Implementing and Operating Cisco Security Core TechnologiesSCORCICiscoCI-SCOR2.0<p>After taking this course, you should be able to:</p>
<ul>
<li>Describe information security concepts and strategies within the network</li><li>Describe common TCP/IP, network application, and endpoint attacks</li><li>Describe how various network security technologies work together to guard against attacks</li><li>Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall</li><li>Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance</li><li>Describe and implement web content security features and functions provided by Cisco Web Security Appliance</li><li>Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console</li><li>Introduce VPNs and describe cryptography solutions and algorithms</li><li>Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS VTI-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco FirePower NGFW</li><li>Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and EAP authentication</li><li>Provide basic understanding of endpoint security and describe AMP for Endpoints architecture and basic features</li><li>Examine various defenses on Cisco devices that protect the control and management plane</li><li>Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls</li><li>Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions</li><li>Describe basics of cloud computing and common cloud attacks and how to secure cloud environment</li></ul><h5>This course will help you:</h5><ul>
<li>Gain hands-on experience implementing core security technologies and learn best practices using Cisco security solutions</li><li>Prepare for the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam</li><li>Qualify for professional and expert-level security job roles</li></ul><p>This course will help you prepare to take the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam. This exam tests a candidate's knowledge of implementing and operating core security technologies.</p><p>To fully benefit from this course, you should have the following knowledge and skills:</p>
<ul>
<li>Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course</li><li>Familiarity with Ethernet and TCP/IP networking</li><li>Working knowledge of the Windows operating system</li><li>Working knowledge of Cisco IOS networking and concepts</li><li>Familiarity with basics of networking security concepts</li></ul><ul>
<li>Security Engineer</li><li>Network Engineer</li><li>Network Designer</li><li>Network Administrator</li><li>Systems Engineer</li><li>Consulting Systems Engineer</li><li>Technical Solutions Architect</li><li>Cisco Integrators/Partners</li><li>Network Manager</li><li>Cisco integrators and partners</li></ul><ul>
<li>Describing Information Security Concepts*</li><li>Describing Common TCP/IP Attacks*</li><li>Describing Common Network Application Attacks*</li><li>Describing Common Endpoint Attacks*</li><li>Describing Network Security Technologies</li><li>Deploying Cisco ASA Firewall</li><li>Deploying Cisco Firepower Next-Generation Firewall</li><li>Deploying Email Content Security</li><li>Deploying Web Content Security</li><li>Deploying Cisco Umbrella*</li><li>Explaining VPN Technologies and Cryptography</li><li>Introducing Cisco Secure Site-to-Site VPN Solutions</li><li>Deploying Cisco IOS VTI-Based Point-to-Point</li><li>Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW</li><li>Introducing Cisco Secure Remote Access VPN Solutions</li><li>Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW</li><li>Explaining Cisco Secure Network Access Solutions</li><li>Describing 802.1X Authentication</li><li>Configuring 802.1X Authentication</li><li>Describing Endpoint Security Technologies*</li><li>Deploying Cisco AMP for Endpoints*</li><li>Introducing Network Infrastructure Protection*</li><li>Deploying Control Plane Security Controls*</li><li>Deploying Layer 2 Data Plane Security Controls*</li><li>Deploying Layer 3 Data Plane Security Controls*</li></ul><p>* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.</p><h5>Describing Information Security Concepts*</h5><ul>
<li>Information Security Overview</li><li>Managing Risk</li><li>Vulnerability Assessment</li><li>Understanding CVSS</li></ul><h5>Describing Common TCP/IP Attacks*</h5><ul>
