Cisco CCNP Security Core - Implementing Operating Cisco Security Core Tech (SCOR) / Implementing and Configuring Cisco Identity Services Engine (SISE)
Start Date - End Date November 04 - November 12, 2024
Address 467 Herndon Pkwy
City HerndonState
Download the complete PDF for this course to see the detailed course outline.
Course Overview
thinQtank® Learning is offering a unique nine-day training camp comprised of five days of instructor-led learning for Implementing and Operating Cisco Security Core Technologies (SCOR) and Implementing and Configuring Cisco Identity Service Engine (SISE). As with all of our Cisco Training Experiences - exams are delivered in the classroom.
SCOR
This portion of the course prepares students to master the skills and technologies students need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. Students will learn security for networks, cloud and content, endpoint protection, secure network access, visibility and enforcements. Students will get extensive hands-on experience deploying Cisco Firepower Next-Generation Firewall and Cisco ASA Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. Students will get introductory practice on Cisco Stealthwatch Enterprise and Cisco Stealthwatch Cloud threat detection features.
SISE
This portion of the course is an intensive experience with enhanced hands-on labs that cover all facets of Cisco Identity Services Engine (ISE) version 2.4. The training provides students with the knowledge and skills to enforce security compliance for wired and wireless endpoints and enhance infrastructure security using the Cisco ISE.
In this course, students will learn about the Cisco ISE, a next-generation identity and access control policy platform that provides a single policy plane across the entire organization. The ISE combines multiple services including authentication, authorization, and accounting (AAA) using 802.1x, MAB, web authentication, posture, profiling, device on-boarding, guest services, and VPN access into a single context-aware identity-based platform.
Our Learning Exclusive
In our classroom, students receive gigabytes of take-home CBT and lab material with over four-hundred labs to keep practicing and refining the skills learned in the classroom. Additionally, our students receive:
■ thinQtank® Learning Accelerated Custom Exam Study Guide for the ENCORE and ENARSI exams
■ Exam delivery in classroom with 98% success
■ Custom and focused exam preparation software and materials
■ Course specific thinQtank® Learning publications to promote a fun and exciting learning
■ Membership to the thinQtank® Learning University Online
■ WE DO NOT "TEACH THE TEST" - Students will receive valuable examples and discussion
■ Receive all reading material and study guides when you register
■ All courses taught by CCIE Certified instructors
Course Objectives SCOR
After taking this course, students should be able to:
■ Describe information security concepts and strategies within the network
■ Describe common TCP/IP, network application, and endpoint attacks
■ Describe how various network security technologies work together to guard against attacks
■ Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
■ Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
■ Describe and implement web content security features and functions provided by Cisco Web Security Appliance
■ Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console
■ Introduce VPNs and describe cryptography solutions and algorithms
■ Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS VTI-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco FirePower NGFW
■ Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and EAP authentication
■ Provide basic understanding of endpoint security and describe AMP for Endpoints architecture and basic features
■ Examine various defenses on Cisco devices that protect the control and management plane
■ Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls
■ Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
■ Describe basics of cloud computing and common cloud attacks and how to secure cloud environmen
Course Objectives SISE
After taking this course, students should be able to:
■ ISE deployment options including node types, personas, and licensing
■ Install certificates into ISE using a Windows 2012 Certificate Authority (CA)
■ Configure the Local and Active Directory Based Identity Store and use of Identity Source Sequences
■ Configure AAA clients and network device groups
■ Implement Policy Sets to streamline Authentication and Authorization in the organization
■ Deploy EasyConnect as an alternative to 802.1X port-based authentication
■ Implement 802.1X for wired and wireless networks using the AnyConnect 4.x NAM module, the latest dot1x commands on a catalyst switch, and version 8.4 of the vWLC
■ Configure policies to allow MAC Authentication Bypass (MAB) of endpoints
■ Use central web authentication (CWA) for redirection of legitimate domain users who need to register devices on the network using MAC addresses (device registration)
■ Configure hotspot guest access, self-registration guest access, and sponsored guest access
■ Configure profiler services in ISE and use newer probes available in IOS switch code 15.x as well as vWLC 8.4 code
■ Work with profiling feeds, logical profiles, and building profiling conditions to match network endpoints
■ Configure posture assessments using the new Cisco AnyConnect Secure Mobility 4.x posture module
■ Configure Cisco ISE as a TACACS+ Server for Device Administration with Command Authorization
■ Configure Cisco ISE to integrate with a 5500-X ASA and a Catalyst Switch for TrustSec and implement end-to-end Security Group Tagging (SGT) and Security Group Access Control (SGACL)
■ Maintenance, best practices, and logging
Exclusive Package Ensuring Success
■ Additional hours of remote lab access
■ Custom video recordings with even more in-depth learning of course topics
■ Customized practice exam software
■ Digital courseware
■ Retake any or all portions of the course as many times as you like in person or live on-line for 24 months
■ Six months mentoring access to CCIE engineers after completing the course
Course Duration
■ Nine days of instructor-led learning
■ Five days SCOR and four days SISE
■ 60% lecture, 40% hands-on labs
Prerequisites
■ Skills and knowledge equivalent to CCNA
■ Familiarity with Ethernet and TCP/IP networking
■ Knowledge of the Windows operating system
■ Knowledge of IOS networking and concepts
■ Basics of networking security concepts
■ Foundation-level wireless knowledge and skills
■ Familiarity with 802.1X and Cisco ASA
Target Audience
■ Security and Network Engineer
■ Network Designer
■ Network Administrator
■ Systems and Consulting Systems Engineer
■ Technical Solutions Architect
■ Installers and implementers Cisco ISE
■ End users installing, configuring, and deploy Cisco ISE
Exam Information
■ 350-701 - Implementing and Operating Cisco Security Core Technologies (SCOR)
■ 300-715 - Implementing and Configuring Cisco Identity Services Engine (SISE)
Delivery Methods
■ Instructor-Led Training
■ Immersive Live-Online Training
■ On-Site and Custom Delivery