實施思科威脅控制解決方案(SITCS)主要檢驗考生作為網路安全工程師對高階防火牆架構的.掌握程度以及使用訪問和身份認證策略來配置思科下一代防火牆(NGFW)的能力。該考試涵蓋整合入侵防禦系統(IPS)及context-aware業務感知防火牆元件,以及包括網路(雲)、郵件安全解決方案等內容。考生可以通過學習實施思科威脅控制解決方案(SITCS)課程來準備該考試。下面YJBYS小編為大家整理了關於實施思科威脅控制解決方案考試要點,希望對你有所幫助。
Exam Description:
The first paragraph is the exam description that is followed by a second paragraph with standard copy that appears on all exam topics.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
1.0 Content Security
1.1 Implement Cisco CX
1.1.a Describe features and functionality
1.1.b Implement Web usage control
1.1.c Implement AVC
1.1.d Implement decryption policies
1.1.e Describe traffic redirection and capture methods
1.2 Implement Cisco Cloud Web Security
1.2.a Describe features and functionality
1.2.b Implement IOS and ASA connectors
1.2.c Implement AnyConnect web security module
1.2.d Describe Web usage control
1.2.e Describe AVC
1.2.f Describe Anti-malware
1.2.g Describe decryption policies
1.3 Implement Cisco WSA
1.3.a Implement data security
1.3.b Describe traffic redirection and capture methods
1.4 Implement Cisco ESA
1.4.a Describe features and functionality
1.4.b Implement Email Encryption
1.4.c Implement AntiSpam policies
1.4.d Implement Virus outbreak filter
1.4.e Implement DLP policies
1.4.f Implement anti-malware
1.4.g Implement inbound and outbound mail policies and authentication
1.4.h Describe traffic redirection and capture methods
2.0 Threat Defense
2.1 Implement Network IPS
2.1.a Describe traffic redirection and capture methods
2.1.b Configure network IPS
2.1.c Describe signatures
2.1.d Implement event actions
2.1.e Configure event action overrides
2.1.f Implement risk ratings
2.1.g Describe router-based IPS
2.2 Configure Device Hardening per Best Practices
2.2.a IPS
2.2.b Content Security appliances
2.3 Implement Network IPS
2.3.a Describe signatures
2.3.b Configure blocking
2.3.c Implement anomaly detection
3.0 Devices GUIs and Secured CLI
3.1 Implement Content Security
4.0 Troubleshooting, Monitoring and Reporting Tools
4.1 Configure IME and IP logging for IPS
4.2 Monitor Content Security
4.3 Monitor Cisco Security IntelliShield
5.0 Threat Defense Architectures
5.1 Design IPS solution
6.0 Content Security Architectures
6.1 Design Web security solution
6.2 Design Email security solution
6.3 Design Application security solution
