SESA 3.1
Securing Email with Cisco Email Security Applianceod 18.12.2023 do 21.12.2023
Cena: 5500 PLN netto
zdalnie
Typ: Szkolenie z instruktorem
Czas trwania (dni): 4
Instruktor: Marcin Gorol
Cena: 5500 PLN netto
Kurs Securing Email with Cisco Email Security Appliance (SESA) v3.1 pokazuje, jak wdrożyć i korzystać z Cisco® Email Security Appliance w celu zapewnienia ochrony systemów poczty e-mail przed phishingiem, naruszeniem bezpieczeństwa poczty biznesowej i oprogramowaniem ransomware, a także w celu usprawnienia zarządzania zasadami bezpieczeństwa poczty e-mail. Ten praktyczny kurs zapewnia wiedzę i umiejętności w zakresie wdrażania, rozwiązywania problemów i administrowania Cisco Email Security Appliance, w tym kluczowymi funkcjami, takimi jak zaawansowana ochrona przed złośliwym oprogramowaniem, blokowanie spamu, ochrona antywirusowa, filtrowanie epidemii, szyfrowanie, kwarantanny i zapobieganie utracie danych.
Kurs ten pomaga przygotować się do egzaminu Securing Email with Cisco Email Security Appliance (300-720 SESA), który prowadzi do uzyskania certyfikatów CCNP® Security i Certified Specialist – Email Content Security.
Kurs ten pozwala również uzyskać 24 punkty Continuing Education (CE) w ramach recertyfikacji.
How You’ll Benefit
This class will help you
- Deploy high-availability email protection against the dynamic, rapidly changing threats affecting your organization
- Gain leading-edge career skills focused on enterprise security
- Earn 24 Cisco CE credits toward recertification
Who Should Enroll
- Security engineers
- Security administrators
- Security architects
- Operations engineers
- Network engineers
- Network administrators
- Network or security technicians
- Network managers
- System designers
- Cisco integrators and partners
What to Expect in the Exam
The 300-720 SESA exam certifies your knowledge of Cisco Email Security Appliance, including administration, spam control and anti-spam, message filters, data loss prevention, Lightweight Directory Access Protocol (LDAP), email authentication and encryption, and system quarantines and delivery methods.
- After you pass 300-720 SESA:You earn the Cisco Certified Specialist – Email Content Security certification.
- You will have satisfied the concentration exam requirement for the new CCNP Security certification. To complete your CCNP Security certification, pass the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam or its equivalent.
Course Objectives
After taking this course, you should be able to:
- Describe and administer the Cisco Email Security Appliance (ESA)
- Control sender and recipient domains
- Control spam with Talos SenderBase and anti-spam
- Use anti-virus and outbreak filters
- Use mail policies
- Use content filters
- Use message filters to enforce email policies
- Prevent data loss
- Perform LDAP queries
- Authenticate Simple Mail Transfer Protocol (SMTP) sessions
- Authenticate email
- Encrypt email
- Use system quarantines and delivery methods
- Perform centralized management using clusters
- Test and troubleshoot
Course Prerequisites
To fully benefit from this course, you should have one or more of the following basic technical competencies:
- Cisco certification (Cisco CCENT® certification or higher)
- Relevant industry certification, such as (ISC)2, CompTIA Security+, EC-Council, Global Information Assurance Certification (GIAC), and ISACA
- Cisco Networking Academy letter of completion (CCNA® 1 and CCNA 2)
- Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Systems Engineer (MCSE)], CompTIA (A+, Network+, Server+)
The knowledge and skills that a student must have before attending this course are:
- TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
- Experience with IP routing
Cisco learning offerings that contribute to recommended skills and knowledge:
- Email Security Training resources at https://www.cisco.com/c/en/us/training-events/training-certifications/supplemental-training/email-and-web-security.html
