|
The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202)
Code:
SECUR202 1.0
Duration:
2 Day
|
$2000
USD
|
This course will introduce students to network threat investigation and then reinforce student learning through a series of lab scenarios designed to identify relationships between the Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses covering the Cisco Integrated Threat Defense (ITD) solution.
This course is available in the following formats:
Duration: 2 Day
| Call 800-798-3901 to enroll in this class! |
Upon completion of this course, you should be able to:
- Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage
- Detail how to locate and mitigate email malware attacks
- Describe email phishing attacks and the steps taken to locate and mitigate them on the network
- Identify and mitigate data exfiltration threats on the network
- Identify malware threats on the network and mitigate those threats after investigation
Module 1: Network Threat Investigation Introduction
-
Network Attack Introduction
-
Hunting Network Threats in the Enterprise
Module 2: Investigation and Mitigation of Email Malware Threats
-
Examining Email Malware Threats
-
Investigating and Verifying Email Malware Threat Mitigation
Module 3: Investigation and Mitigation of Email Phishing Threats
-
Examining Email Phishing Attacks
-
Configuring Cisco ESA for URL and Content Filtering
-
Investigating and Verifying Email Phishing Threat Mitigation
Module 4: Investigation and Mitigation of Data Exfiltration Threats
-
Exploiting Vulnerable Network Servers
-
Investigating Data Exfiltration Threats
-
Mitigating and Verifying Data Exfiltration Threats
Module 5: Investigation and Mitigation of Malware Threats
-
Examining Endpoint Malware Protection
-
Investigating and Mitigating Endpoint Malware Threats
Lab 1: Connecting to the Lab Environment
Lab 2: Threat Scenario 1: Email Malware Attachments
Lab 3: Threat Scenario 2: Email-Based Phishing
Lab 4: Threat Scenario 3: Targeted Network Server Threats and Data Exfiltration
Lab 5: Threat Scenario 4: Endpoint Malware Investigation and Mitigation
This course is designed for technical professionals who need to know how to use a deployed Integrated Threat Defense (ITD) network solution to identify, isolate, and mitigate network threats.
The primary audience for this course includes:
- Network analysts
- Network investigators
The knowledge and skills that a student must have before attending this course include:
- Technical understanding of TCP/IP networking and network architecture
- Technical understanding of security concepts and protocols
- Familiarity with Cisco Identity Services Engine, Cisco Stealthwatch, Cisco Firepower, and Cisco AMP for Endpoints