Cisco Firepower

Detailed Course Outline

Module 1: Cisco Firepower Threat Defense
Overview
Module 2: Cisco Firepower System Setup
Module 3: QoS and NAT Implementation
Module 4: Cisco Firepower Discovery
Module 5: Access Control Policy
Prerequisites
Module 6: Implementing Access Control
Policies
Module 7: Security Intelligence
Module 8: AMP for Networks Malware
Protection
Module 9: Next-Generation Intrusion
Prevention Systems
Module 10: Network Analysis Policies
Module 11: Detailed Analysis Techniques
Module 12: System Administration
Module 13: Cisco Firepower Threat
Defense Troubleshooting

Detailed Course Outline

Module 1: Cisco Firepower Threat Defense
Overview
Module 2: Cisco Firepower System Setup
Module 3: QoS and NAT Implementation
Module 4: Cisco Firepower Discovery
Module 5: Access Control Policy
Prerequisites
Module 6: Implementing Access Control
Policies
Module 7: Security Intelligence
Module 8: AMP for Networks Malware
Protection
Module 9: Next-Generation Intrusion
Prevention Systems
Module 10: Network Analysis Policies
Module 11: Detailed Analysis Techniques
Module 12: System Administration
Module 13: Cisco Firepower Threat
Defense Troubleshooting

Lab 1: Connect to the Lab Environment

Lab 2: Navigate the Cisco Firepower
Management Center GUI
Lab 3: Device Management
Lab 4: Implementing QoS and NAT
Lab 5: Configuring Network Discovery
Lab 6: Implementing an Access Control
Policy
Lab 7: Implementing Security Intelligence
Lab 8: AMP for Networks Malware
Protection
Lab 9: Implementing NGIPS
Lab 10: Performing Detailed Analysis
 Lab 11: System Administration
Lab 12: Cisco Firepower Troubleshooting
-----------------------------------------------------------------------------------
-----------

Implementing and Configuring Cisco Identity Services Engine

Table of Contents
1. Introducing Cisco ISE architecture and Deployment.
a. Deployment Models, Initial setup, GUI and Certificates Management
2. Cisco ISE Policy Enforcement
a. 802.1x and MAB Access, Wired and Wireless.
b. ISE integration with Active Directory
c. Introducing Cisco ISE Policy
d. Configuring Basic Policy on Cisco ISE
e. Configure conversion to Policy Sets
f. Configure Access Policy for Easy Connect
3. WebAuth and Guest Services.
a. Introducing Web Access with Cisco ISE
b. Configure Guest Access.
c. Configuring Portals for Guest, Sponsors and My Devices
4. Cisco ISE Profiler
a. Configuring Profiling
b. Customization and reports
5. Cisco ISE BYOD.
a. Configuring BYOD
b. Blacklisting a Device
6. Cisco ISE Endpoint Compliance Services
a. Introduction and Configuration for Compliance Services
b. Configuring Client Provisioning and Posture Policies
7. Cisco ISE with AMP and VPN-Based Services.
a. Introducing and Configuring Cisco ISE for VPN Access
b. Configuring Cisco AMP for ISE
c. Configuring Threat-Centric NAC using Cisco AMP
8. Cisco ISE Integrated Solutions with APIs
a. Configuring Cisco ISE pxGrid and Cisco WSA Integration
9. Working with Network Access Devices
a. Configuring Cisco ISE for Basic Device Administration
b. Configuring TACACS+ for Command Authorization

----------------------------------------------------------------------
CEH
01. Introduction to Ethical Hacking
02. Footprinting and Reconnaissance
03. Scanning Networks
04. Enumeration
05. System Hacking
06. Malware Threats
07. Sniffing
08. Social Engineering
09. Denial-of-Service
10. Session Hijacking
11. Hacking Web Servers
12. Hacking Web Applications
13. SQL Injection
14. Hacking Wireless Networks
15. Hacking Mobile Platforms
16. Evading IDS, Firewalls, and Honeypots
17. Cloud Computing
18. Cryptography
-----------------------------------------------------------------------------------
--------------------------
CCNA
WHAT YOU'LL LEARN
TOP
Network fundamentals and build simple LANs
Establish Internet connectivity
Manage and secure network devices
Expand small- to medium-sized networks
IPv6 basics
Common network security concepts
Secure routing and switching infrastructure
Deploy basic authentication, authorization, and accounting services
Deploy basic firewalling services
Deploy basic site-to-site and remote access VPN services
Advanced security services such as intrusion protection, content security and
identity management
Develop a comprehensive network security policy to counter threats against
information security
Configure routers with Cisco IOS software security features, including management
and reporting functions
Bootstrap the Cisco ASA Firewall for use in a production network
Configure the Cisco ASA Firewall for remote access to a Secure Sockets Layer (SSL)
VPN
Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security
operations on a network
Configure site-to-site VPNs using Cisco IOS features
Configure security features on IOS switches to mitigate various Layer 2 and Layer 3
attacks
How a network can be compromised using freely available tools
Implement line passwords, and enable passwords and secrets
Examine authentication, authorization, and accounting (AAA) concepts and features
using the local database as well as Cisco Secure ACS 5.2
Configure packet filtering on the perimeter router
OUTLINE
TOP
Viewing outline for: Classroom Live
Classroom Live Outline
1. Building a Simple Network

