實施思科安全威脅控制解決方案考試要點
實施思科安全威脅控制解決方案(SITCS)主要檢驗考生作為網路安全工程師是否能夠利用訪問和身份策略,掌握高階防護牆架構以及配置思科下一代防火牆。一些舊的技術已被刪除,包括Cisco Firepower NGIPS以及Cisco AMP(高階惡意軟體防護)。 該考試涵蓋入侵防禦系統(IPS)、事件感知的防火牆元件以及Web(雲)和電子郵件安全解決方案。
Exam Description
The Implementing Cisco Threat Control Solutions (SITCS) exam (300-210) is part of the CCNP Security certification. It tests a network security engineer on advanced firewall architecture and configuration with the Cisco next-generation firewall, utilizing access and identity policies. This new revision of the SITCS exam replaces 300-207, removes some older technologies, and adds coverage for both Cisco Firepower NGIPS and Cisco AMP (Advanced Malware Protection). This 90-minute exam consists of 65–75 questions and covers integration of Intrusion Prevention System (IPS) and context-aware firewall components, as well as Web (Cloud) and Email Security solutions. Candidates can prepare for this exam by taking the Implementing Cisco Threat Control Solutions (SITCS) course.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Download Complete List of Topics in PDF format
1.0 Content Security27%Hide Details
1.1 Cisco Cloud Web Security (CWS)
1.1.a Describe the features and functionality
1.1.b Implement the IOS and ASA connectors
1.1.c Implement the Cisco AnyConnect web security module
1.1.d Implement web usage control
1.1.e Implement AVC
1.1.f Implement antimalware
1.1.g Implement decryption policies
1.2 Cisco Web Security Appliance (WSA)
1.2.a Describe the features and functionality
1.2.b Implement data security
1.2.c Implement WSA identity and authentication, including transparent user identification
1.2.d Implement web usage control
1.2.e Implement AVC
1.2.f Implement antimalware and AMP
1.2.g Implement decryption policies
1.2.h Implement traffic redirection and capture methods (explicit proxy vs. transparent proxy)
1.3 Cisco Email Security Appliance
1.3.a Describe the features and functionality
1.3.b Implement email encryption
1.3.c Implement antispam policies
1.3.d Implement virus outbreak filter
1.3.e Implement DLP policies
1.3.f Implement antimalware and AMP
1.3.g Implement inbound and outbound mail policies and authentication
1.3.h Implement traffic redirection and capture methods
1.3.i Implement ESA GUI for message tracking
2.0 Network Threat Defense22%Hide Details
2.1 Cisco Next-Generation Firewall (NGFW) Security Services
2.1.a Implement application awareness
2.1.b Implement access control policies (URL-filtering, reputation based, file filtering)
2.1.c Configure and verify traffic redirection
2.1.d Implement Cisco AMP for Networks
2.2 Cisco Advanced Malware Protection (AMP)
2.2.a Describe cloud detection technologies
2.2.b Compare and contrast AMP architectures (public cloud, private cloud)
2.2.c Configure AMP endpoint deployments
2.2.d Describe analysis tools
2.2.e Describe incident response functionality
2.2.f Describe sandbox analysis
2.2.g Describe AMP integration
3.0 Cisco FirePOWER Next-Generation IPS (NGIPS)20%Hide Details
3.1 Configurations
3.2 Describe traffic redirection and capture methods
