SNCF: Access Control, FTD, & Prefilter Policies

SNCF: Access Control, FTD, & Prefilter Policies

• identify the ICMP type used by ping
• identify the steps to create an access policy within the FMC
• recognize the default access policy within the FMC
• recognize the type of rules that can be used to inspect traffic
• identify the first policy used to inspect traffic
• recognize the layers of the OSI model that each policy checks
• identify the reason for using prefilter policies
• identify the type of traffic that can be rezoned with a prefilter policy
• identify the types of tunneled traffic
• recognize the action of the default prefilter policy

Access control policies are critically important as almost all of your traffic will pass through this policy at some point. This policy dictates whether traffic will be passed, blocked, or logged by your Firepower device. In this course, you'll learn about the creation of access control policies. Next, you'll examine how Cisco's Firepower Threat Defense (FTD) can take many actions against traffic at many different points in the traffic flow through the device. Finally, you'll explore the powerful prefilter policy actions of Firepower FTD and why you will want to take advantage of them. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: Cisco Firewall, IPS Systems, & the FMCv in AWS

SNCF: Cisco Firewall, IPS Systems, & the FMCv in AWS

• SNCF Overview
• recognize features of the Cisco Firepower device
• identify the number of management interfaces required by FMCv
• recognize features of FMCv that affect public IP addresses of the device
• recognize the management tool to manage a single Firepower device
• identify the first step to configure a Firepower lab in AWS
• identify the steps to configure the routing table for the virtual private cloud
• recognize options to filter traffic for the virtual private cloud (VPC)
• recognize private cloud features to gain Internet access from the management subnet

Cisco Firepower devices from Cisco Systems have become very popular in enterprise environments. In this course, you'll first review the requirements of the SNCF 300-710 exam. Next, you'll look at the history of firewalls and IPS systems in the Cisco product portfolio. You'll learn about the AWS version of the FMCv, including the restrictions, limitations, and capabilities of this device. Finally, you'll examine the steps involved in constructing the Virtual Private Cloud when building a Firepower lab. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: Dashboards, Reporting, Troubleshooting, Packet Capture, & Cisco AMP

SNCF: Dashboards, Reporting, Troubleshooting, Packet Capture, & Cisco AMP

• identify the components added to a dashboard
• recognize the steps to create a dashboard
• identify the steps to work with reports within the FMC
• identify steps to verify if security intelligence is the reason for dropped packets
• identify the command to disable debugging on the Firepower device
• recognize the command to enable debugging on the Firepower device
• identify the extension of packet capture files in Firepower
• recognize the command to capture traffic on the Firepower device
• identify the steps to configure AMP on the Firepower device
• recognize the use of different AMP products
• identify features used to improve Cisco’s security intelligence
• recognize tools used to exchange security events between devices

Dashboards may seem a bit silly at first, but they really can be very powerful and save you tons of time! In this course, you'll learn all about dashboards in the Firepower system, including how to customize the default dashboards and even make your own from scratch. You'll explore powerful built-in reports that you can run with Firepower, as well as how to find these default reports, customize them, or create new ones. Next, you'll examine the process for troubleshooting packet drops and the ability to capture packets on the Firepower system. You'll learn that the Cisco Firepower system permits the integration of Cisco AMP, including support for both the Cisco AMP for Networks and Cisco AMP for Endpoints. Finally, you'll learn about the other ways in which the Cisco Firepower system can integrate with other solutions. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: Deploying NGFWv & Adding It to the FMCv

SNCF: Deploying NGFWv & Adding It to the FMCv

• identify the requirements for the FTDv device
• recognize AWS supported instances for FTDv
• recognize planning decisions when deploying the NGFW
• recognize the use of management interfaces
• identify the default interface ID within the NGFW
• identify the steps to add a device to the FMC
• recognize advanced details settings when configuring a device instance
• identify the steps to SSH into the FMCv device
• recognize the IP address to use when adding the NGFW to the FMC

