Check Point Advanced Intrusion Prevention Systems (AIPS)
ID CP-AIPS Price on request Duration 2 days
Who should attend threat prevention to protect against attacks which
exploit unknown or undisclosed vulnerabilities
Technical persons who support, install, deploy or Be able to distinguish false positives
administer Check Point security solutions should attend Describe the benefits of SecureXL and CoreXL
this course including: Describe the function of the Passive Streaming Library
System Administrators (PSL)
System Engineers Be able to configure how IPS is managed during a
Support Analysts cluster failover
Network Engineers Learn how to focus on high severity and high
Anyone seeking to extend a Check Point certification confidence level protections
Properly configure hosts like DNS Servers, Web
Servers and Mail Servers for IPS protections
Prerequisites
Persons attending this course should have general knowledge Detailed Course Outline
of TCP/IP, working knowledge of Windows and/or Unix,
Configure the IPS Software Blade
network technology, the Internet and 6 months experience
Test the Security Policy and Demonstration Tool
working in a Check Point security gateway environment. Test the IPS Functionality
Change IPS Policy Enforcement
Deploy Geo Protection in IPS
Course Objectives Modify Anti-Spoofing settings
Test IPS Geo Protection features
Understand how security policies affect network Test the Default_Protection profile
processes Define a new Profile
Learn how data is used to fine tune processes and Identify attacks with SmartEvent Viewer
reduce risk Download and install IPS protections
Incorporate 5 proven IT security best practices Use the IPS follow-up protection review process
Discuss IPS deployment strategies Manually update the IPS Protections on the gateway to
Discuss the layers of the IPS engine the most current available
Describe the unique capabilities of the Check Point IPS Download and install IPS Protections
engine Follow up with IPS Protections Review
Create and apply profiles to groups of devices that Configure, enable and test IPS Troubleshooting mode
need protection against certain attacks Modify and test the Bypass Under Load Settings
Discuss how IPS Mode determines detect or prevent Configure Protection Engine settings
default protections Identify Top Events and Protections
Describe how the severity of an attack is determined Modify Protections to defend against common attacks
Learn how to schedule automatic updates for ongoing Debug the logging mechanism
protection Configuring Protection Engine Settings
Use Geo Protection to control traffic by country Use debug to gather IPS statistics
Learn to discover abnormal events, attacks, viruses, or Use tcpdump to identify the source of an attack
worms when raw data is analyzed Modify protections to prevent attack source
Discuss the major components in IPS Event Analysis View Security Gateway messages
Architecture
Describe what you can do with the IPS Event Analysis
Client
Describe why having signatures available that protect
against known vulnerability attacks is essential
Describe how a good IPS solution will have zero-day
Page 1/2
� Check Point Advanced Intrusion Prevention Systems (AIPS)
Training Centres worldwide
Fast Lane
Cvetkova ulica 29
1000 Ljubljana
Tel. +386 1 320 78 80
Fax +386 1 600 1765
[email protected], https://www.fastlane-cee.net
Page 2/2
Powered by TCPDF (www.tcpdf.org)
