Undergoing MyBlogLog Verification

Wednesday, August 27, 2008

CBT Nuggets Cisco CCSP - Exam-Pack 642-513

HIPS Are you prepared for malicious attacks on your network? Rest easy with Cisco CCSP - HIPS.
This video series shows you how to configure and deploy Cisco Security Agent (CSA) Management Center (MC) — a terrific weapon for defeating attacks and gaining security piece of mind. Once CSA MC is installed, and your system is rebooted, it provides immediate protection for all the workstations, hosts and servers throughout your system.
The CSA MC is a vital part of Cisco's Self-Defending Network (SDN) strategy, which offers you a layered approach to network security. Threats, both internal and external, can't slip through your defenses just by defeating a single obstacle; CSA MC lets you put other layered security barriers in place to keep your system safe and secure.
HIPS includes Agent Kits, which ease your network administrator tasks by simplifying the installation process. This training shows you how to set up Agent Kits step by step.
Because this security strategy lets you group hosts as you please, you'll spend less time deploying software updates. It also provides variables, so you won't need to create the same security rules over and over again. Variables let you apply rules quickly throughout your network. And they also let you group similar components for easier management — such as data sets, file sets, network address sets, network services sets, registry sets, COM component sets and query settings.
Many security rules are common to both Windows and UNIX, but others are specific to one or the other. This training makes sure you know which is which and how to handle system-specific rules.
The training also goes into detail on event logging, report generation and monitoring applicant deployment behavior and investigation — vital topics for every security administrator.
In addition to giving you practical, hands-on instruction, the training in Exam-Pack 642-513: HIPS maps to exam objectives. It prepares you to describe, configure, and verify the Cisco Security Agent product for the simulation- and knowledge-based HIPS exam. Exam 642-513: HIPS is one of five exams required to earn the Cisco Certified Security Professional certification.
The CCSP-HIPS video series contains:# Introduction to the Cisco HIPS Series
# Introduction to the CSA
# Configuring and Installing the CSA MC
# Installing the CSA Agent
# Configuring Groups on the CSA MC
# The CSA Agent Kit
# Host Management (free video!)
# Policy Configuration
# Working with Variables
# Working with Application Classes
# Working with Rules (part 1)
# Working with Rules (part 2)
# Managing Events
# Generating Reports
# Application Deployment Investigation and Reporting
# Application Behavior Investigation and Reporting
PrerequisitesA thorough understanding of Cisco networking such as a CCNA certification or equivalent knowledge is recommended before viewing these videos.
Here's what you'll learn in each video of the CCSP-HIPS series:
Video 1 - "Introduction to the Cisco HIPS Series" - Introduces you to Cisco Security Agent (CSA). Familiarizes you with the CCSP - HIPS 642-513 certification exam. Separates the exam content into five main domains and discusses the exam.
Video 2 - "Introduction to the CSA" - Walks you through CSA and its role in Cisco' Self-Defending Network (SDN). Describes how CSA works on workstations, hosts and servers to enforce the security of network traffic. You'll learn about CSA architecture, the features of CSA and CSA Management Center (MC) components. You'll also see a portrait of typical network attack and how CSA handles it.
Video 3 - "Configuring and Installing the CSA MC" - You'll learn about the CSA interface and how to configure security policies. (Understanding the interface is necessary to pass the exam.) Plus, you'll learn the CSA MC installation requirements.
Video 4 - "Installing the CSA Agent" - This video shows you how to customize CSA MC installation using installation kits. You'll learn system-specific installation requirements and how to use CSA to monitor system functions and analyze operations, and you'll see how CSA proactively blocks malicious activity attempts.
Video 5 - "Configuring Groups on the CSA MC" - This video provides an overview of groups and why to use them. It covers a variety of configuration topics, including: setting security requirements for groups of similar hosts; streamlining the process of assigning common policies to groups and sending out updates and alerts; configuring groups; and generating and distributing rule groups before policies take effect.
Video 6 - "The CSA Agent Kit" - Agent kits make your job as a network administrator easier. They simplify installing CSA (along with pre-existing security policies and rules) onto a host. Learn how to build agent kits step by step. This video walks you through agent kit status levels, rebooting options and controlling host registration by defining IP addresses.
Video 7 - "Host Management" - Protect yourself from structured and unstructured network attacks with effective policies. Learn how to generate solid security policies. This video provides you with an overview and key considerations of security policy. It also discusses security policy issues and configuring policy elements on CSA MC.
Video 9 - "Working with Variables" - Why create the same rules over and over to cover hosts across the network? Simplify the process by connecting similar components using variables. Variables can connect data sets, file sets, network address sets, network services sets, registry sets, COM component sets and query settings.
Video 10 - "Working with Application Classes" - Gain an overview of application classes. Understand the difference between static and dynamic classes. Learn to configure application classes in CSA MC.
Video 11 - "Working with Rules (part 1)" - This video shows you rules for using workstations in a host-based IPS environment. It also covers managing files and registry keys, and shows how to handle COM components and network access. You'll understand CSA rules, major rule types, rules common to both UNIX and Microsoft, rule configuration and rule prioritization for specific actions.
Video 12 - "Working with Rules (part 2)" - Learn about rules specific to UNIX or Windows. Windows-specific rules include clipboard access control, COM component access, file version control, kernal control, NT event log, registry access, service restart and sniffer & protocol detection. UNIX-specific rules include network interface control, resource access control, root kit/kernal protection and Syslog control.
Video 13 - "Managing Events" - Learn about CSA MC event log and event monitor. This video discusses event log management and event management wizard. It also explains event sets and alerts/system status.
Video 14 - "Generating Reports" - Some activities require ongoing monitoring, such as upgrades and patches. Configuring rules in CSA MC lets you log specific events. Learn how to generate the following reports: events by severity, events by groups, host detail, policy detail and group detail.
Video 15 - "Application Deployment Investigation and Reporting" - Learn about monitoring applications running on host systems (end-user workstations, servers, etc.). Other topics include: configuring the CSA MC to perform application deployment investigation on all installed network applications; analyzing and compiling data on all network host applications and creating application deployment reports.
Video 16 - "Application Behavior Investigation and Reporting" - Detecting and rectifying application violations and locating undesirable intrusions and activities are essential security activities. This video gives you an overview of behavior Analysis in CSA MC. It also explains the following reports: file event, registry event, COM event, network event and summary.
http://rapidshare.com/files/123906936/hips.part1.rar.html http://rapidshare.com/files/124258512/hips.part2.rar.html http://rapidshare.com/files/123929589/hips.part3.rar.html

No comments: