[转载]Check Point 网络安全认证之CCSA NG
信息来源:邪恶八进制信息安全团队([url]www.eviloctal.com[/url])Check Point 网络安全认证之CCSA NG
随着网络科技不端进步及和互联网的普及,以現时的计算机网络系統來看,不论是硬件设备抑或是软体的支援,穩定程度已达至很高水平。但如果缺乏了一个良好的安全系統保护,一旦被入侵者 (俗称“黑客”属于黑帽子) 入侵或破坏,整个企业的系统就会陷于停顿,对公司和客戶有不可估计的損失。因此,网络安全对任何一个企业是都相当重要,要是在网络系統上加设一个絕佳的安全保护,就必須安装 Firewall。
对计算机网络安全保安有所认识的人,都应该听过 Check Point 这个名字。它们自从在 1993 年开发了 Check Point FireWall 防火墙软件及 Stateful Inspection Engine 技术后,在全球的网络安全软件市场中一直都稳占領先位置。它们的总公司位于以色列,共有員工约 1,200 人,但当中就有超过 700 个软件工程師,专门负责设计,开发及升级安全软件。
Check Point 已经是全球防火墙软件市场的强头,其推出的产品 VPN-1/FireWall-1 (防火墙软件),市场占有率已超过 60% , 是目前市面所能找到最综合性的网络安全产品。同时,由 Check Point 制定的考试及颁发的 CCSA 及 CCSE 国际认可证书,亦因为该产品拥有很高的市场占有率,吸引了不少专业人士考取及被业界广泛认可。
适合人仕 :
有志投身 I.T 网络安全范畴的人仕 ,已考取 Cisco CCNA 证书的朋友。 系統工程師,网络管理员,网络安全人员。
修读条件 :
对 Windows 2000 Server 系統有基本操作经验,对互联网及 TCP/IP 有一定程度的认识,对 LAN 及 Internetworking 的网络安全具有兴趣
最新 Check Point CCSA NG / CCSE NG 考试科目
(156-210.4) Check Point VPN-1/FireWall-1 Management I (CCSA NG AI)
(156-310.4) Check Point VPN-1/FireWall-1 Management II (CCSE NG AI)
課程內容 :
Module 1. Defining a Firewall.
What is a Firewall?
Type of the Firewall
- Packet Filtering
- Application Layer Gateway (Proxy)
- Check Point's Stateful Inspection Technology
Module 2. Check Point FireWall Architecture
How Check Point FireWall Works ?
Check Point FireWall Components and Modules
Check Point FireWall Kernel
Check Point FireWall Daemon
Module 3. Check Point FireWall Overview
Methods of securing networks
Check Point FireWall Architecture
Secure Internal Communications
Distributed client/server model
Application Intelligence technology
Module 4. Security Policy
Security Policy definition
SmartDashboard
Access control for administrators
Creating the Rule Base
Implicit and explicit rules
Command-line options for the Security Policy
Module 5. FireWall-1 Setup and Installation.
Pre-installation Configuration
System Requirement
How to install license
Install additional firewall module
Module 6. Working with the SmartDashboard
Masking and disabling rules
Uninstalling a Security Policy
Improving VPN-1/FireWall-1 performance
Module 7. SmartDefense
Active defense
SmartDefense in action
SmartDefense Storm Center
Module 8. Understanding RuleBase Order
What is a RuleBase
How to create RuleBase
Important of the Rule Base Order
Module 9. Implicit and Explicit Rules
FW1 Control Connections
Outgoing Packets
Additional Settings
Implicit Drop Rule
Module 10. Troubleshooting the Security Policy
Maximum number of rules and objects
Deleting Administrator accounts
Any, Any, Any, Accept Rule not accepting traffic
Module 11. Detecting Hacking Method -- Spoofing.
What is Spoofing
Anti-Spoofing Configuration
Module 12. Advanced Security Policy
Masking Rules
Disabling Rules
Uninstalling a Security Policy
Security Policy File
Command Line Options for the Security Policy
Module 13. Log Management
Log Viewer GUI
Log Viewer Modes
Creating and Selecting Selection Criteria
Blocking Connections
Block Intruder
Module 14. System Status GUI
System Status Logon
Log Viewer Modes
Creating and Selecting Selection Criteria
Blocking Connections
Block Intruder
Module 15. Authentication and Authentication Parameters
Understanding Authentication
How User Authentication Works
Type of Authentication
- User Authentication
- Client Authentication
- Session Authentication
Authentication Schemes
Defining a User Template
Defining Users and Groups
Module 16. Network Address Translation (NAT)
How NAT Works
Type of NAT
- Static NAT
- Hide NAT
Address Resolution Protocol (ARP)
NAT Routing
Static NAT and Anti-Spoofing
Troubleshooting NAT
页:
[1]