Securing Cisco Networks with Threat Detection and Analysis

5 Days

Description

The Securing Cisco Networks with Threat Detection and Analysis (SCYBER) v1.0 course is instructor-led training. This lab-intensive, five-day training course prepares students to take the Cisco Cybersecurity Specialist certification exam and enables them to function effectively as security analyst team members. The course combines lecture materials and hands-on labs throughout to make sure that students are able to understand cybersecurity concepts and recognize specific network threats and attacks. This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network. The job role for a security analyst varies from industry to industry, and private-sector roles differ from public-sector roles.

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

  • Monitor security events
  • Configure and tune security event detection and alarms
  • Analyze traffic for security threats
  • Respond appropriately to security incidents

Upcoming Classes

Virtual Classroom Live
October 30, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
November 27, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
December 18, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Private Training Available
No date scheduled, don’t see a date that works for you or looking for a private training event, please call 651-905-3729 or submit a request for further information here.
request a private session or new date

Course Overview

  • Module 1: Attacker Methodology
    • Lesson 1: Defining the Attacker Methodology
    • Lesson 2: Identifying Malware and Attacker Tools
    • Lesson 3: Understanding Attacks
  • Module 2: Defender Methodology
    • Lesson 1: Enumerating Threats, Vulnerabilities, and Exploits
    • Lesson 2: Defining SOC Services
    • Lesson 3: Defining SOC Procedures
    • Lesson 4: Defining the Role of a Network Security Analyst
    • Lesson 5: Identifying a Security Incident
  • Module 3: Defender Tools
    • Lesson 1: Collecting Network Data
    • Lesson 2: Understanding Correlation and Baselines
    • Lesson 3: Assessing Sources of Data
    • Lesson 4: Understanding Events
    • Lesson 5: Examining User Reports
    • Lesson 6: Introducing Risk Analysis and Mitigation
  • Module 4: Packet Analysis
    • Lesson 1: Identifying Packet Data
    • Lesson 2: Analyzing Packets Using Cisco IOS Software
    • Lesson 3: Accessing Packets in Cisco IOS Software
    • Lesson 4: Acquiring Network Traces
    • Lesson 5: Establishing a Packet Baseline
    • Lesson 6: Analyzing Packet Traces
  • Module 5: Network Log Analysis
    • Lesson 1: Using Log Analysis Protocols and Tools
    • Lesson 2: Exploring Log Mechanics
    • Lesson 3: Retrieving Syslog Data
    • Lesson 4: Retrieving DNS Events and Proxy Logs
    • Lesson 5: Correlating Log Files
  • Module 6: Baseline Network Operations
    • Lesson 1: Baselining Business Processes
    • Lesson 2: Mapping the Network Topology
    • Lesson 3: Managing Network Devices
    • Lesson 4: Baselining Monitored Networks
    • Lesson 5: Monitoring Network Health
  • Module 7: Incident Response Preparation
    • Lesson 1: Defining the Role of the SOC
    • Lesson 2: Establishing Effective Security Controls
    • Lesson 3: Establishing an Effective Monitoring System
  • Module 8: Security Incident Detection
    • Lesson 1: Correlating Events Manually
    • Lesson 2: Correlating Events Automatically
    • Lesson 3: Assessing Incidents
    • Lesson 4: Classifying Incidents
    • Lesson 5: Attributing the Incident Source
  • Module 9: Investigations
    • Lesson 1: Scoping the Investigation
    • Lesson 2: Investigating Through Data Correlation
    • Lesson 3: Understanding NetFlow
    • Lesson 4: Investigating Connections Using NetFlow
  • Module 10: Mitigations and Best Practices
    • Lesson 1: Mitigating Incidents
    • Lesson 2: Using ACLs
    • Lesson 3: Implementing Network-Layer Mitigations and Best Practices
    • Lesson 4: Implementing Link-Layer Best Practices
  • Module 11: Communication
    • Lesson 1: Documenting Communication
    • Lesson 2: Documenting Incident Details
  • Module 12: Post-Event Activity
    • Lesson 1: Conducting an Incident Post-Mortem
    • Lesson 2: Improving Security of Monitored Networks
  • Hands-On Labs
    • Case Study 2-1: Assessing Your Understanding of Network and Security Operations
    • Lab 3-1: Network and Security Data Analysis Team-Building Activity
    • Lab 4-1: Capturing Packets from Embedded Devices
    • Lab 4-2: Capturing Packets from Network Hosts
    • Lab 4-3: Analyzing Packet Captures
    • Lab 5-1: Understanding Log Data
    • Lab 5-2: Correlating Logs Manually
    • Lab 6-1: Mapping a Network Topology
    • Lab 6-2: Retrieving Event Data
    • Lab 6-3: Monitoring Device Health
    • Lab 7-1: Assessing Current Security Controls
    • Lab 7-2: Assessing Current Monitoring Systems
    • Lab 8-1: Correlating Events Manually
    • Lab 8-2: Correlating Events Automatically
    • Lab 8-3: Identifying a Security Incident
    • Lab 9-1: Understanding Flow Data
    • Lab 9-2: Using NetFlow
    • Lab 10-1: Using ACLs
    • Lab 10-2: Using DAI
    • Lab 11-1: Documenting an Incident
    • Lab 11-2: Recommending Remediation
    • Lab 12-1: Improving Security
    • Lab 12-2: Incident Response Challenge Lab

Upcoming Classes

Virtual Classroom Live
October 30, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
November 27, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
December 18, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Private Training Available
No date scheduled, don’t see a date that works for you or looking for a private training event, please call 651-905-3729 or submit a request for further information here.
request a private session or new date

Prerequisites

The knowledge and skills that a learner must have before attending this course are as follows:

  • CCNA® equivalent knowledge is preferred
  • Basic understanding of Cisco security product features
  • Basic understanding of open-source and commercial network security tools
  • Basic understanding of Microsoft Windows and UNIX/Linux operating systems, desktops, and servers
  • Basic understanding of the Open Systems Interconnection (OSI) model and TCP/IP

Upcoming Classes

Virtual Classroom Live
October 30, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
November 27, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Virtual Classroom Live
December 18, 2017

$4,295.00
5 Days    9:00am EST - 5:00pm EST
view class details and enroll
Private Training Available
No date scheduled, don’t see a date that works for you or looking for a private training event, please call 651-905-3729 or submit a request for further information here.
request a private session or new date