In this course, you'll learn about the Cisco Firepower Next-Generation Firewall Virtual (NGFWv) appliance for AWS, including the requirements and caveats of a cloud-based implementation. You'll explore the typical steps for the deployment of an NGFWv in AWS, including integration with the FMCv for the management of your security devices. Finally, you'll learn how to add your NGFWv to the FMCv for the most robust management and configuration options. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: Failover, Multi-instance Deployments, & Clustering

SNCF: Failover, Multi-instance Deployments, & Clustering

• identify the failover type supported by the Firepower device
• recognize the purpose of the link between two Firepower devices
• identify Firepower features that control resource usage of a container instance
• identify the configuration of a multi-instance deployment
• recognize the command to download an image
• recognize the Firepower models that support clustering
• recognize the roles of the different cluster unit types

In this course, you'll learn how to configure multiple Firepower devices for redundancy purposes. Then, you'll look at multi-instance deployments of Cisco Firepower. Finally, you'll learn how clustering helps you to ramp up the horsepower and availability of your Cisco Firepower implementation. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: FMC Settings, Object Management, & Intrusion Rules

SNCF: FMC Settings, Object Management, & Intrusion Rules

• display a list of interfaces on the Cisco devices
• identify how to get command help
• view characteristics of an interface
• backup your Cisco device configuration
• restore your Cisco device configuration
• determine how to navigate to an interface in order to apply configuration settings to the interface
• identify how to navigate to global configuration mode
• navigate from user exec to priv exec mode

There are many options for management of the Cisco Firepower Management Center (FMC) using the console. In this course, you'll learn about the key features of the FMC that can make your life as a security engineer much, much easier. Objects permit you to define reusable object components that you can leverage for the fast configuration of policies, searches, reports, and dashboards. You'll learn how you can manage the objects that help define your network and your security operations. Finally, you'll examine the Intrusion Rules section of the Objects area and how it allows you to modify the IPS rules for the Firepower device. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: FMCv Deployment & Initial Setup

SNCF: FMCv Deployment & Initial Setup

• Configure advanced settings in the FMC deployment on AWS
• correctly assign network properties to an FMC deployment
• identify the initial steps in FMC deployment on AWS
• recognize the process and location of the FMCv image on AWS
• identify different management tools available on an installed FMCv on AWS
• identify initial FMCv security configurations needed after installation
• recognize the available licensing and registration processes for the FMCv on AWS
• recognize the differences between tools used to cease the FMCv instance on AWS

Are you ready to see the deployment of Cisco Firepower Management Center (FMC)? In this course, you'll learn the basics of an FMC deployment with an example that uses the Cisco Firepower Management Center Virtual (FMCv) image in AWS. Then, you'll move on to examine the initial configurations you should make to your FMCv after you have successfully installed the FMC. You'll also explore the FMCv interface. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: NAT, QoS, VPN, & Device Management

SNCF: NAT, QoS, VPN, & Device Management

• identify how to delete a NAT policy
• recognize how to configure NAT using the FMC
• identify the location of QoS policies within the FMC
• recognize the tools used for remote access VPN
• identify the command to manage users within the FMC
• recognize the purpose of the different roles within the FMC

Cisco Firepower devices support different NAT variations and VPN configurations. In this course, you'll learn about the many variations of NAT supported by Firepower, including the classic options of static and dynamic. You'll learn that Firepower devices also support the different configuration approaches to NAT on the Cisco security devices, including auto NAT and manual NAT. Next, you'll explore the QoS support Firepower provides, as well as support limitations. You'll learn about the types of VPNs that are supported on Firepower systems. Finally, you'll examine why you might want to break your Firepower deployment into domains in large enterprise environments. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: Network Discovery, Identity and DNS Policies, & Correlation

SNCF: Network Discovery, Identity and DNS Policies, & Correlation

• identify the steps to take to create a custom application to be detected by the Firepower device
• recognize the default network discovery rule within the FMC
• identify the benefit of identity policies
• identify the default port used to connect to Active Directory store
• recognize the command to connect Firepower to Active Directory
• identify the different types of policies on the Firepower device
• recognize actions used in a DNS policy rule
• identify how to assign a response group to a policy rule
• identify object types to assign a remediation action to a rule
• identify the types of correlation policy settings
• recognize the different remediation module