<li>Legacy TCP/IP Vulnerabilities</li><li>IP Vulnerabilities</li><li>ICMP Vulnerabilities</li><li>TCP Vulnerabilities</li><li>UDP Vulnerabilities</li><li>Attack Surface and Attack Vectors</li><li>Reconnaissance Attacks</li><li>Access Attacks</li><li>Man-In-The-Middle Attacks</li><li>Denial of Service and Distributed Denial of Service Attacks</li><li>Reflection and Amplification Attacks</li><li>Spoofing Attacks</li><li>DHCP Attacks</li></ul><h5>Describing Common Network Application Attacks*</h5><ul>
<li>Password Attacks</li><li>DNS-Based Attacks</li><li>DNS Tunneling</li><li>Web-Based Attacks</li><li>HTTP 302 Cushioning</li><li>Command Injections</li><li>SQL Injections</li><li>Cross-Site Scripting and Request Forgery</li><li>Email-Based Attacks</li></ul><h5>Describing Common Endpoint Attacks*</h5><ul>
<li>Buffer Overflow</li><li>Malware</li><li>Reconnaissance Attack</li><li>Gaining Access and Control</li><li>Gaining Access via Social Engineering</li><li>Gaining Access via Web-Based Attacks</li><li>Exploit Kits and Rootkits</li><li>Privilege Escalation</li><li>Post-Exploitation Phase</li><li>Angler Exploit Kit</li></ul><h5>Describing Network Security Technologies</h5><ul>
<li>Defense-in-Depth Strategy</li><li>Defending Across the Attack Continuum</li><li>Network Segmentation and Virtualization Overview</li><li>Stateful Firewall Overview</li><li>Security Intelligence Overview</li><li>Threat Information Standardization</li><li>Network-Based Malware Protection Overview</li><li>IPS Overview</li><li>Next Generation Firewall Overview</li><li>Email Content Security Overview</li><li>Web Content Security Overview</li><li>Threat Analytic Systems Overview</li><li>DNS Security Overview</li><li>Authentication, Authorization, and Accounting Overview</li><li>Identity and Access Management Overview</li><li>Virtual Private Network Technology Overview</li><li>Network Security Device Form Factors Overview</li></ul><h5>Deploying Cisco ASA Firewall</h5><ul>
<li>Cisco ASA Deployment Types</li><li>Cisco ASA Interface Security Levels</li><li>Cisco ASA Objects and Object Groups</li><li>Network Address Translation</li><li>Cisco ASA Interface ACLs</li><li>Cisco ASA Global ACLs</li><li>Cisco ASA Advanced Access Policies</li><li>Cisco ASA High Availability Overview</li></ul><h5>Deploying Cisco Firepower Next-Generation Firewall</h5><ul>
<li>Cisco Firepower NGFW Deployments</li><li>Cisco Firepower NGFW Packet Processing and Policies</li><li>Cisco Firepower NGFW Objects</li><li>Cisco Firepower NGFW NAT</li><li>Cisco Firepower NGFW Prefilter Policies</li><li>Cisco Firepower NGFW Access Control Policies</li><li>Cisco Firepower NGFW Security Intelligence</li><li>Cisco Firepower NGFW Discovery Policies</li><li>Cisco Firepower NGFW IPS Policies</li><li>Cisco Firepower NGFW Malware and File Policies</li></ul><h5>Deploying Email Content Security</h5><ul>
<li>Cisco Email Content Security Overview</li><li>SMTP Overview</li><li>Email Pipeline Overview</li><li>Public and Private Listeners</li><li>Host Access Table Overview</li><li>Recipient Access Table Overview</li><li>Mail Policies Overview</li><li>Protection Against Spam and Graymail</li><li>Anti-virus and Anti-malware Protection</li><li>Outbreak Filters</li><li>Content Filters</li><li>Data Loss Prevention</li><li>Email Encryption</li></ul><h5>Deploying Web Content Security</h5><ul>
<li>Cisco WSA Overview</li><li>Deployment Options</li><li>Network Users Authentication</li><li>HTTPS Traffic Decryption</li><li>Access Policies and Identification Profiles</li><li>Acceptable Use Controls Settings</li><li>Anti-Malware Protection</li></ul><h5>Deploying Cisco Umbrella*</h5><ul>
<li>Cisco Umbrella Architecture</li><li>Deploying Cisco Umbrella</li><li>Cisco Umbrella Roaming Client</li><li>Managing Cisco Umbrella</li><li>Cisco Umbrella Investigate Overview</li></ul><h5>Explaining VPN Technologies and Cryptography</h5><ul>
<li>VPN Definition</li><li>VPN Types</li><li>Secure Communication and Cryptographic Services</li><li>Keys in Cryptography</li><li>Public Key Infrastructure</li></ul><h5>Introducing Cisco Secure Site-to-Site VPN Solutions</h5><ul>
<li>Site-to-Site VPN Topologies</li><li>IPsec VPN Overview</li><li>IPsec Static Crypto Maps</li><li>IPsec Static Virtual Tunnel Interface</li><li>Dynamic Multipoint VPN</li><li>Cisco IOS FlexVPN</li></ul><h5>Deploying Cisco IOS VTI-Based Point-to-Point</h5><ul>
<li>Cisco IOS VTIs</li><li>Static VTI Point-to-Point IPsec IKEv2 VPN Configuration</li></ul><h5>Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW</h5><ul>
