Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

Check Point Certification Guide: Overview And Career Paths

Check Point Certification Guide: Overview And Career Paths
By , Mary Kyle

Check Point offers security certifications geared towards network and system administrators, analysts, engineers and security managers working with the company's security products.

Credit: ShutterstockCredit: ShutterstockCheck Point Software Technologies Ltd. creates information security products for enterprises, small and medium-sized businesses, service providers and consumers. The company's products include firewalls, VPN security gateways, endpoint security software and hardware/software solutions.

One of Check Point's best-known products at the consumer level is ZoneAlarm, a personal firewall. You can find its enterprise products in every Fortune 100 and Fortune 500 company in the world. Check Point also offers information security services such as design planning and security implementation, along with training and a security certification program.

MORE: How to Become a White Hat Hacker

The Check Point certification program includes four professional certifications:

  • CCSA: Check Point Certified Security Administrator
  • CCSE: Check Point Certified Security Expert
  • CCMSE: Check Point Managed Security Expert
  • CCSM: Check Point Certified Security Master

Check Point also offers an entry-level certification called the Check Point Certified Security Principles Associate (CCSPA) for IT professionals just beginning their security careers.

All Check Point exams are administered by Pearson VUE. Exams are 90 minutes in length and cost between $150 and $350, depending on the exam. All candidates need to set up a VUE Test Center account and Check Point User Center account to access exams. Training is not required but does come highly recommended as exams draw heavily from course materials along with real-world scenarios.

Most Check Point exams are currently offered on R77.30, although R80 has already been introduced with the CCSA certification. Check Point indicates that most R77.30 exams will retire at the end of the third quarter of 2017. Interested candidates should check the Training & Certification page frequently for the latest updates on the move to R80.

Check Point Recertification

Check Point certifications are valid for two years. To maintain a Check Point certification, you must acquire annual continuing education (CE) credits by completing Low Stakes exams or attending certain events such as the annual Check Point Experience (CPX) conference. Candidates may also upgrade to a later version of the credential by taking the then-current exam.

Low Stakes exams typically focus on product features and knowledge. Qualifying Low Stakes exams currently include Advanced IPS, SandBlast Administrator, Mobile Threat Prevention SE, Security Principles Associate, Associate Instructor, Threat Prevention and Gaia Overview. Two CEs may be obtained during the two-year certification cycle.

Passing two Low Stakes exams extends the CCSE (R70 or above) credentials for an additional year. Pre-R70 CCSA and CCSE credential holders must pass the current CCSA or CCSE exam to maintain those credentials. Information on the number of CEs required to maintain the CCMSE and CCSM certifications was not available at the time of publication, so you'll want to check the Check Point Training and Certification website for more information.

MORE: IT Career Paths & Certification Guides
MORE: Best IT Certifications
MORE: Best IT Training

CCSA: Check Point Certified Security Administrator

The Check Point Certified Security Administrator (CCSA) is Check Point's foundation-level credential, which recognizes individuals who deploy, configure and manage Check Point Security solutions to protect networks from intrusions and minimize vulnerabilities. A CCSA is well-versed in the day-to-day operations of Check Point Security Gateway, Firewall, SmartConsole, SmartDashboard, Security Management Server and Remote Access VPN products. Skills include traffic and connection monitoring, configuring anti-malware settings and URL filtering, implementing Identity Awareness in firewalls, configuring security policies and VPNs, and managing users and authentication to internal resources. Candidates must also be able to troubleshoot and resolve administrative issues.

Check Point currently offers two CCSA exams: CCSA R77.30 and CCSA R80. CCSA R77.30 targets IT professionals who manage Software Blades Systems and Security Gateway on the GAiA operating platform. The CCSA R80 credential is more focused on cloud technologies and security consolidation, including integrated threat management, improved security alignment and mapping to technology and processes, task automation, unified policy management, and management of the entire IT infrastructure by a single platform.

To achieve either the CCSA R77.30 or R80 certification, candidates must pass a single exam. (CCSA R77.30 candidates take exam 156-215.77, and CCSA R80 candidates take exam 156.215.80.)

There are no required prerequisites for the CCSA. Check Point recommends CCSA training and that candidates have six months to one year of product experience before attempting the exam. Candidates for both the CCSA R77.30 and CCSA R80 credentials should possess a solid understanding of networking, CCSA R77.30 candidates should also possess either UNIX or Windows Server skills and Internet and TCP/IP experience.

