Introduction:

The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco CCNP Security and CCIE Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch Enterprise and Cisco Stealthwatch Cloud threat detection features.

Objectives:

  • Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS®) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point- to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW)
  • Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication
  • Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features
  • Examine various defenses on Cisco devices that protect the control and management plane
  • Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls
  • Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
  • Describe basics of cloud computing and common cloud attacks and how to secure cloud environment

Course Outline:

Describing Information Security Concepts

  • Information Security Overview
  • Assets, Vulnerabilities, and Countermeasures
  • Managing Risk

Describing Common TCP/IP Attacks

  • Legacy TCP/IP Vulnerabilities
  • IP Vulnerabilities
  • Internet Control Message Protocol (ICMP) Vulnerabilities

Describing Common Network Application Attacks

  • Password Attacks
  • Domain Name System (DNS)-Based Attacks
  • DNS Tunneling

Describing Common Endpoint Attacks

  • Buffer Overflow
  • Malware
  • Reconnaissance Attack

Describing Network Security Technologies

  • Defense-in-Depth Strategy
  • Defending Across the Attack Continuum
  • Network Segmentation and Virtualization Overview