<li>Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW</li><li>Cisco ASA Point-to-Point VPN Configuration</li><li>Cisco Firepower NGFW Point-to-Point VPN Configuration</li></ul><h5>Introducing Cisco Secure Remote Access VPN Solutions</h5><ul>
<li>Remote Access VPN Components</li><li>Remote Access VPN Technologies</li><li>SSL Overview</li></ul><h5>Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW</h5><ul>
<li>Remote Access Configuration Concepts</li><li>Connection Profiles</li><li>Group Policies</li><li>Cisco ASA Remote Access VPN Configuration</li><li>Cisco Firepower NGFW Remote Access VPN Configuration</li></ul><h5>Explaining Cisco Secure Network Access Solutions</h5><ul>
<li>Cisco Secure Network Access</li><li>Cisco Secure Network Access Components</li><li>AAA Role in Cisco Secure Network Access Solution</li><li>Cisco Identity Services Engine</li><li>Cisco TrustSec</li></ul><h5>Describing 802.1X Authentication</h5><ul>
<li>802.1X and EAP</li><li>EAP Methods</li><li>Role of RADIUS in 802.1X Communications</li><li>RADIUS Change of Authorization</li></ul><h5>Configuring 802.1X Authentication</h5><ul>
<li>Cisco Catalyst Switch 802.1X Configuration</li><li>Cisco WLC 802.1X Configuration</li><li>Cisco ISE 802.1X Configuration</li><li>Supplicant 802.1x Configuration</li><li>Cisco Central Web Authentication</li></ul><h5>Describing Endpoint Security Technologies*</h5><ul>
<li>Host-Based Personal Firewall</li><li>Host-Based Anti-Virus</li><li>Host-Based Intrusion Prevention System</li><li>Application Whitelists and Blacklists</li><li>Host-Based Malware Protection</li><li>Sandboxing Overview</li><li>File Integrity Checking</li></ul><h5>Deploying Cisco AMP for Endpoints*</h5><ul>
<li>Cisco AMP for Endpoints Architecture</li><li>Cisco AMP for Endpoints Engines</li><li>Retrospective Security with Cisco AMP</li><li>Cisco AMP Device and File Trajectory</li><li>Managing Cisco AMP for Endpoints</li></ul><h5>Introducing Network Infrastructure Protection*</h5><ul>
<li>Identifying Network Device Planes</li><li>Control Plane Security Controls</li><li>Management Plane Security Controls</li><li>Network Telemetry</li><li>Layer 2 Data Plane Security Controls</li><li>Layer 3 Data Plane Security Controls</li></ul><h5>Deploying Control Plane Security Controls*</h5><ul>
<li>Infrastructure ACLs</li><li>Control Plane Policing</li><li>Control Plane Protection</li><li>Routing Protocol Security</li></ul><h5>Deploying Layer 2 Data Plane Security Controls*</h5><ul>
<li>Overview of Layer 2 Data Plane Security Controls</li><li>VLAN-Based Attacks Mitigation</li><li>STP Attacks Mitigation</li><li>Port Security</li><li>Private VLANs</li><li>DHCP Snooping</li><li>ARP Inspection</li><li>Storm Control</li><li>MACsec Encryption</li></ul><h5>Deploying Layer 3 Data Plane Security Controls*</h5><ul>
<li>Infrastructure Antispoofing ACLs</li><li>Unicast Reverse Path Forwarding</li><li>IP Source Guard</li></ul><p>* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.</p>After taking this course, you should be able to:
- Describe information security concepts and strategies within the network
- Describe common TCP/IP, network application, and endpoint attacks
- Describe how various network security technologies work together to guard against attacks
- Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
- Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
- Describe and implement web content security features and functions provided by Cisco Web Security Appliance
- Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console
- Introduce VPNs and describe cryptography solutions and algorithms
- Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS VTI-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco FirePower NGFW
- Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and EAP authentication
- Provide basic understanding of endpoint security and describe AMP for Endpoints architecture and basic features
- Examine various defenses on Cisco devices that protect the control and management plane
- Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls
- Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
- Describe basics of cloud computing and common cloud attacks and how to secure cloud environment
This course will help you:
