• Professional Development
  • Medicine & Nursing
  • Arts & Crafts
  • Health & Wellbeing
  • Personal Development

319 CompTIA Security+ courses delivered Online

Cisco Securing the Web with Cisco Web Security Applicance v3.0 (SWSA)

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface

Cisco Securing the Web with Cisco Web Security Applicance v3.0 (SWSA)
Delivered OnlineFlexible Dates
Price on Enquiry

Cisco Digital Learning Security

By Nexus Human

Duration 69 Days 414 CPD hours Cisco Learning Library: Security offers a subscription to all Cisco online cybersecurity and cyber operations training, including extensive sk This comprehensive technical training library offers full-length, interactive certification courses, product and technology training with labs, and thousands of reference materials. Security Library Certification Courses CCNP Security Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) v4.0 Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 Securing Email with Cisco Email Security Appliance (SESA) v3.0 Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 Implementing Secure Solutions with Virtual Private Networks (SVPN) v1.0 Implementing Automation for Cisco Security Solutions (SAUI) v1.0 CCIE Security Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 Product and Technology Training Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 Implementing Automation for Cisco Security Solutions (SAUI) v1.0 Understanding Cisco Cybersecurity Fundamentals (SECFND) v1.0 Implementing Cisco Cybersecurity Operations (SECOPS) v1.0 Implementing Secure Solutions with Virtual Private Networks (SVPN) v1.0 Implementing an Integrated Threat Defense Solution (SECUR201) v1.0 Integrated Threat Defense Investigation and Mitigation (SECUR202) v1.0 Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.0 Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0 Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 Securing Email with Cisco Email Security Appliance (SESA) v3.0 Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) v4.0 Introduction to 802.1X Operations for Cisco Security Professionals (802.1X) v2.0 Securing Industrial IoT Networks with Cisco Technologies (ISECIN) v1.0 Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 Protecting Against Malware Threats with Cisco AMP for Endpoints (SSFAMP) v5.0 Introducing Cisco Cloud Consumer Security (SECICC) v1.0 Securing Cloud Deployments with Cisco Technologies (SECCLD) v1.0 Configuring Cisco ISE Essentials for SD-Access (ISESDA) v1.0 Securing Branch Internet and Cloud Access with Cisco SD-WAN (A-SDW-BRSEC)

Cisco Digital Learning Security
Delivered OnlineFlexible Dates
Price on Enquiry

Red Hat System Administration II (RH134)

By Nexus Human

Duration 5 Days 30 CPD hours This course is intended for This course is geared toward Windows system administrators, network administrators, and other system administrators who are interested in supplementing current skills or backstopping other team members, in addition to Linux system administrators who are responsible for these tasks: Configuring, installing, upgrading, and maintaining Linux systems using established standards and procedures Providing operational support Managing systems for monitoring system performance and availability Writing and deploying scripts for task automation and system administration Successful completion of Red Hat System Administration I (RH124) is recommended. Experienced Linux administrators seeking to accelerate their path toward becoming a Red Hat Certified System Administrator should start with the RHCSA Rapid Track course (RH199). Overview You should be able to demonstrate these skills: - Install Red Hat Enterprise Linux using Kickstart - Manage file systems and logical volumes - Manage scheduled jobs - Access network file systems - Manage SELinux - Control firewalls - Perform troubleshooting tasks Red Hat System Administration II (RH134) is designed as the second part of the Red Hat© Certified System Administrator (RHCSA©) training track for IT professionals who have taken Red Hat System Administration I (RH124). The course goes deeper into core Linux© system administration skills, including storage configuration, security feature management, task control, and installation and deployment of Red Hat© Enterprise Linux. Prerequisites Successful completion of Red Hat System Administration I (RH124) is recommended. 1 - Automate installation with Kickstart Automate the installation of Red Hat Enterprise Linux systems with Kickstart. 2 - Use regular expressions with grep Write regular expressions that, when partnered with grep, will allow you to quickly isolate or locate content within text files. 3 - Create and Edit text files with vim Introduce the vim text editor, with which you can open, edit, and save text files. 4 - Schedule future Linux tasks Schedule tasks to automatically execute in the future. 5 - Manage priority of Linux processes Influence the relative priorities at which Linux processes run. 6 - Control access to files with access control lists (ACL) Manage file security using POSIX access control lists. 7 - Manage SELinux security Manage the Security Enhanced Linux (SELinux) behavior of a system to keep it secure in case of a network service compromise. 8 - Connect to network-defined users and groups Configure systems to use central identity management services. 9 - Add disks, partitions, and file systems to a Linux system Manage simple partitions and file systems. 10 - Manage logical volume management (LVM) storage Manage logical volumes from the command line. 11 - Access networked attached storage with network file system (NFS) Access (secure) NFS shares. 12 - Access networked storage with SMB Use autofs and the command line to mount and unmount SMB file systems. 13 - Control and troubleshoot the Red Hat Enterprise Linux boot process 14 - Limit network communication with firewall Configure a basic firewall. 15 - Comprehensive review Practice and demonstrate knowledge and skills learned in this course.

