0
Views
SCOR: Implementation and operation of key technologies Cisco Security Core Technologies - course RUB 159,990. from Specialist, training 64 academic hours, date of April 30, 2023.
Miscellaneous / / December 03, 2023
The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course will help you prepare not only for receiving Cisco® CCNP® Security and CCIE® Security certifications, but also to work in the security field at the highest levels level. This course will provide students with the skills and knowledge necessary to implement or use key Cisco solutions to provide advanced protection against cybersecurity attacks. Students will learn about protecting networks, cloud infrastructures and content, network and end devices, and remote users. Laboratory work includes practice with Cisco Firepower Next-Generation Firewall and Cisco ASA Firewall; setting up remote access policies and mail traffic scanning policies; implementation of authentication according to the 802.1X standard; work with Cisco Stealthwatch Enterprise and Cisco Stealthwatch Cloud.
This course allows you to prepare for the Implementing and Operating Cisco Security Core exam Technologies (350-701 SCOR), which is part of the updated CCNP Security and CCIE certification programs Security.
Cisco certificates are issued to students only after successfully passing the final test.
Course audience:
- Security engineers
- Network engineers
- Network designers
- Network administrators
- System engineers
- Consulting systems engineers
- Architects of technical solutions
- Cisco Integrators/Partners
- Network managers
You will learn:
- Describe the principles of information security
- Understand the most common attacks on TCP/IP networks, network applications and devices
- Understand how different network security technologies work together to protect against different types of attacks
- Implement access control on Cisco ASA and Cisco Firepower Next-Generation Firewall
- Implement basic security features to protect email traffic on the Cisco Email Security Appliance
- Implement basic security features to protect web traffic on the Cisco Web Security Appliance
- Understand the capabilities of Cisco Umbrella, platform implementation schemes, principles of policy management, console features
- Understand the types of VPNs and describe the cryptographic algorithms used in different systems
- Know how they work: Cisco site-to-site VPN, Cisco IOS VTI-based point-to-point IPsec VPN, point-to-point IPsec VPN on Cisco ASA and Cisco FirePower NGFW
- Implement Cisco remote access security solutions and configure 802.1X and EAP authentication
- Understand how AMP for Endpoints works and how to properly protect endpoints
- Configure mechanisms to protect the control and management plane on network devices
- Configure Cisco IOS Software Layer 2 and Layer 3 mechanisms to protect the Data Plane
- Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
- Understand the basic principles of protecting cloud infrastructures from common attacks
Module 1. Network Security Concepts*
Overview of Information Security Principles
Management of risks
Vulnerability Assessment
CVSS analysis
Module 2. Common TCP/IP attacks*
TCP/IP vulnerabilities
IP service vulnerabilities
ICMP vulnerabilities
TCP vulnerabilities
UDP vulnerabilities
Attack vectors
Reconnaissance attacks
Attacks on access protocols
Man-in-the-middle attacks
Denial of Service and Distributed Denial of Service
Reflect and Enhance Attacks
Spoofing attacks
Attacks on DHCP
Module 3. Common attacks on network applications *
Password attacks
DNS attacks
DNS tunneling
Attacks on web services
HTTP 302 Cushioning
Command Injections
SQL Injections
Cross-Site Scripting and Request Forgery
Attacks on mail traffic
Module 4. Common attacks on endpoints*
Buffer overflow
Malware
Intelligence service
Gaining access and control
Gaining access using social engineering
Gaining access using web traffic attacks
Exploit Kits and Rootkits
Privilege escalation
Post-implementation phase
Angler Exploit Kit
Module 5. Network security technologies (5 ac. h.)
Defense-in-Depth Strategy
Network segmentation and overview of virtualization mechanisms
Stateful Firewall Review
Security Intelligence Overview
Standardization of threat information
Network anti-malware overview
Overview of Intrusion Prevention Systems
Overview of the next generation ITU
Email Content Security Review
Web Content Security Review
Threat Analytics Systems Review
Overview of DNS Security Mechanisms
Authentication, authorization, accounting
Managing user credentials and access
Overview of Virtual Private Network technologies
Network Security Devices Overview
Module 6. Implementation of ITU Cisco ASA (5 ac. h.)
Cisco ASA Operating Modes
Cisco ASA Interface Security Levels
Objects and Object Groups in Cisco ASA
Network Address Translation
ACL on Cisco ASA interfaces
Global ACLs on Cisco ASA
Cisco ASA Inspection Policies
Cisco ASA Fault Tolerant Topologies
Module 7. Implementation of a new generation firewall Cisco Firepower (5 ac. h.)
