• 100 Queen St W, Brampton, ON L6X 1A4, Canada
  • +1-800-961-0337
START DATE END DATE CLASS TIMINGS MODE LOCATION ACTION
10/29/2018 11/02/2018
  • VLT
Live Online
01/21/2019 01/25/2019
  • VLT
Live Online
04/15/2019 04/19/2019
  • VLT
Live Online
07/15/2019 07/19/2019
  • VLT
Live Online
10/21/2019 10/25/2019
  • VLT
Live Online

Implementing Cisco Threat Control Solutions (SITCS v1.5)

Course Overview

In the wake of finishing this course the understudy ought to have the capacity to:

  • Depict and execute Cisco Web Security Appliance
  • Depict and execute Cloud Web Security
  • Depict and execute Cisco Email Security Appliance
  • Depict and execute Advanced Malware Protection
  • Depict and execute Cisco FirePOWER Next-Generation IPS
  • Depict and execute Cisco ASA FirePOWER Services Module

Prerequisites

The information and aptitudes that a student must have before going to this course are as per the following:

  • CCNA Security or legitimate CCSP or any CCIE confirmation can go about as an essential.

Implementing Cisco Threat Control Solutions (SITCS v1.5)

Course Outline

Module 1: Cisco Web Security Appliance

  • Lesson 1: Describing the Cisco Web Security Appliance Solutions
  • Cisco Modular Network Architecture and Cisco WSA
  • Cisco WSA Overview
  • Cisco WSA Architecture
  • Cisco WSA Malware Detection and Protection
  • Cisco Web-Based Reputation Score
  • Cisco WSA Acceptable Use Policy Enforcement
  • Cisco WSA GUI Management
  • Cisco WSA Committing the Configuration Changes
  • Cisco WSA Policy Types Overview
  • Cisco WSA Access Policies
  • Cisco WSA Identity: To Whom Does This Policy Apply?
  • Cisco WSA Identity Example
  • Cisco WSA Policy Assignment Using Identity
  • Cisco WSA Identity and Authentication
  • Cisco WSA Policy Trace Tool
  • Test
  • Lesson 2: Integrating the Cisco Web Security Appliance
  • Unequivocal versus Straightforward Proxy Mode
  • Unequivocal Proxy Mode
  • PAC Files
  • PAC File Deployment Options
  • PAC File Hosting on Cisco WSA
  • Movement Redirection In Transparent Mode
  • Associating the Cisco WSA to a WCCP Router
  • Checking WCCP
  • Test
  • Lesson 3: Configuring Cisco Web Security Appliance Identities and User Authentication Controls
  • Design Identities to Group Client Transactions
  • Design Policy Groups
  • The Need for User Authentication
  • Validation Protocols and Schemes
  • Fundamental Authentication in Explicit Proxy and Transparent Proxy Mode
  • Design Realms and Realm Sequences
  • Design NTLM Realm for Active Directory
  • Join Cisco WSA to Active Directory
  • Design Global Authentication Settings
  • Design an Identity to Require Authentication (Basic or NTLMSSP)
  • Design an Identity to Require Transparent User Identification
  • Design LDAP Realm for LDAP Servers
  • Characterize How User Information Is Stored in LDAP
  • Tie Cisco WSA to the LDAP Directory
  • LDAP Group Authorization
  • Permitting Guest Access to Users Who Fail Authentication
  • Testing Authentication Settings
  • Verified Users in Reports
  • Test
  • Lesson 4: Configuring Cisco Web Security Appliance Acceptable Use Controls
  • Worthy Use Controls
  • URL Categorizing Process
  • Application Visibility and Control Overview
  • Spilling Media Bandwidth Control Overview
  • Empower Acceptable Use Controls
  • Utilizing the Policies Table
  • Arrange URL Filtering
  • Empower Safe Search and Site Content Ratings
  • Arrange Custom URL Categories
  • URL Category Reports
  • Arranging AVC
  • Arrange Media Bandwidth Limits
  • AVC Reports
  • Test
  • Lesson 5: Configuring Cisco Web Security Appliance Anti-Malware Controls
  • Dynamic Vectoring and Streaming Engine Overview
  • Balance Webroot with Sophos or McAfee Malware Scanning
  • Versatile Scanning Overview
  • Web Reputation Filtering Overview
  • Empower Web Reputation Filtering, Adaptive Scanning and Malware Scanning
  • Design Inbound Web Reputation Filtering and Malware Scanning
  • Design Outbound Malware Scanning
  • Malware Reports
  • Test
  • Lesson 6: Configuring Cisco Web Security Appliance Decryption
  • HTTPS Proxy Operations Overview
  • Empower HTTPS Proxy
  • Invalid Destination Web Server Certificate Handling
  • Design Decryption Policies
  • Test
  • Lesson 7: Configuring Cisco Web Security Appliance Data Security Controls
  • Cisco WSA Data Security Overview
  • Information Security Policies
  • Control Uploaded Content
  • Outer Data Loss Prevention
  • Include an ICAP Server
  • Test

