Skip to main content

Durata corso:

5 giorni

Costo:

3.000,00 €

Implementing and Operating Cisco Security Core Technologies (SCOR) (CIS11)

Codice: CIS11

Il corso Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 ti aiuta a prepararti per le certificazioni Cisco® CCNP® Security e CCIE® Security e per i ruoli di sicurezza di livello senior. In questo corso acquisirai padronanza delle competenze e delle tecnologie necessarie per implementare le principali soluzioni di sicurezza Cisco per fornire una protezione avanzata dalle minacce contro gli attacchi alla sicurezza informatica. Imparerai la sicurezza per reti, cloud e contenuti, protezione degli endpoint, accesso sicuro alla rete, visibilità e applicazione. Acquisirai una vasta esperienza pratica nell’implementazione di Cisco Firepower Next-Generation Firewall e Cisco ASA Firewall; configurazione dei criteri di controllo degli accessi, dei criteri di posta e dell’autenticazione 802.1X; e altro ancora. Otterrai una pratica introduttiva sulle funzionalità di rilevamento delle minacce di Cisco Stealthwatch Enterprise e Cisco Stealthwatch Cloud.

Questo corso, ti aiuta a prepararti a sostenere l’esame, Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), che porta al nuovo CCNP Security, CCIE Security e al Cisco Certified Specialist – Security Certificazioni di base.

Modalità di erogazione

In aula o Live Virtual Classroom

Attestato di partecipazione

Al termine del corso verrà rilasciato l’attestato di frequenza

Esame

350-701 – Implementing and Operating Cisco Security Core Technologies

Contenuti del corso

Describing Information Security Concepts*

  • Information Security Overview

  • Assets, Vulnerabilities, and Countermeasures

  • Managing Risk

  • Vulnerability Assessment

  • Understanding Common Vulnerability Scoring System (CVSS)

 

Describing Common TCP/IP Attacks*

  • Legacy TCP/IP Vulnerabilities

  • IP Vulnerabilities

  • Internet Control Message Protocol (ICMP) Vulnerabilities

  • TCP Vulnerabilities

  • User Datagram Protocol (UDP) Vulnerabilities

  • Attack Surface and Attack Vectors

  • Reconnaissance Attacks

  • Access Attacks

  • Man-in-the-Middle Attacks

  • Denial of Service and Distributed Denial of Service Attacks

  • Reflection and Amplification Attacks

  • Spoofing Attacks

  • Dynamic Host Configuration Protocol (DHCP) Attacks

 

Describing Common Network Application Attacks*

  • Password Attacks

  • Domain Name System (DNS)-Based Attacks

  • DNS Tunneling

  • Web-Based Attacks

  • HTTP 302 Cushioning

  • Command Injections

  • SQL Injections

  • Cross-Site Scripting and Request Forgery

  • Email-Based Attacks

 

Describing Common Endpoint Attacks*

  • Buffer Overflow

  • Malware

  • Reconnaissance Attack

  • Gaining Access and Control

  • Gaining Access via Social Engineering

  • Gaining Access via Web-Based Attacks

  • Exploit Kits and Rootkits

  • Privilege Escalation

  • Post-Exploitation Phase

  • Angler Exploit Kit

 

Describing Network Security Technologies

  • Defense-in-Depth Strategy

  • Defending Across the Attack Continuum

  • Network Segmentation and Virtualization Overview

  • Stateful Firewall Overview

  • Security Intelligence Overview

  • Threat Information Standardization

  • Network-Based Malware Protection Overview

  • Intrusion Prevention System (IPS) Overview

  • Next Generation Firewall Overview

  • Email Content Security Overview

  • Web Content Security Overview

  • Threat Analytic Systems Overview

  • DNS Security Overview

  • Authentication, Authorization, and Accounting Overview

  • Identity and Access Management Overview

  • Virtual Private Network Technology Overview

  • Network Security Device Form Factors Overview

 

Deploying Cisco ASA Firewall

  • Cisco ASA Deployment Types

  • Cisco ASA Interface Security Levels

  • Cisco ASA Objects and Object Groups

  • Network Address Translation

  • Cisco ASA Interface Access Control Lists (ACLs)

  • Cisco ASA Global ACLs

  • Cisco ASA Advanced Access Policies

  • Cisco ASA High Availability Overview

 

Deploying Cisco Firepower Next-Generation Firewall

  • Cisco Firepower NGFW Deployments

  • Cisco Firepower NGFW Packet Processing and Policies

  • Cisco Firepower NGFW Objects

  • Cisco Firepower NGFW Network Address Translation (NAT)

