CheckPoint NG with Application Intelligence

Archived from groups: comp.security.firewalls (More info?)

Hi,

It is about 2 years I am deploying CheckPoint NG Firewall. Since I
should protect my career, I think I should get CheckPoint certs.

The point of my post is not to talk about the goods or bads of getting
certed but the books to buy to become CCSA (with a CCSE as a target)
I've checked amazon.com but it seems there is no CP books with
Application Intelligence yet. From checkpoint.com, you can get books
on it but I do not know if these books are great or not.

So please, tell me the books you have on CP with AI! :-) or the books
you'd get to study those certs.

Manhy thanks,

Alfonso
4 answers Last reply
More about checkpoint application intelligence
  1. Archived from groups: comp.security.firewalls (More info?)

    You are correct. There are presently very few, dedicated NG-AI manuals on
    the market. The few I have seen are usually either rewrites of NG manuals
    with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).

    What's even worse...in almost every FP from FCS up to R55...there have been
    changes in location of screens, additional upgrades that directly contradict
    things stated in previous versions ( like the current version of NG-AI does
    support Windows 2003, but eh test simulations and text book still say it
    doesn't...no telling which answer would be correct on the actual test!!!

    I suggest the Sybex, CCSA and CCSE study guides as probably the best of the
    current bunch. Getting an evaluation copy of the latest version of
    Checkpoint software, printing the documentation (in .pdf file format),
    getting boson test simulations and following up, researching the question,
    and installing working with the software on a test network is a good way to
    build familiarity with the product.

    The Checkpoint student manuals are obviously a great source of
    information...there are some questions on the test that, I am told, are
    found nowhere else other than in Official curriculum texts. The good point
    of all this is the study outlines are a fairly accurate guide to what will
    be on the test...except, it downplays the depth of the questions quite a
    bit.

    Live long and prosper.
    "Kasmail User - www.kasmail.com" <kbu-380@iximail.com> wrote in message
    news:122853c0.0405200552.7c4e1f7d@posting.google.com...
    > Hi,
    >
    > It is about 2 years I am deploying CheckPoint NG Firewall. Since I
    > should protect my career, I think I should get CheckPoint certs.
    >
    > The point of my post is not to talk about the goods or bads of getting
    > certed but the books to buy to become CCSA (with a CCSE as a target)
    > I've checked amazon.com but it seems there is no CP books with
    > Application Intelligence yet. From checkpoint.com, you can get books
    > on it but I do not know if these books are great or not.
    >
    > So please, tell me the books you have on CP with AI! :-) or the books
    > you'd get to study those certs.
    >
    > Manhy thanks,
    >
    > Alfonso


    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.688 / Virus Database: 449 - Release Date: 5/18/2004
  2. Archived from groups: comp.security.firewalls (More info?)

    Beoweolf (Beoweolf@pacbell.net) wrote:
    : You are correct. There are presently very few, dedicated NG-AI manuals on
    : the market. The few I have seen are usually either rewrites of NG manuals
    : with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).

    The two Syngress books seem to be specific to AI. There have not been any contradictions
    to the implementation of AI in them.


    : What's even worse...in almost every FP from FCS up to R55...there have been
    : changes in location of screens, additional upgrades that directly contradict
    : things stated in previous versions ( like the current version of NG-AI does
    : support Windows 2003, but eh test simulations and text book still say it
    : doesn't...no telling which answer would be correct on the actual test!!!

    I think the test is still on R54 but you are correct. However, the test does
    not concentrate of that degree of minutia. [It is there but if you know the
    material you can overcome a wrong answer or two]. I think this will be a problem
    since the test must follow the teaching material and that must lag behind the
    current release sometimes


    : I suggest the Sybex, CCSA and CCSE study guides as probably the best of the
    : current bunch. Getting an evaluation copy of the latest version of
    : Checkpoint software, printing the documentation (in .pdf file format),
    : getting boson test simulations and following up, researching the question,
    : and installing working with the software on a test network is a good way to
    : build familiarity with the product.

    Agree. The Boson were a good tool to drill in preparation for the exam. Also,
    bear in mind that the CCSA can be acquired without much real hands-on work. It
    is the baseline cert and you can cover the ground for it by reviewing the
    documentation and drilling on the boson tests.

