Objectives

The Firewall 7.1: Manage Cyberthreats course is for students who want to understand cyberthreats and their characteristics. Students will learn how to manage cyberthreats using security policies, profiles, and signatures to protect their network against emerging threats.

Outline

Module 1: Threat Landscape

• Advanced Persistent Threats
• Data Breaches and Tactics
• Threat Management Strategies

Module 2: Integrated

• Approach to Threat Protection
• Integrated Approach to Protection
• Next-Generation Firewall
• Advanced Endpoint Protection

Module 3: Network Visibility

• Zero Trust Model
• SSL Decryption
• Decryption Policy

Module 4: Reducing the Attack Surface

• App-ID to Reduce Attack Surface
• Control Advanced Vectors
• Handling Drive-By Downloads
• DoS Protection

Module 5: Handling Known Threats

• WildFire Analysis
• Security Profiles

Module 6: Handling Unknown Traffic and Zero-Day Exploits

• WildFire
• Researching Threat Events
• Identifying Unknown Applications

Module 7: Investigating Breaches

• Identify IOCs Using App-Scope
• Log Correlation
• Finding Infected Host

Module 8: Using Custom Signatures

• Creating Custom App-IDs
• Threat Signatures

Target Audience

• Firewall Administrators, Network Security Administrators, and Technical Professionals.

Prerequisites

• Students must complete the Firewall 7.1: Install, Configure, and Manage (EDU-201) course and have an understanding of network concepts, including routing, switching, and IP addressing. They also will need in-depth knowledge of port-based security and security technologies such as IPS, proxy, and content filtering.