Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0

• Defense-in-depth Strategy
• Defending Across the Attack Continuum
• Network Segmentation and Virtualization Overview

• Cisco ASA Deployment Types
• Interface Security Levels
• Objects/Object Groups

• Cisco Firepower NGFW Deployments
• Packet Processing and Policies
• Objects

• Cisco Email Content Security Overview
• Simple Mail Transfer Protocol (SMTP)
• Email Pipeline Overview

• Cisco Web Security Appliance (WSA) Overview
• Deployment Options
• Network Users’ Authentication

• VPN Definition/Types
• Secure Communication and Cryptographic Services

• Site-to-Site VPN Topologies
• IPsec VPN Overview
• IPsec Static Crypto Maps

• Cisco IOS VTIs
• Static VTI Point-to-point IPsec Internet Key Exchange (IKE) v2 VPN Configuration

• Point-to-point VPNs on the Cisco ASA/Firepower NGFW
• Cisco ASA Point-to-point VPN Configuration
• Firepower NGFW Point-to-point VPN Configuration

• Remote Access VPN Components/Technologies
• Secure Sockets Layer (SSL) Overview

• Remote Access Configuration Concepts
• Connection Profiles
• Group Policies
   

• Cisco Secure Network Access
• Secure Network Access Components
• AAA Role in Cisco Secure Network Access Solution

• 802.1X and Extensible Authentication Protocol (EAP)
• EAP Methods
• Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications
   

• Cisco Catalyst® Switch 802.1X Configuration
• Wireless LAN Controller (WLC) 802.1X Configuration
• Identity Services Engine (ISE) 802.1X Configuration

• Configuring Network Settings and NAT on Cisco ASA
• Configuring Cisco ASA Access Control Policies
• Cisco Firepower NGFW NAT
• Cisco Firepower NGFW Access Control Policy
• Firepower NGFW Discovery/IPS Policy
• NGFW Malware and File Policy
• Configuring Listener, Host Access Table (HAT), and Recipient Access Table (RAT) on Cisco Email Security Appliance (ESA)
• Configuring Mail Policies, Proxy Services, Authentication, and HTTPS Decryption
• Enforcing the Acceptable Use Control and Malware Protection
• Examining the Umbrella Dashboard and Umbrella Investigate
• Exploring DNS Ransomware Protection by Cisco Umbrella
• Configuring Static VTI Point-to-point IPsec IKEv2 Tunnel
• Point-to-point VPN Between the Cisco ASA and Firepower NGFW
• Configuring Remote Access VPN on the Cisco Firepower NGFW
• Exploring Cisco AMP for Endpoints
• Performing Endpoint Analysis through AMP for Endpoints Console
• Exploring File Ransomware Protection by Cisco AMP for Endpoints Console
• Cisco Stealthwatch Enterprise v6.9
• Cognitive Threat Analytics (CTA) in Stealthwatch Enterprise v7.0
• The Cisco Cloudlock Dashboard and User Security
• Exploring Cisco Cloudlock Application and Data Security
• Cisco Stealthwatch Cloud
• Exploring Stealthwatch Cloud Alert Settings, Watchlists, and Sensors

Describe Information Security Concepts

• Information Security Overview
• Assets/Vulnerabilities/Countermeasures
• Managing Risk

Common TCP/IP Attacks

• Legacy TCP/IP Vulnerabilities
• Internet Control Message Protocol (ICMP) Vulnerabilities

Common Network Application Attack

• Password Attacks
• Domain Name System (DNS)-based Attacks
• DNS Tunneling

Describe Common Endpoint Attacks

• Buffer Overflow
• Malware
• Reconnaissance Attack

Deploy Cisco Umbrella

• Cisco Umbrella Architecture
• Deploying Cisco Umbrella
• Cisco Umbrella Roaming Client

Describe Endpoint Security Technologies

• Host-based Personal Firewall, Anti-virus, and Intrusion Prevention System

Deploy Cisco Advanced Malware Protection (AMP) for Endpoints

• Cisco AMP for Endpoints Architecture
• AMP for Endpoints Engines
• Retrospective Security with Cisco AMP

Introduction to Network Infrastructure Protection

• Identifying Network Device Planes
• Control Plane Security Controls
• Management Plane Security Controls

Deploy Control Plane Security Controls

• Infrastructure ACLs
• Control Plane Policing
• Control Plane Protection

2 Data PlaLayerne Security Controls

• Overview of Layer 2 Data Plane Security Controls
• Virtual LAN (VLAN)-based Attacks Mitigatio
• Spanning Tree Protocol (STP) Attacks Mitigation

Layer 3 Data Plane Security Controls

• Infrastructure Antispoofing ACLs
• Unicast Reverse Path Forwarding
• IP Source Guard

Deploy Management Plane Security Controls

• Cisco Secure Management Access
• Simple Network Management Protocol Version 3
• Secure Access to Cisco Devices

Traffic Telemetry Methods

• Network Time Protocol
• Device/Network Events Logging and Export
• Network Traffic Monitoring Using NetFlow

Cisco Stealthwatch Enterprise

• Cisco Stealthwatch Offerings Overview
• Stealthwatch Enterprise Required Components
• Flow Stitching/Deduplication

Describe Cloud & Common Cloud Attacks

• Evolution of Cloud Computing
• Cloud Service Models
• Security Responsibilities in Cloud

Secure the Cloud

• Cisco Threat-Centric Approach to Network Security
• Cloud Physical Environment Security
• Application/Workload Security

Deploy Cisco Stealthwatch Cloud

• Cisco Stealthwatch Cloud for Public Cloud Monitoring and Private Network Monitoring
• Stealthwatch Cloud Operations

Describe Software-Defined Networking (SDN)

• Software-Defined Networking Concepts
• Network Programmability and Automation
• Cisco Platforms/APIs