INSTRUCTOR-LED COURSE

Cisco Stealthwatch Security (SS)

Course Information

Duration: 2 days

Version: SS

Price: $3,000.00

Certification:

Exam:

Learning Credits: 30

ALL DATES GUARANTEED

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

COURSE DELIVERY OPTIONS

  • Live Classroom

Train face-to-face with the live instructor.

  • Established HD-ILT Location

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you.​

  • Virtual Remote

Attend the live class from the comfort of your home or office.

Register

OVERVIEW

This course focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use Stealthwatch to investigate potential security issues and make initial determinations of whether to proceed with a more thorough investigation or to move on to the next potential threat.

Prerequisites:

It is strongly recommended to complete the Stealthwatch Foundations training prior to taking this course.

 

Target Audience:

This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration, and initiate incident response investigations. An entry-level security analyst is an ideal audience for this class.

 

Course Objectives:

After taking this course, you should be able to:

  • Describe how the Stealthwatch System provides network visibility through monitoring and detection.
  • Describe the goals of using Stealthwatch in the proactive and operational modes.
  • Define basic concepts of investigation and detection of potential security issues using the Stealthwatch System.
  • Complete workflows to identify indicators of compromise in your network.
  • Describe alarm types and alarm notification within Stealthwatch.
  • Explain the utility of maps in the Stealthwatch System.
  • Describe how the Stealthwatch System contributes to successful incident handling.

 

Course Outline:

Day One

  • Course Introduction
  • Cisco Stealthwatch Security Course Overview
  • Introduction to Security
  • Lunch
  • Using Stealthwatch in the Proactive Mode
  • Pattern Recognition
  • Investigation and Detection Using Stealthwatch
    • Lab: Using Top Reports and Flow Tables for Detection
    • Lab: Creating and Using Dashboards for Detection
    • Lab: Creating Custom Security Events
    • Lab: Proactive Investigation Practice

Day Two

  • Day One Review
  • Using Stealthwatch in the Operational Mode
  • Alarms and Alarm Response
    • Lab: Responding to Alarms
  • Maps
    • Lab: Using Maps for Incident Response
  • Lunch
  • Host Identification
    • Lab: Identify Hosts Using Host Snapshot and Host Report
  • Culminating Scenario: Using Stealthwatch for Insider Threats
  • Security Best Practices in Stealthwatch
  • Cisco Stealthwatch Security Course Outcomes
  • Course Conclusion