Course duration: 2 Days
Associated Certifications: CCSP
Prerequisites
Certification as a CCNA or the equivalent knowledge.
At least six months practical experience configuring Cisco IDS Sensors.
Competency in using the Windows NT operating system.
Familiarity with implementing network security policies and the following networking concepts: Perimeter security system components: perimeter router, firewall, bastion host / Servers and Hosts
Course Content
Securing Hosts Using Cisco Security Agent (HIPS) takes a task-oriented approach to teaching the skills to deploy, configure, and administer CSA to protect server and workstation hosts.
Course Objectives
After completing this course the student should be able to:
Identify the platforms and infrastructure that support CSA and the CSA MC
Describe the CSA architecture and the CSA MC
Configure the way CSA protects a host system
Install CSA with a default Agent kit
Create host groups and build Agent kits
Define application classes and associate them with the appropriate security policies
Use variables for granular control when creating rules
Configure security policies and rules
Configure system correlation rules for CSA
Identify which rules are for Windows, UNIX, and both platforms
Perform data analysis and create policies with CSA Analysis
Manage the Event Log and generate reports
Course Outline:
Security Fundamentals
Cisco Security Agent Overview
Cisco Security Agent Quick Start Installation
Cisco Security Agent Management Center Administration
Configuring Groups and Managing Hosts
Building Policies
Rule Basics
System Correlation Rules
Defining Application Classes
Working with Variables
Using Cisco Security Agent Analysis
Using Event Logs and Generating Reports