Cisco Firepower NGFW Operating Modes
Packet Processing and Policies
Objects
NAT
Pre-filtering policies
Access Control Policies
Cisco Firepower NGFW Security Intelligence
Discovery Policies
IPS Policies
Malware detection and file policies
Module 8. Implementation of Email Content Security (5 ac. h.)
Cisco Email Content Security Overview
SMTP Overview
Email Pipeline Review
Public and Private Listeners
Host Access Table
Recipient Access Table
Overview of mail traffic filtering policies
Protection against Spam and Graymail
Virus and malware protection
Outbreak filters
Content filtering
Data leak protection
Encryption of mail traffic
Module 9. Implementation of Web Content Security (5 ac. h.)
Cisco WSA Solution Overview
Features of implementation
Network user authentication
HTTPS traffic decryption
Access Policies and Identity Policies
Acceptable Use Controls Settings
Malware protection
Module 10. Implementation of Cisco Umbrella*
Cisco Umbrella Architecture
Cisco Umbrella Implementation
Cisco Umbrella Roaming Client
Cisco Umbrella Management
Explore Cisco Umbrella Features
Module 11. VPN technologies and cryptographic algorithms (5 ac. h.)
Introduction to VPN
VPN Types
Secure Communication and Cryptographic Services
Types of keys in cryptography
Public key infrastructure
Module 12. Cisco Secure Site-to-Site VPN (5 ac. h.)
Site-to-Site VPN technologies
IPsec VPN Review
IPsec Static Crypto Maps
IPsec Static Virtual Tunnel Interface
Dynamic Multipoint VPN
Cisco IOS FlexVPN
Module 13. Cisco IOS VTI-Based Point-to-Point (5 ac. h.)
Cisco IOS VTIs
Configuring VTI Point-to-Point IPsec IKEv2 VPN
Module 14. Point-to-Point IPsec VPNs on Cisco ASA and Cisco Firepower NGFW (4 ac. h.)
Point-to-Point VPN on Cisco ASA and Cisco Firepower NGFW
Configuring Cisco ASA Point-to-Point VPN
Setting up Cisco Firepower NGFW Point-to-Point VPN
Module 15. Cisco Secure Remote Access VPN (4 ac. h.)
Remote Access VPN
Components and technologies
SSL Overview
Module 16. Remote Access SSL VPN on Cisco ASA and Cisco Firepower NGFW (4 ac. h.)
Connection profiles
Group policies
Cisco ASA Remote Access VPN Settings
Cisco Firepower NGFW Remote Access VPN Settings
Module 17. Access control in Cisco networks (4 ac. h.)
Secure network access
AAA Services
Cisco Identity Services Engine Features Overview
Cisco TrustSec Architecture
Module 18. 802.1X authentication (4 ac. h.)
802.1X and EAP
EAP Methods
The role of the RADIUS protocol in an 802.1X system
RADIUS Change of Authorization
Module 19. 802.1X Authentication Configuration (4 ac. h.)
802.1X Settings on Cisco Catalyst Switch
802.1X Settings on Cisco WLC 802.1X
802.1X Settings on Cisco ISE 802.1X
Supplicant 802.1x
Cisco Central Web Authentication
Module 20. Endpoint security technologies *
Host firewalls
Host antiviruses
Host-based intrusion prevention systems
White and black lists of resources on hosts
Malware protection
Sandbox overview
Checking files
Module 21. Implementing Cisco AMP for Endpoints*
Cisco AMP for Endpoints Solution Architecture
Cisco AMP for Endpoints Engines
Retrospective Protection Using Cisco AMP
Building a File Trajectory Using Cisco AMP
Managing Cisco AMP for Endpoints
Module 22. Network infrastructure protection *
Network device operation planes
Control plane security mechanisms
Control plane security mechanisms
Traffic telemetry
Data plane protection at the data link layer
Data plane protection at the network layer
Module 23. Implementation of control plane protection mechanisms *
Infrastructure ACLs
Control Plane Policing
Control Plane Protection
Routing protocol security mechanisms
Module 24. Implementation of data plane protection mechanisms at the data link layer *
Overview of Data Plane Security Mechanisms
Protection against attacks on the VLAN system
Protection against attacks on the STP protocol
Port Security
Private VLANs
DHCP Snooping
ARP Inspection
Storm Control
MACsec encryption
Module 25. Implementation of data plane protection mechanisms at the network level *
Infrastructure Antispoofing ACL
Unicast Reverse Path Forwarding
IP Source Guard
Subscribe
YOU MIGHT ALSO LIKE
