About Course

Duration: 5 days
 
*Instructor-led lessons
*Classroom presence or online as hybrid training
 

Implementing and Operating Cisco Security Core Technologies (SCOR)

The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.1 training prepares you for the Cisco CCNP Security and CCIE® Security certifications and senior-level security functions. In this training, you will master the skills and technologies you need to implement Cisco Security core solutions to provide advanced threat mitigation against cybersecurity attacks. You will learn network, cloud and content security, endpoint protection, secure network access, visibility and enforcement. You will gain extensive hands-on experience deploying Cisco Firepower Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall, configuring access control policies, mail policies, 802.1X authentication, and more. You will also get an introduction to the threat detection capabilities of Cisco Stealthwatch® Enterprise and Cisco Stealthwatch Cloud.

This training, including the self-study material, prepares you for the Implementing and Operating Cisco Security Core Technologies exam (350-701 SCOR), which leads to the CCNP Security, CCIE Security, and Cisco Certified Specialist - Security Core certifications. This training also earns you 64 Continuing Education (CE) credits for recertification.

Technology areas: Security

Goals

After completing this training you should be able to

  • describe information security concepts and strategies in the network
  • Describe common TCP/IP, network and endpoint attacks
  • Describe how different network security technologies work together to defend against attacks
  • Implement access control on Cisco ASA devices and Cisco Firepower Next-Generation Firewall
  • Deploy and implement basic email content security features and functionality provided by the Cisco Email Security Appliance
  • Deploy and implement web content security features and functionality provided by the Cisco Web Security Appliance
  • Introduce Cisco Umbrella security features, deployment models, policy management and Investigate console
  • introduce VPNs and describe cryptographic solutions and algorithms
  • Describe Cisco secure site-to-site connectivity solutions and how to deploy Cisco Internetwork Operating System (Cisco IOS) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs and point-to-point IPsec VPNs on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW).
  • Describe Cisco secure remote access connectivity solutions and how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication.
  • Provide a basic understanding of endpoint security and describe the architecture and basic functionality of Advanced Malware Protection (AMP) for Endpoints
  • Explore different defenses on Cisco devices that protect the Control Plane and Management Plane
  • Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls
  • Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
  • Describe the basics of cloud computing and common cloud attacks as well as methods for securing the cloud environment

Prerequisites

To fully benefit from this course, you should have the following knowledge and skills:

  • Skills and knowledge learned in the "Implementing and Administering Cisco Solutions CCNA v1.0" course
  • Familiarity with Ethernet and TCP/IP networks
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networks and concepts
  • Basic knowledge of network security concepts

The following Cisco courses are recommended to fulfill these requirements:

  • Implementing and Administering Cisco Solutions (CCNA)

Laboratory classification

  • Configuring network settings and NAT on Cisco ASA
  • Configuring access control policies on Cisco ASA
  • Configuring Cisco Firepower NGFW NAT
  • Configuring access control policies on Cisco Firepower NGFW
  • Configuring Cisco Firepower NGFW Discovery and IPS Policy
  • Configuring Cisco NGFW Malware and File Policies
  • Configuring Listener, Host Access Table (HAT) and Recipient Access Table (RAT) on Cisco Email Security Appliance (ESA)
  • Configuring e-mail policies
  • Configuring proxy services, authentication and HTTPS decryption
  • Enforce acceptable use and malware protection policies
  • Examination of the Umbrella Dashboard
  • Investigation by Cisco Umbrella Investigate
  • Exploration of DNS ransomware protection by Cisco Umbrella
  • Configuring a static VTI point-to-point IPsec IKEv2 tunnel
  • Configuring point-to-point VPN between Cisco ASA and Cisco Firepower NGFW
  • Configuring the Remote Access VPN on the Cisco Firepower NGFW
  • Exploring Cisco AMP for Endpoints
  • Performing endpoint analyses with the AMP for Endpoints console
  • Exploring file ransomware protection through the Cisco AMP for Endpoints console
  • Exploring Cisco Stealthwatch Enterprise v6.9.3
  • Exploring Cognitive Threat Analytics (CTA) in Stealthwatch Enterprise v7.0
  • Exploring the Cisco Cloudlock dashboard and user security
  • Exploring the application and data security of Cisco Cloudlock
  • Exploring Cisco Stealthwatch Cloud
  • Exploring Stealthwatch cloud alarm settings, watchlists and sensors
Show More