Module 2: Cisco Cloud Web Security

  • Lesson 1: Describing the Cisco Cloud Web Security Solutions
  • Cisco Modular Network Architecture and Cisco Cloud Web Security (CWS)
  • Cisco Cloud Web Security Overview
  • Cisco Cloud Web Security Traffic Flow Overview
  • Cisco Cloud Web Security URL Filtering, AVC, and Reporting Features Overview
  • Cisco Cloud Web Security Scanning Processes and Day Zero Outbreak Intelligence Overview
  • Cisco ScanCenter Overview
  • Test
  • Lesson 2: Configuring Cisco Cloud Web Security Connectors
  • Cisco Cloud Web Security Traffic Redirection Overview
  • Cisco Cloud Web Security Authentication Key
  • Validation Key Generation from the Cisco ScanCenter
  • Checking Traffic Redirection to CWS Using Special URL
  • Cisco ASA Cloud Web Security Overview
  • Cisco ASA Cloud Web Security Basic Configuration Using ASDM
  • Cisco ASA Cloud Web Security Basic Configuration Using the CLI
  • Cisco ASA Cloud Web Security Configuration with the Whitelist and Identity Options Using the CLI
  • Checking Cisco ASA Cloud Web Security Operations Using the Cisco ASDM
  • Checking Cisco ASA Cloud Web Security Operations Using the CLI
  • Cisco AnyConnect Web Security Module Overview
  • Cisco AnyConnect Web Security Module for Standalone Use Overview
  • Design Cisco AnyConnect Web Security Module for Standalone Use
  • Design Cisco ASA to Download the Web Security Module to the Client Machine
  • Checking Cisco AnyConnect Web Security Module Operations
  • Cisco ISR G2 Cloud Web Security Overview
  • Cisco ISR G2 Cloud Web Security Configuration
  • Cisco ISR G2 Cloud Web Security Verification
  • Cisco WSA Cloud Web Security Overview
  • Test
  • Lesson 3: Describing the Web Filtering Policy in Cisco ScanCenter
  • ScanCenter Web Filtering Policy Overview
  • ScanCenter Web Filtering Policy Configuration HTTPS Inspection Configuration Overview
  • ScanCenter Web Filtering Verification
  • ScanCenter Web Filtering Reporting
  • Test

