Create a Post
Showing results for 
Search instead for 
Did you mean: 

How I passed Check Point CCSM

Hi there, in this post I want to share briefly the steps I took on becoming Check Point Certified Security Master (oh, sounds so good).


My journey in becoming CP (Check Point) Certified started on 2015 while still using CP Nokia Firewall model (I believe it was R65 model, SPLAT something, very old...). I attended a class at an ATC and I thought I was ready to take the exam. I failed, twice in a row.



I think it was my first experience with ATC so I thought: "this guys will teach me everything I need to know about this technology...". They taught me what they could and should, but that didn't mean that I learned what I needed to pass the exam. After failing for the second time, I realized that I didn't have a good strategy to pass the exam. At the same time I was taking exams of other vendors and the result was quite the same (just wait until I share Cisco results :-)).


So I developed a strategy and a year later I passed the CCSA R77 exam. Basically the strategy consisted in investing more time learning new topics, save some time to improve what I already knew and lab as maximum as possible.



The knowledge I acquired by becoming CCSA was enough for me at that time, I could design, implement and troubleshoot a CP solution, and honestly CP doesn't cause many problems like others vendors (fortihate...). Until recently when I was introduced to another environment with VSX, automation, API, sandblast (and now Management As A Service, omg)... and I realized that there was another level to reach.


I planned to re-take CP certifications (just getting more knowledge) and probably get the CCSE Certification by the end of this year, since I was planning to take CCIE R&S Lab Exam in the first quarter of this year, but with this COVID thing, plans had to be changed.


Since Cisco was postponing the opening of the lab center, I changed my priorities to CP, so on June I started studying for CCSA R80 exam, since my previous certificate had expired.


Basically this was my plan, I invested most of my time studying CP:



The study resources I already shared in this post:


On July I passed the CCSA R80 exam.



I have to admit that CCSA was quite easy for me, so I decided to schedule CCSE exam for the following month, and turns out that CCSE wasn't much different from CCSA. It was just an "expert" level of CCSA. You get to see some more advanced topics like Clustering, Acceleration, IPS... but nothing scary. I took the CCSE exam and passed.



So CCSA and CCSE was done and sooner than I thought so why not CCSM? While I was studying for CCSE I read the CCSM study guide, and I noticed that the content was oriented for troubleshooting what you already configured. It's like:


CCSA > introduces you to CP solution and some basic products and features

CCSE > you get know more products and some advanced features

CCSM > you have to know how to troubleshoot what you have configured so far...

Well, that's the perspective I had of CCSM. It's like the level of expertise that CP TAC guys have to solve enterprise problems but using mainly CLI (cool).


I took the exam and... at beginning I thought I wouldn't pass. The study strategy had to be different from CCSA and CCSE. You're not supposed to configure anything, you're supposed to diagnose a problem and know which command syntax to use, like: how do you debug something, what is the problem with connection x, if the user can't authenticate using remote access how do you troubleshoot... things like that. So most of time I was creating problems (for real) and trying to solve them using new tools available (even though I knew how to solve them :-)) like debug, fw monitor, tcpdump...

Thankfully I passed the exam!



Final thoughts...

It might look like it took me two months to pass these exams, but that's not true. I have been working with CP for more than 5 years, and I was able to invest a lot of time with the right resources in a short period.


If you're planning to take any CP certification, the jump from CCSA to CCSM isn't that long, so my advice/recommendation for you:


  1. Make a clear goal of what you want by becoming CP certified - this will help you to continue your studies in moments of frustrations (believe me, they will come 🙂
  2. Develop a precise strategy that will help you achieve your goal - when do you plan to take the exams? How much are you willing to spend? How much time are you willing to invest? How does your family, your work and your studies will fit together? Keep track of your study progress.
  3. Use the right resources, not all the resources in the world - one of the biggest differences I noticed while preparing for R80 certification, is that I used mainly CP official content like Check Mates web site, SKs, CP content on YouTube, products datasheet. This was a very different approach than the one I took for R77, where I used to Google everything I could about CP.
  4. (Study + Lab) * Repeat - do I have to write anything else??

Take a look at one of my time tracker:




Is it over? No way!

For me, becoming certified is just the beginning of the journey of being an expert in something, because next time when you'll have a problem at your company or project you're involved in, people will look at you like you know the answer to all the problems. And you better know the answer to most of them... Otherwise you'll lose credibility for the level you achieved.


Hope you enjoyed this post, leave your comments below and I'll see you on the next post.




Silésio C.


5 Replies

Congratulations 🙂

One small correction: Nokia firewalls never ran SPLAT (well, you could install it on the old IP440s), they ran IPSO. 😬

0 Kudos

You're sure old school @PhoneBoy 🙂.


0 Kudos

Old school enough I used to teach the FireWall-1 2.x/3.x courses 😬

Employee Employee

Congrats Silesio. Well Done.

0 Kudos

Thanks bro.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events