Course Outline
SSFIPS: Securing Networks with Cisco Firepower Next-Generation IPS v4.0
This is a 5 day, instructor led course.
The Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) v4.0 course shows you how to deploy and use Cisco Firepower® Next-Generation Intrusion Prevention System (NGIPS). This hands-on course gives you the knowledge and skills to use the platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort® rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more.
This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order.
Upon successful completion of this course, the student will have the skills necessary to:
• Describe the components of Cisco Firepower Threat Defense and the managed device registration process
• Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery
• Implement access control policies and describe access control policy advanced features
• Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection
• Implement and manage intrusion and network analysis policies for NGIPS inspection
• Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center
• Integrate the Cisco Firepower Management Center with an external logging destination
• Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy
• Describe key Cisco Firepower Management Center software update and user account management features
• Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device
This course is designed for technical professionals who need to know how to deploy and manage a Cisco Firepower NGIPS in their network environment.
This course is recommended for delegates in the following job roles:
• Security administrators
• Security consultants
• Network administrators
• System engineers
• Technical support personnel
• Channel partners and resellers
To fully benefit from this course, you should have the following knowledge and skills:
• Technical understanding of TCP/IP networking and network architecture.
• Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and IPS.
SSFIPS: Securing Networks with Cisco Firepower Next-Generation IPS v4.0
This is a 5 day, instructor led course.
The Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) v4.0 course shows you how to deploy and use Cisco Firepower® Next-Generation Intrusion Prevention System (NGIPS). This hands-on course gives you the knowledge and skills to use the platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort® rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more.
This course helps you prepare to take the exam, Securing Networks with Cisco Firepower (300-710 SNCF), which leads to CCNP Security and Cisco Certified Specialist – Network Security Firepower certifications. The 300-710 SNCF exam has a second preparation course as well, Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW). You can take these courses in any order.
Upon successful completion of this course, the student will have the skills necessary to:
• Describe the components of Cisco Firepower Threat Defense and the managed device registration process
• Detail Next-Generation Firewalls (NGFW) traffic control and configure the Cisco Firepower system for network discovery
• Implement access control policies and describe access control policy advanced features
• Configure security intelligences features and the Advanced Malware Protection (AMP) for Networks implementation procedure for file control and advanced malware protection
• Implement and manage intrusion and network analysis policies for NGIPS inspection
• Describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center
• Integrate the Cisco Firepower Management Center with an external logging destination
• Describe and demonstrate the external alerting options available to Cisco Firepower Management Center and configure a correlation policy
• Describe key Cisco Firepower Management Center software update and user account management features
• Identify commonly misconfigured settings within the Cisco Firepower Management Center and use basic commands to troubleshoot a Cisco Firepower Threat Defense device
To fully benefit from this course, you should have the following knowledge and skills:
• Technical understanding of TCP/IP networking and network architecture.
• Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and IPS.
Course Contents
• Cisco Firepower Threat Defense Overview
• Cisco Firepower NGFW Device Configuration
• Cisco Firepower NGFW Traffic Control
• Cisco Firepower Discovery
• Implementing Access Control Policies
• Security Intelligence
• File Control and Advanced Malware Protection
• Next-Generation Intrusion Prevention Systems
• Network Analysis Policies
• Detailed Analysis Techniques
• Cisco Firepower Platform Integration
• Alerting and Correlation Policies
• System Administration
• Cisco Firepower Troubleshooting
Lab Outline
• Initial Device Setup
• Device Management
• Configuring Network Discovery
• Implementing and Access Control Policy
• Implementing Security Intelligence
• File Control and Advanced Malware Protection
• Implementing NGIPS
• Customizing a Network Analysis Policy
• Detailed Analysis
• Configuring Cisco Firepower Platform Integration with Splunk
• Configuring Alerting and Event Correlation
• System Administration
• Cisco Firepower Troubleshooting
We strongly recommend you attend this course before attempting the following exam.
Certification & Exam
The 300-SNCF exam certifies your knowledge of Cisco Firepower® Threat Defense and Firepower®, including policy configurations, integrations, deployments, management and troubleshooting. The exam will be available beginning February 24, 2020.
After you pass 300-710 SNCF:
• You earn the Cisco Certified Specialist – Network Security Firepower certification.
• You will have satisfied the concentration exam requirement for new CCNP Security certification. To complete CCNP Security, you also need to pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent
This exam tests your knowledge of Cisco Firepower® Threat Defense and Firepower® 7000 and 8000 Series virtual appliances, including:
• Policy configurations
• Integrations
• Deployments
• Management and troubleshooting
The Securing Networks with Cisco Firepower v1.0 (SNCF 300-710) exam is a 90-minute exam associated with the CCNP Security, and Cisco Certified Specialist – Network Security Firepower certifications. This exam tests a candidate’s knowledge of Cisco Firepower® Threat Defense and Firepower®, including policy configurations, integrations, deployments, management and troubleshooting. These courses, Securing Networks with Cisco Firepower, and Securing Network with Cisco Firepower Next-Generation Intrusion Prevention System help candidates prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
30%
1.0 Deployment
1.1 Implement NGFW modes
• 1.1.a Routed mode
• 1.1.b Transparent mode
1.2 Implement NGIPS modes
• 1.2.a Passive
• 1.2.b Inline
1.3 Implement high availability options
• 1.3.a Link redundancy
• 1.3.b Active/standby failover
• 1.3.c Multi-instance
1.4 Describe IRB configurations
30%
2.0 Configuration
2.1 Configure system settings in Cisco Firepower Management Center
2.2 Configure these policies in Cisco Firepower Management Center
• 2.2.a Access control
• 2.2.b Intrusion
• 2.2.c Malware and file
• 2.2.d DNS
• 2.2.e Identity
• 2.2.f SSL
• 2.2.g Prefilter
2.3 Configure these features using Cisco Firepower Management Center
• 2.3.a Network discovery
• 2.3.b Application detectors (Open AppID)
• 2.3.c Correlation
• 2.3.d Actions
2.4 Configure objects using Firepower Management Center
• 2.4.a Object Management
• 2.4.b Intrusion Rules
2.5 Configure devices using Firepower Management Center
• 2.5.a Device Management
• 2.5.b NAT
• 2.5.c VPN
• 2.5.d QoS
• 2.5.e Platform Settings
• 2.5.f Certificates
25%
3.0 Management and Troubleshooting
3.1 Troubleshoot with FMC CLI and GUI
3.2 Configure dashboards and reporting in FMC
3.3 Troubleshoot using packet capture procedures
3.4 Analyze risk and standard reports
15%
4.0 Integration
4.1 Configure Cisco AMP for Networks in Firepower Management Center
4.2 Configure Cisco AMP for Endpoints in Firepower Management Center
4.3 Implement Threat Intelligence Director for third-party security intelligence feeds
4.4 Describe using Cisco Threat Response for security investigations
4.5 Describe Cisco FMC PxGrid Integration with Cisco Identify Services Engine (ISE)
4.6 Describe Rapid Threat Containment (RTC) functionality within Firepower Management Center
Price per delegate
£3395
Scheduled Classes
Remote Access:
11 – 15 Dec 2023
Please complete the contact form below or call 0141 221 5676 for further course information and available dates.
Alternatively you can email us at info@indiciatraining.com