Who should attend
This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration and initiate incident response investigations.
Prerequisites
- Flow Basics
- Cisco Stealthwatch Overview and Components
- Cisco Stealthwatch SMC Client Interface Overview
- Cisco Stealthwatch Web App Overview
Course Objectives
- Explain what Cisco Stealtwatch is and how it works.
- Explain how hosts and host groups are defined in Cisco Stealthwtch.
- Define basic concepts of policy management.
- Identify the three phases of the Cisco Stealthwatch tuning process.
- Complete workflows to identify indicators of compromise in your network.
Course Content
Cisco Stealthwatch for Security Operations is a 2-day, instructor-led, lab-based, hands-on course that focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use the Stealthwatch System to investigate potential security issues and make initial determinations on whether to proceed with a more thorough investigation or to move on to the next potential threat.