$3,795.00 Cisco Learning Credits/Vouchers Accepted

Legend

Register for class 6 weeks prior to start date, and receive either an Amazon eGift Card for up to $250 OR 10% off your course!

Enter coupon code: earlybird(gift card) OR earlybird-10(10% off)

Need training for a group? TechSherpas 365 offers private, customized Onsite TrainingContact us for details/quotes.

ICLIn-Classroom Learning VLTVirtual Live Training GTRClass is guaranteed to Run
SATVMicrosoft Software Assurance Training Vouchers CLCCisco Learning Credits/Vouchers ODLOn-Demand Learning
Location Start date End Date Class Times Class Details Action
04/06/2020 04/10/2020 VLT Register
06/22/2020 06/26/2020 VLT Register
10/12/2020 10/16/2020 VLT Register

Overview

Description

This course provides network professional with the knowledge to implement Cisco FirePOWER NGIPS (Next-Generation Intrusion Prevention System) and Cisco AMP (Advanced Malware Protection), as well as Web Security, Email Security and Cloud Web Security. You will gain hands-on experience configuring various advance Cisco security solutions for mitigating outside threats and securing traffic traversing the firewall.

Objectives

After completing this course the student should be able to:

  • Describe and implement Cisco Web Security Appliance
  • Describe and implement Cloud Web Security
  • Describe and implement Cisco Email Security Appliance
  • Describe and implement Advanced Malware Protection
  • Describe and implement Cisco FirePOWER Next-Generation IPS
  • Describe and implement Cisco ASA FirePOWER Services Module

Prerequisites

The knowledge and skills that a learner must have before attending this course are as follows:

  • CCNA Security or valid CCSP or any CCIE certification can act as a prerequisite.

Description

Module 1: Cisco Web Security Appliance

  • Lesson 1: Describing the Cisco Web Security Appliance Solutions
    • Cisco Modular Network Architecture and Cisco WSA
    • Cisco WSA Overview
    • Cisco WSA Architecture
    • Cisco WSA Malware Detection and Protection
    • Cisco Web-Based Reputation Score
    • Cisco WSA Acceptable Use Policy Enforcement
    • Cisco WSA GUI Management
    • Cisco WSA Committing the Configuration Changes
    • Cisco WSA Policy Types Overview
    • Cisco WSA Access Policies
    • Cisco WSA Identity: To Whom Does This Policy Apply?
    • Cisco WSA Identity Example
    • Cisco WSA Policy Assignment Using Identity
    • Cisco WSA Identity and Authentication
    • Cisco WSA Policy Trace Tool
    • Challenge
  • Lesson 2: Integrating the Cisco Web Security Appliance
    • Explicit vs. Transparent Proxy Mode
    • Explicit Proxy Mode
    • PAC Files
    • PAC File Deployment Options
    • PAC File Hosting on Cisco WSA
    • Traffic Redirection In Transparent Mode
    • Connecting the Cisco WSA to a WCCP Router
    • Verifying WCCP
    • Challenge
  • Lesson 3: Configuring Cisco Web Security Appliance Identities and User Authentication Controls
    • Configure Identities to Group Client Transactions
    • Configure Policy Groups
    • The Need for User Authentication
    • Authentication Protocols and Schemes
    • Basic Authentication in Explicit Proxy and Transparent Proxy Mode
    • Configure Realms and Realm Sequences
    • Configure NTLM Realm for Active Directory
    • Join Cisco WSA to Active Directory
    • Configure Global Authentication Settings
    • Configure an Identity to Require Authentication (Basic or NTLMSSP)
    • Configure an Identity to Require Transparent User Identification
    • Configure LDAP Realm for LDAP Servers
    • Define How User Information Is Stored in LDAP
    • Bind Cisco WSA to the LDAP Directory
    • LDAP Group Authorization
    • Allowing Guest Access to Users Who Fail Authentication
    • Testing Authentication Settings
    • Authenticated Users in Reports
    • Challenge
  • Lesson 4: Configuring Cisco Web Security Appliance Acceptable Use Controls
    • Acceptable Use Controls
    • URL Categorizing Process
    • Application Visibility and Control Overview
    • Streaming Media Bandwidth Control Overview
    • Enable Acceptable Use Controls
    • Using the Policies Table
    • Configure URL Filtering
    • Enable Safe Search and Site Content Ratings
    • Configure Custom URL Categories
    • URL Category Reports
    • Configuring AVC
    • Configure Media Bandwidth Limits
    • AVC Reports
    • Challenge
  • Lesson 5: Configuring Cisco Web Security Appliance Anti-Malware Controls
    • Dynamic Vectoring and Streaming Engine Overview
    • Contrast Webroot with Sophos or McAfee Malware Scanning
    • Adaptive Scanning Overview
    • Web Reputation Filtering Overview
    • Enable Web Reputation Filtering, Adaptive Scanning and Malware Scanning
    • Configure Inbound Web Reputation Filtering and Malware Scanning
    • Configure Outbound Malware Scanning
    • Malware Reports
    • Challenge
  • Lesson 6: Configuring Cisco Web Security Appliance Decryption
    • HTTPS Proxy Operations Overview
    • Enable HTTPS Proxy
    • Invalid Destination Web Server Certificate Handling
    • Configure Decryption Policies
    • Challenge
  • Lesson 7: Configuring Cisco Web Security Appliance Data Security Controls
    • Cisco WSA Data Security Overview
    • Data Security Policies
    • Control Uploaded Content
    • External Data Loss Prevention
    • Add an ICAP Server
    • Challenge

