Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS)

Программа курса

  • Module 1:Sourcefire System Overview and Classroom Setup
  • Module 2:Device Management
  • Module 3:Object Management
  • Module 4:Access Control Policy
  • Module 5: Network-based Malware Detection
  • Module 6: FireSIGH Technology
  • Module 7: Correlation Policies
  • Module 8: IPS Policy Basics
  • Module 9:Advanced IPS Polcity Configurations
  • Module 10: User Account Management
  • Module 11: Event Anlaysis
  • Module 12: Reporting
  • Module 13: Basic Rule Syntax and Usage
  • Module 14: Case Studies in Rule Writing and Packet Analysis
  • Lab 1: Verifying the License
  • Lab 2:Testing the Environment by Running Attack PCAPs
  • Lab 3:Viewing Events
  • Lab 4: Layer 2 and 3 Simulation
  • Lab 5: Inline Interface Configuration
  • Lab 6: Creating Objects
  • Lab 7: Creating an Access Control Policy (Port Inspection)
  • Lab 8: Creating an Access Control Policy (Application Awareness)
  • Lab 9: URL Filtering
  • Lab 10: Including an IPS Policy in Access Control Rules
  • Lab 11: Creating a File Policy
  • Lab 12:Tunning the Network Discovery Policy
  • Lab 13:Viewing FireSIGHT Data
  • Lab 14:User Discovery
  • Lab 15:Creating a Correlation Policy Based on Connection Data
  • Lab 16:White Lists
  • Lab 17:Working with Connection Data and Traffic Profiles
  • Lab 18:Creating an Intrusion Policy
  • Lab 19:Including FireSIGHT Recommendations in an Intrusion Policy
  • Lab 20:Tunning Your HTTP_Inspect Preprocessor
  • Lab 21: Apply and Test Your Policy and Varriable Set
  • Lab 22: Create User Accounts and Configure the UI Timeout Value
  • Lab 23: Testing Exempt and Non Exempt Users
  • Lab 24: Permission Escalation
  • Lab 25: Working with External Accounts
  • Lab 26: Analysis Lab
  • Lab 27: Tunning Events
  • Lab 28: Context Explorer
  • Lab 29: Comparing Trends with Reports
  • Lab 30: Writing Custom Rules
  • Lab 31: Research and Packet Analysis
  • Lab 32: Revisiting the Kaminsky Vulnerability