Certified and Advanced Degree
Computer Instructors and Consultants
Course Catalog
SSO-Cisco Stealthwatch for Security
Code: SSO
Duration: 2 Day
$3000 USD

OVERVIEW

The overarching goal of the course is to use the Cisco Stealthwatch System to investigate potential security issues and make initial determinations of whether to proceed with a more thorough investigation or to move on to the next potential threat.

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 2 Day

CLASS SCHEDULE
Call 800-798-3901 to enroll in this class!

GOALS

After taking this course, you should be able to:

  • Explain what Cisco Stealthwatch is and how it works.
  • Describe the goals of using Cisco Stealthwatch in the proactive and operational modes.
  • Define basic concepts of investigation and detection of potential security issues using the Cisco Stealthwatch System.
  • Complete workflows to identify indicators of compromise in your network.
  • Describe alarm types and alarm notification within Cisco Stealthwatch.
  • Explain the utility of maps in the Cisco Stealthwatch System.
  • Describe how the Cisco Stealthwatch System contributes to successful incident handling
OUTLINE

Will Be Updated Soon!

Day One

  • Course Introduction
  • Cisco Stealthwatch Security Course Overview
  • Introduction to Security
  • Using Stealthwatch in the Proactive Mode
  • Pattern Recognition
  • Investigation and Detection Using Stealthwatch
  • Lab: Using Top Reports and Flow Tables for Detection
  • Lab: Creating and Using Dashboards for Detection
  • Lab: Creating Custom Security Events
  • Lab: Proactive Investigation Practice

 

Day Two

  • Day One Review
  • Using Stealthwatch in the Operational Mode
  • Alarms and Alarm Response
  • Lab: Responding to Alarms
  • Maps
  • Lab: Using Maps for Incident Response
  • Host Identification
  • Lab: Identify Hosts Using Host Snapshot and Host Report
  • Culminating Scenario: Using Stealthwatch for Insider Threats
  • Security Best Practices in Stealthwatch
  • Cisco Stealthwatch Security Course Outcomes
  • Course Conclusion
LABS

Will Be Updated Soon!
Will Be Updated Soon!
WHO SHOULD ATTEND

After taking this course, you should be able to:

  • Explain what Cisco Stealthwatch is and how it works.
  • Describe the goals of using Cisco Stealthwatch in the proactive and operational modes.
  • Define basic concepts of investigation and detection of potential security issues using the Cisco Stealthwatch System.
  • Complete workflows to identify indicators of compromise in your network.
  • Describe alarm types and alarm notification within Cisco Stealthwatch.
  • Explain the utility of maps in the Cisco Stealthwatch System.
  • Describe how the Cisco Stealthwatch System contributes to successful incident handling
PREREQUISITES

  • Flow Basics
  • Cisco Stealthwatch Overview and Components
  • Cisco Stealthwatch SMC Client Interface Overview
  • Cisco Stealthwatch Web App Overview