Red Hat System Administration II (RH134)
Delivered OnlineFlexible Dates
Price on Enquiry

VMware Carbon Black Cloud:Advanced Operations and Troubleshooting

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for Experienced security administrators and security analysts who are already familiar with VMware Carbon Black Cloud Overview By the end of the course, you should be able to meet the following objectives: Describe and determine use cases for integrating with VMware Carbon Black Cloud Configure, automate, and troubleshoot the VMware Carbon Black Cloud Syslog Integration Use VMware Carbon Black Cloud APIs to pull data with Postman Install and use the VMware Carbon Black Cloud Python SDK Automate operations using the VMware Carbon Black Cloud SDK and APIs Identify and troubleshoot VMware Carbon Black Cloud sensor installations Gather troubleshooting data within the browser to remediate or escalate problems Identify and resolve sensor usage, networking, and performance problems with the VMware Carbon Black Cloud sensor This two-day, hands-on training course provides you with the advanced knowledge, skills, and tools to achieve competency in performing advanced operations and troubleshooting of VMware Carbon Black Cloud. This course will go into integrating VMware Carbon Black Cloud with other third-party components and utilizing the API and the SDK to automate operations within the product and your security stack. This course will also enable you to troubleshoot common problems during sensor installation, operations, and within the VMware Carbon Black Cloud console with hands-on lab problems. Course Introduction Introductions and course logistics Course objectives VMware Carbon Black Cloud Integrations Describe the integration capabilities with VMware Carbon Black Cloud Determine integration use cases for VMware Carbon Black Cloud Identify required components for integrating VMware Carbon Black Cloud Differentiate VMware Carbon Black Cloud integration vendors VMware Carbon Black Cloud Syslog Integration Describe the function of the Syslog Connector Generate API and SIEM keys from the Cloud console Validate a successful Syslog integration Describe how to automate the Syslog Connector Troubleshoot problems with the Syslog integration Using Postman Explain the concept and purpose of an API Interpret common REST API Status codes Recognize the difference between platform and product APIs Using the Postman Client to initiate API calls Create a custom access level and respective API key Create a valid API request Using the VMware Carbon Black Cloud Python SDK Install the VMware Carbon Black Cloud Python SDK Describe the different authentication methods Evaluate the best authentication method for a given task Automating Operations Automate basic Incident Response tasks using the VMware Carbon Black Cloud SDK and API Automate basic watchlist interactions using the VMware carbon Black Cloud SDK and API Sensor Installation Troubleshooting Describe sensor install log collection process Identify sensor install log parameters Create a detailed sensor install log Locate sensor install logs on an endpoint Interpret sensor install success from an install log Determine likely cause for install failure using sensor logs Propose resolution steps for a given sensor install failure VMware Carbon Black Cloud Console Troubleshooting Identify sensor bypass status reasons Simplify console data exports using search Describe differences in Audit Log detail levels Locate built-in browser tools Gather console diagnostics logs from a browser Review console diagnostics logs Sensor Operations Troubleshooting Identify available types of diagnostic logs Gather appropriate diagnostic logs for a given issue Identify steps for resolving software interoperability problems Identify steps for resolving resource problems Identify steps for resolving network problems Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Carbon Black Cloud:Advanced Operations and Troubleshooting training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Carbon Black Cloud:Advanced Operations and Troubleshooting course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