Module 3: Cisco Email Security Appliance

  • Lesson 1: Describing the Cisco Email Security Solutions
  • Cisco Modular Network Architecture and Cisco ESA
  • Cisco Hybrid Email Security Solution Overview
  • SMTP Terminologies
  • SMTP Flow
  • SMTP Conversation
  • Cisco ESA Services Overview
  • Cisco ESA GUI Management
  • Cisco ESA Committing the Configuration Changes
  • Cisco ESA Licensing
  • Approaching Mail Processing Overview
  • Active Mail Processing Overview
  • Cisco ESA LDAP Integration Overview
  • Cisco Registered Envelope Service (CRES) Overview
  • Test
  • Lesson 2: Describing the Cisco Email Security Appliance Basic Setup Components
  • Cisco ESA Listener Overview
  • Cisco ESA Listener Type: Private and Public
  • Cisco ESA One Interface/One Listener Deployment Example
  • Cisco ESA Two Interfaces/Two Listeners Deployment Example
  • Cisco ESA Listener Major Components: HAT and RAT
  • Cisco ESA One Listener Deployment Scenario
  • One Listener Deployment Scenario: Interfaces and Listener
  • One Listener Deployment Scenario: LDAP Accept Query
  • One Listener Deployment Scenario: HAT
  • One Listener Deployment Scenario: HAT > Sender Group
  • One Listener Deployment Scenario: HAT > Sender Group SBRS
  • One Listener Deployment Scenario: HAT > BLACKLIST Sender Group
  • One Listener Deployment Scenario: HAT > RELAYLIST Sender Group
  • One Listener Deployment Scenario: HAT > Add Sender Group
  • One Listener Deployment Scenario: HAT > Mail Flow Policy
  • One Listener Deployment Scenario: HAT > Mail Flow Policy > Anti-Spam and Anti-Virus
  • One Listener Deployment Scenario: HAT > Mail Flow Policies Summary
  • One Listener Deployment Scenario: RAT
  • One Listener Deployment Scenario: SMTP Routes
  • One Listener Deployment Scenario: Email Relaying on Internal Mail Server
  • Test
  • Lesson 3: Configuring Cisco Email Security Appliance Basic Incoming and Outgoing Mail Policies
  • Cisco ESA Incoming and Outgoing Mail Policies Overview
  • Cisco ESA Mail Policies Matching
  • Against Spam Overview
  • Against Spam Configuration
  • Spam Quarantine Configuration
  • Approach, Virus, Outbreak Quarantines Configuration
  • Against Virus Overview
  • Against Virus Configuration
  • Content Filters Overview
  • Content Filters Configuration
  • Flare-up Filters Overview
  • Flare-up Filters Configuration
  • Information Loss Prevention Overview
  • Information Loss Prevention Configuration
  • Detailing Overview
  • Message Tracking
  • Follow
  • Test

Module 4: Advanced Malware Protection for Endpoints

  • Lesson 1: AMP for Endpoints Overview and Architecture
  • Current Malware
  • Why Defenses Fail
  • Prologue to AMP for Endpoints
  • AMP for Endpoints Architecture
  • AMP Connector Architecture
  • Establishment Components
  • How AMP Connector Components Interact
  • The Role of the AMP Cloud
  • Exchange Processing
  • Extra Transaction Processing
  • Constant Data Mining
  • Private Cloud Architecture
  • Private Cloud Modes
  • Cloud Proxy Mode Communications
  • Air Gap Mode
  • Test
  • Lesson 2: Customizing Detection and AMP Policy
  • Location, Application Control, DFC Options, and IOCs
  • Endpoint Policy
  • Strategy Modes
  • Basic Custom Detections
  • Making A Simple Custom Detection
  • Application Blocking
  • Propelled Custom Signatures
  • Whitelisting
  • Android Custom Detections
  • DFC IP Blacklists and Whitelists
  • DFC IP Blacklists
  • DFC IP Whitelists
  • Designing Exclusions
  • Custom Exclusion Sets
  • Test
  • Lesson 3: IOCs and IOC Scanning
  • Signs of Compromise (IOCs)
  • IOC Scanning
  • Modifying IOCs
  • Test
  • Lesson 4: Deploying AMP Connectors
  • Gatherings
  • Making Groups
  • Sending Windows Connectors
  • Coordinate Download Deployment
  • Making the Installer (Public Cloud)
  • Email Deployment
  • Microsoft Windows Installation and Interface
  • Network Considerations
  • Charge Line Installation
  • Test
  • Lesson 5: AMP Analysis Tools
  • Occasion View Filters
  • Occasions List
  • Occasion Detail: File Detection
  • Occasion Detail: Connector Info
  • Occasion Detail: Comments
  • Document Analysis
  • The File Analysis Page
  • Document Analysis Results
  • Document Repository
  • Direction
  • Document Trajectory Page
  • Gadget Trajectory
  • Gadget Trajectory Filters and Search
  • Pervasiveness
  • Powerless Software
  • Announcing
  • Making a Report
  • Test

