CISCO - CCSP - CSIDS Intrusion Detection Systems (642-531)

Description

Cisco® Secure Intrusion Detection System (CSIDS) is one of five exams required for Cisco® CCSP™ certification. In the CSIDS course from ATS, expert instructor Michael Storm shows network security engineers and certification candidates IDS architecture, sensor deployment, system management and how to manage threat signatures and alarms. At the conclusion of this course you will be prepared to deploy and manage a Cisco® intrusion detection system, and pass the CSIDS exam.

Course Outline

Module 1
Section A: Introduction · 4.x Approach · 4.x Protection · Prerequisites
Section B: Attacks & Threats · Types of Threats · Types of Attacks · Security System · Security Wheel · Secure & Monitor · Test & Improve
Section C: SAFE Framework · Architecture · AVVID Benefits · Cisco SAFE · Design Objectives · SAFE Benefits
Section D: Detection Methodologies · Detection Options · Signatures · Pattern Matching · Stateful Pattern Matches · Protocol Decode Based · Heuristic Based · Anomaly Based
Section E: CSIDS Process · Host-Based Protection · Network-Based Protection · NIDS Environment · IDS Responses · Alarms · Threat Responses
Section F: Components · Network Sensors · Cisco IDS Family · 4200 Series Sensors · Catalyst 6500 IDSM · Router Sensor IOS IDS · PIX Firewall IDS · HIPS Sensor · Security Agent
Section G: Director/Management Platform · Scalable Configuration Management · Threat Monitoring · Sensor Management Products · HIPS Management Products · Intrusion Protection Benefit · Active Defense System · Layer Solution

Module 2
Section A: Sensor Deployment · Sensor Selection · Sensor Placement · Placement Considerations
Section B: Capturing Network Traffic · Methods & Modes · Hub/Switch Traffic Flow · SPAN/RSPAN Traffic Flow · TCP Resets & Switches · SPAN Configuration · RSPAN Configuration · IOS RSPAN Configuration
Section C: IDS Communications · 3.x Communications · 4.x Communications · POP · Message Types · Infrastructure · Numeric ID · Alphanumeric ID
Section D: 3.x Sensor Installation · Setup Sensor · IDS 4230 · IDS 4210-4250 · Access & Logon · Comm. Parameters · Initialize the Sensor · Infrastructure
Section E: 3.x Sensor Initialization · Sysconfig · Sensor Parameters · IDS Device Manager · Run Status · View Version · Access Browser
Section F: 3.x IDS Device Manager · Requirements · Security · Verify Certificate · IDM Interface · Sensor Setup · Configuration · Monitoring · Administration
Section G: IDS Event Viewer · Modify Remote Host · Add Remote Host · Graph View/Preferences · Application Settings · Viewer Options · Exploit Signatures

Module 3
Section A: 4.x Overview · 4.x Architecture · Sensing Protection · Communications · RDEP Request/Responses
Section B: 4.x Sensor Installation · Sensor Application Installation · Special Considerations · Software Installation · Upgrade/Recovery CD · Management Access · User Accounts · Service Account
Section C: 4.x Sensor Initialization · Setup Sensor · Using CLI · CLI Modes · Interface Modes · Service Modes · Tune Modes
Section D: Initial CLI Configuration · Setup Sensor · Configure Sensor Access · Build Service Account · Set System Clock · Set ACL · Set Network Parameters · Apply Changes
Section E: Maintaining 4.x Sensors · TLS/SSH Connection · View Configuration/Events · Statistics/Tech Support · Maintenance Tools · 4.x IDS Device Manager
Section F: IDS Management · IDS MC · System Requirements · Installation · Upgrade Process · IDS MC Architecture · IDS MC Processes
Section G: Using IDS MC · Accessing Interface · Workflow · Sensor/Sensor Groups · Sensor Communications · Sensor Logging · Maintenance Operations · Signature/Sensor Updates Section H: IDS Defense · Elusive Methods · Signature Features · Regex Syntax · Signature Responses · Alarms

Module 4
Section A: IDS Signature Engines · Parameters · Customize Parameters · Configure Restrictions
Section B: Engine Signatures · ATOMIC Parameters · FLOOD Parameters · SERVICE Parameters · STATE.STRING · STRING & SWEEP · Miscellaneous Engines
Section C: Implementing Signatures · Selection Criteria · Sensing Configuration · Signature Configuration · Signature Groups · Signature Filtering · Setup Filters · Tune/Customize · IP Protocol Scenarios
Section D: Blocking · Blocking Elements · Requirements/Guidelines · Blocking Process · Applying ACLs · Configure Blocking · Applying Blocking · Master Blocking Sensor · Configure Master
Section E: Catalyst IDSM2 · Internal Defense · IDSM2 Features · Requirements · Configure IDSM2 · Initialize IDSM2 · Verify Status · IOS Configuration Tasks · IOS Configuration
Section F: Security Monitoring · Cisco Threat Response · Deployment · Requirements/Installation · Access Security Monitor · Configure Monitor/Devices · Connections/Statistics
Section G: Event Handling · Event Notification · Event Viewer · Reporting


Price Per User £ 630 (Bundle of 4)

Complementary Courses
Cisco SECUR
Cisco PIX Firewall
Cisco VPN Security Training
Cisco SAFE
Security+

<<Back <<Contact Us