Cisco 600-199 Exam

Education Data Sheet

Learning Services
Securing Cisco Networks with Threat Detection and
Analysis (SC...
Education Data Sheet

Learning Services
Course Prerequisites
Following is the recommended prerequisite training for this c...
Education Data Sheet

Learning Services

●

Lab 20: Selecting Mitigations

●

Lab 21: Developing Mitigations

●

Lab 22: D...
Education Data Sheet

Learning Services
Registration Email
For more information about schedules and registration for this ...
Upcoming SlideShare
Loading in …5
×

600-199 Exam Questions - Securing Cisco Networks with Threat Detection and Analysis

1,382 views

Published on

Published in: Education, Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,382
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
15
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

600-199 Exam Questions - Securing Cisco Networks with Threat Detection and Analysis

  1. 1. Cisco 600-199 Exam Education Data Sheet Learning Services Securing Cisco Networks with Threat Detection and Analysis (SCYBER) 600-199 Exam The Securing Cisco® Networks with Threat Detection Analysis (SCYBER) course, version 1.0 is an instructor-led course offered by Learning Services High-Touch Delivery. This lab-intensive training course prepares you to take the Cyber Security Specialist Certification exam (exam ID = 600-199) and to hit the ground running as a security analyst team member. The course combines lecture materials and hands-on labs throughout to make sure that you are able to successfully understand cyber security concepts and to recognize specific threats and attacks on your network. This course is designed to teach you how a network security operations center (SOC) works and how to begin to monitor, analyze, and respond to security threats within the network. The job role for a security analyst will vary from industry to industry and differ in the private sector versus the public sector. Duration Five days. Target Audience This course is designed for technical professionals who need to know how to monitor, analyze, and respond to network security threats and attacks. Course Objectives Upon completion of this course, you should have obtained four major areas of competency: ● Monitor security events ● Configure and tune security event detection and alarming ● Analyze traffic for security threats ● Respond appropriately to security incidents All contents are Copyright © 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 4
  2. 2. Education Data Sheet Learning Services Course Prerequisites Following is the recommended prerequisite training for this course: ● Standard CCNA® certification as a minimum with CCNA Security a plus ● Basic Cisco IOS® Software switch and router configuration skills Course Outline The course outline is as follows: ● Module 1: Course Introduction: Overview of Network Security and Operations ● Module 2: Network and Security Operations Data Analysis ● Module 3: Packet Analysis ● Module 4: Network Log Analysis ● Module 5: Baseline Network Operations ● Module 6: Preparing for Security Incidents ● Module 7: Detecting Security Incidents ● Module 8: Investigating Security Incidents ● Module 9: Reacting to an Incident ● Module 10: Communicating Incidents Effectively ● Module 11: Postevent Activity Lab Outline The lab outline is as follows: ● Lab 1: Assess Understanding of Network and Security Operations ● Lab 2: Assess Understanding of Network and Security Data Analysis ● Lab 3: Network and Security Data Analysis Team-Building Activity ● Lab 4: Packet Capture Exercise 1 ● Lab 5: Packet Capture Exercise 2 ● Lab 6: Packet Capture Exercise 3 ● Lab 7: Understanding Log Data ● Lab 8: Correlation Lab ● Lab 9: Assessing Understanding ● Lab 10: Mapping a Monitored Network Topology ● Lab 11: Assessing Normal Behaviors of a Monitored Network ● Lab 12: Assessing Current Security Controls ● Lab 13: Assessing Current Monitoring System ● Lab 14: Manually Correlating Events ● Lab 15: Automatically Correlating Events ● Lab 16: Identifying a Security Incident ● Lab 17: Understanding NetFlow ● Lab 18: NetFlow Practical Activity ● Lab 19: Assessing Understanding All contents are Copyright © 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 4
  3. 3. Education Data Sheet Learning Services ● Lab 20: Selecting Mitigations ● Lab 21: Developing Mitigations ● Lab 22: Documenting Incidents ● Lab 23: Recommending Remediation ● Lab 24: Improving Security ● Lab 25: Incident Response Challenge Lab Lab Infrastructure and Topology This lab infrastructure is designed to walk you through the process of understanding how a network SOC works and then proceeds into the data security threat analysis and response process. The course uses software such as Lancope, Splunk, OSSIM, and Observium to simulate some of the most current cyber security threats on the lab equipment. For example, in the module “Investigating Security Threats,” you will perform the initial configuration of NetFlow, followed by interpreting the traffic in the NetFlow environment. Similarly, you will configure SNMP monitoring to work with the Observium software. Figure 1 shows the high-level lab topology for this course. Figure 1. Lab Topology ASA TIS Controlled Outside Zone 0 64.102.246.131 Class Support Systems 5520 Remote Access 10.1.1.1 10.1.X.X Network 10.1.1.4 Zone 1 Attack Tools 1941 Pagent Traffic Gen 10.1.1.2 Student Tools 1941 Layer 3 Shared Router Packet Capture Flow Capture Attack, Injection, Replay Zone 2 Pod1 10.2.X.X Network Pod P 10.2.2.11 10.2.2.1P-2P 1941 10.3.1.X Network 10.3.1.1 Student Pods 2-12 1941 10.3.P.1 10.3.P.X Network Zone 3 10.3.1.10 Student Vmware Servers & XP Client All contents are Copyright © 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. 10.3.P.10 Zone 3 Student Vmware Servers & XP Client Page 3 of 4
  4. 4. Education Data Sheet Learning Services Registration Email For more information about schedules and registration for this course, contact aeskt_registration@external.cisco.com. Website Addresses for More Information For more information on Learning Services for Cisco classic products and technologies, visit www.cisco.com/go/ase. ® For information on Cisco TelePresence training, visit www.cisco.com/go/telepresencetraining/. For information on broadband video training for service providers, visit www.cisco.com/go/spvtraining. ® For information on Cisco WebEx technology training, visit www.cisco.com/go/webextraining. For information on mobile Internet technology training, visit www.cisco.com/go/mitg. 600-199 Exam Questions For Question answers and practice test of 600-199 exam please visit this website. Americas Headquarters Cisco Systems, Inc. San Jose, CA Asia Pacific Headquarters Cisco Systems (USA) Pte. Ltd. Singapore Europe Headquarters Cisco Systems International BV Amsterdam, The Netherlands Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco Website at www.cisco.com/go/offices. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) All contents are Copyright © 2013 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 4

×