Module 5: Cisco FirePOWER Next-Generation IPS

  • Lesson 1: Describing the Cisco FireSIGHT System
  • Cisco FireSIGHT System Overview
  • Cisco FirePOWER NGIPS and NGFW
  • Cisco FireSIGHT System Detection and Architecture
  • Cisco FireSIGHT System Components
  • Cisco FireSIGHT System Device Configuration
  • Movement Flows
  • Test
  • Lesson 2: Configuring and Managing Cisco FirePOWER Devices
  • Prologue to Device Management
  • Interfaces Tab
  • Virtual Device Configuration
  • Static Route Configuration
  • Question Management
  • Test
  • Lesson 3: Implementing an Access Control Policy
  • Access Control Policy Overview
  • Access Control Policy Configuration
  • Default Action
  • Targets Tab
  • Security Intelligence
  • HTTP Responses
  • Propelled Tab
  • Access Control Policy Rules
  • Control Constraints Overview
  • Spare and Apply the Access Control Policy
  • Test
  • Lesson 5: Configuring File-Type and Network Malware Detection
  • Prologue to Network-Based Malware Detection
  • System Based Malware Detection Overview
  • Document Dispositions
  • Essential Network-Based Malware Detection Concepts
  • Review Event Overview
  • Cisco FireSIGHT File-Type Detection Architecture
  • Cisco FireSIGHT Malware Detection Architecture
  • Document Disposition Caching
  • Document Lists
  • Document Policy
  • Test
  • Lesson 6: Managing SSL Traffic with Cisco FireSIGHT
  • SSL Traffic Management Overview
  • SSL Inspection Architecture
  • Cisco FireSIGHT SSL Inspection
  • SSL Policy
  • Test
  • Lesson 7: Describing IPS Policy and Configuration Concepts
  • Prologue to IPS Policy
  • Strategy Layering Model
  • Lead Management
  • Cisco FireSIGHT Rule Recommendations
  • IPS Policy Layering
  • Test
  • Lesson 8: Describing the Network Analysis Policy
  • System Analysis Policy Introduction
  • System Analysis Policy Customization
  • Preprocessors
  • System Analysis Policy Configuration
  • System Analysis Policy Creation
  • Preprocessor Configuration
  • Test
  • Lesson 9: Creating Reports
  • Announcing System Overview
  • Report Templates
  • Report Sections
  • Propelled Settings
  • Test
  • Lesson 10: Describing Correlation Rules and Policies
  • Connection Policies Overview
  • Connection Policy Responses
  • Remediations Configuration
  • Remediation Module Configuration
  • Connection Policy Rules
  • Connection Policies Overview
  • Connection Events
  • Whitelists Overview
  • Whitelist Events and Violations
  • Movement Profiles Overview
  • Movement Profiles in Correlation Policies
  • Test
  • Lesson 11: Understanding Basic Rule Syntax and Usage
  • Fundamental Snort Rule Structure
  • Grunt Rule Headers
  • Grunt Rule Bodies
  • Test

Module 6: Cisco ASA FirePOWER Services Module

  • Lesson 1: Installing Cisco ASA 5500-X Series FirePOWER Services (SFR) Module
  • Cisco ASA FirePOWER Services (SFR) Module Overview
  • Cisco FireSIGHT Management Center Overview
  • Cisco ASA FirePOWER Services Software Module Management Interface
  • Cisco ASA FirePOWER Services Module Package Installation
  • Cisco ASA FirePOWER Services Module Verification
  • Divert Traffic to Cisco ASA FirePOWER Services Module
  • Test

