Loading Events

« All Events

  • This event has passed.

Cisco® Securing Cisco® Networks with Threat Detection and Analysis (SCYBER) 1.0

February 5 @ 8:00 am - February 9 @ 5:00 pm

|Recurring Event (See all)

One event on June 11, 2018 at 8:00am

Live Online Instructor Led

TARGET AUDIENCE

This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks.

COURSE OBJECTIVES

This lab-intensive training course prepares you to take the Cyber Security Specialist Certification exam (exam ID = 600-199) and to hit the ground running as a security analyst team member.

COURSE OUTLINE

1 – ATTACKER METHODOLOGY

Defining the Attacker Methodology

Identifying Malware and Attacker Tools

Understanding Attacks

2 – DEFENDER METHODOLOGY

Enumerating Threats, Vulnerabilities, and Exploits

Defining SOC Services

Defining SOC Procedures

Defining the Role of a Network Security Analyst

Identifying a Security Incident

3 – DEFENDER TOOLS

Collecting Network Data

Understanding Correlation and Baselines

Assessing Sources of Data

Understanding Events

Examining User Reports

Introducing Risk Analysis and Mitigation

4 – PACKET ANALYSIS

Identifying Packet Data

Analyzing Packets Using Cisco IOS Software

Accessing Packets in Cisco IOS Software

Acquiring Network Traces

Establishing a Packet Baseline

Analyzing Packet Traces

5 – NETWORK LOG ANALYSIS

Using Log Analysis Protocols and Tools

Exploring Log Mechanics

Retrieving Syslog Data

Retrieving DNS Events and Proxy Logs

Correlating Log Files

6 – BASELINE NETWORK OPERATIONS

Baselining Business Processes

Mapping the Network Topology

Managing Network Devices

Baselining Monitored Networks

Monitoring Network Health

7 – INCIDENT RESPONSE PREPARATION

Defining the Role of the SOC

Establishing Effective Security Controls

Establishing an Effective Monitoring System

8 – SECURITY INCIDENT DETECTION

Correlating Events Manually

Correlating Events Automatically

Assessing Incidents

Classifying Incidents

Attributing the Incident Source

9 – INVESTIGATIONS

Scoping the Investigation

Investigating Through Data Correlation

Understanding NetFlow

Investigating Connections Using NetFlow

10 – MITIGATIONS AND BEST PRACTICES

Mitigating Incidents Using ACLs

Implementing Network-Layer Mitigations and Best Practices

Implementing Link-Layer Best Practices

11 – COMMUNICATION

Documenting Communication

Documenting Incident Details

12 – POST-EVENT ACTIVITY

Conducting an Incident Post-Mortem

Improving Security of Monitored Networks

Details

Start:
February 5 @ 8:00 am
End:
February 9 @ 5:00 pm
Event Categories:
,

Organizer

Tony Scott
Phone:
6019145026
Email:
tony@systemsit-ms.com
Website:
www.systemsit-ms.com

Venue

Systems IT
1855 Lakeland Drive, Suite R-101
Jackson, MS 39216 United States
+ Google Map
Phone:
6019144500
Website:
www.systemsit-ms.com