With the release of the new CCSA/CCSE R81.10 exams on Monday, as someone who has taught both the old and new classes I thought it would be helpful to provide some general tips and a comparison of the CCSA/CCSE R80.X content vs. the updated CCSA/CCSE R81.10 content. The goal here is to highlight content differences, so that those who have attended a CCSA/CCSE R80.x class or not worked with R81+ at all yet can assess their preparation options for challenging the R81.10 exams.
Disclaimer: I have not taken any of the R81.10 exams yet so anything you read here should be considered rank speculation, possibly deluded, or even flat-out wrong. By the same token since I haven't even seen the new exams I can't be violating any confidentiality agreements with the following speculation. 😀
First off, some general CCSA/CCSE Check Point exam tips regardless of version (I shared these during a CCTE exam prep session I hosted for CPX 360 2022):
1) You have 90 minutes to complete 100 multiple choice questions with one correct answer for each. There used to be fill-in-the-blank questions but those seem to have gone away recently.
2) Pass is a 70%.
3) You are allowed to back up and return to prior questions (unlike say Cisco exams). You also have the ability to flag a question you are not sure about, then at the end of the exam if there is time left, jump back through all the questions you flagged. My suggestion is to always answer every question on the first run-through even if it is a wild guess, as a question will be marked equally wrong regardless of whether you selected an incorrect answer or left it unanswered.
4) If the context of the question is unclear, try to remember how that topic was presented in the lecture and labs during class.
5) I still personally struggle with this one: For those with extensive Check Point experience try to take the questions at face value and not overthink, or start pondering "well that depends on...". Generally the questions are pretty straightforward and are not asking you about some obscure situation you vaguely remember seeing 10 years ago at 3am on a Saturday night. 😀
6) Check Point exams are not adaptive and will not try to beat you over the head with the same topic if you have answered an earlier question on that topic incorrectly. Questions are drawn from a pool at the start of the exam and do not change during the course of the exam. By the same token you may draw two questions that are extremely similar or even identical; do not automatically assume you answered the first instance incorrectly when the second instance appears.
7) 80% of the exam questions are taken right from the courseware lecture and labs, the remaining 20% are "real-world" questions so having at least some real-world experience with Check Point (and not just the class) will be helpful. Do not panic if you face one of those 20% questions that were not mentioned/covered at all in the class, and initially draw a complete blank.
😎 Refer to sk163417: Check Point Learning & Training FAQ for any questions about certification length, renewals, etc.
9) Online practice exams for CCSA and CCSE are available from PearsonVue and are well worth the $50 USD they cost, as they draw their practice questions directly from the live exam pool. There aren't really any other legit exam prep guides available other than the official course material, and there are most certainly NOT any out there that are worth forking over money for. The courses are to some degree based on portions of the official documentation administration guide PDFs, which can be accessed for free at the Check Point Support Center if you need to bone up on a covered topic or feature you aren't familiar with.
10) Check the exam numbers carefully when booking:
Check Point Certified Security Administrator (CCSA) R81 – Exam #: 156-215.81
Check Point Certified Security Expert (CCSE) R81 – Exam #: 156-315.81
Tips for the CCSA R81.X exam:
1) The main thing to watch out for is that all Threat Prevention (TP) coverage (IPS, AV, ABOT, TE, TX) was taken out of CCSE and put into CCSA for R81.10. So any questions about TP are fair game along with the new Autonomous Threat Prevention, which you should at least check out in SmartConsole's Demo Mode if you haven't worked with it.
2) ClusterXL is no longer covered in CCSA R81.10; was moved to CCSE R81.10.
3) IPSec VPNs, SmartEvent, and the Compliance blade are no longer covered in CCSA R81.10; moved to CCSE R81.10.
4) Note that most Licensing operations can be conducted directly from the SmartConsole and not using SmartUpdate in R81+.
5) APCL/URLF is covered much more heavily in CCSA R81.10 vs. CCSA R80.X.
6) Know the new NAT features (hit counts, etc.) and the Access Control policy default column field of "None" instead of "Any" in R81+.
7) Inline layers are covered much more heavily in CCSA R81.10 vs. CCSA R80.X.
😎 cpview is no longer covered at all.
Tips for the CCSE R81.X exam:
1) IPSec VPNs (including interoperable/heterogenous), SmartEvent, and the Compliance blade are now covered in CCSE R81.10 instead of CCSA.
2) SMS Migration/Upgrade tools have changed pretty significantly in R81+, along with the use of Blink for gateways.
3) ClusterXL is more heavily covered including the new Correction Layer.
4) VRRP is no longer covered at all.
5) cpview and advanced clish options are extensively covered and used.
6) Miscellaneous: Be aware of SmartTasks, MDPS, Dynamic/Updatable Objects, Dynamic CoreXL Split/Dynamic Workloads, CDT, and Accelerated Policy Installs.
I'd be happy to answer any additional questions, within the bounds of confidentiality agreements of course.
Updated 2023 IPS/AV/ABOT R81.20 Course now
available at maxpowerfirewalls.com