- Network Security Engineer
- Implementing Cisco Security Monitoring, Analysis, and Response System(MARS)
This course is part of the Cisco Security Management Suite which provides security monitoring for network security devices & host apps made by Cisco or non-Cisco providers. Topics include event correlation, data reduction features, topology awareness...
- Course Outline
This course is part of the Cisco Security Management Suite which provides security monitoring for network security devices and host applications made by Cisco or non-Cisco providers. Areas of study include event correlation, data reduction featuers, topology awareness, and automatic mitigation features. Network topology knowledge allows for determination of attack origin as well as application of appropriate remedy. This course is a key component in the Cisco Self Defending Network strategy. Together with CS-Manager, CS-Mars provides a unified security management solution for monitoring and provisioning. It is strongly suggested that candidates successfully complete CCNA Security prior to enrollment. This course is designed for network professionals wanting to guarantee the security of their networks.
Audience Technicians requiring CCSP Certification.
Technicians using or designing networks with Cisco Security products
Skills taught Upon completion of this course, student will be able to use CS-MARS to:
• monitor security and host application devices
• know CS-MARS architecture and how CS-MARS processes events
• run / create / customize reports
• investigate an incident and mitigate security threats
• archive and restore features
• do customer parser for unknown devices in CS-MARS
• create / customize rules that detect dark net through best practices example
• tune signature / log level on device side and CS-MARS side
Course outline • Introducing Cisco Security Monitoring, Analysis, and Response System
• Understanding the System Architecture
• Configuring a Cisco Security MARS Appliance
• Adding Reporting and Mitigation Devices
• Viewing the Summary Page
• Managing Rules
• Understanding Queries and Reports
• Investigating and Mitigating Incidents
• Working with User-Defined Log Parser Templates
• Integrating with Cisco Security Manager
• Managing and Administering the System
• Troubleshooting and Optimizing Cisco Security MARS
• Using the Cisco Security MARS Global Controller
• Course Review
- Prerequisites & Certificates
Students attending this class should have the following: - Fundamental knowledge of implementing network security - CCNA Security - SNRS, SNAF, and IPS
- Cancellation Policy
Public Schedule - Instructor Led Training:
Cancellation notice of 10 (ten) business days is required to cancel a course without penalty. Cancellation of less than 10 (ten) business days prior to the start of the course or non-attendance will result in a charge of 100% of the course cost.
Group (Dedicated) Training: Cancellation notice of 15 (fifteen) days is required to cancel a private course without penalty. Cancellation of less than 15 (fifteen) days will result in a charge of 100% of the private training cost.
Substitutions of enrolled students in scheduled classes are permitted prior to the class start on the first day. ARP's choice of instructor for any course is subject to change.
- Map & Reviews
[ View Provider's Profile ]
This course has not yet been rated by one of our members.
If you have taken a course through this vendor please log into your account and leave feedback for this vendor. You will be helping ensure our members get directed to the best training facilities.
This course currently does not have any dates scheduled. Please call 1-877-313-8881 to enquire about future dates or scheduling a private, in house course for your team.
This page has been viewed 2861 times.