The network discovery policy on the Firepower Management Center controls how the system collects data on your organization's network assets and which network segments and ports are monitored. In this course, you'll learn about this policy and how to configure it. Next, you'll examine the authentication options that are possible thanks to identity policies. You'll learn about DNS-based security intelligence and how it allows you to allow or block traffic based on the domain name requested by a client using an Allow or Block list. Cisco provides domain name intelligence, so you'll learn how to customize this and even add your own domains. Finally, you'll explore why you might want to have your FTD engage in event correlation to enact some remediation for a very tricky and specific situation. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: NGFW Modes, Interface Types, & Link Redundancy

SNCF: NGFW Modes, Interface Types, & Link Redundancy

• identify features of the NGFW routed mode
• identify the NGFW mode when deployed within AWS
• recognize the default access control policy on the NGFW
• identify the command to switch the NGFW to transparent mode
• recognize the different modes of a NGFW product
• identify the interface type used to move traffic between routed interfaces
• identify the NGFW interface type used to register the device within FMC
• recognize the interface type used for monitoring
• identify the number of EtherChannels that can exists on the Firepower device
• identify the redundancy type supported by link redundancy

There are multiple ways in which you can deploy a Next-Generation Firewall (NGFW) from Cisco Systems. In this course, you'll learn about the standard routed mode as well as alternative transparent mode. You'll also learn about the flexibility of Firepower devices, which is due in part to the many different types of interfaces supported. Finally, you'll explore the options that exist on Cisco Firepower devices for link redundancy. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SNCF: Security Intelligence & Policies

SNCF: Security Intelligence & Policies

• identify the components a packet passes through on a Firepower device
• identify the components used to apply whitelisting and blacklisting
• identify file types that should be malware scanned at the firewall
• identify the policy type to block files at the firewall
• recognize the different actions in a Malware & File policy
• identify the different policy elements for an intrusion policy
• identify the target for the default route for the inside route table
• recognize the menu options while creating an intrusion policy
• recognize the target for the default route of the inside route table
• identify the location to configure an action for unsupported cipher suites
• recognize options you can perform on un-decryptable traffic

You'll definitely want to take advantage of all the great security intelligence that Cisco Talos can provide dynamically. In this course, you'll learn about the integration of security intelligence with Firepower polices and the number of security checks and safeguards that the Cisco Firepower devices bring to your network. You'll also learn about the powerful malware and file policies you can create and associate with your access control policy. Next, you'll look at the FTD's intrusion prevention capabilities with a close examination of the intrusion polices. Finally, you'll learn about the SSL inspection feature, which allows you to either block encrypted traffic without inspecting it or inspect encrypted or decrypted traffic with access control. This course can be used in preparation for the 300-710: Securing Networks with Cisco Firepower (SNCF) certification exam.

SCOR: Cisco Firepower, Traffic Management, Identity, & Authentication

SCOR: Cisco Firepower, Traffic Management, Identity, & Authentication

• identify the management tool to manage Firepower threat devices
• identify the steps to add a Firepower device to the FMC
• recognize the features of a Firepower device
• recognize the requirements for NGFWv in AWS
• identify the command to define the web security appliance to be used with WCCP
• recognize commands used to troubleshoot WCCP
• recognize the two Cisco features for traffic redirection and capture
• identify different methods of implementing Identity services on the WSA
• identify the authentication protocols used by the WSA when using Active Directory as an authentication source
• recognize the different types of policies on a WSA

In this course, you'll learn about the ASAv, FMCv, and FTDv in AWS, as well as how you would register an FTD in the FMC. Next, you'll move on to explore the need to deploy web security solutions transparently and how to implement this using the Web Cache Communication Protocol. You'll also learn how to view the implementation with a Cisco ASA. Finally, you'll learn about Cisco's Web Security Appliance, how it handles web requests in the network, and the importance of identity and authentication on the Cisco WSA. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Cisco Umbrella & Endpoint Security

