FIREPOWER200 – Securing Networks with Cisco Firepower Threat Defense – Knowledge Club

FIREPOWER200 – Securing Networks with Cisco Firepower Threat Defense


Mandy Jackson


CISCO Cisco Advanced Security Security

Course Attendees

Still no participant

Course Reviews

Still no reviews

The Course Name: FIREPOWER200 - Securing Networks with Cisco Firepower Threat Defense


The Duration: 5 Days


The Overview:


Course Content


The purpose of this course is to teach participants how to support and maintain their Cisco Firepower Threat Defense systems including application control, security intelligence, NGFW, NGIPS, and network-based malware and file controls. Also the participants will learn how to take advantage of powerful tools, so you can perform more efficient event analysis, including the detection of file types and network-based malware.


What You Will Learn


  • How to describe the Cisco Firepower Threat Defense system and key concepts of NGIPS and NGFW technology
  • How to describe how to perform the configurations tasks required for implementing a Cisco Firepower Threat Defense device
  • How to describe how to implement quality of service (QoS) and Network Address Translation (NAT) by using Cisco Firepower Threat Defense
  • How to perform an initial network discovery using Cisco Firepower to identify hosts, applications, and services
  • How to identify and create the objects required as prerequisites to implementing access control policies
  • How to describe the behavior, usage, and implementation procedure for access control policies
  • How to describe the concepts and implementation procedure of security intelligence features
  • How to describe Cisco Advanced Malware Protection (AMP) for Networks and the implementation procedure of file control and advanced malware protection
  • How to implement and manage intrusion policies
  • How to explain the use of network analysis policies and the role of preprocessor technology in processing network traffic for NGIPS inspection
  • How to describe and demonstrate the detailed analysis techniques and reporting features provided by the Cisco Firepower Management Center
  • How to describe key Cisco Firepower Management Center system administration and user account management features
  • How to describe the processes that can be used to troubleshoot Cisco Firepower Threat Defense systems


The Course Index:


Day 1

Overview of technology

Next Generation Firewall Security

Types of Firewalls

Routing in FTD

Next Generation IPS


Firepower Components and Features

Firepower System

Firepower Features

Firepower Automation

Firepower Components

Firepower Management Center

Firepower Device

Firepower Naming Conventions

Firepower Platforms

Firepower Stacking

Firepower Threat Defense

Unified Access Control Policies

High-level Feature Comparison

Firepower 9300 and 4100 Details

Firepower Management Center

Firepower Management Center

FMC Basics

How FMC works

FMC Management

FMC Limits



FMC Analysis Menu

FMC Policies Menu

FMC Devices Menu

FMC Domain Management

How to Create FMC Domains

Firepower Licensing

Smart Licensing

Cisco Firepower System Configurations

FTD Device Registration

FTD Device Configuration

FMC Configuration

FTD Device Properties

FTD Interfaces

FTD Modes

FMC Policies Basics

Firepower Policy Flow




Lab 1 - Introduction to Lab Topology

Lab 2 - Navigating Firepower Management Center

Lab 3 - Device Management

Day 2

Firepower High Availability

Firepower Management Center HA

7000 and 8000 HA

Firepower Threat Defense HA

NAT Policy Configuration

NAT Policy Configuration

How NAT Works

NAT Types

Configuring NAT with FMC

NAT Rules

NAT Auto NAT Rules

NAT PAT pool

Advanced NAT

NAT Verification

NAT Examples

QoS Policy Configuration

How QoS Works

How to Create QoS Policy

QoS Policy Rules

QoS Examples

FlexConfig Policies

FlexConfig Policy Overview

Template Scripts

Customizing Device Configuration

Firepower Discovery

Network Discovery Components

Fingerprinting Hosts

How it works

Discovery Modes

Passive Detection

Active Detection for Hosts

Host Identity

Identity Workflow

Conflict Workflow

Discovery Policies

Network Discovery Policy

Network Discovery Rules

Rule Actions

Host Limits

Discovery of Users

User Limits

Identity Sources

Captive Portal

User Identity Configuration

Identity Policy


Object Basics

Object Groups


ACP Object Relationship

General Objects

Advanced Objects



Lab 4 - NAT Policy Configuration Lab 5 - QoS Policy Configuration Lab 6 – FlexConfig Policies

Lab 7 - Network Discovery Policy

Lab 8 - Object Management

Day 3

Prefilter Policies

Introduction to Prefiltering

Prefiltering vs Access Control

Configuring Prefiltering

Access Control Policy

ACP Components

ACP Rules

ACP Default Action

Rule Action - Block

Rule Action - Monitor

Rule Action - Trust

Rule Action - Allow

ACP Inspection Options

Logging Options

ACP Advanced Settings

ACP Inheritance

Security Intelligence

Security Intelligence Overview

SI Whitelists and Blacklists

SI Objects

SI Feeds

Feed Categories

List Objects

SI Deployment

File and Malware Policy

File Identification SHA-256

File-Type Detection

File Policy Rules

File Policy Basics

File Types

Advanced Options

Advanced Malware Protection

File Dispositions

AMP Cloud

AMP Architecture

AMP Advanced Options

AMP Integration

Next Generation Intrusion Prevention

Intrusion Prevention Basics


Rule Examples




Intrusion Policy

Network Analysis Policy

Traffic Flow for Intrusion Policy


Policy Layers

Shared Policy Layers

Creating New Intrusion Policy

Intrusion Policy Configuration

Intrusion Policy Rules

Rule Options

Firepower Recommendations


Lab 9: Prefilter Policies

Lab 10: Access Control Policy

Lab 11: Security Intelligence

Lab 12: File and Malware Policy

Lab 13: Intrusion Policy

Day 4

Network Analysis Policy

Preprocessor Technology

Preprocessor Flow

Preprocessor Rules

Network Policy Settings

Adaptive Profiles

Adaptive Profile Configuration

SSL Policy

Anatomy of SSL Sessions

Firepower SSL Decryption

Firepower SSL Architecture

Decrypt Resign

Decrypt Known Key

SSL Policy

SSL Policy Settings

SSL Policy Rules

SSL Policy Default Action

Applying SSL Policy

VPN Deployments

VPN Overview

VPN Types

VPN Basics


Firepower Threat Defense Site-to-Site VPN

Firepower Threat Defense Remote Access



Lab 14: Network Analysis Policy

Lab 15: SSL Policy

Lab 16: Site to Site VPN Lab 17: Remote VPN

Day 5

Correlation Policies



Custom Remediation Modules

Correlation Policy Rules

How to Create Policy Rules


Traffic Profiles

Correlation Policy


Event Basics

FMC Analysis

FMC Database


Analysis Search


Security Intelligent Events

File and Malware Events

Impact Flags

Indication of Compromise

Analysis Tools


System Administration

System Configuration

FMC Configuration Settings

Health Monitoring

Health Policy

Firepower Updates

User Account Management

Multidomain Deployments


Lab 18: Correlation Policy

Lab 19: Analysis of events

Lab 20 - System Administration

Our Main Teachers

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aenean egestas magna at porttitor vehicula.

Price : Free

Max Availability : 20