CourseInfo | SimpliTrain

Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0

Learning plan iconE-Learning

Description

Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0 is a 4-day course that shows you how to deploy Snort® in small to enterprise-scale implementations. You will learn how to install, configure, and operate Snort in Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. You’ll practice installing and configuring Snort, utilize additional software tools and define rules to configure and improve the Snort environment, and more. The course qualifies for 32 Cisco Continuing Education credits (CE) towards recertification. This course will help you: Learning how to implement Snort, an open-source, rule-based, intrusion detection and prevention system. Gain leading-edge skills for high-demand responsibilities focused on security.

Securing Cisco Networks with Open Source Snort (SSFSNORT) v3.0 is a 4-day course that shows you how to deploy Snort® in small to enterprise-scale implementations. You will learn how to install, configure, and operate Snort in Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) modes. You’ll practice installing and configuring Snort, utilize additional software tools and define rules to configure and improve the Snort environment, and more. The course qualifies for 32 Cisco Continuing Education credits (CE) towards recertification. This course will help you: Learning how to implement Snort, an open-source, rule-based, intrusion detection and prevention system. Gain leading-edge skills for high-demand responsibilities focused on security.

Upon completing this course, the learner will be able to meet these overall objectives: Define the use and placement IDS/IPS components. Identify Snort features and requirements. Compile and install Snort. Define and use different modes of Snort. Install and utilize Snort supporting software.

The primary audience for this course is as follows: Security administrators Security consultants Network administrators System engineers Technical support personnel Channel partners and resellers

Lesson Id Title Description
1 Module 1: Detecting Intrusions with Snort 3.0 History of Snort
IDS
IPS
IDS vs. IPS
Examining Attack Vectors
Application vs. Service Recognition
2 Module 2: Sniffing the Network Protocol Analyzers
Configuring Global Preferences
Capture and Display Filters
Capturing Packets
Decrypting Secure Sockets Layer (SSL) Encrypted Packets
3 Module 3: Architecting Nextgen Detection Snort 3.0 Design
Modular Design Support
Plug Holes with Plugins
Process Packets
Detect Interesting Traffic with Rules
Output Data
4 Module 4: Choosing a Snort Platform Provisioning and Placing Snort
Installing Snort on Linux
5 Module 5: Operating Snort 3.0 Start Snort
Monitor the System for Intrusion Attempts
Define Traffic to Monitor
Log Intrusion Attempts
Actions to Take When Snort Detects an Intrusion Attempt
License Snort and Subscriptions
6 Module 6: Examining Snort 3.0 Configuration Introducing Key Features
Configure Sensors
Lua Configuration Wizard
7 Module 7: Managing Snort Pulled Pork
Barnyard2
Elasticsearch, Logstash, and Kibana (ELK)
8 Module 8: Analyzing Rule Syntax and Usage Anatomy of Snort Rules
Understand Rule Headers
Apply Rule Options
Shared Object Rules
Optimize Rules
Analyze Statistics
9 Module 9: Use Distributed Snort 3.0 Design a Distributed Snort System
Sensor Placement
Sensor Hardware Requirements
Necessary Software
Snort Configuration
Monitor with Snort
10 Module 10: Examining Lua Introduction to Lua
Get Started with Lua
Self-Paced

Free

Enroll icon
This course includes: :
Full lifetime access