Introduction to Stealthwatch Implementation

Live Online & Classroom Enterprise Training

Location: Bangalore, India | Dubai, UAE

Industry Experienced Instructor  |  Remote Labs  |  Lab Access Post Training

Need help finding the right training?

Facebook Twitter Linkedin

This course focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use Stealthwatch to investigate potential security issues and make initial determinations of whether to proceed with a more thorough investigation or to move on to the next potential threat.

Prerequisites:

It is strongly recommended to complete the Stealthwatch Foundations training prior to taking this course.

Target Audience:

This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration, and initiate incident response investigations. An entry-level security analyst is an ideal audience for this class.

Course Objectives:

After taking this course, you should be able to:

  • Describe how the Stealthwatch System provides network visibility through monitoring and detection.
  • Describe the goals of using Stealthwatch in the proactive and operational modes.
  • Define basic concepts of investigation and detection of potential security issues using the Stealthwatch System.
  • Complete workflows to identify indicators of compromise in your network.
  • Describe alarm types and alarm notification within Stealthwatch.
  • Explain the utility of maps in the Stealthwatch System.
  • Describe how the Stealthwatch System contributes to successful incident handling.

Course Outine:

Day One

  • Course Introduction
  • Cisco Stealthwatch Security Course Overview
  • Introduction to Security
  • Lunch
  • Using Stealthwatch in the Proactive Mode
  • Pattern Recognition
  • Investigation and Detection Using Stealthwatch
    • Lab: Using Top Reports and Flow Tables for Detection
    • Lab: Creating and Using Dashboards for Detection
    • Lab: Creating Custom Security Events
    • Lab: Proactive Investigation Practice

Day Two

  • Day One Review
  • Using Stealthwatch in the Operational Mode
  • Alarms and Alarm Response
    • Lab: Responding to Alarms
  • Maps
    • Lab: Using Maps for Incident Response
  • Lunch
  • Host Identification
    • Lab: Identify Hosts Using Host Snapshot and Host Report
  • Culminating Scenario: Using Stealthwatch for Insider Threats
  • Security Best Practices in Stealthwatch
  • Cisco Stealthwatch Security Course Outcomes
  • Course Conclusion