Check Point Certified Security Master (CCSM)

Course Description Schedule Course Outline

Course Overview

This 3 day course is for customers and partners who want to learn the advanced skills to troubleshoot and configure Check Point Security Gateway and Management Software Blades. The goal is to validate a delegate's understanding and skills in subjects such as chain modules, NAT, ClusterXL, VPN, CoreXL, SecureXL, IPS, and IPv6 .

Certification Information:

This course prepares for exam #156-215.77 at which can be found at This consists of 80 multiple-choice questions with a passing score of 70% in 90 minutes. A valid CCSE is also required.

Who should attend

  • System Administrators
  • Security Engineers
  • Network Engineers
  • CCSEs seeking higher certification



  • CCSE
  • General knowledge of TCP/IP
  • Working knowledge of Windows and UNIX
  • Working knowledge of network technology
  • Working knowledge of the Internet

Course Objectives

Course Objectives and Topics Include:

  • Review the cpview command and its parameters.
  • Navigate the CPView interface.
  • Use fw ctl chain to observe chain modules. Observe how policy changes impact the chain.
  • Use fw monitor to capture packets.
  • Use the fw debug process and debug infrastructures for user mode debugging.
  • Review the Connections table using fw tab.
  • Debug NAT issues using the fw ctl debug command.
  • Perform port forwarding on a gateway.
  • Configure port mapping services.
  • Understand Client Side and Server Side NAT.
  • Configure a proxy ARP for Manual NAT.
  • Use cphaprob to monitor cluster status and troubleshoot state synchronization.
  • Use vpn debug to debug site-to-site VPN.
  • Use ethtool to tune NIC performance.
  • Edit ARP Cache table to improve performance.
  • Use command fw ctl pstat to improve load capacity.
  • Use the fwaccel stat and fwaccel stats outputs to tune the firewall Rule Base.
  • Configure CoreXL for specific CPU task assignment.
  • Use fwaccel and sim to enable and disable accelerated traffic.
  • Debug the FWAccel and SIM modules using the fwaccel dbg and sim dbg commands.
  • Use IPS Bypass to manage performance.
  • Configure IPS to reduce false positives.
  • Deploy IPv6 in a local environment.
  • Perform debug in the MDS and DMS environments using the mdsenv and fw debug commands.
  • Debug the VSX management server using the fw debug command


Classroom Training
Modality: G

Duration 3 days

Price (excl. VAT)
  • United Kingdom: £ 1,795.-
Enroll now
Online Training
Modality: U

Duration 3 days

Price (excl. VAT)
  • United Kingdom: £ 1,795.-
Enroll now

Accessing our website tells us you are happy to receive all our cookies. However you can change your cookie settings at any time. Find out more.   Got it!