156-310
Nov 02,2006 00:00 by NaT-Server

(156-310) Check Point - Management

SYNOPSIS • CCMSE vs • CCSE vs • CCSE Plus vs

Check Point’s exam 156-310, “Check Point with Application Intelligence – Management II” is one of two core requirements for the CCSE (Check Point Certified Security Expert) NG (Next Generation) certification, one of three requirements for the CCSE (Check Point Certified Security Expert) NG (Next Generation) Plus certification, and one of three requirements for the CCMSE (Check Point Certified Managed Security Expert) certification.

It is designed for security professionals who “possess the knowledge and expertise to configure VPN-1/FireWall-1 as an Internet security solution and virtual private network (VPN) that securely connects corporate offices and remote workers, protecting information exchange and granting access to network resources.”
There is one prerequisite for this exam: holding the CCSA (Check Point Certified Security Administrator) certification on the same version. Moreover, Check Point recommends that candidates have “at least 6 months to 1 year experience of the product on which you are seeking certification.”

This exam costs $150 USD and may be taken from Pearson Vue. Version “156-310.4” of the exam is offered in English and is referred to as “NG with Application Intelligence”, while version “156-310.3” of the exam is offered in Japanese and is referred to as “NG feature pack 3.”

This multiple choice and scenario exam lasts 90 minutes for candidates from Australia, Bermuda, Canada, Japan, New Zealand, Ireland, South Africa, UK, and US. For all other candidates, the exam is 120 minutes long.

The topics covered by this exam include:

  • List the minimum system requirements to run VPN-1/FireWall-1 NG
  • Demonstrate how to install Check Point NG with Application Intelligence on Windows 2000
  • Outline the procedure for uninstalling Check Point NG with Application Intelligence
  • Describe the purpose of tracking
  • Define parameters for the tracking of possible hacking attempts against the firewall
  • Describe the purpose of load balancing
  • Define the different methods for load balancing
  • Define the different methods of configuring Voice over IP (VoIP)
  • Describe how to set up the VPN-1/FireWall-1 to enable VoIP in an H.323- based configuration
  • Describe how to set up the VPN-1/FireWall-1 to enable VoIP in a SIP-based configuration
  • Define the VPN-1/FireWall-1 NG content security process and components
  • Demonstrate how to configure JAVA blocking CCSE Certification 17
  • Demonstrate how to block Web browser access to restricted sites in a URL list.
  • Demonstrate how to make use of a UFP Server to restrict access to FTP siteson the Internet
  • Describe the components and process of a SYN flood attack
  • Demonstrate how to enable a UFP Server to restrict access to FTP sites on the Internet
  • Explain encryption for Virtual Private Networks
  • Compare and contrast the common encryption methods
  • Describe the process for setting up a VPN
  • Describe Certificate Authority deployment using an internal CA.
  • Describe Certificate Authority deployment using an external CA.
  • Demonstrate gateway-to-gateway encryption using IKE with shared secrets
  • Demonstrate gateway-to-gateway encryption using IKE with certificates
  • Discuss the configuration of VPNs, using the Simplified VPN Setup
  • Demonstrate how to define SecuRemote users
  • Demonstrate how to deploy SecuRemote in an IKE VPN
  • Demonstrate how to configure and test SecuRemote using IKE
  • Discuss the benefits of Client Encryption inside the LAN
  • Demonstrate how to set up a Policy Server

For more information:
http://www.checkpoint.com/services/education/certification/exams/156-310.html