Implementing Cisco Threat Control Solutions v1.5 (SITCS)

Implementing Cisco Threat Control Solutions v1.5 (SITCS)

Overview

Duration: 5 days

Implementing Cisco Threat Control Solutions (SITCS) v1.5 is an updated five-day instructor-led training course, which is part of the curriculum path leading to the Cisco Certified Network Professional Security CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Email Security (ESA); Web Security (CWS, WSA); advanced Malware Protection (AMP); and Next Generation Intrusion Prevention Systems (NGIPS).The goal of the course is to provide students with foundational knowledge and the capabilities to implement and manage security threat controls by leveraging the capabilities of Cisco’s FirePOWER NGIPS, AMP, WSA, WS, and ESA products and solutions.  Students will gain hands-on experience with configuring various advanced Cisco security solutions to mitigate outside threats, and to secure traffic traversing the network and security systems.

This course can provide a valuable learning experience for students studying to pass the SITCS Exam#300-210

Objectives

Upon completion of this course, you will be able to:

  • Describe and implement Cisco Web Security Appliance (WSA).
  • Describe and implement Cisco Cloud WebSecurity (CWS).
  • Describe and implement Cisco Email Security Appliance (ESA).
  • Describe and implement Advanced Malware Protection (AMP).
  • Describe and implement Cisco FirePOWER Next-Generation IPS
  • Describe and implement Cisco ASA FirePOWER Services Module

Course Outline

Module 1: Cisco Web Security Appliance

  • Lesson 1-1: Describing the Cisco Web Security Appliance Solutions
  • Lesson 1-2: Integrating the Cisco Web Security Appliance
  • Lesson 1-3: Configuring Cisco Web Security Appliance Identities and User Authentication Controls
  • Lesson 1-4: Configuring Cisco Web Security Appliance Acceptable Use Controls
  • Lesson 1-5: Configuring Cisco Web Security Appliance Anti-Malware Controls
  • Lesson 1-6: Configuring Cisco Web Security Appliance Decryption
  • Lesson 1-7: Configuring Cisco Web Security Appliance Data Security Controls

Module 2: Cisco Cloud Web Security

  • Lesson 2-1: Describing the Cisco Cloud Web Security Solutions
  • Lesson 2-2: Configuring Cisco Cloud Web Security Connectors
  • Lesson 2-3: Describing the Web Filtering Policy in Cisco ScanCenter

Module 3: Cisco Email Security Appliance

  • Lesson 3-1: Describing the Cisco Email Security Solutions
  • Lesson 3-2: Describing the Cisco Email Security Appliance Basic Setup Components
  • Lesson 3-3: Configuring Cisco Email Security Appliance Basic Incoming and Outgoing Mail Policies

Module 4: Advanced Malware Protection for Endpoints

  • Lesson 4-1: AMP for Endpoints Overview and Architecture
  • Lesson 4-2: Customizing Detection and AMP Policy
  • Lesson 4-3: IOCs and IOC Scanning
  • Lesson 4-4: Deploying AMP Connectors
  • Lesson 4-5: AMP Analysis Tools

Module 5: Cisco FirePOWER Next-Generation IPS

  • Lesson 5-1: Describing the Cisco FireSIGHT System
  • Lesson 5-2: Configuring and Managing Cisco FirePOWER Devices
  • Lesson 5-3: Implementing an Access Control Policy
  • Lesson 5-4: Understanding Discovery Technology
  • Lesson 5-5: Configuring File-Type and Network Malware Detection
  • Lesson 5-6: Managing SSL Traffic with Cisco FireSIGHT
  • Lesson 5-7: Describing IPS Policy and Configuration Concepts
  • Lesson 5-8: Describing the Network Analysis Policy
  • Lesson 5-9: Creating Reports
  • Lesson 5-10: Describing Correlation Rules and Policies
  • Lesson 5-11: Understanding Basic Rule Syntax and Usage

Module 6: Cisco ASA FirePOWER Services Module

  • Lesson 6-1: Installing Cisco ASA 5500-X Series FirePOWER Services (SFR) Module

 

Guided Labs:

  • Guided Lab 1: Configure Cisco Web Security Appliance Explicit Proxy and User Authentication
  • Guided Lab 2: Configure Cisco Web Security Appliance Acceptable Use Controls
  • Guided Lab 3: Configure Cisco Email Security Appliance Basic Policies
  • Guided Lab 4: Accessing the AMP Public Cloud Console
  • Guided Lab 5: Customizing Detection and AMP Policy
  • Guided Lab 6: IOCs and IOC Scanning
  • Guided Lab 7: Deploying AMP Connectors
  • Guided Lab 8: AMP Analysis Tools
  • Guided Lab 9: Configure Inline Interfaces and Create Objects
  • Guided Lab 10: Create Access Control Policy Rules
  • Guided Lab 11: Configure Network Discovery Detection
  • Guided Lab 12: Create a File Policy
  • Guided Lab 13: Create an Intrusion Policy
  • Guided Lab 14: Create a Network Analysis Policy
  • Guided Lab 15: Compare Trends
  • Guided Lab 16: Create Correlation Policies

Important lab information for SITCS v1.5

This course contains content that requires access to the Cisco AMP cloud. For students to successfully complete the AMP lab work, please ensure you have accounts before the start of class.

Cisco Learning Partners will need to request an AMP Cloud account for each student and now required to fill the details in the below format (in .csv files) with the following information:

  • Student email
  • CC email (instructor and/or the partner requesting AMP accounts)
  • Student first name (Please use only English characters)
  • Student last name (Please use only English characters)
  • Student 2 digit country code (where the class is being taught)
SITCS 300-210

This section lists the skill, knowledge, and attitudes that learners must possess to benefit fully from the course. It includes recommended Cisco learning offerings that the learner may complete to benefit fully from this course.

  • CCNA Security or valid CCSP or any CCIE certification can act as a prerequisite.
Course ID:
SITCS


Show Schedule for: