Sign in with
Sign up | Sign in
Your question

CheckPoint NG with Application Intelligence

Last response: in Networking
Share
Anonymous
a b 8 Security
May 20, 2004 10:52:07 AM

Archived from groups: comp.security.firewalls (More info?)

Hi,

It is about 2 years I am deploying CheckPoint NG Firewall. Since I
should protect my career, I think I should get CheckPoint certs.

The point of my post is not to talk about the goods or bads of getting
certed but the books to buy to become CCSA (with a CCSE as a target)
I've checked amazon.com but it seems there is no CP books with
Application Intelligence yet. From checkpoint.com, you can get books
on it but I do not know if these books are great or not.

So please, tell me the books you have on CP with AI! :-) or the books
you'd get to study those certs.

Manhy thanks,

Alfonso
Anonymous
a b 8 Security
May 21, 2004 1:15:47 AM

Archived from groups: comp.security.firewalls (More info?)

You are correct. There are presently very few, dedicated NG-AI manuals on
the market. The few I have seen are usually either rewrites of NG manuals
with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).

What's even worse...in almost every FP from FCS up to R55...there have been
changes in location of screens, additional upgrades that directly contradict
things stated in previous versions ( like the current version of NG-AI does
support Windows 2003, but eh test simulations and text book still say it
doesn't...no telling which answer would be correct on the actual test!!!

I suggest the Sybex, CCSA and CCSE study guides as probably the best of the
current bunch. Getting an evaluation copy of the latest version of
Checkpoint software, printing the documentation (in .pdf file format),
getting boson test simulations and following up, researching the question,
and installing working with the software on a test network is a good way to
build familiarity with the product.

The Checkpoint student manuals are obviously a great source of
information...there are some questions on the test that, I am told, are
found nowhere else other than in Official curriculum texts. The good point
of all this is the study outlines are a fairly accurate guide to what will
be on the test...except, it downplays the depth of the questions quite a
bit.

Live long and prosper.
"Kasmail User - www.kasmail.com" <kbu-380@iximail.com> wrote in message
news:122853c0.0405200552.7c4e1f7d@posting.google.com...
> Hi,
>
> It is about 2 years I am deploying CheckPoint NG Firewall. Since I
> should protect my career, I think I should get CheckPoint certs.
>
> The point of my post is not to talk about the goods or bads of getting
> certed but the books to buy to become CCSA (with a CCSE as a target)
> I've checked amazon.com but it seems there is no CP books with
> Application Intelligence yet. From checkpoint.com, you can get books
> on it but I do not know if these books are great or not.
>
> So please, tell me the books you have on CP with AI! :-) or the books
> you'd get to study those certs.
>
> Manhy thanks,
>
> Alfonso


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.688 / Virus Database: 449 - Release Date: 5/18/2004
Anonymous
a b 8 Security
May 21, 2004 2:45:45 AM

Archived from groups: comp.security.firewalls (More info?)

Beoweolf (Beoweolf@pacbell.net) wrote:
: You are correct. There are presently very few, dedicated NG-AI manuals on
: the market. The few I have seen are usually either rewrites of NG manuals
: with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).

The two Syngress books seem to be specific to AI. There have not been any contradictions
to the implementation of AI in them.


: What's even worse...in almost every FP from FCS up to R55...there have been
: changes in location of screens, additional upgrades that directly contradict
: things stated in previous versions ( like the current version of NG-AI does
: support Windows 2003, but eh test simulations and text book still say it
: doesn't...no telling which answer would be correct on the actual test!!!

I think the test is still on R54 but you are correct. However, the test does
not concentrate of that degree of minutia. [It is there but if you know the
material you can overcome a wrong answer or two]. I think this will be a problem
since the test must follow the teaching material and that must lag behind the
current release sometimes


: I suggest the Sybex, CCSA and CCSE study guides as probably the best of the
: current bunch. Getting an evaluation copy of the latest version of
: Checkpoint software, printing the documentation (in .pdf file format),
: getting boson test simulations and following up, researching the question,
: and installing working with the software on a test network is a good way to
: build familiarity with the product.

