CCSA 156-215 versus 156.215.1

[LeNNoX]

Lads,

156-215 & 156.215.1

What is the difference between these two exams?
- other than spelling mistakes etc...

I'm sure if you know your stuff, it won't matter which exam you do.

LeNNoX

[ushabasavaraj]

Hi

1) Exam 156-215.1 prepares you for CCSA NGX and CCSE NGX certifications, passing this exam earns you CCSA NGX certifications. This exam is for Check Point Security Administration NGX I Rev 1.1

2) Exam 156-215 prepares you for Check Point Security Administration NGX I but this exam will not be available after May 6, 2006 at Pearson VUE.

Regards,
Usha

[selva]

hi,

can i have the dumps for exam 156.215.1


Selva

[favio]

can I have the dumps also please

Thanks
Favio

[dp123]

Have a look here:
http://www.vue.com/checkpoint/exam_comparison.pdf
You need to have the version 1.1 books (official CP student handbooks) and not the first version, if you are using them to study.

[Davinci1969]

Hi all,

so, checking out this comparison of the exams side by side, can I assume that the only differences between the two are:

* Use advanced NGX features to minimise the information-security management burden, when working with objects and rule

*Compare and contrast common encryption methods

Has anyone had to unfortunately sit both tests and noticed the differences. Is there more of a focus on particular areas?

I only ask this because I sat the 156.215.1 exam yesterday and failed. At the very start before the exam it mentioned that this exam was for the course material 'DOC-VPN-01-S-NGX-1.1' which was released in January 2006

I attended the course in November of last year and have the 'DOC-VPN-01-S-NGX' courseware and would like to know how different the courseware is.

If there are big differences in the courseware, is there anywhere you can officially buy the courseware without attending the course?

Any help greatly appreciated.

Davinci1969

[dp123]

There were a few topics removed from the coureware and a bit of shifting around.
If you are planning the exam then CP recommend covering the topics below in prepareation for the 156-215.1 exam. Otherwise if you are wanting to get good knowledge of the product then you should read through the product PDF documents (http://www.checkpoint.com/support/te...docs_r60.html), depending on your supported version.
You would do well to read the PDF documents anyway, filtering what you need out of them e.g. the topics below for a start. This will give you more than enough to confidently sit the exam/s.
Playing with the Smart clients in demo mode will benefit you as well.

Content Security was in the first version of the exam but is no longer in the recommended study topics for the 1.1 exam. However you should probably go through Security Servers and content security before hand anyway i.e. things like CVP (OPSEC), URI, UFP, Java and ActiveX etc...

156-215.1 exam topics:
-----------------------
The Security Policy
Monitoring Traffic and Connections
SmartDefense
Network Address Translation
Encryption and VPNs <== was Configuring VPNs in the first version
Authentication
LDAP User Management with SmartDirectory
Disaster Recovery

[ivanhoe]

yeah - a couple od fancy questions ...

they asked me, whether Diffie hellman is asymm or symm.

IMHO:

Input is: pub + priv (which are asymm keys)
Output is: a symmetric session key

so - what's the correct answer ?

[Davinci1969]

Hi guys,

thanks for your comments.

I have been using the course material and the Syngress book as well, however, it would appear that the PDF's are the best way to go.

I do not remember seeing hardly anything on Content Security so indeed that has obviously changed.

I think I let myself down in my CLI commands for Disaster Recovery and my SmartDefense knowledge.

I'm going to get hold of an eval license if possible and run that in our small lab to understand the effects of SmartDefense more.

The only one I think it is going to be hard to understand correctly (without hands-on), is the LDAP integration. There seems to have been more questions in this area than I thought.

Thanks again guys.

[dp123]

- Diffie-Hellman is an encryption scheme and is neither symmetric or asymmetric. What this means is that the scheme involves the swapping of public keys and then the combination of the partners public key and the private key is used to generate the 'Shared Key'. The Shared Key is then used in a symmetric encryption session. Shared Key is the basis of symmetric encryption, as you will know. Symmetric cryptography is 1000 times faster than Asymmetric cryptography, which is why it is only used for encrypting small amounts of data and is also why schemes like Diffie-Hellman evolved to work around the performance issues and resolve the security risks in swapping shared key (methods).

-The CCSA 1.1 can be a tricky exam but if you play with the SmartDashboard (in Demo mode) enough, read the help files wherever you do not fully understand the window you are looking at and also go through SmartDefense thouroughly! (reading all of it) then you will get an understanding of VPN-1 Pro that will help you in the exam.
A note on the help files. They vary in quality, some being very informative e.g. VoIP,VPN and LDAP, and others being short and vague. This is why it is good to have the PDF documents hand to refer to, using the Search option.
Command lines are important so you have to get to know them (the PDF is good). The 15 day eval license should give enough time to practice and see the commands in action if you plan your learning and preparation time.
There aren't any shortcuts really so exposure to the products and learning are the key.