|
Upon completing this course, the learner will be able to meet these overall objectives:
- Evaluate products and deployment architectures for the Cisco IPS product line.
- Perform an initial implementation of a Cisco IPS sensor.
- Implement an initial security policy using a Cisco IPS sensor according to local policies and environmental requirements.
- Deploy customized policies to adapt Cisco IPS traffic analysis and response to the target environment.
- Implement a basic Cisco IPS data management and analysis solution.
- Implement complex Cisco IPS policy virtualization, high availability, and high performance solutions according to policy and environmental requirements.
- Perform the initial setup of, and maintain specific Cisco IPS hardware.
|
|
Day 1: Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices; Installing and Maintaining Cisco IPS Sensors
- Course Introduction
- Lesson 1-1: Evaluating Intrusion Prevention and Intrusion Detection Systems
- Lesson 1-2: Choosing Cisco IPS Software, Hardware, and Supporting Applications
- Lesson 1-3: Evaluating Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-Evasive Countermeasures
- Lesson 1-4: Choosing a Network IPS and IDS Deployment Architecture
- Lesson 2-1: Integrating the Cisco IPS Sensor into a Network
- Lesson 2-2: Performing the Cisco IPS Sensor Initial Setup
- Lab 2-1: Performing the Cisco IPS Sensor Initial Setup
Day 2: Installing and Maintaining Cisco IPS Sensors; Applying Cisco IPS Security Policies
- Review of Day 1
- Lesson 2-3: Managing Cisco IPS Devices
- Lab 2-2: Managing a Cisco IPS Sensor
- Lesson 3-1: Configuring Basic Traffic Analysis
- Lesson 3-2: Implementing Cisco IPS Signatures and Responses
- Lab 3-1: Configuring and Modifying Basic Cisco IPS Signatures and Responses
- Lesson 3-3: Configuring Cisco IPS Signature Engines and the Signature Database
Day 3: Applying Cisco IPS Security Policies; Adapting Traffic Analysis and Response to the Environment
- Review of Day 2
- Lesson 3-4: Deploying Anomaly-Based Operation
- Lab 3-2: Configuring Cisco IPS Anomaly-Based Operation
- Lesson 4-1: Customizing Traffic Analysis
- Lab 4-1: Configuring Custom Cisco IPS Signatures
- Lesson 4-2: Managing False Positives and False Negatives
- Lab 4-2: Managing False Positives and False Negatives
- Lesson 4-3: Improving Alarm and Response Quality
Day 4: Adapting Traffic Analysis and Response to the Environment; Managing and Analyzing Events
- Review of Day 3
- Lab 4-3: Improving Alarm and Response Quality
- Lesson 5-1: Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors
- Lesson 5-2: Managing and Investigating Events using Cisco IPS Manager Express
- Lesson 5-3: Using Cisco IME Reporting and Notifications
- Lab 5-1: Using the Cisco IME
- Lesson 5-4: Integrating Cisco IPS with Cisco Security Manager and Cisco Security MARS
- Lesson 5-5: Using the Cisco IntelliShield Database and Services
- Lab 5-2: Using Cisco IPS and Security Intelligence Web Resources
Day 5: Deploying Virtualization, High Availability, and High Performance Solutions; Configuring and Maintaining Specific Cisco IPS Hardware
- Review of Day 4
- Lesson 6-1: Using Cisco IPS Virtual Sensors
- Lab 6-1: Configuring Policy Virtualization
- Lesson 6-2: Deploying Cisco IPS for High Availability and High Performance
- Lesson 7-1: Configuring and Maintaining the Cisco ASA AIP SSM and AIP SSC Modules
- Lesson 7-2: Configuring and Maintaining the Cisco ISR IPS AIM and IPS NME Modules
- Lesson 7-3: Configuring and Maintaining the Cisco IDSM-2 Module
- Wrap-up
|
.jpg)