Lab Outline

  • Guided Lab 1: Configure Cisco Web Security Appliance Explicit Proxy and User Authentication Web-related network.
  • Assignment 1: Verify Basic Cisco WSA Settings
  • Assignment 2: Implement the Cisco WSA in Explicit Proxy Mode
  • Assignment 3: Implement User Authentication with Active Directory utilizing Basic Authentication
  • Assignment 4: Implement User Authentication utilizing Transparent User Identification
  • Guided Lab 2: Configure Cisco Web Security Appliance Acceptable Use Controls
  • Assignment 1: Implement the Cisco WSA in Transparent Proxy Mode
  • Errand 2: Configure the Access Policy
  • Errand 3: Enable Decryption and Configure the Decryption Policy
  • Errand 4: Configure URL Filtering for the Access Policy
  • Errand 5: Configure Application Visibility Control for the Access Policy
  • Guided Lab 3: Configure Cisco Email Security Appliance Basic Policies
  • Errand 1: Verify the Initial Email Exchange Without the Cisco ESA
  • Errand 2: Deploy the Cisco ESA Mail Proxy
  • Errand 3: Integrate the Cisco ESA with LDAP and Enable LDAP Accept Query
  • Errand 4: Configure Incoming Content Filters and Mail Policies
  • Errand 5: Configure Outbound Data Loss Prevention
  • Guided Lab 4: Accessing the AMP Public Cloud Console
  • Errand 1: Accessing the AMP Public Cloud Console
  • Errand 2: Workstation Preparation
  • Guided Lab 5: Customizing Detection and AMP Policy
  • Errand 1: Simple Custom Detections
  • Errand 2: Advanced Custom Signatures
  • Errand 3: Application Blocking
  • Errand 4: Whitelisting
  • Errand 5: DFC IP Blacklist
  • Errand 6: Creating a Policy
  • Guided Lab 6: IOCs and IOC Scanning
  • Errand 1: Create and Upload a Custom IOC
  • Guided Lab 7: Deploying AMP Connectors
  • Errand 1: Create Groups
  • Errand 2: Deploy the Connector
  • Errand 3: Connector Command Line Installation
  • Guided Lab 8: AMP Analysis Tools
  • Errand 1: Install the AMP Connector
  • Errand 2: Test Your Policy
  • Errand 3: Work With AMP Events
  • Errand 4: Detection/Quarantine Events
  • Errand 5: File Trajectory
  • Errand 6: Device Trajectory
  • Errand 7: Vulnerable Applications
  • Errand 8: IOCs and IOC Scanning: Clean Scan
  • Errand 9: IOCs and IOC Scanning: Dirty Scan
  • Errand 10: File Analysis
  • Guided Lab 9: Configure Inline Interfaces and Create Objects
  • Errand 1: Test Inline Interfaces
  • Errand 2: Create Objects
  • Guided Lab 10: Create Access Control Policy Rules
  • Errand 1: Create a Basic Access Control Policy
  • Errand 2: Create an Access Control Policy For Application Awareness
  • Errand 3: Implement URL Filtering
  • Errand 4: Include an IPS Policy in Access Control Policy Rules
  • Guided Lab 11: Configure Network Discovery Detection
  • Errand 1: Tune the Network Discovery Detection Policy
  • Errand 2: View FireSIGHT Data
  • Undertaking 3: Assign Host Attributes
  • Guided Lab 12: Create a File Policy
  • Errand 1: Create a File Policy
  • Guided Lab 13: Create an Intrusion Policy
  • Errand 1: Create an Intrusion Policy
  • Errand 2: Enable Include FireSIGHT Recommendations
  • Errand 3: Implement FireSIGHT Recommendations
  • Errand 4: Apply Your Policy and Variable Set and Test
  • Guided Lab 14: Create a Network Analysis Policy
  • Errand 1: Tune Your HTTP Inspect Preprocessor
  • Errand 2: Test the Network Analysis Policy Settings
  • Guided Lab 15: Compare Trends
  • Errand 1: Compare Trends
  • Guided Lab 16: Create Correlation Policies
  • Errand 1: Create a Correlation Policy Based on Connection Data
  • Errand 2: Configure a Whitelist

Awards