VMware Carbon Black Cloud:Advanced Operations and Troubleshooting
Delivered OnlineFlexible Dates
Price on Enquiry

Cisco Integrated Threat Defense Investigation and Mitigation v1.0 (SECUR202)

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for Network analysts Network investigators Cisco integrators and partners Overview After taking this course, you should be able to: Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage Detail how to locate and mitigate email malware attacks Describe email phishing attacks and the steps taken to locate and mitigate them on the network Identify and mitigate data exfiltration threats on the network Identify malware threats on the network and mitigate those threats after investigation The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202) v1.0 course shows you how to identify, isolate, and mitigate network threats using the Cisco© Integrated Threat Defense solution platform. Through expert instruction and lab-based scenarios, you will be introduced to network threat investigation, and learn how to identify relationships between Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses (SECUR201) covering the Cisco Integrated Threat Defense (ITD) solution. Network Threat Investigation Introduction Network Attack Introduction Hunting Network Threats in the Enterprise Investigation and Mitigation of Email Malware Threats Examining Email Malware Threats Investigating and Verifying Email Malware Threat Mitigation Investigation and Mitigation of Email Phishing Threats Examining Email Phishing Attacks Configuring Cisco Email Security Appliance (ESA) for URL and Content Filtering Investigating and Verifying Email Phishing Threat Mitigation Investigation and Mitigation of Data Exfiltration Threats Exploiting Vulnerable Network Servers Investigating Data Exfiltration Threats Mitigating and Verifying Data Exfiltration Threats nvestigation and Mitigation of Malware Threats Examining Endpoint Malware Protection Investigating and Mitigating Endpoint Malware Threats

Cisco Integrated Threat Defense Investigation and Mitigation v1.0 (SECUR202)
Delivered OnlineFlexible Dates
Price on Enquiry

FortiGate Security

By Nexus Human

Duration 3 Days 18 CPD hours This course is intended for Networking and security professionals involved in the management, configuration, administration, and monitoring of FortiGate devices used to secure their organizations' networks. Overview Deploy the appropriate operation mode for your network. Use the GUI and CLI for administration. Identify the characteristics of the Fortinet security fabric. Control network access to configured networks using firewall policies. Apply port forwarding, source NAT, and destination NAT. Authenticate users using firewall policies. Understand encryption functions and certificates. Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies. Configure security profiles to neutralize threats and misuse, including viruses, torrents, and inappropriate websites. Apply application control techniques to monitor and control network applications that might use standard or non-standard protocols and ports. Fight hacking and denial of service (DoS). Defend against data leaks by identifying files with sensitive data, and block them from leaving your private network. Offer an SSL VPN for secure access to your private network. Implement a dial-up IPsec VPN tunnel between FortiGate and FortiClient. Collect and interpret log entries. In this three-day course, you will learn how to use basic FortiGate features, including security profiles. Course Outline Module 1. Introduction to FortiGate and the Security Fabric Module 2. Firewall Policies Module 3. Network Address Translation (NAT) Module 4. Firewall Authentication Module 5. Logging and Monitoring Module 6. Certificate Operations Module 7. Web Filtering Module 8. Application Control Module 9. Antivirus Module 10. Intrusion Prevention and Denial of Service Module 11. SSL VPN Module 12. Dial-Up IPsec VPN Module 13. Data Leak Prevention (DLP)

