Network Forensics Administration

Ota yhteyttä

Voit olla meihin yhteydessä ja tiedustella koulutuksistamme täydentämällä yhteystietosi ja koulutuksen nimen oheen.

Network Forensics Administration

VARAA NYT

Kesto
1 päivä

Toimitus
(Online ja paikan päällä)

Hinta
Hinta pyydettäessä

This entry-level course covers deployment options, basic administration, and configuration of the integrated Trellix technologies for the Trellix Network Forensics appliances—Packet Capture and Investigation Analysis.

Hands-on activities include post-installation tasks, system health checks, pairing a Packet Capture appliance with the Investigation Analysis system, daily system administration tasks, configuring Event Based Capture, and integration of another Trellix system for alerts.

Provide an overview of Packet Capture and Investigation Analysis appliances.
Describe the common deployment of Packet Capture and Investigation Analysis in the context of other Trellix products and services.
Access the various administration interfaces for Packet Capture and Investigation Analysis.
Perform primary management and administration tasks for Packet Capture and Investigation Analysis.
Configure and integrate Packet Capture and Investigation Analysis with various supported Trellix technologies.

1. Appliance Overview and Network Placement

Packet Capture
Packet Capture: Deployments
Investigation Analysis
Investigation Analysis: Deployments
Network Forensics: Appliance relationship
Basic hardware components
Network Forensics integrations overview
Lab: Start up the training environment

2. Network Forensics Administration Interfaces

Network Forensics administration interfaces
CLI via SSH
CLI via the IPMI
Accessing admin-level commands
Configuration mode
Accessing the Web UI
Lab: Configure Packet Capture (PX)
Lab: Configure Investigation Analysis (IA)

3. Network Forensics Administration Tasks

Identity management
Authentication
CLI authentication type
CAC/PIV authentication
Local users and roles
System management
Processes
Restarting processes
Logs
Web UI admin pages
Show command
IA appliance groups
Rules and software management
Uploading software on Investigation Analysis
Updating software from Investigation Analysis
Configuring and deploying EBC
Load management
PX metadata filtering
DNS aggregation management
Lab: Pair Packet Capture and Investigation Analysis

4. Configuring Trellix Integrations

Packet Capture and Helix
Packet Capture and Threat Intelligence
Packet Capture and Network Security
Investigation Analysis and Packet Capture
Investigation Analysis and Trellix alert aggregation
Investigation Analysis and Malware Analysis
Utilizing Network Security as a sensor
Investigation Analysis and Endpoint Security (HX for host metadata)
Lab: Set up Network Forensics aggregated alerts with an integrated Trellix system

Network security professionals and system administrators who operate and administer Trellix Packet Capture and Investigation Analysis appliances and integrate them with other Trellix technologies.

A working understanding of the command line interface (CLI) and the Linux Operating system, and familiarity with network security.

Yleiskatsaus

Tavoitteet

Provide an overview of Packet Capture and Investigation Analysis appliances.
Describe the common deployment of Packet Capture and Investigation Analysis in the context of other Trellix products and services.
Access the various administration interfaces for Packet Capture and Investigation Analysis.
Perform primary management and administration tasks for Packet Capture and Investigation Analysis.
Configure and integrate Packet Capture and Investigation Analysis with various supported Trellix technologies.

Sisältö

1. Appliance Overview and Network Placement

Packet Capture
Packet Capture: Deployments
Investigation Analysis
Investigation Analysis: Deployments
Network Forensics: Appliance relationship
Basic hardware components
Network Forensics integrations overview
Lab: Start up the training environment

2. Network Forensics Administration Interfaces

Network Forensics administration interfaces
CLI via SSH
CLI via the IPMI
Accessing admin-level commands
Configuration mode
Accessing the Web UI
Lab: Configure Packet Capture (PX)
Lab: Configure Investigation Analysis (IA)

3. Network Forensics Administration Tasks

Identity management
Authentication
CLI authentication type
CAC/PIV authentication
Local users and roles
System management
Processes
Restarting processes
Logs
Web UI admin pages
Show command
IA appliance groups
Rules and software management
Uploading software on Investigation Analysis
Updating software from Investigation Analysis
Configuring and deploying EBC
Load management
PX metadata filtering
DNS aggregation management
Lab: Pair Packet Capture and Investigation Analysis

4. Configuring Trellix Integrations

Packet Capture and Helix
Packet Capture and Threat Intelligence
Packet Capture and Network Security
Investigation Analysis and Packet Capture
Investigation Analysis and Trellix alert aggregation
Investigation Analysis and Malware Analysis
Utilizing Network Security as a sensor
Investigation Analysis and Endpoint Security (HX for host metadata)
Lab: Set up Network Forensics aggregated alerts with an integrated Trellix system

Kohdeyleisö

Network security professionals and system administrators who operate and administer Trellix Packet Capture and Investigation Analysis appliances and integrate them with other Trellix technologies.

Esivaatimukset

A working understanding of the command line interface (CLI) and the Linux Operating system, and familiarity with network security.

Kurssiaikataulu

` Päivämäärä pyynnöstä

Kurssit

Cisco Learning Credits

Cisco Continuing Education

Cisco Digital Learning

Cisco Business Enablement

Kurssit

ATC Status

Kurssit

Kurssit

ATP-akkreditointi

Tiimimme

Network Forensics Administration

Ota yhteyttä

Tietosuojalauseke ja yksityisyys

Network Forensics Administration

Yleiskatsaus

Tavoitteet

Sisältö

Kohdeyleisö

Esivaatimukset

Kurssiaikataulu

Jatkokurssit

Kategoria

Osoite

Ottaa yhteyttä

Ota yhteyttä meihin

Newsletter