curso oficial O curso autorizado Securing Cisco Networks with Threat Detection and Analysis (SCYBER) gifará

Curso Securing Cisco Networks with Threat Detection and Analysis (SCYBER)

Carga horária: 40 horas (5 dias)

Descrição do Curso SCYBER (em inglês)

Course Prerequisites

It is recommended, but not required, to have the following skills and knowledge before attending this course:

  • CCNA equivalent knowledge is preferred
  • Basic understanding of Cisco security product features
  • Basic understanding of open-source and commercial network security tools
  • Basic understanding of Microsoft Windows and UNIX/Linux operating systems, desktops, and servers
  • Basic understanding of the Open Systems Interconnection (OSI) model and TCP/IP

Course Description

This lab-intensive training course prepares you to hit the ground running as an entry level security analyst team member. The course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand cyber security concepts and to recognize specific threats and attacks on your network. It will teach you how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network. The job role for a security analyst will vary from industry to industry and differ in the private sector versus the public sector

Course Objectives

Upon completion of this course, you will be able to:

  • Describe the tools, techniques, and thought processes of an attacker
  • Describe the features, functions, and benefits of an SOC
  • Identify the common sources used to detect an incident, as well as the actions that should be considered in response
  • Perform basic packet capture and packet analysis
  • Enable syslog on Cisco devices and to perform basic network log analysis
  • Discuss the relevance of baselining and some of the most useful steps to be used when deploying a system
  • Discuss the policies and roles in the typical SOC, as well as some of the common tools used by SOC members
  • Discuss techniques used to identify anomalies and correlate log entries
  • Understand techniques used to scope, document, and analyze investigations
  • Discuss the methodology behind mitigations
  • Discuss documentation and communication during an incident
  • Discuss post-incident considerations

Job Roles

  • Professional security analysts
  • Security engineers

Faça seu treinamento com os melhores

Pagamentos no PagSeguro com segurança e flexibilidade em até 12 vezes

Pré-Inscrição
Compre Agora !

Ementa do Curso

Ementa do Curso

  • Module 1: Attacker Methodology
    • Lesson 1-1: Defining the Attacker Methodology
    • Lesson 1-2: Identifying Malware and Attacker Tools
    • Lesson 1-3: Understanding Attacks
    • Lesson 1-4: References
    • Lesson 1-5: Module Challenge
  • Module 2: Defender Methodology
    • Lesson 2-1: Enumerating Threats, Vulnerabilities, and Exploits
    • Lesson 2-2: Defining SOC Services
    • Lesson 2-3: Defining SOC Procedures
    • Lesson 2-4: Defining the Role of a Network Security Analyst
    • Lesson 2-5: Identifying a Security Incident
    • Lesson 2-6: References
    • Lesson 2-7: Module Challenge
  • Module 3: Defender Tools
    • Lesson 3-1: Collecting Network Data
    • Lesson 3-2: Understanding Correlation and Baselines
    • Lesson 3-3: Assessing Sources of Data
    • Lesson 3-4: Understanding Events
    • Lesson 3-5: Examining User Reports
    • Lesson 3-6: Introducing Risk Analysis and Mitigation
    • Lesson 3-7: References
    • Lesson 3-8: Module Challenge
  • Module 4: Packet Analysis
    • Lesson 4-1: Identifying Packet Data
    • Lesson 4-2: Analyzing Packets Using Cisco IOS Software
    • Lesson 4-3: Accessing Packets in Cisco IOS Software
    • Lesson 4-4: Acquiring Network Traces
    • Lesson 4-5: Establishing a Packet Baseline
    • Lesson 4-6: References
    • Lesson 4-7: Module Challenge
  • Module 5: Network Log Analysis
    • Lesson 5-1: Using Log Analysis Protocols and Tools
    • Lesson 5-2: Exploring Log Mechanics
    • Lesson 5-3: Retrieving Syslog Data
    • Lesson 5-4: Retrieving DNS Events and Proxy Logs
    • Lesson 5-5: Correlating Log Files
    • Lesson 5-6: References
    • Lesson 5-7: Module Challenge
  • Module 6: Baseline Network Operations
    • Lesson 6-1: Baselining Business Processes
    • Lesson 6-2: Mapping the Network Topology
    • Lesson 6-3: Managing Network Devices
    • Lesson 6-4: Baselining Monitored Networks
    • Lesson 6-5: Monitoring Network Health
    • Lesson 6-6: References
    • Lesson 6-7: Module Challenge
  • Module 7: Incident Response Preparation
    • Lesson 7-1: Defining the Role of the SOC
    • Lesson 7-2: Establishing Effective Security Controls
    • Lesson 7-3: Establishing an Effective Monitoring System
    • Lesson 7-4: References
    • Lesson 7-5: Module Challenge
  • Module 8: Security Incident Detection
    • Lesson 8-1: Correlating Events Manually
    • Lesson 8-2: Correlating Events Automatically
    • Lesson 8-3: Assessing Incidents
    • Lesson 8-4: Classifying Incidents
    • Lesson 8-5: Attributing the Incident Source
    • Lesson 8-6: References
    • Lesson 8-7: Module Challenge
  • Module 9: Investigations
    • Lesson 9-1: Scoping the Investigation
    • Lesson 9-2: Investigating Through Data Correlation
    • Lesson 9-3: Understanding NetFlow
    • Lesson 9-4: Investigating Connections Using NetFlow
    • Lesson 9-5: References
    • Lesson 9-6: Module Challenge
  • Module 10: Mitigations and Best Practices
    • Lesson 10-1: Mitigating Incidents
    • Lesson 10-2: Cisco Cyber Threat Defense Overview
    • Lesson 10-3: Implementing Cisco IOS ACLs and Zone-Based Policy Firewall
    • Lesson 10-4: Implementing Network-Layer Mitigations and Best Practices
    • Lesson 10-5: Implementing Link-Layer Best Practices
    • Lesson 10-6: References
    • Lesson 10-7: Module Challenge
  • Module 11: Communication
    • Lesson 11-1: Documenting Incident Details
    • Lesson 11-2: Communicating Incidents
    • Lesson 11-3: References
    • Lesson 11-4: Module Challenge
  • Module 12: Post-Event Activity
    • Lesson 12-1: Conducting an Incident Post-Mortem
    • Lesson 12-2: Improving Security of Monitored Networks
    • Lesson 12-3: References
    • Lesson 12-4: Module Challenge

