Description
This lab intensive course is designed to teach students
how to use the Cisco Intrusion Detection System to
detect and respond to malicious network attacks. The
course covers all CIDS detection platforms including the
4200 series Sensors and the Catalyst 6000 series
Intrusion Detection Module(IDSM). The student will learn
how to remotely manage CIDS Sensor with Cisco Secure
Policy Manager (CSPM) and will learn how to use CSPM to
collect and display intrusion data. The student will
also learn how to manage alarms, generate alarm reports.
The student will learn how to create custom signatures
and define intrusion detection signature settings and
responses.
-
Install
and configure Cisco Secure Policy Manager (CSPM) and
the CIDS Sensor in multiple network configurations.
-
Use
CSPM to centrally manage and configure multiple
Sensors.
-
Configure
the CIDS Sensor to detect, respond to, and report
intrusion activity.
-
Use
CSPM to translate intrusion data into intuitive and
effective graphical displays.
-
Use
the CIDS 's Network Security Database (NSDB) to view
signature and network security vulnerability
information.
-
Develop
and implement customized intrusion detection
signatures to respond to intrusion attempts.
-
Configure
the CIDS Sensor in Device Management mode to
interface with a Cisco IOS router to stop network
attacks.
-
Configure
the Catalyst 6000 IDS Module (IDSM) and the Catalyst
6000 series switches to perform intrusion detection
in multiple VLANs.
-
Use
CSPM to generate e-mail notifications when an
intrusion is detected.
-
Use
CSPM to generate IDS alarm reports.
This
course is recommended for Cisco customers who implement
and maintain CIDS, Cisco Channel Partners who sell,
implement, and maintain CIDS, and Cisco System Engineers
who support sales of CIDS and security product
solutions.
Students
who attend this course should meet the following
prerequisites:
-
Cisco
Certified Network Associate (CCNA) certification or
equivalent knowledge.
-
Completion
of the SECUR course (or its predecessor, the Managing Cisco Network Security course),
or have a working knowledge of network security.
-
Strong
user level experience with the Windows NT operating
system and a basic understanding of the UNIX
operating system.
Preparation
for Exam 642-531.
Registration
Form
|