Durata corso:
Prezzo
+ IVA
Securing Email with Cisco Email Security Appliance (SESA) (CIS13)
Codice: CIS13
Il corso Securing Email with Cisco Email Security Appliance (SESA) v3.1 mostra come distribuire e utilizzare Cisco® Email Security Appliance per stabilire la protezione dei sistemi di posta elettronica da phishing, compromissione della posta elettronica aziendale e ransomware e per semplificare la sicurezza della posta elettronica gestione delle politiche. Questo corso pratico fornisce le conoscenze e le competenze per implementare, risolvere i problemi e amministrare Cisco Email Security Appliance, incluse funzionalità chiave come protezione avanzata da malware, blocco dello spam, protezione antivirus, filtraggio delle epidemie, crittografia, quarantene e dati prevenzione delle perdite.
Questo corso ti aiuta a prepararti a sostenere l’esame, Securing Email with Cisco Email Security Appliance (300-720 SESA), che porta alle certificazioni CCNP® Security e Certified Specialist – Email Content Security.
Modalità di erogazione
In aula o Live Virtual Classroom
Attestato di partecipazione
Al termine del corso verrà rilasciato l’attestato di frequenza
Esame
300-720 – Securing Email with Cisco Email Security Appliance
Describing the Cisco Email Security Appliance
-
Cisco Email Security Appliance Overview
-
Technology Use Case
-
Cisco Email Security Appliance Data Sheet
-
SMTP Overview
-
Email Pipeline Overview
-
Installation Scenarios
-
Initial Cisco Email Security Appliance Configuration
-
Centralizing Services on a Cisco Content Security Management Appliance (SMA)
-
Release Notes for AsyncOS 11.x
Administering the Cisco Email Security Appliance
-
Distributing Administrative Tasks
-
System Administration
-
Managing and Monitoring Using the Command Line Interface (CLI)
-
Other Tasks in the GUI
-
Advanced Network Configuration
-
Using Email Security Monitor
-
Tracking Messages
-
Logging
Controlling Sender and Recipient Domains
-
Public and Private Listeners
-
Configuring the Gateway to Receive Email
-
Host Access Table Overview
-
Recipient Access Table Overview
-
Configuring Routing and Delivery Features
Controlling Spam with Talos SenderBase and Anti-Spam
-
SenderBase Overview
-
Anti-Spam
-
Managing Graymail
-
Protecting Against Malicious or Undesirable URLs
-
File Reputation Filtering and File Analysis
-
Bounce Verification
Using Anti-Virus and Outbreak Filters
-
Anti-Virus Scanning Overview
-
Sophos Anti-Virus Filtering
-
McAfee Anti-Virus Filtering
-
Configuring the Appliance to Scan for Viruses
-
Outbreak Filters
-
How the Outbreak Filters Feature Works
-
Managing Outbreak Filters
Using Mail Policies
-
Email Security Manager Overview
-
Mail Policies Overview
-
Handling Incoming and Outgoing Messages Differently
-
Matching Users to a Mail Policy
-
Message Splintering
-
Configuring Mail Policies
Using Content Filters
-
Content Filters Overview
-
Content Filter Conditions
-
Content Filter Actions
-
Filter Messages Based on Content
-
Text Resources Overview
-
Using and Testing the Content Dictionaries Filter Rules
-
Understanding Text Resources
-
Text Resource Management
-
Using Text Resources
Using Message Filters to Enforce Email Policies
-
Message Filters Overview
-
Components of a Message Filter
-
Message Filter Processing
-
Message Filter Rules
-
Message Filter Actions
-
Attachment Scanning
-
Examples of Attachment Scanning Message Filters
-
Using the CLI to Manage Message Filters
-
Message Filter Examples
-
Configuring Scan Behavior
Preventing Data Loss
-
Overview of the Data Loss Prevention (DLP) Scanning Process
-
Setting Up Data Loss Prevention
-
Policies for Data Loss Prevention
-
Message Actions
-
Updating the DLP Engine and Content Matching Classifiers
Using LDAP
-
Overview of LDAP
-
Working with LDAP
-
Using LDAP Queries
-
Authenticating End-Users of the Spam Quarantine
-
Configuring External LDAP Authentication for Users
-
Testing Servers and Queries
-
Using LDAP for Directory Harvest Attack Prevention
-
Spam Quarantine Alias Consolidation Queries
-
Validating Recipients Using an SMTP Server
SMTP Session Authentication
-
Configuring AsyncOS for SMTP Authentication
-
Authenticating SMTP Sessions Using Client Certificates
-
Checking the Validity of a Client Certificate
-
Authenticating User Using LDAP Directory
-
Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate
-
Establishing a TLS Connection from the Appliance