3.2.a Describe preprocessors and detection engines
3.2.b Implement event actions and suppression thresholds
3.2.c Implement correlation policies
3.2.d Describe SNORT rules
3.2.e Implement SSL decryption policies
3.3 Deployments
3.3.a Deploy inline or passive modes
3.3.b Deploy NGIPS as appliance, virtual appliance, or module within an ASA
3.3.c Describe the need for traffic symmetry
3.3.d Compare inline modes: inline interface pair and inline tap mode
4.0 Security Architectures17%Hide Details
4.1 Design a web security solution
4.1.a Compare and contrast Cisco FirePOWER NGFW, WSA, and CWS
4.1.b Compare and contrast physical WSA and virtual WSA
4.1.c Describe the available CWS connectors
4.2 Design an email security solution
4.2.a Compare and contrast physical ESA and virtual ESA
4.2.b Describe hybrid mode
4.3 Design Cisco FirePOWER solutions
4.3.a Configure the virtual routed, switched, and hybrid interfaces
4.3.b Configure the physical routed interfaces
5.0 Troubleshooting, Monitoring, and Reporting Tools14%Hide Details
5.1 Design a web security solution
5.1.a Compare and contrast FirePOWER NGFW, WSA, and CWS
5.1.b Compare and contrast physical WSA and virtual WSA
5.1.c Describe the available CWS connectors
5.2 Cisco Web Security Appliance (WSA)
5.2.a Implement the WSA Policy Trace tool
5.2.b Describe WSA reporting functionality
5.2.c Troubleshoot using CLI tools
5.3 Cisco Email Security Appliance (ESA)
5.3.a Implement the ESA Policy Trace tool
5.3.b Describe ESA reporting functionality
5.3.c Troubleshoot using CLI tools
5.4 Cisco FirePOWER
5.4.a Describe the Cisco FirePOWER Management Center dashboards and reports
5.4.b Implement health policy
5.4.c Configure email, SNMP, and syslog alerts
5.4.d Troubleshoot NGIPS using CLI tools
相關文章
-
實施思科威脅控制解決方案考試要點
實施思科威脅控制解決方案(SITCS)主要檢驗考生作為網路安全工程師對高階防火牆架構的.掌握程度以及使用訪問和身份認證策略來配置思科下一代防火牆(NGFW)的能力。該考試涵蓋整合入侵防禦系統(IPS)及context-aware業務 -
實施思科安全訪問解決方案考試要點
實施思科安全訪問解決方案(SISAS)主要檢驗考生作為網路安全工程師是否能夠使用802.1X和TrustSec來掌握安全訪問的元件和架構。下面是小編整理的考試要點:該考試涵蓋思科身份服務引擎(ISE)架構、整體網路威脅緩解的`解 -
實施思科邊界網路安全解決方案考試要點
實施思科安全移動解決方案(SIMOS) 主要檢驗考生作為網路安全工程師對各種在思科ASA防火牆及思科IOS軟體平臺上可用的虛擬專用網路(VPN)解決方案。該考試主要考察考生是否具備通過VPN技術實施安全遠端通訊的知識,包括遠 -
實施思科安全訪問解決方案(SISAS)考試要點
實施思科安全訪問解決方案(SISAS)主要檢驗考生作為網路安全工程師是否能夠使用802.1X和TrustSec來掌握安全訪問的元件和架構。該考試涵蓋思科身份服務引擎(ISE)架構、整體網路威脅緩解的解決方案和元件以及終點控制解 -
科目三考試方向控制不穩的解決方法
駕考科目三中,學員對實際道路駕駛總會感到害怕和緊張,以致方向控制不穩,但是在科目三考試中方向控制不穩會直接判定為不合格,我們有何辦法解決方向控制不穩呢?在實際道路上行駛的學員們,看到路上人來車往的,普遍的現象是上 -
實施高階思科統一無線安全IAUWS考試要點
“實施高階思科統一無線安全(IAUWS)”考試是與CCNP無線認證相關的考試,旨在測試考生能否通過適當的安全策略和最佳實踐確保網路免遭安全威脅,以及能否正確地實施安全標準及配置無線安全元件。考生可以通過學習“實施高 -
200-310 DESGN思科網際網路絡解決方案考試要點
200-310 DESGN思科網際網路絡解決方案考試,考試時間為75分鐘,共有55-65道與思科CCDA®認證相關的考題。通過200-310 DESGN考試需要具備思科企業網路架構網路設計的基礎知識。獲得CCDA認證的'專業人士能夠設計包括涉及 -
最新施工安全管理控制要點
植村秀啞光脣釉有哪些顏色?植村秀2018年秋季新品釋出了15款啞光液體脣釉試色大全,霧面磨砂外殼設計,刷頭細長,每一款都是非常提氣色的一個顏色,上色濃郁,妝效持久,呈現乾爽舒適的柔霧啞光感。下面跟小編一起看看2018年秋季新 -
科目三路考方向控制不穩的解決方法
在實際道路的科目三訓練中,方向不穩是不合格項,也就是路考中如果出現這種情況不是扣分的問題,是直接不合格,所以這個錯誤的操作一定要糾正過來。學員們為什麼在開車時經常出現這個問題,已及在訓練中如何改正,我們來總結一下 -
科目三路考方向控制不好的解決方法
一、車在道路上行駛時,學員們沒有車感,也就是說發現車身歪斜的時機太晚,只有很明顯的跑偏了,才發現問題,這時再修整很難避免車身的明顯搖晃。解決的辦法:在行駛中視線要儘量的向遠處看,這樣能儘早的感知車身與道路是否平行,視