Hello guys,
Not sure if anyone is interested in this, but as I passed the CCSE R80 today I thought it would be a good idea to write down some study recommendations, as no one answered this thread.
So as mentioned above you should attend the official training if possible.
The lab guide that comes with it contains lots of useful information not only regarding the actual practices and possibilities but also regarding the exam itself - make notes especially regarding small hints like port numbers and so on.
In addition to that I read the following documents and Checkmates Threads:
- ClusterXL Admin Guide
- Gaia Admin Guide
- Threat Prevention Admin Guide
- R80.x Security Gateway Architecture (Logical Packet Flow)
- R80.x Security Gateway Architecture (Content Inspection) (thanks to Heiko Ankenbrand for both docs as well as the other pulications from him - really useful!)
- several SKs like sk97638 (processes and daemons), sk114395 (Automatic creation of Proxy ARP for Manual NAT)
- attended the online course for the SandBlast admin accrediation - VERY useful not only for the CCSE and it's also free for CheckMates members, so what are you waiting for?
And of course: Build a lab! Practice everything that is shown in the documents, get hands-on experience and realize how to proceed further if something should not work as intended (from your point of view ).
Also; repeat the CCSA course ware (if you have any) and take a look at the example CCSA questions that are listed in the CCSA study guide - it will defnitely show you your weak points and also the facts that you already know. If you should discover any weak points - dig deeper into the related topic until you feel fine about it and your knowledge regarding it. Learn topic wise - like e.g. focus just on SecureXL for a week, the next week CoreXL etc and summarize everything you learn so that you have notes. This is especially useful for commands that you will not need everyday but that still provide a huge benefit or are even required in some circumstances.
And be prepared that some questions feel weird while reading them... due to incorrect sentence formulation and grammatical mistakes. But overall I only had 1-2 questions that itself did not make any sense at all. I wrote comments during the exam, so that Check Point can review them - so hopefully that will change for the upcoming CCSE attendees
That's kinda everything that I did, summarized. Of course there were other things like checking CheckMates nearly to everyday to read about the latest problems in the community and benefit from the different solution approaches that all the members are writing. But that's just an addition if you really want to dig into the topic completely. I studied about 3 months with the methods mentioned above, 2 months of the time with daily studying and yeah - seems that it worked.
Hopefully somebody can benefit from these words, as I would have been quite happy to read something like that when I started with the CCSE - especially as I started with Check Point within the R80 revision. Maybe we will also see an official study guide in the future.
Edit: Just watched Video Link : 7987 - this video is by far the most useful one I've seen so far regarding Secure and CoreXL + advanced tweaks. Definitely also watch this if you are preparing for your CCSE.
Edit 2: Event Management & Reporting with Smart Event (R80.20)
Very interesting explanation of the log & analysis features in R80. Some things are at CCSA level but a few details of this video are definitely going to help you with the CCSE as well as daily business. 🙂
Regards,
Maik