FortiGate Security
Delivered OnlineFlexible Dates
Price on Enquiry

SonicWALL Network Security Administrator For Sonic OS 7 - SNSA v7 - NA

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for Security professionals, System engineers, channel partners, service partners, and end users with at least one year of experience in implementing IT security technologies (Network, Applications, and Systems). Overview This course will enable students to configure, monitor, manage, and optimize the SonicWall Network Security firewall appliances running the new SonicOS 7 to effectively defend against limitless network and cyberthreats and implement SonicWall Boundless Cybersecurity safeguards for seamless protection. Upon completion of the course, students will be able to configure the SonicWall firewall for Secure and Remote Connectivity, Network Optimization, and Advanced Threat Protection. The SonicWall Network Security Administrator (SNSA) for SonicOS 7.0curriculum provides students the required background, knowledge, and hands-on experience to begin designing, implementing, and troubleshooting SonicWall Network Security products. SonicOS 7 is SonicWall?s brand new and most advanced security operating system and is at the core of its latest physical and virtual firewalls, including models from the TZ, NSv, NSa and NSsp Series. SonicOS 7.0 features advanced security, simplified policy management, and critical networking and management capabilities for distributed enterprises and small- to medium-sized businesses with SD-branch support. Course Outline Setting up Basic Firewall Components Unified Threat Management Secure Access Deep Packet Inspection for SSL (DPI-SSL) Content Filtering Services Application Control Scalability and Reliability SD-WAN High Availability Troubleshooting Tools

SonicWALL Network Security Administrator For Sonic OS 7 - SNSA v7 - NA
Delivered OnlineFlexible Dates
Price on Enquiry

Symantec Endpoint Protection 14.X - Configure And Protect

By Nexus Human

Duration 3 Days 18 CPD hours This course is intended for This course is for Network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Overview At the completion of the course, you will be able to: Protect against Network Attacks and Enforcing Corporate Policies using the Firewall Policy. Blocking Threats with Intrusion Prevention. Introducing File-Based Threats. Preventing Attacks with SEP. Layered Security. Securing Windows Clients. Secure Mac Clients. Secure Linux Clients. Controlling Application and File Access. Restricting Device Access for Windows and Mac Clients. Hardening Clients with System Lockdown. Customizing Policies based on Location. Managing Security Exceptions. This course is designed for the network, IT security, and systems administration professionals in a Security Operations position who are tasked with configuring optimum security settings for endpoints protected by Symantec Endpoint Protection 14. Introduction Course environment Lab environment Introducing Network Threats Describing how Symantec Endpoint Protection protects each layer of the network stack Discovering the tools and methods used by attackers Describing the stages of an attack Protecting against Network Attacks and Enforcing Corporate Policies using the Firewall Policy Preventing network attacks Examining Firewall Policy elements Evaluating built-in rules Creating custom firewall rules Enforcing corporate security policy with firewall rules Blocking network attacks using protection and stealth settings Configuring advanced firewall feature Blocking Threats with Intrusion Prevention Introducing Intrusion Prevention technologies Configuring the Intrusion Prevention policy Managing custom signatures Monitoring Intrusion Prevention events Introducing File-Based Threats Describing threat types Discovering how attackers disguise their malicious applications Describing threat vectors Describing Advanced Persistent Threats and a typical attack scenario Following security best practices to reduce risks Preventing Attacks with SEP Layered Security Virus and Spyware protection needs and solutions Describing how Symantec Endpoint Protection protects each layer of the network stack Examining file reputation scoring Describing how SEP protects against zero-day threats and threats downloaded through files and email Describing how endpoints are protected with the Intelligent Threat Cloud Service Describing how the emulator executes a file in a sandbox and the machine learning engine?s role and function Securing Windows Clients Platform and Virus and Spyware Protection policy overview Tailoring scans to meet an environment?s needs Ensuring real-time protection for clients Detecting and remediating risks in downloaded files Identifying zero-day and unknown threats Preventing email from downloading malware Configuring advanced options Monitoring virus and spyware activity Securing Mac Clients Touring the SEP for Mac client Securing Mac clients Monitoring Mac clients Securing Linux Clients Navigating the Linux client Tailoring Virus and Spyware settings for Linux clients Monitoring Linux clients Providing Granular Control with Host Integrity Ensuring client compliance with Host Integrity Configuring Host Integrity Troubleshooting Host Integrity Monitoring Host Integrity Controlling Application and File Access Describing Application Control and concepts Creating application rulesets to restrict how applications run Monitoring Application Control events Restricting Device Access for Windows and Mac Clients Describing Device Control features and concepts for Windows and Mac clients Enforcing access to hardware using Device Control Discovering hardware access policy violations with reports, logs, and notifications Hardening Clients with System Lockdown What is System Lockdown? Determining to use System Lockdown in Whitelist or Blacklist mode Creating whitelists for blacklists Protecting clients by testing and Implementing System Lockdown Customizing Policies based on Location Creating locations to ensure the appropriate level of security when logging on remotely Determining the criteria and order of assessment before assigning policies Assigning policies to locations Monitoring locations on the SEPM and SEP client Managing Security Exceptions Creating file and folder exceptions for different scan types Describing the automatic exclusion created during installation Managing Windows and Mac exclusions Monitoring security exceptions

