Scribd Logo
Upload

Welcome to Scribd!

  • Cyber Security Analyst Cert Data Sheet

    Uploaded by

    Rizwan Ahmed Ansari
    33 views4 pages
    aaaaaa

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    aaaaaa

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    33 views4 pages

    Cyber Security Analyst Cert Data Sheet

    Uploaded by

    Rizwan Ahmed Ansari
    aaaaaa

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Education Data Sheet

    Learning Services
    Securing Cisco Networks with Threat Detection and
    Analysis (SCYBER)

    The Securing Cisco Networks with Threat Detection Analysis (SCYBER) course,
    version 1.0 is an instructor-led course offered by Learning Services High-Touch Delivery.
    This lab-intensive training course prepares you to take the Cyber Security Specialist
    Certification exam (exam ID = 600-199) and to hit the ground running as a security
    analyst team member.
    The course combines lecture materials and hands-on labs throughout to make sure that
    you are able to successfully understand cyber security concepts and to recognize specific
    threats and attacks on your network. This course is designed to teach you how a network
    security operations center (SOC) works and how to begin to monitor, analyze, and
    respond to security threats within the network. The job role for a security analyst will vary
    from industry to industry and differ in the private sector versus the public sector.
    Duration
    Five days.

    Target Audience
    This course is designed for technical professionals who need to know how to monitor, analyze, and
    respond to network security threats and attacks.

    Course Objectives
    Upon completion of this course, you should have obtained four major areas of competency:

    Monitor security events

    Configure and tune security event detection and alarming

    Analyze traffic for security threats

    Respond appropriately to security incidents

    All contents are Copyright 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 1 of 4

    Education Data Sheet

    Learning Services
    Course Prerequisites
    Following is the recommended prerequisite training for this course:

    Standard CCNA certification as a minimum with CCNA Security a plus

    Basic Cisco IOS Software switch and router configuration skills

    Course Outline
    The course outline is as follows:

    Module 1: Course Introduction: Overview of Network Security and Operations

    Module 2: Network and Security Operations Data Analysis

    Module 3: Packet Analysis

    Module 4: Network Log Analysis

    Module 5: Baseline Network Operations

    Module 6: Preparing for Security Incidents

    Module 7: Detecting Security Incidents

    Module 8: Investigating Security Incidents

    Module 9: Reacting to an Incident

    Module 10: Communicating Incidents Effectively

    Module 11: Postevent Activity

    Lab Outline
    The lab outline is as follows:

    Lab 1: Assess Understanding of Network and Security Operations

    Lab 2: Assess Understanding of Network and Security Data Analysis

    Lab 3: Network and Security Data Analysis Team-Building Activity

    Lab 4: Packet Capture Exercise 1

    Lab 5: Packet Capture Exercise 2

    Lab 6: Packet Capture Exercise 3

    Lab 7: Understanding Log Data

    Lab 8: Correlation Lab

    Lab 9: Assessing Understanding

    Lab 10: Mapping a Monitored Network Topology

    Lab 11: Assessing Normal Behaviors of a Monitored Network

    Lab 12: Assessing Current Security Controls

    Lab 13: Assessing Current Monitoring System

    Lab 14: Manually Correlating Events

    Lab 15: Automatically Correlating Events

    Lab 16: Identifying a Security Incident

    Lab 17: Understanding NetFlow

    Lab 18: NetFlow Practical Activity

    Lab 19: Assessing Understanding

    All contents are Copyright 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 2 of 4

    Education Data Sheet

    Learning Services

    Lab 20: Selecting Mitigations

    Lab 21: Developing Mitigations

    Lab 22: Documenting Incidents

    Lab 23: Recommending Remediation

    Lab 24: Improving Security

    Lab 25: Incident Response Challenge Lab

    Lab Infrastructure and Topology


    This lab infrastructure is designed to walk you through the process of understanding how
    a network SOC works and then proceeds into the data security threat analysis and
    response process.
    The course uses software such as Lancope, Splunk, OSSIM, and Observium to simulate
    some of the most current cyber security threats on the lab equipment. For example, in the
    module Investigating Security Threats, you will perform the initial configuration of
    NetFlow, followed by interpreting the traffic in the NetFlow environment. Similarly, you will
    configure SNMP monitoring to work with the Observium software.
    Figure 1 shows the high-level lab topology for this course.

    Figure 1. Lab Topology

    ASA TIS
    Controlled

    Outside
    Zone 0

    64.102.246.131

    Class Support
    Systems

    5520

    Remote
    Access

    10.1.1.1

    10.1.X.X
    Network
    10.1.1.4

    Zone 1

    Attack Tools

    1941
    Pagent
    Traffic Gen
    10.1.1.2

    Student Tools

    Packet Capture
    Flow Capture

    Attack, Injection,
    Replay
    10.3.1.X
    Network

    1941

    Layer 3
    Shared
    Router

    Zone 2
    Pod1

    10.2.X.X
    Network
    Pod P

    10.2.2.11

    10.2.2.1P-2P

    1941

    1941

    10.3.1.1

    10.3.P.1

    Student
    Pods 2-12
    10.3.P.X
    Network

    Zone 3
    10.3.1.10

    Student Vmware
    Servers & XP
    Client

    All contents are Copyright 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    10.3.P.10

    Zone 3

    Student Vmware
    Servers & XP
    Client

    Page 3 of 4

    Education Data Sheet

    Learning Services
    Registration Email
    For more information about schedules and registration for this course, contact
    aeskt_registration@external.cisco.com.

    Website Addresses for More Information


    For more information on Learning Services for Cisco classic products and technologies, visit
    www.cisco.com/go/ase.

    For information on Cisco TelePresence training, visit www.cisco.com/go/telepresencetraining/.


    For information on broadband video training for service providers, visit
    www.cisco.com/go/spvtraining.

    For information on Cisco WebEx technology training, visit www.cisco.com/go/webextraining.


    For information on mobile Internet technology training, visit www.cisco.com/go/mitg.

    Americas Headquarters
    Cisco Systems, Inc.
    San Jose, CA

    Asia Pacific Headquarters


    Cisco Systems (USA) Pte. Ltd.
    Singapore

    Europe Headquarters
    Cisco Systems International BV Amsterdam,
    The Netherlands

    Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices.
    Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go
    to this URL: www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply
    a partnership relationship between Cisco and any other company. (1110R)

    All contents are Copyright 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.

    Page 4 of 4

    You might also like