Monday, January 4, 2016

Studying for CCSA or CCSE

Short answer: don't.

Talk to people who have taken the test lately before you do.  Checkpoint publicly states their exams consist of 70% book material and 30% off-book material.  The off-book material are simply things you should somehow know before taking the test after having learned about it being a full time Checkpoint firewall administrator.

Checkpoint, in their infinite wisdom, has decided that their certification exams should test the applicant on common knowledge of the operating system that is not included in the study material.  This common knowledge is determined by a panel of highly experienced Checkpoint system administrators. So the topics this particular group of admins feel you should know is what you are expected to know for the exam.  

But the 30% of innate experience they expect you to have is completely subjective but still assumes everyone has the same network environment and firewall policies.  This simply is not the case.   Smaller organizations are likely to have much similar environments and thus their policies will be somewhat similar as well.  But larger organizations get far more complicated and are far less likely to have the same policies as a smaller organization.

Furthermore, a larger organization tends to avoid single-solution products.  While Checkpoint firewalls can be a single-solution device with all the fancy blades and new toys, larger companies with exponential networks tend to avoid the one-size-fits-all solution.   While you can do this, there are always drawbacks at some level that make a more targeted solution the more attractive idea.  

Checkpoint does IDS, and endpoint protection, Antivirus, Identity Management, Data Loss Prevention, and more.  But larger companies are still going to buy the products that specialize in each because you get far more control and better logs in return.   So anyone working for a large company is not going to get the kind of experience as the administrators working for smaller organizations.

If that is your situation, then you will likely fail the exam and wast a lot of money and time.  There is no legitimate way to study for that 30% if you simply cannot get the real-world experience to use and manage all of the blades that Checkpoint products have to offer.

So the best solution....cheat.   Well, not during the test anyway.   All you can do is find the most recent CCSA/CCSE example test on the internet and memorize all of the answers.  In doing so you will see that a good 70% of the questions are straight from the book and you should already know them.  The rest are questions about command line nonsense of which you have never heard and other stuff that makes you wonder if this is the correct test at all.

After failing my test and others in my team having the same issue we began to wonder how we could pass the CISSP but fail the CCSA?  After expressing our concerns to Checkpoint, they revealed the above information and told us there was nothing they could do (which we knew was a lie, they just don't want to pay for any changes to be made to a really bad system).

So if you haven't worked with most of the blades for at least one year, then you are likely to fail as you won't know the little things the book won't tell you.   There's not much more you can do.  Read the book, practice on a VM, and then memorize the latest test.  If you have been working with most of the blades enabled for more than a year, then you should be ok.

No comments:

Post a Comment