Cisco Stealthwatch for Security Operations is a virtual Instructor-led, lab-based, handson course. This course focuses on the proper use of host groups, policies and alarm configuration and the three phases of the Cisco Stealthwatch tuning process.
Cisco Stealthwatch for Security Operations is a lab intensive course that focuses on those who are responsible for using Stealthwatch for monitoring security policy, providing feedback on the configuration, updating and operation of security tools and initiating incident response investigations.
All students have completed the following (minimum)
prerequisites. These prerequisites are available as
eLearning courses found in the Cisco Stealthwatch
Customer Training Center (LMS) available through the
Stealthwatch Customer Community:
- Flow Basics
- Cisco Stealthwatch Overview and Components
- Cisco Stealthwatch SMC Client Interface Overview
- Cisco Stealthwatch Web App Overview
Who Should Attend
This course is focuses on new users of Cisco Stealthwatch. This course is intended for customers whose role is to use the Cisco Stealthwatch System for security operations and security monitoring.
- Explain what Cisco Stealthwatch is and how it works
- Explain how hosts and host groups are defined in Cisco Stealthwatch
- Define basic concepts of policy management
- Identify the three phases of the Cisco Stealthwatch tuning process
- Complete workflows to identify indicators of compromise in your network