Course Overview
Given an example of Cisco's defense in depth, the learner will explain how Cisco IPS protects network devices from attacks. Given an IPS sensor appliance, the learner will install the appliance in the network and initialize it. Use IDM to configure basic sensor settings. The learner will use IDM to configure built-in signatures to meet the requirements of a given security policy. The learner will describe the functions of signature engines and their parameters. The learner will use IDM to tune and create signatures to meet the requirements of a given security policy. Given a scenario, the learner will use IDM to tune a sensor to work optimally in the network. Given a scenario, the learner will use the Monitoring Center for Security and Cisco Threat Response to maximize alarm management efficiency. The learner will explain blocking concepts and use IDM to configure blocking for a given scenario. The learner will install the NM-CIDS in a router and initialize it. The learner will install the module in a Cisco Catalyst 6500 Switch and initialize it. The learner will use a Cisco Catalyst 6500 Switch to capture network traffic for intrusion prevention analysis. The learner will install and recover the sensor software image and perform service pack and signature updates. The learner will use the CLI and IDM to verify system configuration.
Target Audience
Internetwork professionals who want to ensure security on their network or who seek Cisco CCSP certification.
Prerequisites
- CCNA or the equivalent knowledge
- Basic knowledge of Windows operating system
- Familiarity with the networking and security terms and concepts (the concepts are learned in prerequisite training or by reading industry publications)
Course Objectives
- Install an IPS sensor appliance in the Network and initialize it
- Use IDM to configure built-in signatures to meet the requirements of a given security policy
- Describe the functions of signature engines and their parameters and use IDM to tune and create signatures
- Tune a sensor to work optimally in the network
- Use the Monitoring Center for Security and Cisco Threat Response
- Install the NM-CIDS in a router and initialize it
- Install and recover the sensor software image and perform service pack and signature updates
Course Outline
- Intrusion Prevention Overview
- Getting Started with the IPS Command Line Interface
- a.Lab Exercises: Getting Started with the IPS Command Line Interface
- Using the IPS Device Manager
- a.Lab Exercise: Using the IPS Device Manager
- Basic Sensor Configuration
- a.Lab Exercise: Basic Sensor Configuration
- Cisco Intrusion Prevention System Signatures and Alarms
- a.Lab Exercise: Signatures and Alarms
- Signature Engines
- Signature Configuration
- a.Lab Exercise: Signature Configuration
- Turning the Sensor
- a.Lab Exercise: Tuning the Sensor Using IDM
- Alarm Monitoring and Management
- a.Lab Exercise: Alarm Monitoring and Management
- Configuring Blocking
- a.Lab Exercise: Configuring Blocking
- Cisco Intrusion Detection S ystem Module
- Capturing Network Traffic
- Maintaining Sensors
- Verifying System Configuration
- a.Lab Exercise: Verifying System Configuration
- Configuring Anomaly Detection, Passive OS fingerprinting, and CSA Collaboration
- Routing/Switching
- Unified Communications
- Contact Center
- Security
- Data Center & Wireless
- Microsoft
- ITIL
- Red Hat
- Comp TIA
- Industry Trends and Upcoming Courses >>
- Subscribe now to receive updates on industry trends and upcoming courses >>