    The CCSE and CCSE+ actually do require that you have some real experiance with
    Checkpoint in an operational role. There are certain aspects to these exams
    that really can only be acquired by managing an implementation [with VPNs]
    for CCSE and even more so for CCSE+ since you need to be able to debug with
    live traffic. A lab environment or a ATC course will not prepare most people
    to pass the exams.


    : The Checkpoint student manuals are obviously a great source of
    : information...there are some questions on the test that, I am told, are
    : found nowhere else other than in Official curriculum texts. The good point
    : of all this is the study outlines are a fairly accurate guide to what will
    : be on the test...except, it downplays the depth of the questions quite a
    : bit.

    And some in CCSE/CCSE+ that you can only know by working with the product
    in the mode the exam is covering. You will not be able to pass the CCSE
    if you have not worked in a VPN environment.

    If you do not work in a distributed environment you will have problems with
    CCSE+

    I think checkpoint certs are moving away from paper certs and actually indicate
    some degree of operational competence with the product.

    Rick

    Richard H. Miller, MCSE, CCSE+
    Information Security Manager
    Information Technology Security and Compliance
    Information Technology - Baylor College of Medicine
  3. Archived from groups: comp.security.firewalls (More info?)

    Having recently upgraded my cert from CP 2000, to NG-AI...the test
    experience is still fresh in mind. The cautions that I mentioned are aimed
    at the apparent skill level of the Original poster and are based on
    installing and testing each of several firewalls, Ng, NG-FP3, NG-FP4 and
    NG-AI. I got caught in the transition from NG to NG-AI, between CCSA and
    CCSE. The differences (in versions and where some values are configured)
    that I mentioned were very apparent. The rate of change has recently
    stabilized under NG-AI, and the tests are slowly catching up.

    My point in mentioning many of these issues, was a warning to not rely on
    older training material...any test, text or manual that is older than or
    hasn't been revised since mid to late 2003 is out of date.

    If you do, count on missing 3 or 4 general questions. The bulk of VPN,
    routing and troubleshooting areas are as you noted, intact and not subject
    to change...although how the kernal handles processes and procdure calls has
    been modified, so that is another area where study has on a current version
    is more of a requirement than a luxury.

    yes ... The tests are much "harder" than the previous tests. AS requested so
    often in various news groups,...many vendors are reclaiming the prestige of
    their certifications and making i much harder to rely on parrot-like skills
    of recall to move you through a test. As often quoted from Ms. Martha
    Stewart..." and, thats a good thing".

    "Richard H Miller" <rick@bcm.tmc.edu> wrote in message
    news:c8jcep$nj9@gazette.corp.bcm.tmc.edu...
    > Beoweolf (Beoweolf@pacbell.net) wrote:
    > : You are correct. There are presently very few, dedicated NG-AI manuals
    on
    > : the market. The few I have seen are usually either rewrites of NG
    manuals
    > : with a few extra pages,paragraphs on FP 1- 3 and a mention of AI (FP 4).
    >
    > The two Syngress books seem to be specific to AI. There have not been any
    contradictions
    > to the implementation of AI in them.
    >
    >
    > : What's even worse...in almost every FP from FCS up to R55...there have
    been
    > : changes in location of screens, additional upgrades that directly
    contradict
    > : things stated in previous versions ( like the current version of NG-AI
    does
    > : support Windows 2003, but eh test simulations and text book still say it
    > : doesn't...no telling which answer would be correct on the actual test!!!
    >
    > I think the test is still on R54 but you are correct. However, the test
    does
    > not concentrate of that degree of minutia. [It is there but if you know
    the
    > material you can overcome a wrong answer or two]. I think this will be a
    problem
    > since the test must follow the teaching material and that must lag behind
    the
    > current release sometimes
    >
    >
    > : I suggest the Sybex, CCSA and CCSE study guides as probably the best of
    the
    > : current bunch. Getting an evaluation copy of the latest version of
    > : Checkpoint software, printing the documentation (in .pdf file format),
    > : getting boson test simulations and following up, researching the
    question,
    > : and installing working with the software on a test network is a good way
    to
    > : build familiarity with the product.
    >
    > Agree. The Boson were a good tool to drill in preparation for the exam.
    Also,
    > bear in mind that the CCSA can be acquired without much real hands-on
    work. It
    > is the baseline cert and you can cover the ground for it by reviewing the
    > documentation and drilling on the boson tests.
    >
    > The CCSE and CCSE+ actually do require that you have some real experiance
    with
    > Checkpoint in an operational role. There are certain aspects to these
    exams
    > that really can only be acquired by managing an implementation [with VPNs]
    > for CCSE and even more so for CCSE+ since you need to be able to debug
    with
    > live traffic. A lab environment or a ATC course will not prepare most
    people
    > to pass the exams.
    >
    >
    >
    > : The Checkpoint student manuals are obviously a great source of
    > : information...there are some questions on the test that, I am told, are
    > : found nowhere else other than in Official curriculum texts. The good
    point
    > : of all this is the study outlines are a fairly accurate guide to what
    will
    > : be on the test...except, it downplays the depth of the questions quite a
    > : bit.
    >
    > And some in CCSE/CCSE+ that you can only know by working with the product
    > in the mode the exam is covering. You will not be able to pass the CCSE
    > if you have not worked in a VPN environment.
    >
    > If you do not work in a distributed environment you will have problems
    with
    > CCSE+
    >
    > I think checkpoint certs are moving away from paper certs and actually
    indicate
    > some degree of operational competence with the product.
    >
    > Rick
    >
    > Richard H. Miller, MCSE, CCSE+
    > Information Security Manager
    > Information Technology Security and Compliance
    > Information Technology - Baylor College of Medicine