Agree. The Boson were a good tool to drill in preparation for the exam. Also,
bear in mind that the CCSA can be acquired without much real hands-on work. It
is the baseline cert and you can cover the ground for it by reviewing the
documentation and drilling on the boson tests.

The CCSE and CCSE+ actually do require that you have some real experiance with
Checkpoint in an operational role. There are certain aspects to these exams
that really can only be acquired by managing an implementation [with VPNs]
for CCSE and even more so for CCSE+ since you need to be able to debug with
live traffic. A lab environment or a ATC course will not prepare most people
to pass the exams.



: The Checkpoint student manuals are obviously a great source of
: information...there are some questions on the test that, I am told, are
: found nowhere else other than in Official curriculum texts. The good point
: of all this is the study outlines are a fairly accurate guide to what will
: be on the test...except, it downplays the depth of the questions quite a
: bit.

And some in CCSE/CCSE+ that you can only know by working with the product
in the mode the exam is covering. You will not be able to pass the CCSE
if you have not worked in a VPN environment.

If you do not work in a distributed environment you will have problems with
CCSE+

I think checkpoint certs are moving away from paper certs and actually indicate
some degree of operational competence with the product.

Rick

Richard H. Miller, MCSE, CCSE+
Information Security Manager
Information Technology Security and Compliance
Information Technology - Baylor College of Medicine
Related resources
Anonymous
a b 8 Security
May 21, 2004 4:37:21 AM

Archived from groups: comp.security.firewalls (More info?)

Having recently upgraded my cert from CP 2000, to NG-AI...the test
experience is still fresh in mind. The cautions that I mentioned are aimed
at the apparent skill level of the Original poster and are based on
installing and testing each of several firewalls, Ng, NG-FP3, NG-FP4 and
NG-AI. I got caught in the transition from NG to NG-AI, between CCSA and
CCSE. The differences (in versions and where some values are configured)
that I mentioned were very apparent. The rate of change has recently
stabilized under NG-AI, and the tests are slowly catching up.

My point in mentioning many of these issues, was a warning to not rely on
older training material...any test, text or manual that is older than or
hasn't been revised since mid to late 2003 is out of date.

If you do, count on missing 3 or 4 general questions. The bulk of VPN,
routing and troubleshooting areas are as you noted, intact and not subject
to change...although how the kernal handles processes and procdure calls has
been modified, so that is another area where study has on a current version
is more of a requirement than a luxury.

yes ... The tests are much "harder" than the previous tests. AS requested so
often in various news groups,...many vendors are reclaiming the prestige of
their certifications and making i much harder to rely on parrot-like skills
of recall to move you through a test. As often quoted from Ms. Martha
Stewart..." and, thats a good thing".

"Richard H Miller" <rick@bcm.tmc.edu> wrote in message
news:c8jcep$nj9@gazette.corp.bcm.tmc.edu...
> Beoweolf (Beoweolf@pacbell.net) wrote:
> : You are correct. There are presently very few, dedicated NG-AI manuals
on
> : the market. The few I have seen are usually either rewrites of NG
manuals
> : with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).
>
> The two Syngress books seem to be specific to AI. There have not been any
contradictions
> to the implementation of AI in them.
>
>
> : What's even worse...in almost every FP from FCS up to R55...there have
been
> : changes in location of screens, additional upgrades that directly
contradict
> : things stated in previous versions ( like the current version of NG-AI
does
> : support Windows 2003, but eh test simulations and text book still say it
> : doesn't...no telling which answer would be correct on the actual test!!!
>
> I think the test is still on R54 but you are correct. However, the test
does
> not concentrate of that degree of minutia. [It is there but if you know
the
> material you can overcome a wrong answer or two]. I think this will be a
problem
> since the test must follow the teaching material and that must lag behind
the
> current release sometimes
>
>
> : I suggest the Sybex, CCSA and CCSE study guides as probably the best of
the
> : current bunch. Getting an evaluation copy of the latest version of
> : Checkpoint software, printing the documentation (in .pdf file format),
> : getting boson test simulations and following up, researching the
question,
> : and installing working with the software on a test network is a good way
to
> : build familiarity with the product.
>
> Agree. The Boson were a good tool to drill in preparation for the exam.
Also,
> bear in mind that the CCSA can be acquired without much real hands-on
work. It
> is the baseline cert and you can cover the ground for it by reviewing the
> documentation and drilling on the boson tests.
>
> The CCSE and CCSE+ actually do require that you have some real experiance
with
> Checkpoint in an operational role. There are certain aspects to these
exams
> that really can only be acquired by managing an implementation [with VPNs]
> for CCSE and even more so for CCSE+ since you need to be able to debug
with
> live traffic. A lab environment or a ATC course will not prepare most
people
> to pass the exams.
>
>
>
> : The Checkpoint student manuals are obviously a great source of
> : information...there are some questions on the test that, I am told, are
> : found nowhere else other than in Official curriculum texts. The good
point
> : of all this is the study outlines are a fairly accurate guide to what
will
> : be on the test...except, it downplays the depth of the questions quite a
> : bit.
>
> And some in CCSE/CCSE+ that you can only know by working with the product
> in the mode the exam is covering. You will not be able to pass the CCSE
> if you have not worked in a VPN environment.
>
> If you do not work in a distributed environment you will have problems
with
> CCSE+
>
> I think checkpoint certs are moving away from paper certs and actually
indicate
> some degree of operational competence with the product.
>
> Rick
>
> Richard H. Miller, MCSE, CCSE+
> Information Security Manager
> Information Technology Security and Compliance
> Information Technology - Baylor College of Medicine


