Cisco Stealthwatch Security (SSO)
The Stealthwatch courses are available for Private on-sites only at this time. If you are interested in one or more of these courses or need a custom training class, please contact us at firstname.lastname@example.org. All Stealthwatch courses accept CLCs as payment.
Cisco Stealthwatch for Security Operations is a 2-day, instructor-led, lab-based, hands-on course that focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use the Stealthwatch System to investigate potential security issues and make initial determinations on whether to proceed with a more thorough investigation or to move on to the next potential threat.
A qui s'adresse cette formation
This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration and initiate incident response investigations.
- Flow Basics
- Cisco Stealthwatch Overview and Components
- Cisco Stealthwatch SMC Client Interface Overview
- Cisco Stealthwatch Web App Overview
- Explain what Cisco Stealtwatch is and how it works.
- Explain how hosts and host groups are defined in Cisco Stealthwtch.
- Define basic concepts of policy management.
- Identify the three phases of the Cisco Stealthwatch tuning process.
- Complete workflows to identify indicators of compromise in your network.
Outline: Cisco Stealthwatch Security (SSO)
Module 1: Stealthwatch
- Cisco Stealthwatch Security Overview
- Introduction to Security
Module 2: Stealthwatch in the Proactive Mode
- Using Stealthwatch in the Proactive Mode
- Pattern Recognition
- Investigation and Detection Using Stealthwatch
Module 3: Stealthwatch in the Operational Mode
- Using Stealthwatch in the Operational Mode
- Alarms and Alarm Response
- Host Identification
Module 4: Summary
- Culminating Scenario: Using Stealthwatch for Insider Threats
- Putting Together an Incident Response Process
- Example Workflow for Incident Response
- Security Best Practices in Stealthwatch
- Using Top Reports and Flow Tables for Detection
- Creating and Using Dashboards for Detection
- Creating Custom Security Events
- Responding to Alarms
- Proactive Investigation Practice
- Using Maps for Incident Response
- Identify Hosts Using Host Snapshot and Host Report
Durée 2 jours
- Canada: CAD 3 975,-
- Cisco Learning Credits: 30 CLC
Actuellement aucune session planifiée Demande de date