Check Point Threat Prevention Specialist

Powered by Arrow ECS GmbH

In diesem Training erfahren Sie, wie Sie den IPS-Schutz an spezifische Sicherheitsanforderungen anpassen. Außerdem werden die Optionen zur Optimierung der Leistung der Threat Prevention erörtert. Sie erlernen Fähigkeiten, die für die Implementierung und Verwaltung von Custom Threat Prevention in einer Check Point Security-Umgebung erforderlich sind.
 

Module 1: History of Threat Prevention

• Lab Tasks
  • Verify the Security Environment
  • Verify Connectivity Between Systems

Module 2: IPS Protections

• Lab Tasks
  • Enable and Configure Custom Threat Prevention
  • Configure the Inspection Settings
  • Update IPS Protections
  • Configure General and Specific Protections
  • Configure and Test Core Protections

Module 3: Anti-Virus and Anti-Bot Protections

• Lab Tasks
  • Enable Anti-Bot and Anti-Virus
  • Configure Anti-Bot and Anti-Virus

Module 4: Threat Prevention Policy Profiles

• Lab Tasks
  • Create Custom Threat Prevention Profiles
  • Configure the Custom Profiles
  • Configure Anti-Bot and Anti-Virus in the Custom Profiles

Module 5: Threat Prevention Policy Layers

• Lab Tasks
  • Configure Gateway Interface Settings
  • Configure Threat Prevention Policy Layers
  • Configure Threat Prevention Rules with Custom Profiles

Module 6: Threat Prevention Logs and Traffic Analysis

• Lab Tasks
  • Modify Threat Prevention Logs and Configure SmartEvent Settings
  • Test Threat Prevention Protections
  • View Threat Prevention Logs and Events
  • Use Web SmartConsole to View Logs and Events.

Module 7: Threat Prevention Exceptions and Exclusions

• Lab Tasks
  • Use IPS and Threat Prevention Exceptions
  • Create an Inspection Settings Exception
  • Create a Core Activations Exception

Module 8: Correlated Threat Prevention Views and Reports

• Lab Tasks
  • Verify SmartEvent Activation
  • Generate and Verify Logs for Reporting
  • Configure SmartEvent Views and Reports

Module 9: Threat Prevention Updates

• Lab Tasks
  • Verify Recent Updates
  • Configure Update Settings

Module 10: Threat Prevention Performance Optimization

• Lab Tasks
  • Analyze Threat Prevention Performance
  • Create Penalty Box Exceptions and Null Profiles
  • Test the Panic Button Protocol

Module 11: Advanced Threat Prevention Features and Troubleshooting

• Lab Tasks
  • Add a Custom SNORT Rule
  • Create and Test a Custom Threat Indicator
  • Observe Traffic Drops in Real Time
  • Audit Configuration Changes

Sicherheitsexpert*innen, die IPS- und Anti-Bot-/Anti-Virus-Schutzmaßnahmen an spezifische Sicherheitsanforderungen anpassen und Möglichkeiten zur Optimierung der Bedrohungsprävention ermitteln möchten.

• Internet Fundamentals
• Networking Fundamentals
• Networking Security
• System Administration

Trainingsempfehlung:

• CCSA - required
• CCSE - recommended