- Gain hands-on experience implementing core security technologies and learn best practices using Cisco security solutions
- Prepare for the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam
- Qualify for professional and expert-level security job roles
This course will help you prepare to take the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam. This exam tests a candidate's knowledge of implementing and operating core security technologies.To fully benefit from this course, you should have the following knowledge and skills:
- Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA) v1.0 course
- Familiarity with Ethernet and TCP/IP networking
- Working knowledge of the Windows operating system
- Working knowledge of Cisco IOS networking and concepts
- Familiarity with basics of networking security concepts- Security Engineer
- Network Engineer
- Network Designer
- Network Administrator
- Systems Engineer
- Consulting Systems Engineer
- Technical Solutions Architect
- Cisco Integrators/Partners
- Network Manager
- Cisco integrators and partners- Describing Information Security Concepts*
- Describing Common TCP/IP Attacks*
- Describing Common Network Application Attacks*
- Describing Common Endpoint Attacks*
- Describing Network Security Technologies
- Deploying Cisco ASA Firewall
- Deploying Cisco Firepower Next-Generation Firewall
- Deploying Email Content Security
- Deploying Web Content Security
- Deploying Cisco Umbrella*
- Explaining VPN Technologies and Cryptography
- Introducing Cisco Secure Site-to-Site VPN Solutions
- Deploying Cisco IOS VTI-Based Point-to-Point
- Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW
- Introducing Cisco Secure Remote Access VPN Solutions
- Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW
- Explaining Cisco Secure Network Access Solutions
- Describing 802.1X Authentication
- Configuring 802.1X Authentication
- Describing Endpoint Security Technologies*
- Deploying Cisco AMP for Endpoints*
- Introducing Network Infrastructure Protection*
- Deploying Control Plane Security Controls*
- Deploying Layer 2 Data Plane Security Controls*
- Deploying Layer 3 Data Plane Security Controls*
* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.Describing Information Security Concepts*
- Information Security Overview
- Managing Risk
- Vulnerability Assessment
- Understanding CVSS
Describing Common TCP/IP Attacks*
- Legacy TCP/IP Vulnerabilities
- IP Vulnerabilities
- ICMP Vulnerabilities
- TCP Vulnerabilities
- UDP Vulnerabilities
- Attack Surface and Attack Vectors
- Reconnaissance Attacks
- Access Attacks
- Man-In-The-Middle Attacks
- Denial of Service and Distributed Denial of Service Attacks
- Reflection and Amplification Attacks
- Spoofing Attacks
- DHCP Attacks
Describing Common Network Application Attacks*
- Password Attacks
- DNS-Based Attacks
- DNS Tunneling
- Web-Based Attacks
- HTTP 302 Cushioning
- Command Injections
- SQL Injections
- Cross-Site Scripting and Request Forgery
- Email-Based Attacks
Describing Common Endpoint Attacks*
- Buffer Overflow
- Malware
- Reconnaissance Attack
- Gaining Access and Control
- Gaining Access via Social Engineering
- Gaining Access via Web-Based Attacks
- Exploit Kits and Rootkits
- Privilege Escalation
- Post-Exploitation Phase
- Angler Exploit Kit
Describing Network Security Technologies
- Defense-in-Depth Strategy
- Defending Across the Attack Continuum
- Network Segmentation and Virtualization Overview
- Stateful Firewall Overview
- Security Intelligence Overview
- Threat Information Standardization
- Network-Based Malware Protection Overview
- IPS Overview
- Next Generation Firewall Overview
- Email Content Security Overview
- Web Content Security Overview
- Threat Analytic Systems Overview
- DNS Security Overview
- Authentication, Authorization, and Accounting Overview
- Identity and Access Management Overview
- Virtual Private Network Technology Overview
- Network Security Device Form Factors Overview
Deploying Cisco ASA Firewall
- Cisco ASA Deployment Types
- Cisco ASA Interface Security Levels
- Cisco ASA Objects and Object Groups
- Network Address Translation
- Cisco ASA Interface ACLs
- Cisco ASA Global ACLs
- Cisco ASA Advanced Access Policies
- Cisco ASA High Availability Overview
Deploying Cisco Firepower Next-Generation Firewall
- Cisco Firepower NGFW Deployments
- Cisco Firepower NGFW Packet Processing and Policies
- Cisco Firepower NGFW Objects
