Tin Tức & Sự kiện

NỘI DUNG ĐÀO TẠO CCNP SECURITY CORE (SCOR 300-701) TẠI WAREN

26/08/2019 03:19:05

Implementing And Operating Cisco Security Core Technologies – SCOR (300-701) là khóa học bắt buộc trong chương trình CCNP Security. Khóa học SCOR (300-701) cung cấp những kiến thức để người học có thể hiểu, triển khai và vận hành các công nghệ bảo mật cốt lõi của Cisco bao gồm: network security, cloud security, content security, endpoint protection & detection, secure network access, visibility and enforcement. Implementing And Operating Cisco Security Core Technologies – SCOR (300-701) cũng là bài thi bắt buộc nếu bạn muốn lấy chứng chỉ chuyên gia bảo mật Cisco CCIE Security.

NỘI DUNG KHÓA HỌC

SECURITY CONCEPTS

-       Explain common threats against on-premises and cloud environments

ü  On-premises: viruses, trojans, DoS/DDoS attacks, phishing, rootkits, man-in-themiddle attacks, SQL injection, cross-site scripting, malware

ü  Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials

-       Compare common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery

-       Describe functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorization

-       Compare site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect

-       Describe security intelligence authoring, sharing, and consumption

-       Explain the role of the endpoint in protecting humans from phishing and social engineering attacks

-       Explain North Bound and South Bound APIs in the SDN architecture

-       Explain DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting

-       Interpret basic Python scripts used to call Cisco Security appliances APIs.

NETWORK SECURIY

-       Compare network security solutions that provide intrusion prevention and firewall capabilities

-       Describe deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities

-       Describe the components, capabilities, and benefits of NetFlow and Flexible NetFlow records

-       Configure and verify network infrastructure security methods (router, switch, wireless)

ü  Layer 2 methods (Network segmentation using VLANs and VRF-lite; Layer 2 and port security; DHCP snooping; Dynamic ARP inspection; storm control; PVLANs to segregate network traffic; and defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks

ü  Device hardening of network infrastructure security devices (control plane, data plane, management plane, and routing protocol security)

-       Implement segmentation, access control policies, AVC, URL filtering, and malware protection

-       Implement management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multidevice manager, in-band vs. out-ofband, CDP, DNS, SCP, SFTP, and DHCP security and risks)

-       Configure AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)

-       Configure secure network management of perimeter security and infrastructure devices(secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)

-       Configure and verify site-to-site VPN and remote access VPN

ü  Site-to-site VPN utilizing Cisco routers and IOS

ü  Remote access VPN using Cisco AnyConnect Secure Mobility client

ü  Debug commands to view IPsec tunnel establishment and troubleshooting.

SECURING THE CLOUD

-       Identify security solutions for cloud environments

ü  Public, private, hybrid, and community clouds

ü  Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)

-       Compare the customer vs. provider security responsibility for the different cloud service models

ü  Patch management in the cloud

ü  Security assessment in the cloud

ü  Cloud-delivered security solutions such as firewall, management, proxy, security intelligence, and CASB

-       Describe the concept of DevSecOps (CI/CD pipeline, container orchestration, and security

-       Implement application and data security in cloud environments

-       Identify security capabilities, deployment models, and policy management to secure the cloud

-       Describe application and workload security concepts.

ENDPOINT PROTECTION AND DETECTION

-       Compare Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions

-       Explain antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry

-       Configure and verify outbreak control and quarantines to limit infection

-       Describe justifications for endpoint-based security

-       Describe the value of endpoint device management and asset inventory such as MDM

-       Describe the uses and importance of a multifactor authentication (MFA) strategy

-       Describe endpoint posture assessment solutions to ensure endpoint security

-       Explain the importance of an endpoint patching strategy.

SECURE NETWORK ACCESS, VISIBILITY AND ENFORCEMENT

-       Describe identity management and secure network access concepts such as guest

-       services, profiling, posture assessment and BYOD

-       Configure and verify network access device functionality such as 802.1X, MAB, WebAuth

-       Describe network access with CoA

-       Describe the benefits of device compliance and application control

-       Explain exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP)

-       Describe the benefits of network telemetry

-       Describe the components, capabilities, and benefits of these security products and solutions

ü  Cisco Stealthwatch

ü  Cisco Stealthwatch Cloud

ü  Cisco pxGrid

ü  Cisco Umbrella Investigate

ü  Cisco Cognitive Threat Analytics

ü  Cisco Encrypted Traffic Analytics

ü  Cisco AnyConnect Network Visibility Module (NVM).