Popis kurzu Cisco® Securing Cisco® Networks with Threat Detection and Analysis SCYBER 1.0
Cisco® Securing Cisco® Networks with Threat Detection and Analysis (SCYBER) 1.0
This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network.
CÍLOVÁ SKUPINA This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.
TÉMATA KURZU This lab-intensive training course prepares you to take the Cyber Security Specialist Certification exam (exam ID = 600-199) and to hit the ground running as a security analyst team member.
Nahoru OSNOVA KURZU 1 - ATTACKER METHODOLOGY Defining the Attacker Methodology Identifying Malware and Attacker Tools Understanding Attacks
2 - DEFENDER METHODOLOGY Enumerating Threats, Vulnerabilities, and Exploits Defining SOC Services Defining SOC Procedures Defining the Role of a Network Security Analyst Identifying a Security Incident
3 - DEFENDER TOOLS Collecting Network Data Understanding Correlation and Baselines Assessing Sources of Data Understanding Events Examining User Reports Introducing Risk Analysis and Mitigation
4 - PACKET ANALYSIS Identifying Packet Data Analyzing Packets Using Cisco IOS Software Accessing Packets in Cisco IOS Software Acquiring Network Traces Establishing a Packet Baseline Analyzing Packet Traces
5 - NETWORK LOG ANALYSIS Using Log Analysis Protocols and Tools Exploring Log Mechanics Retrieving Syslog Data Retrieving DNS Events and Proxy Logs Correlating Log Files
6 - BASELINE NETWORK OPERATIONS Baselining Business Processes Mapping the Network Topology Managing Network Devices Baselining Monitored Networks Monitoring Network Health
7 - INCIDENT RESPONSE PREPARATION Defining the Role of the SOC Establishing Effective Security Controls Establishing an Effective Monitoring System
9 - INVESTIGATIONS Scoping the Investigation Investigating Through Data Correlation Understanding NetFlow Investigating Connections Using NetFlow
10 - MITIGATIONS AND BEST PRACTICES Mitigating Incidents Using ACLs Implementing Network-Layer Mitigations and Best Practices Implementing Link-Layer Best Practices
11 - COMMUNICATION Documenting Communication Documenting Incident Details
12 - POST-EVENT ACTIVITY Conducting an Incident Post-Mortem Improving Security of Monitored Networks
Aktuální osnova kurzu se může lišit v závislosti na pobočce, která ho nabízí. Více informací vám poskytnou naši obchodní zástupci.
*Objednávka kurzu či žádost o více informací je zaslána přímo dodavateli vzdělávání. Ceny kurzů bez slev na EduCity jsou stejné jako u dodavatelů. Uplatnění slev u LAST MINUTE a Akčních kurzů pouze při objednání přes EduCity.