NewEra Technology Facebook
Cisco® Securing Cisco® Networks with Threat Detection and Analysis (SCYBER) 1.0 - Course Information
PRINT
SEND TO A FRIEND
Name: Cisco® Securing Cisco® Networks with Threat Detection and Analysis (SCYBER) 1.0
Category: Cisco
Length (Days): 5
Course Price (CAD): 5000
Description:
This course is designed to teach students how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network.

TARGET AUDIENCE

This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.

COURSE OBJECTIVES

This lab-intensive training course prepares you to take the Cyber Security Specialist Certification exam (exam ID = 600-199) and to hit the ground running as a security analyst team member.
Prerequisites:
Cisco® Interconnecting Cisco® Networking Devices Part 1 v3.0 (ICND1)
Outline:
1 - ATTACKER METHODOLOGY

Defining the Attacker Methodology
Identifying Malware and Attacker Tools
Understanding Attacks

2 - DEFENDER METHODOLOGY

Enumerating Threats, Vulnerabilities, and Exploits
Defining SOC Services
Defining SOC Procedures
Defining the Role of a Network Security Analyst
Identifying a Security Incident

3 - DEFENDER TOOLS

Collecting Network Data
Understanding Correlation and Baselines
Assessing Sources of Data
Understanding Events
Examining User Reports
Introducing Risk Analysis and Mitigation

4 - PACKET ANALYSIS

Identifying Packet Data
Analyzing Packets Using Cisco IOS Software
Accessing Packets in Cisco IOS Software
Acquiring Network Traces
Establishing a Packet Baseline
Analyzing Packet Traces

5 - NETWORK LOG ANALYSIS

Using Log Analysis Protocols and Tools
Exploring Log Mechanics
Retrieving Syslog Data
Retrieving DNS Events and Proxy Logs
Correlating Log Files

6 - BASELINE NETWORK OPERATIONS

Baselining Business Processes
Mapping the Network Topology
Managing Network Devices
Baselining Monitored Networks
Monitoring Network Health

7 - INCIDENT RESPONSE PREPARATION

Defining the Role of the SOC
Establishing Effective Security Controls
Establishing an Effective Monitoring System

8 - SECURITY INCIDENT DETECTION

Correlating Events Manually
Correlating Events Automatically
Assessing Incidents
Classifying Incidents
Attributing the Incident Source

9 - INVESTIGATIONS

Scoping the Investigation
Investigating Through Data Correlation
Understanding NetFlow
Investigating Connections Using NetFlow

10 - MITIGATIONS AND BEST PRACTICES

Mitigating Incidents
Using ACLs
Implementing Network-Layer Mitigations and Best Practices
Implementing Link-Layer Best Practices

11 - COMMUNICATION

Documenting Communication
Documenting Incident Details

12 - POST-EVENT ACTIVITY

Conducting an Incident Post-Mortem
Improving Security of Monitored Networks

Actual course outline may vary depending on offering center. Contact your sales representative for more information.
Guaranteed to run courses