How You Will Benefit
Audience
Security professionals who want to customize IPS and Anti-Bot/Anti-Virus Protections for specific security needs and identify ways to optimize Threat Prevention performance.
Learning Path Training:
• CCSA (required)
• CCSE (recommended) Prerequisites
Base Knowledge:
• Internet Fundamentals
• Networking Fundamentals
• Networking Security
• System Administration
Before taking this course, the following prerequisites are strongly encouraged:
Module 1: History of Threat Prevention
Lab Tasks
• Verify the Security Environment
• Verify Connectivity Between Systems
Module 2: IPS Protections
Lab Tasks
• Enable and Configure Custom Threat Prevention
• Configure the Inspection Settings
• Update IPS Protections
• Configure General and Specific Protections
• Configure and Test Core Protections
Module 3: Anti-Virus and Anti-Bot Protections
Lab Tasks
• Enable Anti-Bot and Anti-Virus
• Configure Anti-Bot and Anti-Virus
Module 4: Threat Prevention Policy Profiles
Lab Tasks
• Create Custom Threat Prevention Profiles
• Configure the Custom Profiles
• Configure Anti-Bot and Anti-Virus in the Custom Profiles
Module 5: Threat Prevention Policy Layers
Lab Tasks
• Configure Gateway Interface Settings
• Configure Threat Prevention Policy Layers
• Configure Threat Prevention Rules with Custom Profiles
Module 6: Threat Prevention Logs and Traffic Analysis
Lab Tasks
• Modify Threat Prevention Logs and Configure SmartEvent Settings
• Test Threat Prevention Protections
• View Threat Prevention Logs and Events
• Use Web SmartConsole to View Logs and Events.
Module 7: Threat Prevention Exceptions and Exclusions
Lab Tasks
• Use IPS and Threat Prevention Exceptions
• Create an Inspection Settings Exception
• Create a Core Activations Exception
Module 8: Correlated Threat Prevention Views and Reports
Lab Tasks
• Verify SmartEvent Activation
• Generate and Verify Logs for Reporting
• Configure SmartEvent Views and Reports
Module 9: Threat Prevention Updates
Lab Tasks
• Verify Recent Updates
• Configure Update Settings
Module 10: Threat Prevention Performance Optimization
Lab Tasks
• Analyze Threat Prevention Performance
• Create Penalty Box Exceptions and Null Profiles
• Test the Panic Button Protocol
Module 11: Advanced Threat Prevention Features and Troubleshooting
Lab Tasks
• Add a Custom SNORT Rule
• Create and Test a Custom Threat Indicator
• Observe Traffic Drops in Real Time
• Audit Configuration Changes