Check Point Certified Troubleshooting Expert (CCTE) R81

Course Overview

Troubleshooting Expert provides an advanced troubleshooting skills to investigate and resolve more complex issues that may occur while managing your Check Point Security environment.

This course prepares the participants for the CCTE certification exam #156-585.

With Cadre's enhanced course, the participants will receive 24/7 access to the labs for 6 months. The instructor will also provide additional study guide materials and lecture that are important to know for real-world use of the features covered in the class. Additional lecture to assist in passing the Check Point exam is also included. 

If you choose to take the class Live on-line, Cadre provides a fully modern remote classroom experience with a state-of-the-art high resolution digital whiteboard. The whiteboard is excellent for complex network diagrams. 

Duration:  2 Days 

Prerequisites:  CCSE training and advanced knowledge of Check Point Security products are preferred but not required

Price:  $1,995 (Group discounts available)



Who Should Attend

This course is designed for security experts and Check Point resellers who desire to obtain the necessary knowledge required to perform more advanced troubleshooting skills while managing their security environments. This could include the following:  

  • Security Managers
  • System Administrators
  • Network Engineers
  • Support Analysts

Course Topics:

  • Advanced Troubleshooting Techniques
  • Management Database and Processes
  • Advanced Logs and Monitoring
  • User Mode Troubleshooting
  • Advanced Access Control
  • Advanced Kernel Debugging
  • Advanced Identity Awareness Troubleshooting
  • Site-to-Site VPN Troubleshooting
  • Client-to-Site VPN Troubleshooting

Course Objectives:

Upon successful completion of this course, students will be able to: 

  • Demonstrate understanding how to use advanced troubleshooting tools and techniques including: Interpreting diagnostic data with CPInfo, collecting and reading statistical data using CPView, and Advanced troubleshooting risks
  • Describe the use of Logs and SmartEvent in troubleshooting
  • Describe the log indexing system and issues that can occur
  • Discuss methods to troubleshoot log indexing in SmartLog and SmartEvent
  • Explain the databases used in Security Management operations
  • Identify common troubleshooting database issues
  • Discuss Management Processes
  • Demonstrate understanding of advance troubleshooting tools and techniques including: How the kernel handles traffic, How to troubleshoot issues using chain modules, How to use the two main procedures for debugging the Firewall Kernel, and How the two main procedures for debugging the Firewall Kernel differ
  • Demonstrate understanding of user mode debugging including collecting and interpreting process debugs
  • Debug user mode processes
  • Discuss advanced Identity awareness troubleshooting
  • Learn to run debugs on Identity Awareness
  • Explain Unified Access Control flow and processes
  • Explain Access Control kernel debugs
  • Describe Access Control process debugs
  • Explain basic and advanced Site-to-Site VPN troubleshooting tools and techniques, including, Packet captures, IKE debugs and VPN process debugs
  • Explain Client-to-Site VPN troubleshooting tools and techniques, including Remote access troubleshooting and Mobile access troubleshooting

Lab Exercises Include:

  • Collecting and Reading CPInfo
  • Collecting and Reading CPView Data
  • Troubleshooting SmarLog
  • Troubleshooting SmartEvent
  • Troubleshooting Database Issues
  • Debugging Security Gateway Kernel
  • Debugging User Mode Processes
  • Debugging Identity Awareness
  • Debugging Unified Policy Inspection
  • Troubleshooting Site-to-Site VPN
  • Debugging Remote Access VPN