实施思科威胁控制解决方案考试要点

实施思科威胁控制解决方案(SITCS)主要检验考生作为网络安全工程师对高级防火墙架构的.掌握程度以及使用访问和身份认证策略来配置思科下一代防火墙(NGFW)的能力。该考试涵盖集成入侵防御系统(IPS)及context-aware业务感知防火墙组件，以及包括网络(云)、邮件安全解决方案等内容。考生可以通过学习实施思科威胁控制解决方案(SITCS)课程来准备该考试。下面YJBYS小编为大家整理了关于实施思科威胁控制解决方案考试要点，希望对你有所帮助。

　　Exam Description:

The first paragraph is the exam description that is followed by a second paragraph with standard copy that appears on all exam topics.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

　　1.0 Content Security

1.1 Implement Cisco CX

1.1.a Describe features and functionality

1.1.b Implement Web usage control

1.1.c Implement AVC

1.1.d Implement decryption policies

1.1.e Describe traffic redirection and capture methods

1.2 Implement Cisco Cloud Web Security

1.2.a Describe features and functionality

1.2.b Implement IOS and ASA connectors

1.2.c Implement AnyConnect web security module

1.2.d Describe Web usage control

1.2.e Describe AVC

1.2.f Describe Anti-malware

1.2.g Describe decryption policies

1.3 Implement Cisco WSA

1.3.a Implement data security

1.3.b Describe traffic redirection and capture methods

1.4 Implement Cisco ESA

1.4.a Describe features and functionality

1.4.b Implement Email Encryption

1.4.c Implement AntiSpam policies

1.4.d Implement Virus outbreak filter

1.4.e Implement DLP policies

1.4.f Implement anti-malware

1.4.g Implement inbound and outbound mail policies and authentication

1.4.h Describe traffic redirection and capture methods

　　2.0 Threat Defense

2.1 Implement Network IPS

2.1.a Describe traffic redirection and capture methods

2.1.b Configure network IPS

2.1.c Describe signatures

2.1.d Implement event actions

2.1.e Configure event action overrides

2.1.f Implement risk ratings

2.1.g Describe router-based IPS

2.2 Configure Device Hardening per Best Practices

2.2.a IPS

2.2.b Content Security appliances

2.3 Implement Network IPS

2.3.a Describe signatures

2.3.b Configure blocking

2.3.c Implement anomaly detection

　　3.0 Devices GUIs and Secured CLI

3.1 Implement Content Security

　　4.0 Troubleshooting, Monitoring and Reporting Tools

4.1 Configure IME and IP logging for IPS

4.2 Monitor Content Security

4.3 Monitor Cisco Security IntelliShield

　　5.0 Threat Defense Architectures

5.1 Design IPS solution

　　6.0 Content Security Architectures

6.1 Design Web security solution

6.2 Design Email security solution

6.3 Design Application security solution