Re-upping our partner status. I’ve passed the CCSA/CCSE certifications for at least six or more versions over the years. Decided to try this one with minimal studying. Had an older R80.x CCSA manual on Kortext that I brushed up on. Also reviewed the “CP_R81.20_Quantum_SecurityManagement_AdminGuide” to check for any new terms or features since R80.x (there are a few). Overall I thought the exam was pretty fair: the questions were fairly practical. If you have been working with the SmartConsole for a while, then most of the exam questions will make sense.
I noticed a few things in my pool of questions:
- No diagrams in my questions
- No VPN questions (YMMV)
- Emphasis on NATing
- Know the different security blades and when they apply
- Understand the difference between “ordered” and “inline” layers
- No CLI (YMMV but I was expecting at least one question on ‘cplic print’ or ‘fw tab -t connections -s’)
- I had one question on Autonomous Threat Policy (so I knew this was updated for R81.x)
- Know how to use SAM rules (you do have a license for this right?)
- What happens when multiple admins login to SmartConsole? How about GAIA?
There may be some things in SmartConsole that you see every day, but maybe never registered in your head:
- What are some of the default settings when creating new rules?
- How are some of the blades enabled? Are they on the management server or gateway?
- How does licensing work?
- How do you use SmartUpdate?
- What are the default accounts?
All of these topics are mentioned in the exam/class guide and the Admin guide. The way you create rules or view logs on a day-to-day basis might not cover everything that Check Point wants you to know: you may need to dig a little deeper in the interface…and you might be surprised what you will learn along the way.