|
CISCO -
CCSP - CSIDS Intrusion Detection Systems (642-531)
|
Description
Cisco® Secure Intrusion Detection System (CSIDS) is one of five exams
required for Cisco® CCSP™ certification. In the CSIDS course
from ATS, expert instructor Michael Storm shows network security engineers
and certification candidates IDS architecture, sensor deployment, system
management and how to manage threat signatures and alarms. At the conclusion
of this course you will be prepared to deploy and manage a Cisco®
intrusion detection system, and pass the CSIDS exam.
 
|
 |
Course
Outline
Module 1
Section A: Introduction · 4.x Approach · 4.x Protection ·
Prerequisites
Section B: Attacks & Threats · Types of Threats · Types of
Attacks · Security System · Security Wheel · Secure &
Monitor · Test & Improve
Section C: SAFE Framework · Architecture · AVVID Benefits ·
Cisco SAFE · Design Objectives · SAFE Benefits
Section D: Detection Methodologies · Detection Options · Signatures
· Pattern Matching · Stateful Pattern Matches · Protocol
Decode Based · Heuristic Based · Anomaly Based
Section E: CSIDS Process · Host-Based Protection · Network-Based
Protection · NIDS Environment · IDS Responses · Alarms
· Threat Responses
Section F: Components · Network Sensors · Cisco IDS Family ·
4200 Series Sensors · Catalyst 6500 IDSM · Router Sensor IOS IDS
· PIX Firewall IDS · HIPS Sensor · Security Agent
Section G: Director/Management Platform · Scalable Configuration Management
· Threat Monitoring · Sensor Management Products · HIPS
Management Products · Intrusion Protection Benefit · Active Defense
System · Layer Solution
Module 2
Section A: Sensor Deployment · Sensor Selection · Sensor Placement
· Placement Considerations
Section B: Capturing Network Traffic · Methods & Modes · Hub/Switch
Traffic Flow · SPAN/RSPAN Traffic Flow · TCP Resets & Switches
· SPAN Configuration · RSPAN Configuration · IOS RSPAN
Configuration
Section C: IDS Communications · 3.x Communications · 4.x Communications
· POP · Message Types · Infrastructure · Numeric
ID · Alphanumeric ID
Section D: 3.x Sensor Installation · Setup Sensor · IDS 4230 ·
IDS 4210-4250 · Access & Logon · Comm. Parameters ·
Initialize the Sensor · Infrastructure
Section E: 3.x Sensor Initialization · Sysconfig · Sensor Parameters
· IDS Device Manager · Run Status · View Version ·
Access Browser
Section F: 3.x IDS Device Manager · Requirements · Security ·
Verify Certificate · IDM Interface · Sensor Setup · Configuration
· Monitoring · Administration
Section G: IDS Event Viewer · Modify Remote Host · Add Remote
Host · Graph View/Preferences · Application Settings ·
Viewer Options · Exploit Signatures
Module 3
Section A: 4.x Overview · 4.x Architecture · Sensing Protection
· Communications · RDEP Request/Responses
Section B: 4.x Sensor Installation · Sensor Application Installation
· Special Considerations · Software Installation · Upgrade/Recovery
CD · Management Access · User Accounts · Service Account
Section C: 4.x Sensor Initialization · Setup Sensor · Using CLI
· CLI Modes · Interface Modes · Service Modes ·
Tune Modes
Section D: Initial CLI Configuration · Setup Sensor · Configure
Sensor Access · Build Service Account · Set System Clock ·
Set ACL · Set Network Parameters · Apply Changes
Section E: Maintaining 4.x Sensors · TLS/SSH Connection · View
Configuration/Events · Statistics/Tech Support · Maintenance Tools
· 4.x IDS Device Manager
Section F: IDS Management · IDS MC · System Requirements ·
Installation · Upgrade Process · IDS MC Architecture ·
IDS MC Processes
Section G: Using IDS MC · Accessing Interface · Workflow ·
Sensor/Sensor Groups · Sensor Communications · Sensor Logging
· Maintenance Operations · Signature/Sensor Updates Section H:
IDS Defense · Elusive Methods · Signature Features · Regex
Syntax · Signature Responses · Alarms
Module 4
Section A: IDS Signature Engines · Parameters · Customize Parameters
· Configure Restrictions
Section B: Engine Signatures · ATOMIC Parameters · FLOOD Parameters
· SERVICE Parameters · STATE.STRING · STRING & SWEEP
· Miscellaneous Engines
Section C: Implementing Signatures · Selection Criteria · Sensing
Configuration · Signature Configuration · Signature Groups ·
Signature Filtering · Setup Filters · Tune/Customize ·
IP Protocol Scenarios
Section D: Blocking · Blocking Elements · Requirements/Guidelines
· Blocking Process · Applying ACLs · Configure Blocking
· Applying Blocking · Master Blocking Sensor · Configure
Master
Section E: Catalyst IDSM2 · Internal Defense · IDSM2 Features
· Requirements · Configure IDSM2 · Initialize IDSM2 ·
Verify Status · IOS Configuration Tasks · IOS Configuration
Section F: Security Monitoring · Cisco Threat Response · Deployment
· Requirements/Installation · Access Security Monitor ·
Configure Monitor/Devices · Connections/Statistics
Section G: Event Handling · Event Notification · Event Viewer
· Reporting
Price Per User £ 630 (Bundle of 4)
Complementary Courses
Cisco SECUR
Cisco PIX Firewall
Cisco VPN Security Training
Cisco SAFE
Security+
<<Back
<<Contact Us
|