Module 2: Cisco Cloud Web Security

  • Lesson 1: Describing the Cisco Cloud Web Security Solutions
    • Cisco Modular Network Architecture and Cisco Cloud Web Security (CWS)
    • Cisco Cloud Web Security Overview
    • Cisco Cloud Web Security Traffic Flow Overview
    • Cisco Cloud Web Security URL Filtering, AVC, and Reporting Features Overview
    • Cisco Cloud Web Security Scanning Processes and Day Zero Outbreak Intelligence Overview
    • Cisco ScanCenter Overview
    • Challenge
  • Lesson 2: Configuring Cisco Cloud Web Security Connectors
    • Cisco Cloud Web Security Traffic Redirection Overview
    • Cisco Cloud Web Security Authentication Key
    • Authentication Key Generation from the Cisco ScanCenter
    • Verifying Traffic Redirection to CWS Using Special URL
    • Cisco ASA Cloud Web Security Overview
    • Cisco ASA Cloud Web Security Basic Configuration Using ASDM
    • Cisco ASA Cloud Web Security Basic Configuration Using the CLI
    • Cisco ASA Cloud Web Security Configuration with the Whitelist and Identity Options Using the CLI
    • Verifying Cisco ASA Cloud Web Security Operations Using the Cisco ASDM
    • Verifying Cisco ASA Cloud Web Security Operations Using the CLI
    • Cisco AnyConnect Web Security Module Overview
    • Cisco AnyConnect Web Security Module for Standalone Use Overview
    • Configure Cisco AnyConnect Web Security Module for Standalone Use
    • Configure Cisco ASA to Download the Web Security Module to the Client Machine
    • Verifying Cisco AnyConnect Web Security Module Operations
    • Cisco ISR G2 Cloud Web Security Overview
    • Cisco ISR G2 Cloud Web Security Configuration
    • Cisco ISR G2 Cloud Web Security Verification
    • Cisco WSA Cloud Web Security Overview
    • Challenge
  • Lesson 3: Describing the Web Filtering Policy in Cisco ScanCenter
    • ScanCenter Web Filtering Policy Overview
    • ScanCenter Web Filtering Policy Configuration HTTPS Inspection Configuration Overview
    • ScanCenter Web Filtering Verification
    • ScanCenter Web Filtering Reporting
    • Challenge

