Learn Cisco Sourcefire IPS and Prepare For SSFIPS exam

Learn Cisco Sourcefire Intrusion Prevention System and prepare for the SSFIPS exam 500-285
4.0 (104 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
585 students enrolled
$19
$40
52% off
Take This Course
  • Lectures 84
  • Length 8.5 hours
  • Skill Level Intermediate Level
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 8/2015 English

Course Description

This course covers Cisco Sourcefire / Firesight next generation IPS and takes the student into advanced topic that would allow them to understand the solution and prepare for the SSFIPS exam - 500-285

This course covers version 5.4.1

Student needs to have previous knowledge about the terminology of intrusion prevention and detection.

Over 8 hours of video instructions

No material are included with this class.

You should take this course if you are curious about the SourceFire / Firesight / Firepower and want to get familiar with the product or if you want to prepare for the 500-285 exam.

The course progress the student in configuring the product from basics to advanced level and covers theoretical knowledge needed for the exam.

You get a Certificate Of Completion after finishing this course

What are the requirements?

  • Understand network fundamentals
  • General knowledge of intrusion prevention and detection systems

What am I going to get from this course?

  • Understand Cisco Sourcefire Next Generation IPS
  • Configure Cisco Sourcefire NGIPS using Cisco Firesight
  • Create Access Control Policies
  • Create IPS policies
  • Create Application Filtering Policies
  • At a high level understand how to configure SSL inspection / Decryption
  • Understand and configure security intelligence
  • Understand how to configure sensitive data detection
  • Create custom IPS rules
  • Use Firesight as a compliance tool
  • Configure Traffic Profile to monitor traffic deviation and identify anomalies on the network
  • Automating Responses to Threats
  • Using and creating Dashboards
  • Running reports and creating custom reports
  • Scheduling reports
  • Understand Snort Rules Anatomy
  • Understand the different preprocessors used by the system
  • Understand user accounts, external authentication, and user roles
  • Prepare for the SSFIPS exam 500-285

What is the target audience?

  • Students who want to learn Cisco Sourcefire Intrusion Prevention System
  • Students seeking to get certified SSFIPS

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Introduction and System Install
Introduction
Preview
01:43
Cisco Sourcefire Firepower Intro
10:39
Install Firesight / Defense Center
05:14
Deployment Modes
02:50
Install IPS sensor
09:58
Section 1
4 questions
Section 2: Inital Settings, updating and monitoring your system
Updating the system and it's databases
08:00
Configuring System Policies
07:54
Health Policy
06:08
Section 2
10 questions
Section 3: Configure Access Control Policies
Access Control Policies Basics
11:17
Access Control Policies based on Applications
05:29
Interactive Block
03:21
Using Application Filters to simplify access policy
06:02
Using objects and object groups in the access control policy
05:07
Using URL filtering - Url categories
09:45
Create Custom Application Detectors
06:27
Security Intelligence
06:40
GeoLocation Based Access Rules
03:18
Active Directory Integration
15:32
SSL Decryption Policies
07:14
27 questions

This Quiz is 30 questions and covers all topics discussed in section 3

Section 4: Configuring IPS policies
Intrusion Prevention Policies Basics
06:47
Variable Sets deep dive
08:16
Network Discovery and Host Scanning
10:27
Network Discovery Policies Deep Dive
09:18
Firesight Recommendations - Staying Uptodate with the latest threats
Preview
05:02
Create Custom IPS rules
06:47
Shared Object Rules
03:30
Network Analysis Policy
02:29
Closer look at the Network Analysis Policies
07:29
Sensitive Data - Data Leakage Detection / Prevention - Data Loss Prevention
10:34
Custom Sensitive Data Detection
Preview
02:37
Adaptive Profiles
01:55
Adaptive Profiles in Passive Deployment
03:32
Policy Layers and other information
04:45
Dynamic state rules
03:40
Rate Based Attack Prevention
05:02
Event Suppression
Preview
01:24
Understanding Thresholds
03:57
Port Scan Detector
05:21
Impact Level
Preview
03:53
Packet latency and rule performance thresholds
07:09
Event level details
01:20
Section 4
34 questions
Section 5: File policy and malware protection
File Policy and Malware Protection
10:39
Custom Detection LIst
07:46
File Policy additional features
04:22
Using Network File Trajectory tool
02:04
Indication Of Compromise
04:25
Other things you need to know about file policies
03:46
18 questions

This Quiz has 18 questions

Section 6: Firesight Compliance and automation response to threats
Firesight as a Compliance Tool
06:24
Host Profile Survey
04:38
Traffic Profile and Anomaly Detection
07:13
Automating Response to Threats using Cisco ASA shun
06:29
Automating Response to Threats using Cisco Null Route
02:53
Using Set Attribute action response
10:01
Connection Tracker
07:00
12 questions

This Quiz has 12 questions

Section 7: Dashboard and Reporting
Dashboard / Dashboard Customization / Creating Custom Dashboards
09:35
Custom Widgets
05:24
NOC Dashboard
01:52
Context Explorer
06:49
Running Reports, Report Templates, Create your own Reports
12:33
Schedule Reports
01:37
Section 7
5 questions
Section 8: Snort Rules
Snort Rules - Part 1
09:51
Snort Rules - Part 2
08:59
Snort Rules - Part 3
10:44
Section 8
10 questions
Section 9: Preprocessors
Transport and Network Layer Preprocessing
10:44
DCE/RPC preprocessor
11:01
DNS Preprocessor
02:26
FTP and Telnet Preprocessor
06:21
HTTP preprocessor
08:42
Other Preprocessors
10:16
Section 9
10 questions
Section 10: Sourcefire Networking Features
Clustering and Stacking
01:42
Virtual Switching
02:41
Virtual Router
08:33
LAG interfaces
04:16
Hybrid interfaces
01:39
Gateway VPNs
06:04
NAT Policies
07:35
Section 10
11 questions
Section 11: Administrative Functions
User Accounts
04:25
External authentication using LDAP
03:58
Ldap Authentication Demo
08:00

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Infinity Technology Services, Network Security Classes Focusing On NextGen Products

Classes offered by instructor with industry proven experience. He started his career as a help desk technician and progressed to desktop support then systems administration. With interest into networking, he obtained his CCNA and CCNP - 15 years ago. After obtaining his certification he moved to a technical manager position managing both systems and network infrastructure. He shifted his focus to security as his specialization and obtained the CISSP certification. The CISSP is the industry leading information security certification.

Technical hands-on passion led him to move back to the ranks and become an engineer honing his skills in the network security field. He mastered the Cisco ASA firewalls and Cisco security components and obtained the CCIE security, CCNP security and other security specialization certification.

For the past several years he has been working for a value added re-seller supporting Cisco, PaloAlto, and Fortinet security solutions. He became PaloAlto certified and sourcefire SSFIPS and SSFAMP certified.

"It is difficult and expensive to get hands on material covering the latest products like Sourcefire, PaloAlto, and Fortinet. I am making those classes to give students the education they need at a reasonable cost - with practical experience backing it."

Ready to start learning?
Take This Course