SCOR: Cisco Umbrella & Endpoint Security

• identify features of Cisco Umbrella when working with risky domains
• recognize features of the Cisco Umbrella
• identify the steps to configure Cisco Umbrella
• recognize features of DNS Security Essentials
• identify the Cisco product that provides endpoint protection
• recognize features of Endpoint Protection Platform (EPP)
• identify Cisco’s VPN software for remote access
• identify options within the Outbreak Control menu
• recognize different engines used by Cisco AMP for detection
• recognize the feature to block applications within Cisco AMP

When it comes to an IP and DNS-centric approach to network security, there is nothing quite like Cisco Umbrella. In this course, you'll learn about the Cisco Umbrella solution, including how to ensure it is properly configured and verified. Next, you'll examine EPP and EDR and their roles in securing network endpoints. You'll learn about the importance and uses of Cisco AMP and about a variety of other products that can be used to assist with keeping your endpoints secure. Finally, you'll explore the Outbreak Control functionality of Cisco AMP for Endpoints is the Outbreak Control. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Cloud Deployment, Service Models, Responsibilities, & Security

SCOR: Cloud Deployment, Service Models, Responsibilities, & Security

• identify the cloud service models
• identify the NIST document that describes cloud computing
• recognize the cloud deployment models
• recognize the features of cloud computing
• identify who is responsible for patching a virtual machine
• recognize who shares responsibility for cloud security
• identify auditing features in the cloud
• recognize monitoring features in the cloud
• recognize techniques for securing data at rest
• recognize the need for coding security into the application

In this course, you'll learn about the cloud in general, including the NIST definition of cloud (NIST 800-145) and cloud deployment and service models. You'll discover that you don't have to sacrifice security when you move to the cloud and explore the types of security responsibilities that exist with the cloud and the parties that are responsible for them. Finally, you'll learn about various cloud security processes and solutions that you should be familiar with if the cloud is an important aspect of your IT infrastructure, including cloud logging, auditing, and the security of workloads. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Configuring and Verifying VPN & IPsec

SCOR: Configuring and Verifying VPN & IPsec

• identify the type of interface configured with DMVPN
• recognize the commands to configure a DMVPN
• recognize the command to verify the DMVPN functionality
• configure a VPN policy on the Cisco ASA
• configure the Cisco ASA for remote access VPN
• identify the appropriate Cisco VPN solution
• recognize the command to activate the VPN tunnel
• identify the command to configure the hashing algorithm within a crypto policy
• identify the show command to view the status of the crypto session
• recognize the command to configure the encryption algorithm
• recognize the command to view security associations

There are many different styles of site-to-site VPNs possible because there are Cisco-centric types, as well as open standard designs. In this course, you'll examine a typical configuration of a site-to-site VPN, such as the DMVPN configuration and verification. Then you'll explore the many types of remote access VPN Cisco supports, including having a Cisco ASA provide VPN access to remote clients. Finally, you'll learn how to determine if your traffic is being protected in your IPsec site-to-site VPN built between Cisco devices. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Device Compliance, Exfiltration, Telemetry, & Security Products

SCOR: Device Compliance, Exfiltration, Telemetry, & Security Products

• identify the component that is used for time when a compliance check occurs
• recognize device compliance options
• recognize the Cisco agent software to use to implement device compliance
• identify security controls to combat data exfiltration
• recognize the action of unauthorized transferring of enterprise data
• identify the components of Cisco Model Drive Telemetry
• recognize the Cisco operating system that provides the Cisco Model Driven Telemetry feature
• recognize the tool to provide security analytics
• recognize tools used to improve cloud-based security

In this course, you'll learn how device compliance and application control can be achieved using Cisco products. You'll explore why data exfiltration is one of the central concerns for security professionals. Next, you'll learn about network telemetry and model-driven telemetry and their increasing popularity in the industry. You'll also examine an example of how you might use telemetry in the Cisco network. Finally, you'll learn about the impressive number of security technologies in the Cisco solution portfolio, broken down by category and individual products in each category. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: DHCP Snooping, DAI, IP Source Guard, Private VLANs, & Storm Control

