Detailed Course Outline
Module 1: Stealthwatch
- Cisco Stealthwatch Security Overview
- Introduction to Security
Module 2: Stealthwatch in the Proactive Mode
- Using Stealthwatch in the Proactive Mode
- Pattern Recognition
- Investigation and Detection Using Stealthwatch
Module 3: Stealthwatch in the Operational Mode
- Using Stealthwatch in the Operational Mode
- Alarms and Alarm Response
- Maps
- Host Identification
Module 4: Summary
- Culminating Scenario: Using Stealthwatch for Insider Threats
- Putting Together an Incident Response Process
- Example Workflow for Incident Response
- Security Best Practices in Stealthwatch
- Outcomes
Labs:
- Using Top Reports and Flow Tables for Detection
- Creating and Using Dashboards for Detection
- Creating Custom Security Events
- Responding to Alarms
- Proactive Investigation Practice
- Using Maps for Incident Response
- Identify Hosts Using Host Snapshot and Host Report