Cisco Stealthwatch Security (SSO)

 

Résumé du cours

The Stealthwatch courses are available for Private on-sites only at this time. If you are interested in one or more of these courses or need a custom training class, please contact us at info@flane.fr. All Stealthwatch courses accept CLCs as payment.

Contenu

Cisco Stealthwatch for Security Operations is a 2-day, instructor-led, lab-based, hands-on course that focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use the Stealthwatch System to investigate potential security issues and make initial determinations on whether to proceed with a more thorough investigation or to move on to the next potential threat.

A qui s'adresse cette formation

This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration and initiate incident response investigations.

Pré-requis

  • Flow Basics
  • Cisco Stealthwatch Overview and Components
  • Cisco Stealthwatch SMC Client Interface Overview
  • Cisco Stealthwatch Web App Overview

Objectifs

  • Explain what Cisco Stealtwatch is and how it works.
  • Explain how hosts and host groups are defined in Cisco Stealthwtch.
  • Define basic concepts of policy management.
  • Identify the three phases of the Cisco Stealthwatch tuning process.
  • Complete workflows to identify indicators of compromise in your network.

Outline: Cisco Stealthwatch Security (SSO)

Module 1: Stealthwatch

  • Cisco Stealthwatch Security Overview
  • Introduction to Security

Module 2: Stealthwatch in the Proactive Mode

  • Using Stealthwatch in the Proactive Mode
  • Pattern Recognition
  • Investigation and Detection Using Stealthwatch

Module 3: Stealthwatch in the Operational Mode

  • Using Stealthwatch in the Operational Mode
  • Alarms and Alarm Response
  • Maps
  • Host Identification

Module 4: Summary

  • Culminating Scenario: Using Stealthwatch for Insider Threats
  • Putting Together an Incident Response Process
  • Example Workflow for Incident Response
  • Security Best Practices in Stealthwatch
  • Outcomes

Labs:

  • Using Top Reports and Flow Tables for Detection
  • Creating and Using Dashboards for Detection
  • Creating Custom Security Events
  • Responding to Alarms
  • Proactive Investigation Practice
  • Using Maps for Incident Response
  • Identify Hosts Using Host Snapshot and Host Report

Prix & Delivery methods

Formation en ligne

Durée
2 jours

Prix
  • Online Training : CAD 3 960,–
  • Online Training : US$ 3 000,–
  • Cisco Learning Credits : 30
Dates et Inscription
Demande de date
Formation en salle équipée

Durée
2 jours

Prix
  • Canada : CAD 3 960,–
  • Cisco Learning Credits : 30
Dates et Inscription
Demande de date

Agenda

Actuellement aucune session planifiée

Demande de date