SCOR: DHCP Snooping, DAI, IP Source Guard, Private VLANs, & Storm Control

• identify DHCP snooping configuration commands
• identify the type of port associated with DHCP servers
• recognize the purpose of DHCP snooping
• identify layer 2 security features on a switch
• recognize how to enable DIA on a switch
• configure an isolated private VLAN
• identify the different port types with private VLANs
• recognize the different types of private VLANs
• recognize the use of private VLANs
• identify common switch features
• recognize how to configure storm control

When you think about attacking a network with a rogue DHCP device, you realize it is such a relatively easy attack to carry out. In this course, you'll learn about the DHCP snooping feature and how it is configured. Next, you'll examine how multiple different security features can leverage the DHCP snooping database that results from a proper implementation of DHCP snooping, including a demonstration of both the DAI and IP Source Guard features. You'll learn about the often intimidating security feature private VLANs, including the details of these structures and the reason why they exist. Finally, you'll explore traffic storms, including when they occur, how they create excessive traffic and can degrade network performance, and how to use the traffic storm control feature. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Guest Services, BYOD, 802.1X, & CoA

SCOR: Guest Services, BYOD, 802.1X, & CoA

• identify the tools used to provide guest services and BYOD
• recognize configuration steps within the Cisco ISE
• recognize the Cisco ISE feature that shares metrics and statics with other Cisco devices
• identify the role of the Cisco switch in an 802.1X topology
• identify the standard for port-based network access control
• recognize the role a network client takes in an 802.1X topology
• recognize authorization features of Cisco ISE

In lower security environments, there is often a desire to permit guest access to the network. These guests might get limited Internet access or even access to some of the non-sensitive network resources and data. In this course, you'll learn about the Identity Service Engine, which is the component in the Cisco security portfolio that can make this access seamless to configure and implement. You'll also learn about guest access and BYOD for the network. Next, you'll move on to examine the use of 802.1X in high security enterprises to ensure that each network user is authenticated and then authorized for their network and resource access. You'll also look at related technologies like MAB and WebAuth. Finally, you'll explore the RADIUS Change of Authorization feature, which can be critical for certain network security functions. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: MDM, MFA, & Endpoint Solutions

SCOR: MDM, MFA, & Endpoint Solutions

• identify the MDM product available within Microsoft Azure
• recognize the technology used to manage mobile devices on the network
• identify the authentication factor type when using a smart card for authentication
• recognize the authentication factor that involves inputting a password
• recognize the different authentication factors
• identify the Cisco posture assessment tool
• recognize the stages of the posture configuration workflow
• identify the Cisco tool used to identify that patches are missing from endpoint devices
• identify the cloud service model that administrators do not need to patch
• recognize tools used to deploy patches on a network

Mobile Device Management is widespread and getting more so all the time. MDM permits the management and control of all mobile devices that make their way to the typical enterprise today and in this course you'll learn about MDM as a cloud-based solution. Next, you'll look at the three main factors you can use to implement MFA and why you might choose some factors over the others. You'll examine the use of posture assessment as part of the overall security design and the key elements of this approach. Finally, you'll learn about the challenges of keeping systems patched, as well as various endpoint patching issues and approaches. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Network Access & Secure Network Management

SCOR: Network Access & Secure Network Management

• identify the command to apply the changes made in FMC
• identify the correct management tool to manage Firepower devices
• identify features of the AAA protocols
• recognize the AAA topology and the role of devices
• recognize the command to enable AAA services
• identify security best practices as it relates to management of Cisco devices
• identify the different SNMP security levels
• recognize the command to create an SNMP view

In this course, you'll learn about options for the management of Cisco Firepower devices, including FMC, FDM, and ASDM. You'll explore how AAA can protect access through the device and to the device. Next, you'll learn about the RADIUS and TACACS+ security protocols, as well as commands you should use to ensure authentication to a Cisco device. Finally, you'll learn about critical best practices in secure network management for your enterprise and the syntax used with SNMP version 3. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: PKI & IKE