Functions of Networking
Host-to-Host Communications Model
Introducing LANs
Operating Cisco IOS Software
Starting a Switch
Ethernet and Switch Operation
Troubleshooting Common Switch Media Issues
2. Establishing Internet Connectivity

TCP/IP Internet Layer

IP Addressing and Subnets
TCP/IP Transport Layer
Functions of Routing
Configuring a Cisco Router
Packet Delivery Process
Enabling Static Routing
Basics of ACL
3. Building a Medium-Sized Network
Implementing VLANs and Trunks
Routing Between VLANs
Using a Cisco IOS Network Device as a DHCP Server
Implementing RIPv2
4. Network Device Management and Security

Securing Administrative Access

Implementing Device Hardening
Configuring System Message Logging
Managing Cisco Devices
Licensing
5. Introducing IPv6

Introducing Basic IPv6

IPv6 Operation
Configuring IPv6 Static Routes
6. Security Concepts

Threatscape
Threat defense technologies
Security policy and basic security architectures
Cryptographic technologies
7. Secure Network Devices

Implementing AAA
Management protocols and systems
Securing the control plane
8. Layer 2 Security

Securing Layer 2 infrastructures

Securing Layer 2 protocols
9. Firewall

Firewall technologies
Introducing the Cisco ASA v9.2
Cisco ASA access control and service policies
Cisco IOS zone based firewall
10. VPN

IPsec technologies
Site-to-site VPN
Client-based remote access VPN
Clientless remote access VPN
11. Advanced Topics

Intrusion detection and protection

Endpoint protection
Content security
Advanced network security architectures
View More
-----------------------------------------------------------------------------------
-----------------------
SENSS
1. Secure Design Principles
Course Overview
Network Security Zoning
Cisco Module Network Security Architecture
Cisco SecureX Architecture
Cisco TrustSec Solution
2. Deploying Network Infrastructure Protection
Introducing Cisco Network Infrastructure Protection
Deploying Cisco IOS Control Plane Security Controls
Deploying Cisco IOS Management Plane Security Controls
Deploying Cisco ASA Management Plane Security Controls
Deploying Cisco Traffic Telemetry Methods
Deploying Cisco IOS Layer 2 and Layer 3 Data Plane Security Controls
3. Deploying NAT on Cisco IOS and Cisco ASA
Introducing Network Address Translation
Deploying Cisco ASA Network Address Translation
Deploying Cisco IOS Software Network Address Translation
4. Deploying Threat Controls on Cisco ASA
Introducing Cisco Firewall Threat Controls
Deploying Basic Cisco ASA Access Policies
Deploying Advanced Cisco ASA Application Inspection Policies
Deploying Cisco ASA Botnet Traffic Filtering
Deploying Cisco ASA Identity Based Firewall
5. Deploying Threat Controls on Cisco IOS Software
Deploying Basic Cisco IOS Software with Basic Zone-Based Firewall Access Policies
Deploying Advanced Cisco IOS Software ZBFW with Application Inspection Policies
View More View More
-----------------------------------------------------------------------------------
SITCS
Cisco Web Security Appliance

Cisco Web Security Appliance (WSA) Solutions

Integrating the Cisco Web Security Appliance
Configuring Cisco Web Security Appliance Identities and User Authentication
Controls
Configuring Cisco Web Security Appliance Acceptable Use Control
Configuring Cisco Web Security Appliance Anti-Malware Controls
Configuring Cisco Web Security Appliance Decryption
Configuring Cisco Web Security Appliance Data Security Controls
2. Cisco Cloud Web Security

Cisco Cloud Web Security Solutions

Configuring Cisco Cloud Web Security Connectors
Web Filtering Policy in Cisco ScanCenter
3. Cisco Email Security Appliance

Cisco Email Security Solutions

Cisco Email Security Appliance Basic Setup Components
Configuring Cisco Email Security Appliance Basic Incoming and Outgoing Mail
Policies
4. Advanced Malware Protection for Endpoints