-
Updating a List of Revoked Certificates
Email Authentication
-
Email Authentication Overview
-
Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing
-
Verifying Incoming Messages Using DKIM
-
Overview of Sender Policy Framework (SPF) and SIDF Verification
-
Domain-based Message Authentication Reporting and Conformance (DMARC) Verification
-
Forged Email Detection
Email Encryption
-
Overview of Cisco Email Encryption
-
Encrypting Messages
-
Determining Which Messages to Encrypt
-
Inserting Encryption Headers into Messages
-
Encrypting Communication with Other Message Transfer Agents (MTAs)
-
Working with Certificates
-
Managing Lists of Certificate Authorities
-
Enabling TLS on a Listener’s Host Access Table (HAT)
-
Enabling TLS and Certificate Verification on Delivery
-
Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services
Using System Quarantines and Delivery Methods
-
Describing Quarantines
-
Spam Quarantine
-
Setting Up the Centralized Spam Quarantine
-
Using Safelists and Blocklists to Control Email Delivery Based on Sender
-
Configuring Spam Management Features for End Users
-
Managing Messages in the Spam Quarantine
-
Policy, Virus, and Outbreak Quarantines
-
Managing Policy, Virus, and Outbreak Quarantines
-
Working with Messages in Policy, Virus, or Outbreak Quarantines
-
Delivery Methods
Centralized Management Using Clusters
-
Overview of Centralized Management Using Clusters
-
Cluster Organization
-
Creating and Joining a Cluster
-
Managing Clusters
-
Cluster Communication
-
Loading a Configuration in Clustered Appliances
-
Best Practices
Testing and Troubleshooting
-
Debugging Mail Flow Using Test Messages: Trace
-
Using the Listener to Test the Appliance
-
Troubleshooting the Network
-
Troubleshooting the Listener
-
Troubleshooting Email Delivery
-
Troubleshooting Performance
-
Web Interface Appearance and Rendering Issues
-
Responding to Alerts
-
Troubleshooting Hardware Issues
-
Working with Technical Support
References
-
Model Specifications for Large Enterprises
-
Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch Offices
-
Cisco Email Security Appliance Model Specifications for Virtual Appliances
-
Packages and Licenses
Lab outline
-
Verify and Test Cisco ESA Configuration
-
Perform Basic Administration
-
Advanced Malware in Attachments (Macro Detection)
-
Protect Against Malicious or Undesirable URLs Beneath Shortened URLs
-
Protect Against Malicious or Undesirable URLs Inside Attachments
-
Intelligently Handle Unscannable Messages
-
Leverage AMP Cloud Intelligence Via Pre-Classification Enhancement
-
Integrate Cisco ESA with AMP Console
-
Prevent Threats with Anti-Virus Protection
-
Applying Content and Outbreak Filters
-
Configure Attachment Scanning
-
Configure Outbound Data Loss Prevention
-
Integrate Cisco ESA with LDAP and Enable the LDAP Accept Query
-
Domain Keys Identified Mail (DKIM)
-
Sender Policy Framework (SPF)
-
Forged Email Detection
-
Configure the Cisco SMA for Tracking and Reporting
- Security engineers
- Security administrators
- Security architects
- Operations engineers
- Network engineers
- Network administrators
- Network or security technicians
- Network managers
- System designers
- Cisco integrators and partners
Per beneficiare appieno di questo corso, dovresti avere le seguenti conoscenze e abilità:
- Cisco certification (Cisco CCENT® certification or higher)
- Relevant industry certification, such as (ISC)2, CompTIA Security+, EC-Council, Global Information Assurance Certification (GIAC), and ISACA
- Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
- Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Systems Engineer (MCSE)], CompTIA (A+, Network+, Server+)
- TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
- Experience with IP routing
Dopo aver seguito questo corso, dovresti essere in grado di:
- Describe and administer the Cisco Email Security Appliance (ESA)
- Control sender and recipient domains
- Control spam with Talos SenderBase and anti-spam
- Use anti-virus and outbreak filters
- Use mail policies
- Use content filters
- Use message filters to enforce email policies
- Prevent data loss
- Perform LDAP queries
- Authenticate Simple Mail Transfer Protocol (SMTP) sessions
- Authenticate email
- Encrypt email
- Use system quarantines and delivery methods
- Perform centralized management using clusters
- Test and troubleshoot