Securing Cloud Deployments with Cisco Technologies (SECCLD)

Duration

4 Days

Prerequisites

To fully benefit from this course, you should have completed the following course or obtained the equivalent knowledge and skills:

  • Knowledge of cloud computing and virtualization software basics
  • Ability to perform basic UNIX-like OS commands
  • Cisco CCNP® security knowledge or understanding of the following topic areas:

Topic areas

Available in these courses

· Cisco Adaptive Security Appliance (ASA) and Adaptive Security Virtual Appliance (ASAv) deployment

  • Cisco IOS Flexible NetFlow operations

Implementing Cisco Edge Network Security Solutions (SENSS)

· Cisco NGFW (Cisco Firepower Threat Defense [FTD]), Cisco Firepower, and Cisco Firepower Management Center (FMC) deployment

· Cisco Content Security operations including Cisco Web Security Appliance (WSA)/ Cisco Email Security Appliance (ESA)/ Cisco Cloud Web Security (CWS)

  • Cisco AMP for network and endpoints deployment

Implementing Cisco Threat Control Solutions (SITCS)

  • Cisco ISE operations and Cisco TrustSec architecture

Implementing Cisco Secure Access Solutions (SISAS)

  • VPN operation

Implementing Cisco Secure Mobility solutions (SIMOS)

Course Content

The Securing Cloud Deployments with Cisco Technologies (SECCLD) v1.0 course shows you how to implement Cisco® cloud security solutions to secure access to the cloud, workloads in the cloud, and software as a service (SaaS) user accounts, applications, and data. Through expert instruction and hands-on labs, you’ll learn a comprehensive set of skills and technologies including: how to use key Cisco cloud security solutions; detect suspicious traffic flows, policy violations, and compromised devices; implement security controls for cloud environments; and implement cloud security management. This course covers usage of Cisco Cloudlock, Cisco Umbrella™, Cisco Cloud Email Security, Cisco Advanced Malware Protection (AMP) for Endpoints, Cisco Stealthwatch® Cloud and Enterprise, Cisco Firepower® NGFW (next-generation firewall), and more.

Course Outline

  • Introducing the Cloud and Cloud Security
    • Describe the Evolution of Cloud Computing
    • Explain the Cloud Service Models
    • Explore the Security Responsibilities Within the Infrastructure as a Service (IaaS) Service Model
    • Explore the Security Responsibilities Within the Platform as a Service (PaaS) Service Model
    • Explore the Security Responsibilities Within the SaaS Service Model
    • Describe Cloud Deployment Models
    • Describe Cloud Security Basics
  • Implementing the Cisco Security Solution for SaaS Access Control
    • Explore Security Challenges for Customers Using SaaS
    • Describe User and Entity Behavior Analytics, Data Loss Prevention (DLP), and Apps Firewall
    • Describe Cloud Access Security Broker (CASB)
    • Describe Cisco CloudLock as the CASB
    • Describe OAuth and OAuth Attacks
  • Deploying Cisco Cloud-Based Security Solutions for Endpoints and Content Security
    • Describe Cisco Cloud Security Solutions for Endpoints
    • Describe AMP for Endpoints Architecture
    • Describe Cisco Umbrella
    • Describe Cisco Cloud Email Security
    • Design Comprehensive Endpoint Security
  • Introducing Cisco Security Solutions for Cloud Protection and Visibility
    • Describe Network Function Virtualization (NFV)
    • Describe Cisco Secure Architectures for Enterprises (Cisco SAFE)
    • Describe Cisco NGFWv/Cisco Firepower Management Center Virtual (FMCv)/Cisco AMP for Networks
    • Describe Cisco ASAv
    • Describe Cisco Services Router 1000V (CSR1Kv)
    • Describe Cisco Stealthwatch Cloud
    • Describe Cisco Tetration Cloud Zero-Trust Model
  • Describing the Network as the Sensor and Enforcer
    • Describe Cisco Stealthwatch Enterprise
    • Describe Cisco ISE Functions and Personas
    • Describe Cisco TrustSec
    • Describe Cisco Stealthwatch and Cisco ISE Integration
    • Describe Cisco Encrypted Traffic Analytics (ETA)
  • Implementing Cisco Security Solutions in AWS
    • Explain AWS Security Offerings
    • Describe AWS Elastic Compute Cloud (EC2) and Virtual Private Cloud (VPC)
    • Discover Cisco Security Solutions in AWS
    • Explain Cisco Stealthwatch Cloud in AWS
  • Describing Cloud Security Management
    • Describe Cloud Management and APIs
    • Explain API Protection
    • Illustrate an API Example: Integrate to ISE Using pxGrid
    • Identify SecDevOps Best Practices
    • Illustrate a Cisco Cloud Security Management Tool Example: Cisco Defense Orchestrator
    • Illustrate a Cisco Cloud Security Management Tool Example: Cisco CloudCenter™
    • Describe Cisco Application Centric Infrastructure (ACI)
    • Describe AWS Reporting Tools

Who Should Attend

This course is open to engineers, administrators, and security-minded users of public, private, and hybrid cloud infrastructures responsible for implementing security in cloud environments:

  • Security architects
  • Cloud architects
  • Security engineers
  • Cloud engineers
  • System engineers
  • Cisco integrators and partners
CCNP, Security