Laboratórios e Atividades Práticas

O curso é repleto de atividades práticas em laboratórios providos pela Cisco, o que torna a experiência de aprendizado bastante proveitosa!

  • Guided Lab 1: Case Study 2-1 Assessing Your Understanding of Network and Security Operations
  • Guided Lab 2: Lab 3-1 Exploring the Remote Lab Environment
  • Guided Lab 3: Lab 3-2 Enabling Netflow Export and Syslog
  • Guided Lab 4: Lab 4-1 Capturing Packets on the Pod Router and using Wireshark to examine the PCAP
  • Guided Lab 5: Lab 4-2 Capturing Packets using TCPDUMP
  • Guided Lab 6: Lab 5-1 Examining Logs Manually
  • Guided Lab 7: Lab 6-1 Enabling AAA for Router SSH Management Access
  • Guided Lab 8: Lab 6-2 Enabling SMNPv3 on the Pod Router and Pod Switch
  • Guided Lab 9: Lab 7-1 Performing NMAP Scans and Using Netcat to Connect to Open Ports
  • Guided Lab 10: Lab 8-1 Analyzing PCAP File with Suspicious Activities Using Wireshark
  • Guided Lab 11: Lab 8-2 Examining Event Logs Manually
  • Guided Lab 12: Lab 8-3 Examining Event Logs Using Splunk
  • Guided Lab 13: Lab 9-1 Analyzing NetFlow Data with Lancope StealthWatch
  • Guided Lab 14: Lab 10-1 Implementing IOS Zone-Based Firewall
  • Guided Lab 15: Lab 11-1 Incident Response

Conheça mais sobre a nossa visão sobre as certificações da Cisco aqui!

Valores do Curso

  • Reais (BRL): R$ 7.500,00
  • Cisco Learning Credits (CLC): 19

OBS: preços válidos para treinamentos presenciais na cidade do Rio de Janeiro ou para treinamentos VILT (Online/WebEx).

Learning-partner-Cisco

Cisco-Learning-Credits-Logo

Próximos Treinamentos Securing Cisco Networks with Threat Detection and Analysis (SCYBER) 1.2

abril 2024

Sem Treinamentos / Eventos

maio 2024

Sem Treinamentos / Eventos

Category: Security