Module 3: Cisco Email Security Appliance

  • Lesson 1: Describing the Cisco Email Security Solutions
    • Cisco Modular Network Architecture and Cisco ESA
    • Cisco Hybrid Email Security Solution Overview
    • SMTP Terminologies
    • SMTP Flow
    • SMTP Conversation
    • Cisco ESA Services Overview
    • Cisco ESA GUI Management
    • Cisco ESA Committing the Configuration Changes
    • Cisco ESA Licensing
    • Incoming Mail Processing Overview
    • Outgoing Mail Processing Overview
    • Cisco ESA LDAP Integration Overview
    • Cisco Registered Envelope Service (CRES) Overview
    • Challenge
  • Lesson 2: Describing the Cisco Email Security Appliance Basic Setup Components
    • Cisco ESA Listener Overview
    • Cisco ESA Listener Type: Private and Public
    • Cisco ESA One Interface/One Listener Deployment Example
    • Cisco ESA Two Interfaces/Two Listeners Deployment Example
    • Cisco ESA Listener Major Components: HAT and RAT
    • Cisco ESA One Listener Deployment Scenario
    • One Listener Deployment Scenario: Interfaces and Listener
    • One Listener Deployment Scenario: LDAP Accept Query
    • One Listener Deployment Scenario: HAT
    • One Listener Deployment Scenario: HAT > Sender Group
    • One Listener Deployment Scenario: HAT > Sender Group SBRS
    • One Listener Deployment Scenario: HAT > BLACKLIST Sender Group
    • One Listener Deployment Scenario: HAT > RELAYLIST Sender Group
    • One Listener Deployment Scenario: HAT > Add Sender Group
    • One Listener Deployment Scenario: HAT > Mail Flow Policy
    • One Listener Deployment Scenario: HAT > Mail Flow Policy > Anti-Spam and Anti-Virus
    • One Listener Deployment Scenario: HAT > Mail Flow Policies Summary
    • One Listener Deployment Scenario: RAT
    • One Listener Deployment Scenario: SMTP Routes
    • One Listener Deployment Scenario: Email Relaying on Internal Mail Server
    • Challenge
  • Lesson 3: Configuring Cisco Email Security Appliance Basic Incoming and Outgoing Mail Policies
    • Cisco ESA Incoming and Outgoing Mail Policies Overview
    • Cisco ESA Mail Policies Matching
    • Anti-Spam Overview
    • Anti-Spam Configuration
    • Spam Quarantine Configuration
    • Policy, Virus, Outbreak Quarantines Configuration
    • Anti-Virus Overview
    • Anti-Virus Configuration
    • Content Filters Overview
    • Content Filters Configuration
    • Outbreak Filters Overview
    • Outbreak Filters Configuration
    • Data Loss Prevention Overview
    • Data Loss Prevention Configuration
    • Reporting Overview
    • Message Tracking
    • Trace
    • Challenge

Module 4: Advanced Malware Protection for Endpoints

  • Lesson 1: AMP for Endpoints Overview and Architecture
    • Modern Malware
    • Why Defenses Fail
    • Introduction to AMP for Endpoints
    • AMP for Endpoints Architecture
    • AMP Connector Architecture
    • Installation Components
    • How AMP Connector Components Interact
    • The Role of the AMP Cloud
    • Transaction Processing
    • Additional Transaction Processing
    • Real-time Data Mining
    • Private Cloud Architecture
    • Private Cloud Modes
    • Cloud Proxy Mode Communications
    • Air Gap Mode
    • Challenge
  • Lesson 2: Customizing Detection and AMP Policy
    • Detection, Application Control, DFC Options, and IOCs
    • Endpoint Policy
    • Policy Modes
    • Simple Custom Detections
    • Creating A Simple Custom Detection
    • Application Blocking
    • Advanced Custom Signatures
    • Whitelisting
    • Android Custom Detections
    • DFC IP Blacklists and Whitelists
    • DFC IP Blacklists
    • DFC IP Whitelists
    • Configuring Exclusions
    • Custom Exclusion Sets
    • Challenge
  • Lesson 3: IOCs and IOC Scanning
    • Indications of Compromise (IOCs)
    • IOC Scanning
    • Customizing IOCs
    • Challenge
  • Lesson 4: Deploying AMP Connectors
    • Groups
    • Creating Groups
    • Deploying Windows Connectors
    • Direct Download Deployment
    • Creating the Installer (Public Cloud)
    • Email Deployment
    • Microsoft Windows Installation and Interface
    • Connectivity Considerations
    • Command-Line Installation
    • Challenge
  • Lesson 5: AMP Analysis Tools
    • Event View Filters
    • Events List
    • Event Detail: File Detection
    • Event Detail: Connector Info
    • Event Detail: Comments
    • File Analysis
    • The File Analysis Page
    • File Analysis Results
    • File Repository
    • Trajectory
    • File Trajectory Page
    • Device Trajectory
    • Device Trajectory Filters and Search
    • Prevalence
    • Vulnerable Software
    • Reporting
    • Creating a Report
    • Challenge