SCOR: PKI & IKE

• configure a CA in Linux
• identify the key types used in PKI
• identify the Linux command to create a self-signed certificate
• identify the Linux command to manage a PKI environment
• create a certificate request
• generate a certificate from the certificate request
• identify the second step to obtaining an SSL certificate
• identify the features of IKE versions
• identify the phases of IKE version 1

A major aspect of Internet-based security these days hinges upon the Public Key Infrastructure. In this course, you'll learn the basics of this critical set of technologies. PKI is the magic behind the use of seamless SSL/TLS authentication and encryption on the public Internet and this clever implementation of asymmetric encryption algorithms can also be used in your private enterprise. You'll continue your exploration of PKI by learning how to fulfill a certificate request. Finally, you'll learn about the Internet Key Exchange, including the differences between IKE v1 and v2. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Port Security, VLAN Hopping, Network Hardening, & Access Control

SCOR: Port Security, VLAN Hopping, Network Hardening, & Access Control

• identify the command to configure port security MAC addresses
• identify the command to help prevent VLAN hopping attacks
• identify the port mode to be used with port security
• recognize the security features of the switch to prevent unauthorized access to the network
• identify the different operation planes on a Cisco device
• recognize the security controls that are used to secure the operation planes
• identify major best practices with authorization
• recognize the security model that uses data labels
• recognize the security model that uses groups of users

Port security is not one of the most important features when it comes to securing your network and it does have its challenges, but this feature is definitely a nice layer of defense in your overall defense-in-depth strategy. In this course, you'll learn about port security, as well as the VLAN hopping attack and how it can be prevented. You'll explore several security techniques you can use to help harden the network against security attacks and how it can benefit you to break the network and network device functionality down into the three planes of operation - management, data, and control planes. You'll also examine examples of security technologies you can use at each plane of operation to harden the overall network. Finally, you'll learn about different approaches to providing secure access to data in network systems, including MAC, DAC, and RBAC. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: SDN APIs & Security Appliance API Calls

SCOR: SDN APIs & Security Appliance API Calls

• identify the communication mechanism used between the management applications and the controller
• identify the purpose of Cisco DNA
• recognize the communication mechanism used between the controller and network devices
• identify the appropriate Python command
• identify the URL to access the API explorer
• recognize authentication methods used with API calls
• recognize the response content type of an API call

In this course, you'll learn about SDN and the northbound and southbound APIs used with it. You'll also learn about the RESTful APIs that you can make use of for the programmability of your Cisco security devices. You'll also discover how these API calls can be used in an actual network environment and how to quickly get started with programmatic code referencing these important APIs. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Security Basics & Common Threats

SCOR: Security Basics & Common Threats

• Identify the objective domains for the CCNP Security SCOR exam
• Discover weaknesses in a system or device
• Identify common security terms
• describe the different types of malware
• determine the malware type given a scenario
• identify common malware types
• identify the types of denial of service attacks
• describe the security feature you can use to protect cloud accounts
• determine the types of threats in the cloud
• identify methods of securing APIs

In this course, you'll first review basic SCOR concepts and why they are important. Next, you'll move on to explore common language when it comes to securing your lT architecture and how to correctly use this language when discussing your security environment. You'll examine common attack methods in order to properly secure your on-prem IT environment. With the popularity of the cloud, computer criminals have begun targeting these areas with more and more frequency. To wrap up this course, you'll learn about some of the most common attacks against the cloud. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Security Models & Frameworks

SCOR: Security Models & Frameworks

• identify the type of device need to control inbound and outbound communication
• recognize the device type that monitors for suspicious traffic
• identify the appropriate security level for an interface
• identify the ASA feature to use when working with multiple tenants
• recognize the appropriate ASA deployment model
• identify the components of NetFlow
• recognize the appropriate Netflow version to use
• identify common attributes for Endpoint Groups (EPGs)
• recognize the different types of network segments