    ---
    Outgoing mail is certified Virus Free.
    Checked by AVG anti-virus system (http://www.grisoft.com).
    Version: 6.0.688 / Virus Database: 449 - Release Date: 5/18/2004
  4. Archived from groups: comp.security.firewalls (More info?)

    Beoweolf (Beoweolf@pacbell.net) wrote:
    : Having recently upgraded my cert from CP 2000, to NG-AI...the test
    : experience is still fresh in mind. The cautions that I mentioned are aimed
    : at the apparent skill level of the Original poster and are based on
    : installing and testing each of several firewalls, Ng, NG-FP3, NG-FP4 and
    : NG-AI. I got caught in the transition from NG to NG-AI, between CCSA and
    : CCSE. The differences (in versions and where some values are configured)
    : that I mentioned were very apparent. The rate of change has recently
    : stabilized under NG-AI, and the tests are slowly catching up.

    I know. I was lucky and found out in time that the tests were going to cover
    AI but the courseware was still NG. I managed to pre-register for the NG FP3
    version and took them. I agree with your assesment of the level of the original
    poster.


    : My point in mentioning many of these issues, was a warning to not rely on
    : older training material...any test, text or manual that is older than or
    : hasn't been revised since mid to late 2003 is out of date.

    Absolutely....from what I can tell from the Boson a person might be able to
    sweat the CCSA using NG materials since there has not been too much change
    at that level between FP3 and AI. Trying anything below FP3 would be a
    major mistake since there was a major terminology shift at FP3.

    The two Synergy texts are written to NG AI and I have not found anything
    obvious in them that does not apply to AI. I also suspect phoneboy's
    revised book will also be a good source.

    : If you do, count on missing 3 or 4 general questions. The bulk of VPN,
    : routing and troubleshooting areas are as you noted, intact and not subject
    : to change...although how the kernal handles processes and procdure calls has
    : been modified, so that is another area where study has on a current version
    : is more of a requirement than a luxury.

    Absolutely true. And the CCSE+ exam is probably the one in which real detailed
    experiance with an operational firewall is required. The answers to many of
    the questions can only be answered from having had to debug a live firewall
    enforcement module and/or management module.


    : yes ... The tests are much "harder" than the previous tests. AS requested so
    : often in various news groups,...many vendors are reclaiming the prestige of
    : their certifications and making i much harder to rely on parrot-like skills
    : of recall to move you through a test. As often quoted from Ms. Martha
    : Stewart..." and, thats a good thing".

    Absolutely. In the last training cycle I had, the instructor mentioned when
    topics might be important to remember but did not turn the courses into a
    cert cram session. The the CP-2000 course, 80% of the class were cert
    hunting and the first question on any section was 'is this on the test' followed
    by 'let's skip' if the answer was no.

    Finally, I think you and I are in 'violent agreement' to quote an old unix geek and
    retired employee of the national seafood agency [one of the first people to actually
    enforce government security standards on Unix and make it work]


    rick
Ask a new question

Read More

Firewalls Security Networking Books