  • Cisco Firepower NGFW Prefilter Policies

  • Cisco Firepower NGFW Access Control Policies

  • Cisco Firepower NGFW Security Intelligence

  • Cisco Firepower NGFW Discovery Policies

  • Cisco Firepower NGFW IPS Policies

  • Cisco Firepower NGFW Malware and File Policies

 

Deploying Email Content Security

  • Cisco Email Content Security Overview

  • Simple Mail Transfer Protocol (SMTP) Overview

  • Email Pipeline Overview

  • Public and Private Listeners

  • Host Access Table Overview

  • Recipient Access Table Overview

  • Mail Policies Overview

  • Protection Against Spam and Graymail

  • Anti-virus and Anti-malware Protection

  • Outbreak Filters

  • Content Filters

  • Data Loss Prevention

  • Email Encryption

 

Deploying Web Content Security

    • Cisco Web Security Appliance (WSA) Overview

    • Deployment Options

    • Network Users Authentication

    • Secure HTTP (HTTPS) Traffic Decryption

    • Access Policies and Identification Profiles

    • Acceptable Use Controls Settings

  • Anti-Malware Protection

 

Deploying Cisco Umbrella*

  • Cisco Umbrella Architecture

  • Deploying Cisco Umbrella

  • Cisco Umbrella Roaming Client

  • Managing Cisco Umbrella

  • Cisco Umbrella Investigate Overview and Concepts

 

Explaining VPN Technologies and Cryptography

  • VPN Definition

  • VPN Types

  • Secure Communication and Cryptographic Services

  • Keys in Cryptography

  • Public Key Infrastructure

 

Introducing Cisco Secure Site-to-Site VPN Solutions

  • Site-to-Site VPN Topologies

  • IPsec VPN Overview

  • IPsec Static Crypto Maps

  • IPsec Static Virtual Tunnel Interface

  • Dynamic Multipoint VPN

  • Cisco IOS FlexVPN

 

Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs

  • Cisco IOS VTIs

  • Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration

 

Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW

  • Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW

  • Cisco ASA Point-to-Point VPN Configuration

  • Cisco Firepower NGFW Point-to-Point VPN Configuration

 

Introducing Cisco Secure Remote Access VPN Solutions

  • Remote Access VPN Components

  • Remote Access VPN Technologies

  • Secure Sockets Layer (SSL) Overview

 

Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW

  • Remote Access Configuration Concepts

  • Connection Profiles

  • Group Policies

  • Cisco ASA Remote Access VPN Configuration

  • Cisco Firepower NGFW Remote Access VPN Configuration

 

Explaining Cisco Secure Network Access Solutions

  • Cisco Secure Network Access

  • Cisco Secure Network Access Components

  • AAA Role in Cisco Secure Network Access Solution

  • Cisco Identity Services Engine

  • Cisco TrustSec

 

Describing 802.1X Authentication

  • 802.1X and Extensible Authentication Protocol (EAP)

  • EAP Methods

  • Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications

  • RADIUS Change of Authorization

 

Configuring 802.1X Authentication

  • Cisco Catalyst® Switch 802.1X Configuration

  • Cisco Wireless LAN Controller (WLC) 802.1X Configuration

  • Cisco Identity Services Engine (ISE) 802.1X Configuration

  • Supplicant 802.1x Configuration

  • Cisco Central Web Authentication

 

Describing Endpoint Security Technologies*

    • Host-Based Personal Firewall

    • Host-Based Anti-Virus

    • Host-Based Intrusion Prevention System

    • Application Whitelists and Blacklists

    • Host-Based Malware Protection

    • Sandboxing Overview

  • File Integrity Checking

 

Deploying Cisco Advanced Malware Protection (AMP) for Endpoints*

  • Cisco AMP for Endpoints Architecture

  • Cisco AMP for Endpoints Engines

  • Retrospective Security with Cisco AMP

  • Cisco AMP Device and File Trajectory

  • Managing Cisco AMP for Endpoints

 

Introducing Network Infrastructure Protection*

  • Identifying Network Device Planes

  • Control Plane Security Controls

  • Management Plane Security Controls

  • Network Telemetry

  • Layer 2 Data Plane Security Controls

  • Layer 3 Data Plane Security Controls

 

Deploying Control Plane Security Controls*

  • Infrastructure ACLs

  • Control Plane Policing

  • Control Plane Protection

  • Routing Protocol Security

 

Deploying Layer 2 Data Plane Security Controls*

  • Overview of Layer 2 Data Plane Security Controls

  • Virtual LAN (VLAN)-Based Attacks Mitigation

  • Spanning Tree Protocol (STP) Attacks Mitigation

  • Port Security

  • Private VLANs

  • Dynamic Host Configuration Protocol (DHCP) Snooping

  • Address Resolution Protocol (ARP) Inspection

  • Storm Control

  • MACsec Encryption

 

