Palo Alto Networks: Advanced Threat Management

COURSE OUTLINE:

Description

In this course, you will learn strategies in defense against advanced threats to better understand the threat landscape. You will learn the use of Palo Alto Networks next-generation firewalls, including the WildFire™ product.

Audience

Firewall administrators
Network security administrators
Technical professionals

Prerequisites

An understanding of network concepts, including routing, switching, and IP addressing
In-depth knowledge of port-based security and security technologies such as IPX, proxy, and content filtering

Learning Objectives

Manage advanced threats using security policies, profiles, and signatures to protect networks against emerging threats

1. Course Introduction

2. Threat Landscape

Palo Alto Networks Technologies
WildFire Architecture
Advanced Persistent Threats
Threat Management Strategies

3. Integrated Approach to Threat Protection

Apply Best Practices
Reduce the Attack Surface
Control Attack Methodology

4. Handling Known Threats

Configuring Security Profiles
Zone and DoS Protection
Control Advance Threat Enablers
Handling Drive-By Downloads

5. Investigating Attacks

Threat Vault
Wildfire Logs and Reports
Log Correlation
Using AppScope
Creating Custom App-IDs

6. Dealing with Zero-Day Attacks

Researching Threat Events
Identifying Unknown Threats
Finding Infected Hosts

7. Creating Custom Threat Signatures

Build Custom Signatures
Create Emerging Threat Signature

RELATED COURSES

Courses
Cyber Security

Administering Cisco Umbrella Operations-(ADMUMB)

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the Internet. In this course, you will learn about its features and how it works.

Courses
Cyber Security

CISSP-ISSAP Certification Prep Course

This course is designed for those who hold their CISSP certification and would like to specialize in advanced expertise in information security architecture I for designing security solutions and providing management with risk-based guidance to meet organizational needs.

Gain the skills needed to develop a business continuity plan (BCP) and disaster recovery plan (DRP) for an organization through an understanding of identifying adverse events that could potentially threaten an organization’s ability to thrive.

This course is your one source for exam preparation that includes:

Official (ISC)² CISSP-ISSAP Training Handbook
Official (ISC)² CISSP-ISSAP Flash Cards
CISSP-ISSAP Certification Exam Voucher

Courses
Cyber Security

Implementing Cisco Cybersecurity Operations (SECOPS) v1.0

Cisco E-Learning SECOPS v1.0 is an all-inclusive e-learning solution designed to prepare CCNA Cyber Ops candidates for the topics covered by the 210-255 SECOPS exam.ï¿½

Learn how a Security Operations Center (SOC) functions and gain the introductory-level skills and knowledge required for success. Students obtain the core skills needed to grasp the associate-level material in the 210-255 exam ï¿½Implementing Cisco Cybersecurity Operations (SECOPS),ï¿½ which, when combined with passing the 210-250 SECFND exam, lead to the CCNA Cyber Ops certification.ï¿½

This course focuses on the introductory-level skills needed for a SOC Analyst at the associate level, such as understanding basic threat analysis, event correlation, identifying malicious activity, and how to use a playbook for incident response.

Courses
Cyber Security

F5 BIG-IP Application Security Manager (ASM) v11x

In this course, you will learn how to manage web-based and XML application attacks and how to use Application Security Manager to defend against these attacks.

You will cover installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations.