Point products.
Over his career thus far, Sean has focused on networks and Internet security, with a brief diversion as a Unix developer. The love of Unix, especially Linux, has stuck with him since, and he has found numerous uses for it in his network and security roles.
Although this is Sean's first book-length project, he served a two-year stint as the author of a weekly Linux newsletter for Cramsession.com, a popular IT certification portal.
When not digging into routers and firewalls, Sean enjoys cooking and tinkering with electronics. He's also been known to lock himself in a room while trying to break World War II–era ciphers.
Sean is a graduate of computer engineering, where his undergraduate thesis focused on the Secure Sockets Layer, which today secures eCommerce transactions all over the Internet. He is also a registered Professional Engineer with the province of Manitoba.
He lives in Winnipeg, Canada, with his wife, two sons, and two cats.
© Copyright Pearson Education. All rights reserved.Excerpt. © Reprinted by permission. All rights reserved.:
Check Point™ is a leader in the firewall industry. Its mantra, "We Secure the Internet," isn't just a clever catchphrase, it's the truth. Check Point boasts an 87% revenue share of the worldwide VPN/firewall software market and consistently is labeled a "Market Leader" by Gartner Group, so there's a good chance you'll run into one of their products at some point in your career. But Check Point FireWall-1 is a complex beast, and companies are looking for certified individuals to tame it.
Although some might look at the SOHO router they have at home and wonder how hard running a firewall can be, those who have experienced something on a larger scale, such as Internet hosting, know that the environment is dynamic attackers are becoming smarter, and you're being forced to expose more of your systems to the outside. Check Point's flagship product FireWall-1 gives the administrator a unified view of dozens of firewalls, which includes centralized logging and a single security policy. Routers and access lists may have cut it in the 1990s, but not anymore. As you'll see later, firewalls have to inspect all flows, and constantly check all layers for abnormalities. FireWall-1 allows you to do all this and more.
The Check Point Certified Security Administrator (CCSA) certification is the first step toward FireWall-1 guru-dom. Someone with a CCSA has demonstrated, by taking an exam, that he or she understands how to configure, maintain, troubleshoot, and upgrade a FireWall-1 installation. The product is complex, with dozens of nooks and crannies that affect the operation of the device. The exam tests you on these details, and expects that you'll know what knobs to turn in order to achieve a particular objective.
Unlike many other entry-level certifications, the CCSA focuses on the core product. There are no free points for knowing how to subnet, or for knowing the OSI model. This book will walk you through all the key material you can expect to be tested on.
Signing Up for the Exam
Check Point exams are offered exclusively through Pearson Vue. Signing up for the exam is fairly straightforward. Create a web account at http://www.pearsonvue.com/checkpoint/, wait for the confirmation email, and then go back and schedule your appointment. If you want to talk to someone on the phone, such as to schedule a same-day appointment, find your country's number at http://www.pearsonvue.com/contact/checkpoint/. The advantage of doing it online is that it's easier to check the schedules, plus your online account lets you manage your exam bookings.
Before you sign up, you'll want to make sure that you have an account at the Check Point User Center, and that you've used the same email address there as you will with Pearson Vue. After you've passed the exam, your user center account will be updated to reflect this, and give you access to more advanced technical information and logos.
You'll also need a credit card to make the online purchase. As of this writing, the price is $150.
Preparation for the Exam
You may wonder why preparation comes after signing up. If you're like me, unless you have a hard and fast deadline to meet, you'll never get around to studying. Set a date for your exam early on. You can always reschedule it if something comes up (with 48 hours' notice, though).
If you're one of those people who can focus on your studying, then by all means schedule your exam after you've finished studying. Really, I won't be offended.
The key to passing the CCSA exam is to work with the FireWall-1 product. You'll see in Chapter 3, "SmartDashboard," that there are demo modes that let you work within the software without having any real firewalls. You can also set up your own lab, either with real computers or with a virtualization tool like VMWare. For the purposes of the CCSA, a single firewall with a server behind it can do everything you'll be tested on.
This book presents a logical path through all the features covered on the CCSA exam. Trying out things, rather than simply taking my word for it, will help you remember the info come exam time. Even if you run across something that you're not sure is covered on the exam, read through the online help and try to set it up. The worst that happens is that you learn something new.
Firewalls tend to suffer from a lack of good documentation outside of the vendor's site, and Check Point is no exception. There are a few good sites out there I'll be certain to point you their way when the time comes but by and large your information can be found in the documentation and the Knowledge Base. Be careful when looking at Internet sources, because the product has undergone radical changes in the past few years and a lot of the information out there refers to older revisions.
In summary, practice using the product, read the white papers and documents on the Check Point website, and read this book!
Inside the Exam Center
If you've taken a certification exam through one of the major vendors before, this one is no different. If not, here's a rundown of what to expect at the exam center.
The first thing you'll have to do is sign in. This involves presenting two pieces of ID, at least one with a picture, and then reading and signing Vue's agreement. You'll be expected to surrender your jacket, wallet, pager/cellphone, and any bags you might be carrying. Save yourself some undue stress and throw everything in your bag before entering the exam center.
When it's your time, you'll be led to the testing room, and the proctor will sign you in to the computer. You'll also be given either scrap paper or an erasable sheet to make notes on. If you think it will help you, you may want to write out some of the important tables, such as authentication and NAT types, just in case you're prone to forgetfulness in the heat of the moment. You'll have to return all materials they give you at the end. Depending on the testing center, there may be several computers and other people taking exams. At this point, if anything seems wrong, tell your proctor! They may be able to offer you a different computer or some earplugs to help you out. After you begin the exam, it's too late to ask!
At the computer, you'll be expected to agree to Check Point's terms and conditions (that is, that you're not going to walk out of there and post all the questions to your website). Click Start the Exam, and you're off!
The question, any necessary diagrams, and the possible answers are all on the same screen. Answer the question, and click the Next button to continue, or Previous to go back one question. There will also be a check box on the corner of your screen called Mark for Review. At the end of the exam, you'll be given an opportunity to go through all the questions, or just the ones you marked for review. Either way, you can continue to review your answers until either your time runs out or you click End Exam.
When you end the exam, the machine will pause for what seems like an eternity while it figures out your mark. It will display it on the screen, along with its congratulations or condolences, as the case may be. Quietly walk out of the exam room, hand back your scrap paper, and sign out on the same sheet you signed in on. You'll also be given your printed grade report.
Exam Scoring and Strategy
The current exam has 96 questions, and you need a 70% to pass (that's 68 questions, for the mathematically impaired). You get 90 minutes to go through it. Before you think, That's less than a minute per question! realize this: There will be some questions that you'll have to sit back and think about for a minute, but if you prepare yourself in advance, there will be many more that you will immediately know ...
"About this title" may belong to another edition of this title.
Book Description Que, 2005. Paperback. Book Condition: New. Never used!. Bookseller Inventory # P110789731096
Book Description Que, 2005. Paperback. Book Condition: New. Bookseller Inventory # DADAX0789731096