Quién debería asistir
This course is intended for individuals who are responsible for tuning the Stealthwatch System, creating and maintaining policies, monitoring traffic, and obtaining and responding to actionable alarms
Prerrequisitos
All students should have completed the following (minimum) prerequisites.
- Cisco Stealthwatch for Security Operations
- Cisco Stealthwatch for Network Operations
Objetivos del curso
- Create summary views of all alarms in the system.
- Explain how summary views can help prioritize the tuning strategy.
- Develop tuning recommendations based on security events and alarm summary.
- Identify workflows for tuning specific security events.
- Test tuning strategies and recommendations.
Contenido del curso
This course focuses on the tuning process in Cisco Stealthwatch Enterprise system, to gain visibility across your enterprise and detect actionable threats. This course covers all essential aspects of the tuning process, including tuning best practices, which will optimize the Stealthwatch System.
This course will help you:
- Understand how the system generates events and alarms.
- Configure policies and adjust system events and alarms.
- Understand the importance of hosts and host groups.