CCSE: Check Point Certified Security Expert

The Check Point Certified Security Expert (CCSE) is Check Point's intermediate-level credential. A CCSE implements Check Point's Security Gateway, Management Server, SmartReporter, SmartProvisioning, SmartWorkflow, High Availability, SSL VPN and SmartEvent products. Candidates must know how to perform advanced user management across a VPN, optimize VPN performance, upgrade management servers and troubleshoot VPNs, firewalls and servers.

To acquire the CCSE certification, candidates must pass exam 156-315.75 (R77). Check Point also requires candidates to have either the CCSA certification (R70, R71 or R75) or the Security Administration course. One year of experience with Check Point products is recommended. Candidates should also possess experience working with certificate management, system administration, TCP/IP, networking, Windows Server and UNIX.

Candidates who already possess a valid CCSE can maintain their credential by taking the update exam (156-915.77).

The CCSE credential is currently only available on R77.30. There are plans to add a CCSE R80 credential in the near future, so candidates should visit Check Point frequently for status on the addition of CCSE R80 to the Check Point certification portfolio.

CCMSE: Check Point Managed Security Expert

The Check Point Managed Security Expert (CCMSE) is an advanced-level credential in the Check Point certification program and validates a candidate's skills with Multi-Domain Security Management (MDSM) with Virtual System Extension. IT professionals seeking the CCMSE credential should be able to configure and implement a global policy, consolidate firewalls and transition to virtual environments, and troubleshoot, configure and install the MDSM environment.

To earn the CCMSE, candidates must pass exam 156.820.77. Candidates also need to possess the CCSE (R75 or later, or equivalent experience) credential. A minimum of six months to one year of experience is recommended.

CCSM: Check Point Certified Security Master

The Check Point Certified Security Master (CCSM) is Check Point's most advanced technical credential, which validates the ability of candidates to use advanced commands to troubleshoot, configure and optimize Check Point Security Systems. IT professionals seeking this credential should be able to troubleshoot ClusterXL and SecureXL, identify encryption failure sources and misconfigured VPNs, and address issues with intrusion prevention system false positives.

To earn the CCSM, candidates need to possess the CCSE (R70 or higher, or equivalent knowledge). Check Point recommends that candidates have knowledge of UNIX and have experience with networking, TCP/IP and Windows Server. Candidates also need to pass exam 156-115.77.

CCSPA: Check Point Certified Security Principles Associate

In addition to its professional certifications, Check Point offers an entry-level credential for those just beginning their security careers. The Check Point Certified Security Principles Associate (CCSPA) security awareness training course covers topics such as network security principles, best practices, security standards, security implementation and determining which technologies are right for your security environment. A single exam (115-110) is required.

Related Jobs and Careers

The CCSA and CCSE are geared toward systems and network administrators, support analysts, network engineers and security managers who deploy and support Check Point products and services. The CCMSE is an advanced credential targeting IT professionals who install, configure, design and manage virtual multi-domain security management systems. The CCSM is Check Point's most advanced technical credential and is aimed at those who configure and troubleshoot Check Point Security Systems.

To find out what types of roles real employers are seeking to fill, we conducted an information job search on SimplyHired, a popular job search board, and found the following:

  • A major mobile phone service provider in New York is seeking a CCSA-certified Network Engineer.
  • A professional services provider in Virginia needs a Check Point certified firewall administrator.
  • A risk management company in Maryland is looking for a CCSE-certified professional to fill the role of Cyber Threat Resistance Analyst.
  • A Colorado company seeks a CCSM-certified candidates for a Senior Network Engineer role.

Check Point Training and Resources

Check Point training is focused on six key areas:

  • Entry-level security awareness: CCSPA
  • Core security administrator training: CCSA R77.30 and CCSA R80
  • Core security expert training: CCSE
  • NextGen security training: Threat Prevention and Secure Web Gateway
  • Advanced security training: CCMSE and CCSM

Check Point offers three-day, instructor-led courses for the CCSA, CCSE and CCSM, which cover installation, configuration and management of Check Point Security solutions, along with monitoring and troubleshooting techniques.

A five-day training course is offered for the CCMSE, which covers global policy (configuration and implementation), firewalls (virtual environment consolidation and transition) and multi-domain security management (installation, configuration and troubleshooting). Check Point courses cost about $1,000 per seat, per day (though costs vary slightly from provider to provider).

Check Point also offers free study guides and practice exams to certification candidates. Just complete the sign-up form to get access to the Check Point self-study library. Study guides for the CCSA, CCSE and CCSM are also available on the respective certification web pages. Numerous self-study materials, including admin and best practices guides, how-to documentation and video tutorials are also available.

MORE: IT Career Paths & Certification Guides

MORE: Best IT Certifications
MORE: Best IT Training