Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

Exam: 156-515.65


Register for an exam
Course:
Check Point Security Administration NGX III (R65)

Passing exams #156-215.65, #156-315.65, and #156-515.65 earns you Check Point Certified Security Expert NGX (R65) - (CCSE Plus NGX (R65).

Objectives

  • Use general troubleshooting guidelines to resolve VPN-1 NGX problems.
  • Given your understanding of IP forwarding and routing, troubleshoot common network connectivity problems with a new implementation of VPN-1 NGX.
  • Use NGX command line tools to monitor the Default Filter and Initial Policy’s effect on traffic through a Security Gateway.
  • Given the general troubleshooting guidelines, troubleshoot Secure Internal Communication (SIC) and Network Address Translation (NAT) issues.
  • Identify and use general troubleshooting tools for Secureplatform
  • Monitor performance data through a Security Gateway using SmartView Monitor.
  • Use fw and OS commands to monitor performance statistics of the Security Gateway.
  • Monitor and evaluate operating system and Security Gateway statistics using snmp.
  • Deliver critical Security Gateway alerts to a snmp network management station using snmptrap.
  • Identify the function of critical files on a Primary Smartcenter server and VPN-1 Pro Security Gateway.
  • Differentiate between backup utility and snapshot in VPN-1 Secureplatform.
  • Use upgrade_export and upgrade_import to backup and recover Primary Smartcenter Server.
  • Given the filing architecture, restore a SmartCenter Server manually.
  • Collect data using the cpinfo utility for off-line viewing and troubleshooting using the InfoView utility.
  • Use DbEdit or GuiDbedit to view and manipulate *.C and *.def files and observe their impact on the Security Gateway functionality.
  • Merge to two Primary Smartcenter servers using cpmerge.
  • Manipulate the objects database using freeware utility objectfiller
  • Using freeware utility objectdumper, create a user-friendly CVS format of the objects database.
  • Use tcpdump to capture packets and analyze packet-header formats
  • Capture packets using fw monitor and review output in Wireshark
  • Perform kernel debugging using the fw ctl debug command.
  • Use fw ctl zdebug to debug the fw chain module
  • Obtain critical information about NGX components status, using fw and fwm commands
  • Use fwd debug to analyze kernel-to-application layer issues.
  • Use fwm debug to analyze SmartCenter Server issues.
  • Use cpd debug to analyze SIC issues.
  • Given the security server architecture, explain the folding process of a packet through the NGX gateway’s security server.
  • Debug security server connection problems with fw monitor.
  • Use fwd debugging tools to troubleshoot Security server Issues
  • Identify and explain the two phases of the IKE negotiation process.
  • Troubleshoot VPN problems using vpn debugging tools.
  • Use Ikeview to identify and analyze problems during the IKE key negotiation.
  • Identify the function of specific ports for a SecureClient connection.
  • Identify the packet flow for a SecureClient connection.
  • Troubleshoot Secureclient connection problems using srfw monitor, fw monitor and advanced VPN options.
  • Given the troubleshooting tables and vpn debugs, troubleshoot SecureClient encryption issues.
  • Troubleshoot SSL Network Extender problems using vpn and client side debugging tools.
  • Use vpn debugs to troubleshoot SecureClient Mobile.
  • Identify differences between route-based VPN and domain-base VPN
  • Configure VTI for route-based VPN Gateways
  • Configure OSPF for dynamic VPN routing in a Community
  • Identify the Wire mode function by testing a VPN failover
  • Configure Directional VPN Rule Match for route-based VPN
  • Given the Check Point configuration recommendations, implement ClusterXL.
  • Troubleshoot ClusterXL problems, using clustering debug commands

Register now for this or any Check Point exam at a Pearson VUE center near you.