Cisco® Securing Cisco® Networks with Threat Detection and Analysis SCYBER 1.0

Základní info

Cisco® Securing Cisco® Networks with Threat Detection and Analysis (SCYBER) 1.0

This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network.

CÍLOVÁ SKUPINA
This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.

TÉMATA KURZU
This lab-intensive training course prepares you to take the Cyber Security Specialist Certification exam (exam ID = 600-199) and to hit the ground running as a security analyst team member.

Nahoru
OSNOVA KURZU
1 - ATTACKER METHODOLOGY
Defining the Attacker Methodology
Identifying Malware and Attacker Tools
Understanding Attacks

2 - DEFENDER METHODOLOGY
Enumerating Threats, Vulnerabilities, and Exploits
Defining SOC Services
Defining SOC Procedures
Defining the Role of a Network Security Analyst
Identifying a Security Incident

3 - DEFENDER TOOLS
Collecting Network Data
Understanding Correlation and Baselines
Assessing Sources of Data
Understanding Events
Examining User Reports
Introducing Risk Analysis and Mitigation

4 - PACKET ANALYSIS
Identifying Packet Data
Analyzing Packets Using Cisco IOS Software
Accessing Packets in Cisco IOS Software
Acquiring Network Traces
Establishing a Packet Baseline
Analyzing Packet Traces

5 - NETWORK LOG ANALYSIS
Using Log Analysis Protocols and Tools
Exploring Log Mechanics
Retrieving Syslog Data
Retrieving DNS Events and Proxy Logs
Correlating Log Files

6 - BASELINE NETWORK OPERATIONS
Baselining Business Processes
Mapping the Network Topology
Managing Network Devices
Baselining Monitored Networks
Monitoring Network Health

7 - INCIDENT RESPONSE PREPARATION
Defining the Role of the SOC
Establishing Effective Security Controls
Establishing an Effective Monitoring System

8 - SECURITY INCIDENT DETECTION
Correlating Events Manually
Correlating Events Automatically
Assessing Incidents
Classifying Incidents
Attributing the Incident Source

9 - INVESTIGATIONS
Scoping the Investigation
Investigating Through Data Correlation
Understanding NetFlow
Investigating Connections Using NetFlow

10 - MITIGATIONS AND BEST PRACTICES
Mitigating Incidents
Using ACLs
Implementing Network-Layer Mitigations and Best Practices
Implementing Link-Layer Best Practices

11 - COMMUNICATION
Documenting Communication
Documenting Incident Details

12 - POST-EVENT ACTIVITY
Conducting an Incident Post-Mortem
Improving Security of Monitored Networks

Aktuální osnova kurzu se může lišit v závislosti na pobočce, která ho nabízí. Více informací vám poskytnou naši obchodní zástupci.

Cisco® Securing Cisco® Networks with Threat Detection and Analysis SCYBER 1.0

Vybraný termín:

 ONLINE

Cena

Termíny kurzu

Kontaktovat dodavatele


Kontrola proti spamu. Kolik je šest a pět ? Součet zapište číslicemi.