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.688 / Virus Database: 449 - Release Date: 5/18/2004
Anonymous
a b 8 Security
May 21, 2004 8:55:09 AM

Archived from groups: comp.security.firewalls (More info?)

Beoweolf (Beoweolf@pacbell.net) wrote:
: Having recently upgraded my cert from CP 2000, to NG-AI...the test
: experience is still fresh in mind. The cautions that I mentioned are aimed
: at the apparent skill level of the Original poster and are based on
: installing and testing each of several firewalls, Ng, NG-FP3, NG-FP4 and
: NG-AI. I got caught in the transition from NG to NG-AI, between CCSA and
: CCSE. The differences (in versions and where some values are configured)
: that I mentioned were very apparent. The rate of change has recently
: stabilized under NG-AI, and the tests are slowly catching up.

I know. I was lucky and found out in time that the tests were going to cover
AI but the courseware was still NG. I managed to pre-register for the NG FP3
version and took them. I agree with your assesment of the level of the original
poster.


: My point in mentioning many of these issues, was a warning to not rely on
: older training material...any test, text or manual that is older than or
: hasn't been revised since mid to late 2003 is out of date.

Absolutely....from what I can tell from the Boson a person might be able to
sweat the CCSA using NG materials since there has not been too much change
at that level between FP3 and AI. Trying anything below FP3 would be a
major mistake since there was a major terminology shift at FP3.

The two Synergy texts are written to NG AI and I have not found anything
obvious in them that does not apply to AI. I also suspect phoneboy's
revised book will also be a good source.

: If you do, count on missing 3 or 4 general questions. The bulk of VPN,
: routing and troubleshooting areas are as you noted, intact and not subject
: to change...although how the kernal handles processes and procdure calls has
: been modified, so that is another area where study has on a current version
: is more of a requirement than a luxury.

Absolutely true. And the CCSE+ exam is probably the one in which real detailed
experiance with an operational firewall is required. The answers to many of
the questions can only be answered from having had to debug a live firewall
enforcement module and/or management module.


: yes ... The tests are much "harder" than the previous tests. AS requested so
: often in various news groups,...many vendors are reclaiming the prestige of
: their certifications and making i much harder to rely on parrot-like skills
: of recall to move you through a test. As often quoted from Ms. Martha
: Stewart..." and, thats a good thing".

Absolutely. In the last training cycle I had, the instructor mentioned when
topics might be important to remember but did not turn the courses into a
cert cram session. The the CP-2000 course, 80% of the class were cert
hunting and the first question on any section was 'is this on the test' followed
by 'let's skip' if the answer was no.

Finally, I think you and I are in 'violent agreement' to quote an old unix geek and
retired employee of the national seafood agency [one of the first people to actually
enforce government security standards on Unix and make it work]


rick
!