Module 5: Cisco FirePOWER Next-Generation IPS

  • Lesson 1: Describing the Cisco FireSIGHT System
    • Cisco FireSIGHT System Overview
    • Cisco FirePOWER NGIPS and NGFW
    • Cisco FireSIGHT System Detection and Architecture
    • Cisco FireSIGHT System Components
    • Cisco FireSIGHT System Device Configuration
    • Traffic Flows
    • Challenge
  • Lesson 2: Configuring and Managing Cisco FirePOWER Devices
    • Introduction to Device Management
    • Interfaces Tab
    • Virtual Device Configuration
    • Static Route Configuration
    • Object Management
    • Challenge
  • Lesson 3: Implementing an Access Control Policy
    • Access Control Policy Overview
    • Access Control Policy Configuration
    • Default Action
    • Targets Tab
    • Security Intelligence
    • HTTP Responses
    • Advanced Tab
    • Access Control Policy Rules
    • Rule Constraints Overview
    • Save and Apply the Access Control Policy
    • Challenge
  • Lesson 4: Understanding Discovery Technology
    • Introduction to Host Discovery
    • Network Discovery Policy
    • Discovery Overview
    • Challenge
  • Lesson 5: Configuring File-Type and Network Malware Detection
    • Introduction to Network-Based Malware Detection
    • Network-Based Malware Detection Overview
    • File Dispositions
    • Important Network-Based Malware Detection Concepts
    • Retrospective Event Overview
    • Cisco FireSIGHT File-Type Detection Architecture
    • Cisco FireSIGHT Malware Detection Architecture
    • File Disposition Caching
    • File Lists
    • File Policy
    • Challenge
  • Lesson 6: Managing SSL Traffic with Cisco FireSIGHT
    • SSL Traffic Management Overview
    • SSL Inspection Architecture
    • Cisco FireSIGHT SSL Inspection
    • SSL Policy
    • Challenge
  • Lesson 7: Describing IPS Policy and Configuration Concepts
    • Introduction to IPS Policy
    • Policy Layering Model
    • Rule Management
    • Cisco FireSIGHT Rule Recommendations
    • IPS Policy Layering
    • Challenge
  • Lesson 8: Describing the Network Analysis Policy
    • Network Analysis Policy Introduction
    • Network Analysis Policy Customization
    • Preprocessors
    • Network Analysis Policy Configuration
    • Network Analysis Policy Creation
    • Preprocessor Configuration
    • Challenge
  • Lesson 9: Creating Reports
    • Reporting System Overview
    • Report Templates
    • Report Sections
    • Advanced Settings
    • Challenge
  • Lesson 10: Describing Correlation Rules and Policies
    • Correlation Policies Overview
    • Correlation Policy Responses
    • Remediations Configuration
    • Remediation Module Configuration
    • Correlation Policy Rules
    • Correlation Policies Overview
    • Correlation Events
    • Whitelists Overview
    • Whitelist Events and Violations
    • Traffic Profiles Overview
    • Traffic Profiles in Correlation Policies
    • Challenge
  • Lesson 11: Understanding Basic Rule Syntax and Usage
    • Basic Snort Rule Structure
    • Snort Rule Headers
    • Snort Rule Bodies
    • Challenge

Module 6: Cisco ASA FirePOWER Services Module

  • Lesson 1: Installing Cisco ASA 5500-X Series FirePOWER Services (SFR) Module
    • Cisco ASA FirePOWER Services (SFR) Module Overview
    • Cisco FireSIGHT Management Center Overview
    • Cisco ASA FirePOWER Services Software Module Management Interface
    • Cisco ASA FirePOWER Services Module Package Installation
    • Cisco ASA FirePOWER Services Module Verification
    • Redirect Traffic to Cisco ASA FirePOWER Services Module
    • Challenge