Securing Cloud Deployments with Cisco Technologies v1.0

Schedule

Start End Duration Location Details
February 21, 2022 February 24, 2022 KDE 3.1 Virtual Classroom (GMT+08:00)
April 25, 2022 April 28, 2022 KDE 3.1 Virtual Classroom (GMT+08:00)
June 13, 2022 June 16, 2022 KDE 3.1 Virtual Classroom (GMT+08:00)
July 11, 2022 July 14, 2022 KDE 3.1 Virtual Classroom (GMT+08:00)
September 12, 2022 September 15, 2022 KDE 3.1 Virtual Classroom (GMT+08:00)
November 14, 2022 November 17, 2022 KDE 3.1 Virtual Classroom (GMT+08:00)

Course Details

Securing Cloud Deployments with Cisco Technologies (SECCLD) v1.0
 

Course code: SECCLD v1

Duration: 4 Days


Prerequisite:

•    Knowledge of cloud computing and virtualization software basics
•    Ability to perform basic UNIX-like OS commands
•    Cisco CCNP® security knowledge

Course Description:

The Securing Cloud Deployments with Cisco Technologies (SECCLD) v1.0 course shows you how to implement Cisco® cloud security solutions to secure access to the cloud, workloads in the cloud, and Software as a Service (SaaS) user accounts, applications, and data. Through expert instruction and hands-on labs, you’ll learn a comprehensive set of skills and technologies including: how to use key Cisco cloud security solutions; detect suspicious traffic flows, policy violations, and compromised devices; implement security controls for cloud environments; and implement cloud security management. This course covers usage of Cisco Cloudlock, Cisco Umbrella™, Cisco Cloud Email Security, Cisco Advanced Malware Protection (AMP) for Endpoints, Cisco Stealthwatch® Cloud and Enterprise, Cisco Firepower® NGFW (next-generation firewall), and more. 

Course Objectives:

After taking this course, you should be able to:
•    Contrast the various cloud service and deployment models
•    Implement the Cisco Security Solution for SaaS using Cisco Cloudlock Micro Services
•    Deploy cloud security solutions using Cisco AMP for Endpoints, Cisco Umbrella, and Cisco Cloud Email Security
•    Define Cisco cloud security solutions for protection and visibility using Cisco virtual appliances and Cisco Stealthwatch Cloud
•    Describe the network as a sensor and enforcer using Cisco Identity Services Engine (ISE), Cisco Stealthwatch Enterprise, and Cisco TrustSec®
•    Implement Cisco Firepower NGFW Virtual (NGFWv) and Cisco Stealthwatch Cloud to provide protection and visibility in AWS environments
•    Explain how to protect the cloud management infrastructure by using specific examples, defined best practices, and AWS reporting capabilities

 

Intended Audience:
•    Security architects
•    Cloud architects
•    Security engineers
•    Cloud engineers
•    System engineers
•    Cisco integrators and partners
•     Network architects

Course Outlines:

•    Introducing the Cloud and Cloud Security
o    Describe the Evolution of Cloud Computing
o    Explain the Cloud Service Models
o    Explore the Security Responsibilities Within the Infrastructure as a Service (IaaS) Service Model
o    Explore the Security Responsibilities Within the Platform as a Service (PaaS) Service Model
o    Explore the Security Responsibilities Within the SaaS Service Model
o    Describe Cloud Deployment Models
o    Describe Cloud Security Basics

•    Implementing the Cisco Security Solution for SaaS Access Control
o    Explore Security Challenges for Customers Using SaaS
o    Describe User and Entity Behavior Analytics, Data Loss Prevention (DLP), and Apps Firewall
o    Describe Cloud Access Security Broker (CASB)
o    Describe Cisco CloudLock as the CASB
o    Describe OAuth and OAuth Attacks

•    Deploying Cisco Cloud-Based Security Solutions for Endpoints and Content Security 
o    Describe Cisco Cloud Security Solutions for Endpoints
o    Describe AMP for Endpoints Architecture
o    Describe Cisco Umbrella
o    Describe Cisco Cloud Email Security
o    Design Comprehensive Endpoint Security

•    Introducing Cisco Security Solutions for Cloud Protection and Visibility
o    Describe Network Function Virtualization (NFV)
o    Describe Cisco Secure Architectures for Enterprises (Cisco SAFE)
o    Describe Cisco NGFWv/Cisco Firepower Management Center Virtual (FMCv)/Cisco AMP for Networks
o    Describe Cisco ASAv
o    Describe Cisco Services Router 1000V (CSR1Kv)
o    Describe Cisco Stealthwatch Cloud
o    Describe Cisco Tetration Cloud Zero-Trust Model


    •    Describing the Network as the Sensor and Enforcer
o    Describe Cisco Stealthwatch Enterprise
o    Describe Cisco ISE Functions and Personas
o    Describe Cisco TrustSec
o    Describe Cisco Stealthwatch and Cisco ISE Integration
o    Describe Cisco Encrypted Traffic Analytics (ETA)

•    Implementing Cisco Security Solutions in AWS
o    Explain AWS Security Offerings
o    Describe AWS Elastic Compute Cloud (EC2) and Virtual Private Cloud (VPC)
o    Discover Cisco Security Solutions in AWS
o    Explain Cisco Stealthwatch Cloud in AWS

•    Describing Cloud Security Management
o    Describe Cloud Management and APIs
o    Explain API Protection
o    Illustrate an API Example: Integrate to ISE Using pxGrid
o    Identify SecDevOps Best Practices
o    Illustrate a Cisco Cloud Security Management Tool Example: Cisco Defense Orchestrator
o    Illustrate a Cisco Cloud Security Management Tool Example: Cisco CloudCenter™
o    Describe Cisco Application Centric Infrastructure (ACI)
o    Describe AWS Reporting Tools