Course Details

Previous Page

Cisco SITCS 1.0: Cisco Intrusion Prevention Systems I

Target Audience
Expected Duration
Lesson Objectives
Course Number

Protecting your business assets is becoming more complicated as applications become more dynamic and as more users access enterprise and cloud-based resources from mobile devices. Cisco traditional and next generation Intrusion Prevention System (IPS) solutions can identify and mitigate attacks with market-leading, context-aware threat prevention that augments your firewall and VPN deployments. Cisco IPS devices intelligently determine the best response by looking at multiple factors, including the network reputation of an incoming flow's source, the target's value to the organization, the target's operating system, and the user identity associated with the flow. In this course you'll learn basic definitions and approaches to traditional intrusion prevention/detection systems and next generation IPS, including learning how to configure different Cisco IPS sensor interface modes and Cisco IPS. This course is one of a series in the SkillSoft learning path that covers the objectives for the Implementing Cisco Threat Control Solutions (SITCS) 1.0 (300-207 SITCS) exam.

Target Audience
This path is designed to prepare security engineers with the knowledge covering advanced firewall architecture and configuration with the Cisco next-generation firewall, utilizing access, and identity policies. It is also suitable for students interested in pursuing their Cisco Certified Network Professional Security (CCNP Security) certification.


Expected Duration (hours)

Lesson Objectives

Cisco SITCS 1.0: Cisco Intrusion Prevention Systems I

  • start the course
  • identify how to place the Cisco IPS into a typical modularized network design
  • compare Intrusion Detection Systems vs. Intrusion Prevention Systems
  • recognize specific terminology associated with the Intrusion Prevention Systems
  • describe network intrusion prevention approaches
  • describe the Cisco Sourcefire NGIPS Benefits
  • describe the Cisco ASA NGFW Services NGIPS Threat Profile
  • describe how to apply an IPS Threat Profile within a NGFW Services Access Policy
  • describe Cisco IPS sensor deployment modes
  • describe the deployment of Cisco IPS sensors in promiscuous mode
  • describe how to deploy sensors in inline interface pair mode
  • describe how to deploy sensors in inline VLAN pair mode
  • describe how to deploy sensors in inline VLAN group mode
  • describe the Cisco IPS Management options
  • describe how to configure interfaces on an IPS sensor
  • describes how to configure traffic redirection for IPS modules
  • describe different types, features, and actions of Cisco IPS signatures
  • describe the Cisco IPS actions
  • describe how to configure virtual sensor
  • describe the threat rating
  • describe how to configure basic signature properties
  • explain the risk rating
  • describe the inputs for the risk rating calculation
  • describe event action overrides
  • describe how to configure and verify event action overrides
  • describe event action filters
  • examine the IPS Events using IDM
  • integrate Cisco IPS Sensor into a network
  • Course Number: