IPS Implementing Cisco Intrusion Prevention System v7.0 Classroom

IPS_7 Implementing Cisco Intrusion Prevention System v7.0

Course Description

We continue to provide you with a competitive advantage to help better prepare you for your Cisco certification exam.

Implementing Cisco Intrusion Prevention System (IPS) v7.0 aims at providing network security engineers with the knowledge and skills needed to configure Cisco IPS Sensors and Sensor Features.

Our students will learn the skills they need to deploy Cisco Intrusion Prevention System (IPS)-based security solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco IPS features, and provide detailed operations support for the Cisco IPS.

Prerequisites

The knowledge and skills that you must have before attending this course include concepts from the following Cisco Certification Courses:

• Cisco Certified Network Associate (CCNA) certification:
• Interconnecting Cisco Network Devices 1 (ICND1)
• Interconnecting Cisco Network Devices 2 (ICND2)
• Cisco Certified Network Associate Security (CCNA Security) certification:
• Implementing Cisco IOS Network Security (IINS)

In addition to the above prerequisite skills, learners will benefit from a working knowledge of the Microsoft Windows operating system.

Associated Certifications

• Cisco Certified Network Professional - Security (CCNP Security)

Who Should Attend

This course is intended for the following audience:

• Network Security Engineers (NSEs)

Course Objectives

After completing this course, you will be able to:

• Evaluate the basic technology, features, and hardware models of the Cisco ASA adaptive security appliance product line
• Implement and maintain basic Cisco ASA adaptive security appliance connectivity and device management plane features
• Implement and maintain data plane access control features of the Cisco ASA adaptive security appliance product family
• Implement and maintain Cisco ASA adaptive security appliance features that integrate it with the local and global routing and switching infrastructure
• Implement and maintain Cisco ASA adaptive security appliance virtualization and high availability features
• Evaluate Cisco ASA adaptive security appliance SSM modules, their major features, and integrate them with the Cisco ASA adaptive security appliance

Course Outline

Module 1: Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices

• Lesson 1: Evaluating Intrusion Prevention and Intrusion Detection Systems
• Lesson 2: Choosing Cisco IPS Software, Hardware, and Supporting Applications
• Lesson 3: Evaluating Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti- Evasive Countermeasures
• Lesson 4: Choosing a Network IPS and IDS Deployment Architecture

Module 2: Installing and Maintaining Cisco IPS Sensors

• Lesson 1: Integrating the Cisco IPS Sensor into a Network
• Lesson 2: Performing the Cisco IPS Sensor Initial Setup

Module 3: Applying Cisco IPS Security Policies

• Lesson 1: Configuring Basic Traffic Analysis
• Lesson 2: Implementing Cisco IPS Signatures and Responses
• Lesson 3: Configuring Cisco IPS Signature Engines and the Signature Database
• Lesson 4: Deploying Anomaly-Based Operation

Module 4: Adapting Traffic Analysis and Response to the Environment

• Lesson 1: Customizing Traffic Analysis
• Lesson 2: Managing False Positives and False Negatives
• Lesson 3: Improving Alarm and Response Quality

Module 5: Managing and Analyzing Events

• Lesson 1: Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors
• Lesson 2: Managing and Investigating Events Using Cisco IPS Manager Express
• Lesson 3: Using Cisco IME Reporting and Notifications
• Lesson 4: Integrating Cisco IPS with Cisco Security Manager and Cisco Security MARS
• Lesson 5: Using the Cisco IntelliShield Database and Services

Module 6: Deploying Virtualization, High Availability, and High Performance Solutions

• Lesson 1: Using Cisco IPS Virtual Sensors
• Lesson 2: Deploying Cisco IPS for High Availability and High Performance

Module 7: Configuring and Maintaining Specific Cisco IPS Hardware

• Lesson 1: Configuring and Maintaining the Cisco ASA AIP SSM and AIP SSC Modules
• Lesson 2: Configuring and Maintaining the Cisco ISR IPS AIM and IPS NME Modules
• Lesson 3: Configuring and Maintaining the Cisco IDSM-2 Module

Hands-on Lab Exercises

• Lab 2-1: Performing the Cisco IPS Sensor Initial Setup
• Lab 2-2: Managing a Cisco IPS Sensor
• Lab 3-1: Configuring and Modifying Basic Cisco IPS Signatures and Responses
• Lab 3-2: Configuring Cisco IPS Anomaly-Based Operation
• Lab 4-1: Configuring Custom Cisco IPS Signatures
• Lab 4-2: Managing False Positives and False Negatives
• Lab 4-3: Improving Alarm and Response Quality
• Lab 5-1: Using the Cisco IME
• Lab 5-2: Using Cisco IPS and Security Intelligence Web Resources
• Lab 6-1: Configuring Policy Virtualization