There is often confusion about why there are intrusion prevention devices when we already have firewalls. Aren't these devices doing the same thing? In this course, you'll learn the differences between these network security functions and tools. You'll also look at some specialized devices in more detail, including the Web Security Appliance and the Email Security Appliance. You'll move on to explore how you can deploy the ASA and Firepower in different ways like routed or transparent mode. Next, you'll learn about NetFlow and Flexible NetFlow, valuable tools for monitoring the flows of data through your network. You'll also see how you can safely leverage the power of Flexible NetFlow to help control your network. Finally, you'll learn about techniques for adding segmentation to your network, including EPGs in Cisco ACI and SGTs. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Security Vulnerabilities, Attack Mitigations, & Cryptographic Solutions

SCOR: Security Vulnerabilities, Attack Mitigations, & Cryptographic Solutions

• identify authentication-based vulnerabilities
• prevent SQL injection attacks
• protect against brute force attacks
• determine proper mitigation techniques for injection attacks
• identify Cisco products to help guard DNS
• identify mitigation techniques for web-based attacks
• determine the methods used to create a cipher
• identify the role of encryption
• identify the type of cipher being used
• determine the type of encryption that uses the same key
• identify symmetric encryption algorithms
• identify the cryptography service to provide data integrity
• identify the type of encryption used

There are many common vulnerabilities in software and systems and you must understand them to effectively secure your network systems. In this course, you'll learn about some of these vulnerabilities, as well as common attack mitigation techniques for network application style attacks. Before reviewing cybersecurity technologies in greater detail, you'll first look at the basics of cryptography and the critical role it plays in computer and network security. Finally, you'll explore some current cryptographic solutions and what they are used for. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: VPNs, Security Intelligence, & Social Engineering Attacks

SCOR: VPNs, Security Intelligence, & Social Engineering Attacks

• identify characteristics of Cisco remote access VPN solutions
• identify characteristics of Cisco site-to-site VPN options
• identify limitations of various Cisco VPN configurations
• recognize the specific features associated with different VPN technologies
• identify the basic elements used to create modern automated security intelligence
• Recognize the advantages of using advanced security devices to keep up with security intelligence needs
• identify the benefits and limits of using Cisco software to defend against phishing attacks
• recognize how to protect against a phishing attack
• recognize the benefits of using Cisco software to defend against social engineering attacks
• identify different technologies that integrate with different types of phishing attacks
• identify social engineering attacks that initially do not need to interface with computers
• recognize the most common phishing attack variants

There is no denying it, VPN is a hugely popular part of the modern Internet. In this course, you'll learn about different types of VPN, its uses, and various technologies you can use. Next, you'll explore security devices and their ability to help you author, share, and consume security intelligence data. You'll examine social engineering attacks that are very prevalent today, including how to protect against them and the software you can use for defense. Finally, you'll learn about some of the most common attacks today, including many different variations of phishing attacks. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.

SCOR: Working with ESA, CES, & WSA

SCOR: Working with ESA, CES, & WSA

• identify characteristics of the Web Security Appliance
• identify differences between the Email Security Appliance, Cisco Cloud Email Security, and the Web Security Appliance
• identify functionality of the email security appliance
• identify the order of operations in ESA managed mail processing
• identify the order of operations in WSA managed web requests
• recognize the elements of the WSA topology
• Identify methods to speed the implementation of WSA to clients
• identify the different interfaces available for use on a Cisco WSA
• recognize different needs between explicit and transparent mode WSA configuration
• recognize the configuration options on the Cisco WSA
• identify configuration steps necessary to the function of a Cisco ESA
• recognize features of the ESA that enhance email security
• recognize the steps involved in the configuration of the Cisco ESA

Cisco has demonstrated its commitment to securing the enterprise with many different solutions that focus on specific needs, such as the Email Security Appliance, Cisco Cloud Email Security, and the Web Security Appliance. In this course, you'll learn the key facts about all three of these solutions. You'll explore how the WSA and ESA are impressive appliances when it comes to securing your web and e-mail infrastructures and about the components that make up these solutions. Even if you're not currently planning on implementing a WSA in your enterprise, it can be beneficial to see what a typical configuration is like. So next you'll look at the options available with the WSA. Finally, you'll learn about the steps involved in a typical ESA configuration and verification and how the ESA can function for you in the enterprise. This course can be used in preparation for the 350-701: Implementing and Operating Cisco Security Core Technologies (SCOR) certification exam.