This course focuses on using Cisco Stealthwatch Enterprise from the perspective of a security analyst. The overarching goal of the course is to use Stealthwatch to investigate potential security issues and make initial determinations of whether to proceed with a more thorough investigation or to move on to the next potential threat.
Who should attend
This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration, and initiate incident response investigations. An entry-level security analyst is the ideal audience for this class.
- Customers responsible for completing the initial configuration of the Stealthwatch System into their network.
- Channel partners responsible for completing the initial configuration of the Stealthwatch System into a customer network.
- Employees responsible for completing the initial configuration of the Stealthwatch System into a customer network
It is strongly recommended to complete the Stealthwatch Foundations training prior to taking this course.
- Describe how the Stealthwatch System provides network visibility through monitoring and detection.
- Describe the goals of using Stealthwatch in the proactive and operational modes.
- Define basic concepts of investigation and detection of potential security issues using the Stealthwatch System.
- Complete workflows to identify indicators of compromise in your network.
- Describe alarm types and alarm notification within Stealthwatch.
- Explain the utility of maps in the Stealthwatch System.
- Describe how the Stealthwatch System contributes to successful incident handling.