Archived from groups: comp.security.firewalls (
More info?)
Having recently upgraded my cert from CP 2000, to NG-AI...the test
experience is still fresh in mind. The cautions that I mentioned are aimed
at the apparent skill level of the Original poster and are based on
installing and testing each of several firewalls, Ng, NG-FP3, NG-FP4 and
NG-AI. I got caught in the transition from NG to NG-AI, between CCSA and
CCSE. The differences (in versions and where some values are configured)
that I mentioned were very apparent. The rate of change has recently
stabilized under NG-AI, and the tests are slowly catching up.
My point in mentioning many of these issues, was a warning to not rely on
older training material...any test, text or manual that is older than or
hasn't been revised since mid to late 2003 is out of date.
If you do, count on missing 3 or 4 general questions. The bulk of VPN,
routing and troubleshooting areas are as you noted, intact and not subject
to change...although how the kernal handles processes and procdure calls has
been modified, so that is another area where study has on a current version
is more of a requirement than a luxury.
yes ... The tests are much "harder" than the previous tests. AS requested so
often in various news groups,...many vendors are reclaiming the prestige of
their certifications and making i much harder to rely on parrot-like skills
of recall to move you through a test. As often quoted from Ms. Martha
Stewart..." and, thats a good thing".
"Richard H Miller" <rick@bcm.tmc.edu> wrote in message
news:c8jcep$nj9@gazette.corp.bcm.tmc.edu...
> Beoweolf (Beoweolf@pacbell.net) wrote:
> : You are correct. There are presently very few, dedicated NG-AI manuals
on
> : the market. The few I have seen are usually either rewrites of NG
manuals
> : with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).
>
> The two Syngress books seem to be specific to AI. There have not been any
contradictions
> to the implementation of AI in them.
>
>
> : What's even worse...in almost every FP from FCS up to R55...there have
been
> : changes in location of screens, additional upgrades that directly
contradict
> : things stated in previous versions ( like the current version of NG-AI
does
> : support Windows 2003, but eh test simulations and text book still say it
> : doesn't...no telling which answer would be correct on the actual test!!!
>
> I think the test is still on R54 but you are correct. However, the test
does
> not concentrate of that degree of minutia. [It is there but if you know
the
> material you can overcome a wrong answer or two]. I think this will be a
problem
> since the test must follow the teaching material and that must lag behind
the
> current release sometimes
>
>
> : I suggest the Sybex, CCSA and CCSE study guides as probably the best of
the
> : current bunch. Getting an evaluation copy of the latest version of
> : Checkpoint software, printing the documentation (in .pdf file format),
> : getting boson test simulations and following up, researching the
question,
> : and installing working with the software on a test network is a good way
to
> : build familiarity with the product.
>
> Agree. The Boson were a good tool to drill in preparation for the exam.
Also,
> bear in mind that the CCSA can be acquired without much real hands-on
work. It
> is the baseline cert and you can cover the ground for it by reviewing the
> documentation and drilling on the boson tests.
>
> The CCSE and CCSE+ actually do require that you have some real experiance
with
> Checkpoint in an operational role. There are certain aspects to these
exams
> that really can only be acquired by managing an implementation [with VPNs]
> for CCSE and even more so for CCSE+ since you need to be able to debug
with
> live traffic. A lab environment or a ATC course will not prepare most
people
> to pass the exams.
>
>
>
> : The Checkpoint student manuals are obviously a great source of
> : information...there are some questions on the test that, I am told, are
> : found nowhere else other than in Official curriculum texts. The good
point
> : of all this is the study outlines are a fairly accurate guide to what
will
> : be on the test...except, it downplays the depth of the questions quite a
> : bit.
>
> And some in CCSE/CCSE+ that you can only know by working with the product
> in the mode the exam is covering. You will not be able to pass the CCSE
> if you have not worked in a VPN environment.
>
> If you do not work in a distributed environment you will have problems
with
> CCSE+
>
> I think checkpoint certs are moving away from paper certs and actually
indicate
> some degree of operational competence with the product.
>
> Rick
>
> Richard H. Miller, MCSE, CCSE+
> Information Security Manager
> Information Technology Security and Compliance
> Information Technology - Baylor College of Medicine
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.688 / Virus Database: 449 - Release Date: 5/18/2004