Share Description
In this course, you will learn:
- Validate your technical skills and ability to keep a Cisco network secure by earning the Cisco Certified Network Associate (CCNA) Security certification. Join security ambassador Lisa Bock as she prepares you for the Intrusion Prevention Systems (IPS) section of the CCNA Security exam 210-260: Implementing Cisco Network Security. Lisa provides an overview of intrusion detection and intrusion prevention systems (IDS/IPS) and explains how they detect and mitigate common attacks. She covers detection and signature engines, triggering actions and responses, and deploying an IOS-based IPS. In addition, she goes over some practical applications of these systems, including honeypot-based intrusion detection and the EINSTEIN system from the Department of Homeland Security.
Syllabus:
- Introduction
- What you need to know
- Packet Tracer and exercise files
- Prepare for the CCNA Security Exam (210-260)
1. IDS and IPS Overview
- Managing the threat landscape
- Overview and benefits of IDS and IPS
- IPS versus IDS
- Host-based versus network IDS
- Prerequisites and restrictions for IPS
2. Detection and Signature Engines
- Monitoring the network
- Signature-based IDS
- Sweep scan
- Anomaly-based IDS
- Reputation-based IDS
- Policy-based IDS
3. Decisions and Actions
- IDS signature files
- Trigger actions and responses
- Blacklist and whitelist
- Managing IPS alarms
4. Deploying an IOS-Based IPS
- Analyze the flow
- Implementing an IPS
- Configure an IPS
5. Practical Applications
- Monitoring and analyzing
- Syslog
- Using IDS and honeypots
- The EINSTEIN system