- Cisco Firepower NGFW NAT
- Cisco Firepower NGFW Prefilter Policies
- Cisco Firepower NGFW Access Control Policies
- Cisco Firepower NGFW Security Intelligence
- Cisco Firepower NGFW Discovery Policies
- Cisco Firepower NGFW IPS Policies
- Cisco Firepower NGFW Malware and File Policies
Deploying Email Content Security
- Cisco Email Content Security Overview
- SMTP Overview
- Email Pipeline Overview
- Public and Private Listeners
- Host Access Table Overview
- Recipient Access Table Overview
- Mail Policies Overview
- Protection Against Spam and Graymail
- Anti-virus and Anti-malware Protection
- Outbreak Filters
- Content Filters
- Data Loss Prevention
- Email Encryption
Deploying Web Content Security
- Cisco WSA Overview
- Deployment Options
- Network Users Authentication
- HTTPS Traffic Decryption
- Access Policies and Identification Profiles
- Acceptable Use Controls Settings
- Anti-Malware Protection
Deploying Cisco Umbrella*
- Cisco Umbrella Architecture
- Deploying Cisco Umbrella
- Cisco Umbrella Roaming Client
- Managing Cisco Umbrella
- Cisco Umbrella Investigate Overview
Explaining VPN Technologies and Cryptography
- VPN Definition
- VPN Types
- Secure Communication and Cryptographic Services
- Keys in Cryptography
- Public Key Infrastructure
Introducing Cisco Secure Site-to-Site VPN Solutions
- Site-to-Site VPN Topologies
- IPsec VPN Overview
- IPsec Static Crypto Maps
- IPsec Static Virtual Tunnel Interface
- Dynamic Multipoint VPN
- Cisco IOS FlexVPN
Deploying Cisco IOS VTI-Based Point-to-Point
- Cisco IOS VTIs
- Static VTI Point-to-Point IPsec IKEv2 VPN Configuration
Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW
- Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW
- Cisco ASA Point-to-Point VPN Configuration
- Cisco Firepower NGFW Point-to-Point VPN Configuration
Introducing Cisco Secure Remote Access VPN Solutions
- Remote Access VPN Components
- Remote Access VPN Technologies
- SSL Overview
Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW
- Remote Access Configuration Concepts
- Connection Profiles
- Group Policies
- Cisco ASA Remote Access VPN Configuration
- Cisco Firepower NGFW Remote Access VPN Configuration
Explaining Cisco Secure Network Access Solutions
- Cisco Secure Network Access
- Cisco Secure Network Access Components
- AAA Role in Cisco Secure Network Access Solution
- Cisco Identity Services Engine
- Cisco TrustSec
Describing 802.1X Authentication
- 802.1X and EAP
- EAP Methods
- Role of RADIUS in 802.1X Communications
- RADIUS Change of Authorization
Configuring 802.1X Authentication
- Cisco Catalyst Switch 802.1X Configuration
- Cisco WLC 802.1X Configuration
- Cisco ISE 802.1X Configuration
- Supplicant 802.1x Configuration
- Cisco Central Web Authentication
Describing Endpoint Security Technologies*
- Host-Based Personal Firewall
- Host-Based Anti-Virus
- Host-Based Intrusion Prevention System
- Application Whitelists and Blacklists
- Host-Based Malware Protection
- Sandboxing Overview
- File Integrity Checking
Deploying Cisco AMP for Endpoints*
- Cisco AMP for Endpoints Architecture
- Cisco AMP for Endpoints Engines
- Retrospective Security with Cisco AMP
- Cisco AMP Device and File Trajectory
- Managing Cisco AMP for Endpoints
Introducing Network Infrastructure Protection*
- Identifying Network Device Planes
- Control Plane Security Controls
- Management Plane Security Controls
- Network Telemetry
- Layer 2 Data Plane Security Controls
- Layer 3 Data Plane Security Controls
Deploying Control Plane Security Controls*
- Infrastructure ACLs
- Control Plane Policing
- Control Plane Protection
- Routing Protocol Security
Deploying Layer 2 Data Plane Security Controls*
- Overview of Layer 2 Data Plane Security Controls
- VLAN-Based Attacks Mitigation
- STP Attacks Mitigation
- Port Security
- Private VLANs
- DHCP Snooping
- ARP Inspection
- Storm Control
- MACsec Encryption
Deploying Layer 3 Data Plane Security Controls*
- Infrastructure Antispoofing ACLs
- Unicast Reverse Path Forwarding
- IP Source Guard
* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.5 dagen3000.002290.002800.003495.003495.003495.003495.003495.003495.003495.003495.003495.002990.004150.004300.002625.003305.0011070.002625.002625.002625.004060.004300.003440.002580.003595.003595.003595.002995.00195500.002995.005935.0035.0035.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.00