Securing Hosts Using Cisco Security Agent (HIPS) v2.0

Request info

Course duration: 2 Days

Associated Certifications: CCSP


Certification as a CCNA or the equivalent knowledge.
At least six months practical experience configuring Cisco IDS Sensors.
Competency in using the Windows NT operating system.
Familiarity with implementing network security policies and the following networking concepts: Perimeter security system components: perimeter router, firewall, bastion host / Servers and Hosts

Course Content

Securing Hosts Using Cisco Security Agent (HIPS) takes a task-oriented approach to teaching the skills to deploy, configure, and administer CSA to protect server and workstation hosts.

Course Objectives

After completing this course the student should be able to:

Identify the platforms and infrastructure that support CSA and the CSA MC
Describe the CSA architecture and the CSA MC
Configure the way CSA protects a host system
Install CSA with a default Agent kit
Create host groups and build Agent kits
Define application classes and associate them with the appropriate security policies
Use variables for granular control when creating rules
Configure security policies and rules
Configure system correlation rules for CSA
Identify which rules are for Windows, UNIX, and both platforms
Perform data analysis and create policies with CSA Analysis
Manage the Event Log and generate reports

Course Outline:

Security Fundamentals
Cisco Security Agent Overview
Cisco Security Agent Quick Start Installation
Cisco Security Agent Management Center Administration
Configuring Groups and Managing Hosts
Building Policies
Rule Basics
System Correlation Rules
Defining Application Classes
Working with Variables
Using Cisco Security Agent Analysis
Using Event Logs and Generating Reports

SELECT wp_posts.*, wp_p2p.* FROM wp_posts INNER JOIN wp_postmeta ON ( wp_posts.ID = wp_postmeta.post_id ) INNER JOIN wp_p2p WHERE 1=1 AND ( ( wp_postmeta.meta_key = 'start_date' AND CAST(wp_postmeta.meta_value AS DATE) >= '2022-05-28' ) ) AND ((wp_posts.post_type = 'schedule' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled'))) AND (wp_p2p.p2p_type = 'schedule_to_courses' AND wp_posts.ID = wp_p2p.p2p_from AND wp_p2p.p2p_to IN (SELECT wp_posts.ID FROM wp_posts WHERE 1=1 AND wp_posts.ID IN (561) AND ((wp_posts.post_type = 'courses' AND (wp_posts.post_status = 'publish' OR wp_posts.post_status = 'acf-disabled'))) ORDER BY wp_posts.post_date DESC )) GROUP BY wp_posts.ID ORDER BY CAST(wp_postmeta.meta_value AS DATE) ASC