AMP for Endpoints Overview and Architecture

Customizing Detection and AMP Policy
IOCs and IOC Scanning
Deploying AMP Connectors
AMP Analysis Tools
5. Cisco FirePOWER Next-Generation IPS

Cisco FireSIGHT System

Configuring and Managing Cisco FirePOWER Devices
Implementing an Access Control Policy
Discovery Technology
Configuring File-Type and Network Malware Detection
Managing SSL Traffic with Cisco FireSIGHT
IPS Policy and Configuration Concepts
Network Analysis Policy
Creating Reports
Correlation Rules and Policies
Basic Rule Syntax and Usage
6. Cisco ASA FirePOWER Services

Installing Cisco ASA 5500-X Series FirePOWER Services (SFR)

-----------------------------------------------------------------------------------
---------
Cisco Web Security Appliance

Cisco Web Security Appliance (WSA) Solutions

Integrating the Cisco Web Security Appliance
Configuring Cisco Web Security Appliance Identities and User Authentication
Controls
Configuring Cisco Web Security Appliance Acceptable Use Control
Configuring Cisco Web Security Appliance Anti-Malware Controls
Configuring Cisco Web Security Appliance Decryption
Configuring Cisco Web Security Appliance Data Security Controls
2. Cisco Cloud Web Security

Cisco Cloud Web Security Solutions

Configuring Cisco Cloud Web Security Connectors
Web Filtering Policy in Cisco ScanCenter
3. Cisco Email Security Appliance

Cisco Email Security Solutions

Cisco Email Security Appliance Basic Setup Components
Configuring Cisco Email Security Appliance Basic Incoming and Outgoing Mail
Policies
4. Advanced Malware Protection for Endpoints

AMP for Endpoints Overview and Architecture

Customizing Detection and AMP Policy
IOCs and IOC Scanning
Deploying AMP Connectors
AMP Analysis Tools
5. Cisco FirePOWER Next-Generation IPS

Cisco FireSIGHT System

Configuring and Managing Cisco FirePOWER Devices
Implementing an Access Control Policy
Discovery Technology
Configuring File-Type and Network Malware Detection
Managing SSL Traffic with Cisco FireSIGHT
IPS Policy and Configuration Concepts
Network Analysis Policy
Creating Reports
Correlation Rules and Policies
Basic Rule Syntax and Usage
6. Cisco ASA FirePOWER Services

Installing Cisco ASA 5500-X Series FirePOWER Services (SFR)

---------------------------------------------------------------------
SISAS

1. Threat Mitigation through Identity Services

Identity Services
802.1X and EAP
Configure 802.1X Components
2. ISE Fundamentals
Describe Cisco ISE Features and configure the fundamentals
Cisco ISE with PKI
Cisco ISE Authentication
Cisco ISE with External Authentication
3. Advance Access Control
Certificate Based User Authentication
Authorization
Cisco TrustSec
4. Web Authentication and Guest Access
Web Authentication
Guest Access Services
5. Endpoint
Posture
Profiler
BYOD
----------------------------------------------------------------------------------
SIMOS
1. Fundamentals of VPN Technologies and Cryptography
The Role of VPNs in Network Security
VPNs and Cryptography
2. Deploying Secure Site-to-Site Connectivity Solutions
Introducing Cisco Secure Site-to-Site Connectivity Solutions
Deploying Point-to-Point IPsec VPNs on the Cisco ASA
Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs
Deploying Cisco IOS DMVPNs
3. Deploying Cisco IOS Site-to-Site FlexVPN Solutions
Introducing Cisco IOS Site-to-Site FlexVPN Solutions
Deploying Point-to-Point IPsec VPNs Using Cisco IOS FlexVPN
Deploying Hub-and-Spoke IPsec VPNs Using Cisco IOS FlexVPN
Deploying Spoke-to-Spoke IPsec VPNs Using Cisco IOS FlexVPN
Deploying Basic Cisco Clientless SSL VPN
Clientless SSL VPN Overview
Deploying Basic Cisco Clientless SSL VPN on Cisco ASA
Deploying Application Access in Cisco ASA Clientless SSL VPN
Deploying Advanced Authentication and Authorization in Clientless SSL VPN
4. Deploying Cisco AnyConnect VPNs
Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA
Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA
Deploying Advanced Authentication and Authorization in Cisco AnyConnect VPNs
Deploying Cisco AnyConnect IPsec/IKEv2 VPNs
5. Deploying Endpoint Security and Dynamic Access Policies
Implementing Host Scan
Implementing DAP for SSL VPNs
View More View More
6. Troubleshooting Network Access Control
Troubleshooting ISE