Course Content
View Course Modules
0/1
SCOR Training Course Outline
Implementing and Operating Cisco Security Core Technologies (SCOR) Training

Learning Topics

Describing Information Security Concepts*

  • Information Security Overview
  • Assets, Vulnerabilities, and Countermeasures
  • Managing Risk

Describing Common TCP/IP Attacks*

  • Legacy TCP/IP Vulnerabilities
  • IP Vulnerabilities
  • Internet Control Message Protocol (ICMP) Vulnerabilities

Describing Common Network Application Attacks*

  • Password Attacks
  • Domain Name System (DNS)-Based Attacks
  • DNS Tunneling

Describing Common Endpoint Attacks*

  • Buffer Overflow
  • Malware
  • Reconnaissance Attack

Describing Network Security Technologies

  • Defense-in-Depth Strategy
  • Defending Across the Attack Continuum
  • Network Segmentation and Virtualization Overview

Deploying Cisco ASA Firewall

  • Cisco ASA Deployment Types
  • Cisco ASA Interface Security Levels
  • Cisco ASA Objects and Object Groups

Deploying Cisco Firepower Next-Generation Firewall

  • Cisco Firepower NGFW Deployments
  • Cisco Firepower NGFW Packet Processing and Policies
  • Cisco Firepower NGFW Objects

Deploying Email Content Security

  • Cisco Email Content Security Overview
  • Simple Mail Transfer Protocol (SMTP) Overview
  • Email Pipeline Overview

Deploying Web Content Security

  • Cisco Web Security Appliance (WSA) Overview
  • Deployment Options
  • Network Users Authentication

Deploying Cisco Umbrella*

  • Cisco Umbrella Architecture
  • Deploying Cisco Umbrella
  • Cisco Umbrella Roaming Client

Explaining VPN Technologies and Cryptography

  • VPN Definition
  • VPN Types
  • Secure Communication and Cryptographic Services

Introducing Cisco Secure Site-to-Site VPN Solutions

  • Site-to-Site VPN Topologies
  • IPsec VPN Overview
  • IPsec Static Crypto Maps

Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs

  • Cisco IOS VTIs
  • Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration

Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW

  • Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW
  • Cisco ASA Point-to-Point VPN Configuration
  • Cisco Firepower NGFW Point-to-Point VPN Configuration

Introducing Cisco Secure Remote Access VPN Solutions

  • Remote Access VPN Components
  • Remote Access VPN Technologies
  • Secure Sockets Layer (SSL) Overview

Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW

  • Remote Access Configuration Concepts
  • Connection Profiles
  • Group Policies

Explaining Cisco Secure Network Access Solutions

  • Cisco Secure Network Access
  • Cisco Secure Network Access Components
  • AAA Role in Cisco Secure Network Access Solution

Describing 802.1X Authentication

  • 802.1X and Extensible Authentication Protocol (EAP)
  • EAP Methods
  • Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications

Configuring 802.1X Authentication

  • Cisco Catalyst® Switch 802.1X Configuration
  • Cisco Wireless LAN Controller (WLC) 802.1X Configuration
  • Cisco Identity Services Engine (ISE) 802.1X Configuration

Describing Endpoint Security Technologies*

  • Host-Based Personal Firewall
  • Host-Based Anti-Virus
  • Host-Based Intrusion Prevention System

Deploying Cisco Advanced Malware Protection (AMP) for Endpoints*

  • Cisco AMP for Endpoints Architecture
  • Cisco AMP for Endpoints Engines
  • Retrospective Security with Cisco AMP

Introducing Network Infrastructure Protection*

  • Identifying Network Device Planes
  • Control Plane Security Controls
  • Management Plane Security Controls

Deploying Control Plane Security Controls*

  • Infrastructure ACLs
  • Control Plane Policing
  • Control Plane Protection

Deploying Layer 2 Data Plane Security Controls*

  • Overview of Layer 2 Data Plane Security Controls
  • Virtual LAN (VLAN)-Based Attacks Mitigation
  • Spanning Tree Protocol (STP) Attacks Mitigation

Deploying Layer 3 Data Plane Security Controls*

  • Infrastructure Antispoofing ACLs
  • Unicast Reverse Path Forwarding
  • IP Source Guard

Deploying Management Plane Security Controls*

  • Cisco Secure Management Access
  • Simple Network Management Protocol Version 3
  • Secure Access to Cisco Devices

Deploying Traffic Telemetry Methods*

  • Network Time Protocol
  • Device and Network Events Logging and Export
  • Network Traffic Monitoring Using NetFlow

Deploying Cisco Stealthwatch Enterprise*

  • Cisco Stealthwatch Offerings Overview
  • Cisco Stealthwatch Enterprise Required Components
  • Flow Stitching and Deduplication

Describing Cloud and Common Cloud Attacks*

  • Evolution of Cloud Computing
  • Cloud Service Models
  • Security Responsibilities in Cloud

Securing the Cloud*

  • Cisco Threat-Centric Approach to Network Security
  • Cloud Physical Environment Security
  • Application and Workload Security

Deploying Cisco Stealthwatch Cloud*

  • Cisco Stealthwatch Cloud for Public Cloud Monitoring
  • Cisco Stealthwatch Cloud for Private Network Monitoring
  • Cisco Stealthwatch Cloud Operations

Describing Software-Defined Networking (SDN*)

  • Software-Defined Networking Concepts
  • Network Programmability and Automation
  • Cisco Platforms and APIs

* This section is self-study material that can be done at your own pace if you are taking the instructor-led version of this course.

Lab Outline

  • Configure Network Settings and NAT on Cisco ASA
  • Configure Cisco ASA Access Control Policies
  • Configure Cisco Firepower NGFW NAT
  • Configure Cisco Firepower NGFW Access Control Policy
  • Configure Cisco Firepower NGFW Discovery and IPS Policy
  • Configure Cisco NGFW Malware and File Policy
  • Configure Listener, Host Access Table (HAT), and Recipient Access Table (RAT) on Cisco Email Security Appliance (ESA)
  • Configure Mail Policies
  • Configure Proxy Services, Authentication, and HTTPS Decryption
  • Enforce Acceptable Use Control and Malware Protection
  • Examine the Umbrella Dashboard
  • Examine Cisco Umbrella Investigate
  • Explore DNS Ransomware Protection by Cisco Umbrella
  • Configure Static VTI Point-to-Point IPsec IKEv2 Tunnel
  • Configure Point-to-Point VPN between the Cisco ASA and Cisco Firepower NGFW
  • Configure Remote Access VPN on the Cisco Firepower NGFW
  • Explore Cisco AMP for Endpoints
  • Perform Endpoint Analysis Using AMP for Endpoints Console
  • Explore File Ransomware Protection by Cisco AMP for Endpoints Console
  • Explore Cisco Stealthwatch Enterprise v6.9.3
  • Explore Cognitive Threat Analytics (CTA) in Stealthwatch Enterprise v7.0
  • Explore the Cisco Cloudlock Dashboard and User Security
  • Explore Cisco Cloudlock Application and Data Security
  • Explore Cisco Stealthwatch Cloud
  • Explore Stealthwatch Cloud Alert Settings, Watchlists, and Sensors
WhatsAPP