Symantec Endpoint Protection 14.X - Configure And Protect
Delivered OnlineFlexible Dates
Price on Enquiry

Cisco Implementing an Integrated Threat Defense Solution (SECUR201) v1.2

By Nexus Human

Duration 2 Days 12 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco Integrated Threat Defense solution in their network environment. Cisco integrators and partners Systems and network engineers Technical architects Technical support personnel Overview After taking this course, you should be able to: Understand the network security landscape and the Cisco Integrated Threat Defense (ITD) solutions Describe the key components of the ITD solution and their use in the network Configure the Cisco Identity Services Engine (ISE) for a baseline of operation in the ITD solution Configure the integration between the Cisco Stealthwatch and Cisco ISE platforms Configure the integration between the Cisco Firepower and ISE platforms Configure the integration between Cisco Firepower and Cisco Advanced Malware Protection (AMP) for Endpoints The Implementing an Integrated Threat Defense Solution (SECUR201) v1.2 course provides an analysis of the cybersecurity landscape with an emphasis on the importance of an integrated threat defense architecture. Through a combination of lessons and hands-on practice, you will learn to deploy and integrate Cisco©?s Integrated Threat Defense solutions which include: Cisco Identity Services Engine (ISE), Cisco Stealthwatch, Cisco Firepower NGFW, and Cisco AMP for Endpoints. This course provides you with the knowledge and skills to implement and integrate solution components with existing network services, integrate solution components with the pxGrid (Platform Exchange Grid) framework, integrate network and endpoint-based malware protection, and observation of security dataflow after the introduction of malware. Course Outline Integrated Threat Defense Introduction ITD Products Identity Services Engine Setup Integration of Stealthwatch with Identity Services Engine Integration of Firepower with Identity Services Engine Integration of Firepower with AMP for Endpoints Lab outline Connecting to the Lab Environment Integrating ISE and Active Directory Integrating ISE and Cisco Adaptive Security Appliance (ASA) Configuring pxGrid and Client Certificates Integrating Stealthwatch with Identity Services Engine Integrating Network Visibility Module (NVM) with AnyConnect Integrating Firepower with Identity Services Engine Integrating AMP for Endpoints with Firepower

Cisco Implementing an Integrated Threat Defense Solution (SECUR201) v1.2
Delivered OnlineFlexible Dates
Price on Enquiry

Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) v2.0

By Nexus Human

Duration 3 Days 18 CPD hours This course is intended for This course is for technical professionals to gain skills in writing rules for Snort-based intrusion detection systems (IDS) and intrusion prevention systems (IPS). The primary audience includes: Security administrators Security consultants Network administrators System engineers Technical support personnel using open source IDS and IPS Channel partners and resellers Overview After taking this course, you should be able to: Describe the Snort rule development process Describe the Snort basic rule syntax and usage Describe how traffic is processed by Snort Describe several advanced rule options used by Snort Describe OpenAppID features and functionality Describe how to monitor the performance of Snort and how to tune rules The Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRules) v2.0 course shows you how to write rules for Snort, an open-source intrusion detection and prevention system. Through a combination of expert-instruction and hands-on practice, this course provides you with the knowledge and skills to develop and test custom rules, standard and advanced rules-writing techniques, how to integrate OpenAppID into rules, rules filtering, rules tuning, and more. The hands-on labs give you practice in creating and testing Snort rules. Course Outline Introduction to Snort Rule Development Snort Rule Syntax and Usage Traffic Flow Through Snort Rules Advanced Rule Options OpenAppID Detection Tuning Snort Lab outline Connecting to the Lab Environment Introducing Snort Rule Development Basic Rule Syntax and Usage Advanced Rule Options OpenAppID Tuning Snort

Securing Cisco Networks with Snort Rule Writing Best Practices (SSFRULES) v2.0
Delivered OnlineFlexible Dates
Price on Enquiry