Deploying Layer 3 Data Plane Security Controls*

  • Infrastructure Antispoofing ACLs

  • Unicast Reverse Path Forwarding

  • IP Source Guard

 

Deploying Management Plane Security Controls*

  • Cisco Secure Management Access

  • Simple Network Management Protocol Version 3

  • Secure Access to Cisco Devices

  • AAA for Management Access

 

Deploying Traffic Telemetry Methods*

  • Network Time Protocol

  • Device and Network Events Logging and Export

  • Network Traffic Monitoring Using NetFlow

 

Deploying Cisco Stealthwatch Enterprise*

  • Cisco Stealthwatch Offerings Overview

  • Cisco Stealthwatch Enterprise Required Components

  • Flow Stitching and Deduplication

  • Stealthwatch Enterprise Optional Components

  • Stealthwatch Enterprise and ISE Integration

  • Cisco Stealthwatch with Cognitive Analytics

  • Cisco Encrypted Traffic Analytics

  • Host Groups

  • Security Events and Alarms

  • Host, Role, and Default Policies

 

Describing Cloud and Common Cloud Attacks*

  • Evolution of Cloud Computing

  • Cloud Service Models

  • Security Responsibilities in Cloud

  • Cloud Deployment Models

  • Common Security Threats in Cloud

  • Patch Management in the Cloud

  • Security Assessment in the Cloud

 

Securing the Cloud*

  • Cisco Threat-Centric Approach to Network Security

  • Cloud Physical Environment Security

  • Application and Workload Security

  • Cloud Management and API Security

  • Network Function Virtualization (NFV) and Virtual Network Functions (VNF)

  • Cisco NFV Examples

  • Reporting and Threat Visibility in Cloud

  • Cloud Access Security Broker

  • Cisco CloudLock®

  • OAuth and OAuth Attacks

 

Deploying Cisco Stealthwatch Cloud*

  • Cisco Stealthwatch Cloud for Public Cloud Monitoring

  • Cisco Stealthwatch Cloud for Private Network Monitoring

  • Cisco Stealthwatch Cloud Operations

Describing Software-Defined Networking (SDN*)

  • Software-Defined Networking Concepts

  • Network Programmability and Automation

  • Cisco Platforms and APIs

  • Basic Python Scripts for Automation

 

* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.

 

 

 

 

 

Partecipanti
  • Security Engineer
  • Network Engineer
  • Network Designer
  • Network Administrator
  • Systems Engineer
  • Consulting Systems Engineer
  • Technical Solutions Architect
  • Cisco Integrators/Partners
  • Network Manager
  • Cisco integrators and partners

 

Prerequisiti

Per beneficiare appieno di questo corso, dovresti avere le seguenti conoscenze e abilità:

  • Competenze e conoscenze equivalenti a quelle apprese durante l’implementazione e l’amministrazione delle soluzioni Cisco (CCNA)
  • Conoscenza delle reti Ethernet e TCP/IP
  • Conoscenza operativa del sistema operativo Windows
  • Conoscenza operativa della rete e dei concetti di Cisco IOS
  • Familiarità con le basi dei concetti di sicurezza di rete

 

Obiettivi

Dopo aver seguito questo corso, dovresti essere in grado di:

  • Describe information security concepts and strategies within the network
  • Describe common TCP/IP, network application, and endpoint attacks
  • Describe how various network security technologies work together to guard against attacks
  • Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
  • Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
  • Describe and implement web content security features and functions provided by Cisco Web Security Appliance
  • Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console
  • Introduce VPNs and describe cryptography solutions and algorithms
  • Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS VTI-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco FirePower NGFW
  • Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and EAP authentication
  • Provide basic understanding of endpoint security and describe AMP for Endpoints architecture and basic features
  • Examine various defenses on Cisco devices that protect the control and management plane
  • Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls
  • Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
  • Describe basics of cloud computing and common cloud attacks and how to secure cloud environment

 

Lingue
Italiano
Vuoi ulteriori info?

Torna a trovarci per conoscere i nuovi Corsi inseriti

Oppure richiedi informazioni sul corso che ti interessa nella sezione Contatti

My Agile Privacy
Questo sito utilizza cookie tecnici e di profilazione. Cliccando su accetta si autorizzano tutti i cookie di profilazione. Cliccando su rifiuta o la X si rifiutano tutti i cookie di profilazione. Cliccando su personalizza è possibile selezionare quali cookie di profilazione attivare.