Course Outline
- Describing the Cisco Email Security Appliance
- Cisco Email Security Appliance Overview
- Technology Use Case
- Cisco Email Security Appliance Data Sheet
- SMTP Overview
- Email Pipeline Overview
- Installation Scenarios
- Initial Cisco Email Security Appliance Configuration
- Centralizing Services on a Cisco Content Security Management Appliance (SMA)
- Release Notes for AsyncOS 11.x
- Administering the Cisco Email Security Appliance
- Distributing Administrative Tasks
- System Administration
- Managing and Monitoring Using the Command Line Interface (CLI)
- Other Tasks in the GUI
- Advanced Network Configuration
- Using Email Security Monitor
- Tracking Messages
- Logging
- Controlling Sender and Recipient Domains
- Public and Private Listeners
- Configuring the Gateway to Receive Email
- Host Access Table Overview
- Recipient Access Table Overview
- Configuring Routing and Delivery Features
- Controlling Spam with Talos SenderBase and Anti-Spam
- SenderBase Overview
- Anti-Spam
- Managing Graymail
- Protecting Against Malicious or Undesirable URLs
- File Reputation Filtering and File Analysis
- Bounce Verification
- Using Anti-Virus and Outbreak Filters
- Anti-Virus Scanning Overview
- Sophos Anti-Virus Filtering
- McAfee Anti-Virus Filtering
- Configuring the Appliance to Scan for Viruses
- Outbreak Filters
- How the Outbreak Filters Feature Works
- Managing Outbreak Filters
- Using Mail Policies
- Email Security Manager Overview
- Mail Policies Overview
- Handling Incoming and Outgoing Messages Differently
- Matching Users to a Mail Policy
- Message Splintering
- Configuring Mail Policies
- Using Content Filters
- Content Filters Overview
- Content Filter Conditions
- Content Filter Actions
- Filter Messages Based on Content
- Text Resources Overview
- Using and Testing the Content Dictionaries Filter Rules
- Understanding Text Resources
- Text Resource Management
- Using Text Resources
- Using Message Filters to Enforce Email Policies
- Message Filters Overview
- Components of a Message Filter
- Message Filter Processing
- Message Filter Rules
- Message Filter Actions
- Attachment Scanning
- Examples of Attachment Scanning Message Filters
- Using the CLI to Manage Message Filters
- Message Filter Examples
- Configuring Scan Behavior
- Preventing Data Loss
- Overview of the Data Loss Prevention (DLP) Scanning Process
- Setting Up Data Loss Prevention
- Policies for Data Loss Prevention
- Message Actions
- Updating the DLP Engine and Content Matching Classifiers
- Using LDAP
- Overview of LDAP
- Working with LDAP
- Using LDAP Queries
- Authenticating End-Users of the Spam Quarantine
- Configuring External LDAP Authentication for Users
- Testing Servers and Queries
- Using LDAP for Directory Harvest Attack Prevention
- Spam Quarantine Alias Consolidation Queries
- Validating Recipients Using an SMTP Server
- SMTP Session Authentication
- Configuring AsyncOS for SMTP Authentication
- Authenticating SMTP Sessions Using Client Certificates
- Checking the Validity of a Client Certificate
- Authenticating User Using LDAP Directory
- Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client
Lab Outline
- Verify and Test Cisco ESA Configuration
- Perform Basic Administration
- Advanced Malware in Attachments (Macro Detection)
- Protect Against Malicious or Undesirable URLs Beneath Shortened URLs
- Protect Against Malicious or Undesirable URLs Inside Attachments
- Intelligently Handle Unscannable Messages
- Leverage AMP Cloud Intelligence Via Pre-Classification Enhancement
- Integrate Cisco ESA with AMP Console
- Prevent Threats with Anti-Virus Protection
- Applying Content and Outbreak Filters
- Configure Attachment Scanning
- Configure Outbound Data Loss Prevention
- Integrate Cisco ESA with LDAP and Enable the LDAP Accept Query
- Domain Keys Identified Mail (DKIM)
- Sender Policy Framework (SPF)
- Forged Email Detection
- Configure the Cisco SMA for Tracking and Reporting