Cisco Stealthwatch Security

Cisco Stealthwatch Security is an instructor-led, lab-based, hands-on course offered by the Cisco Stealthwatch Learning Services team. This two-day course focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use the Stealthwatch System to investigate potential security issues and make initial determinations on whether to proceed with a more thorough investigation or to move on to the next potential threat.

Objetivos

After completing this course you should be able to:

Explain what Cisco Stealtwatch is and how it works.
Explain how hosts and host groups are defined in Cisco Stealthwtch.
Define basic concepts of policy management.
Identify the three phases of the Cisco Stealthwatch tuning process.
Complete workflows to identify indicators of compromise in your network.

Ciberseguridad

Disponible en formato e-learning

Disponible en formato presencial

Disponible en formato a distancia

Subvención disponible
A través de Fundae, cumpliendo requisitos.

Duración
10 horas

  • Dificultad 50% 50%
  • Nivel alcanzado 80% 80%

Dirigido a

Individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration and initiate incident response investigations. An entry-level security analyst is the ideal audience for this class.

Conocimientos requeridos

Temario

Introduction

Cisco Stealthwatch Security Course Overview
Introduction to Security
Stealthwatch in the Proactive Mode

Using Stealthwatch in the Proactive Mode
Pattern Recognition
Investigation and Detection Using Stealthwatch
Lab: Using Top Reports and Flow Tables for Detection
Lab: Creating and Using Dashboards for Detection
Lab: Creating Custom Security Events
Lab: Proactive Investigation Practice
Stealthwatch in the Operational Mode

Using Stealthwatch in the Operational Mode
Alarms and Alarm Response
Lab: Responding to Alarms
Maps
Lab: Using Maps for Incident Response
Host Identification
Lab: Identify Hosts Using Host Snapshot and Host Report
Summary

Culminating Scenario: Using Stealthwatch for Insider Threats
Security Best Practices in Stealthwatch
Cisco Stealthwatch Security Course Outcomes
Wrapup

Solicita información del curso