Integrated Threat Defense Investigation and Mitigation

2 Day Course
Hands On
Official Curriculum
Code SECUR202

Book Now - 1 Delivery Method Available:

Classroom Virtual Classroom Private Group - Virtual Self-Paced Online


The Cisco Integrated Threat Defense Investigation and Mitigation (SECUR202) course shows you how to identify, isolate, and mitigate network threats using the Cisco® Integrated Threat Defense solution platform. Through expert instruction and lab-based scenarios, you will be introduced to network threat investigation, and learn how to identify relationships between Cisco products and the stages of the attack lifecycle. This course is the second in a pair of courses (SECUR201) covering the Cisco Integrated Threat Defense (ITD) solution.


After completing this course you should be able to:

  • Describe the stages of the network attack lifecycle and identify ITD solution platform placement based on a given stage
  • Detail how to locate and mitigate email malware attacks
  • Describe email phishing attacks and the steps taken to locate and mitigate them on the network
  • Identify and mitigate data exfiltration threats on the network
  • Identify malware threats on the network and mitigate those threats after investigation

Target Audience

Technical professionals who need to know how to use a deployed Integrated Threat Defense (ITD) network solution to identify, isolate and mitigate network threats.

Training Partners

We work with the following best of breed training partners using our bulk buying power to bring you a wider range of dates, locations and prices.


Collapse all

Network Threat Investigation Introduction (2 topics)

  • Network Attack Introduction
  • Hunting Network Threats in the Enterprise

Investigation and Mitigation of Email Malware Threats (2 topics)

  • Examining Email Malware Threats
  • Investigating and Verifying Email Malware Threat Mitigation

Investigation and Mitigation of Email Phishing Threats (3 topics)

  • Examining Email Phishing Attacks
  • Configuring Cisco Email Security Applicance (ESA) for URL and Content Filtering
  • Investigating and Verifying Email Phishing Threat Mitigation

Investigation and Mitigation of Data Exfiltration Threats (3 topics)

  • Exploiting Vulnerable Network Servers
  • Investigating Data Exfiltration Threats
  • Mitigating and Verifying Data Exfiltration Threats

Investigation and Mitigation of Malware Threats (2 topics)

  • Examining Endpoint Malware Protection
  • Investigating and Mitigating Endpoint Malware Threats

Labs (5 topics)

  • Connecting to the Lab Environment
  • Threat Scenario 1-Email Malware Attachments
  • Threat Scenario 2-Email-Based Phishing
  • Threat Scenario 3-Targeted Network Server Threats and Data Exfiltration
  • Threat Scenario 4-Endpoint Malware Investigation and Mitigation


Attendees should meet the following prerequisites:

  • Technical understanding of TCP/IP networking and network architecture
  • Technical understanding of security concepts and protocols
  • Familiarity with Cisco Identity Services Engine, Cisco Stealthwatch, Cisco Firepower, and Cisco AMP for Endpoints is an advantage

Scheduled Dates

Please select from the dates below to make an enquiry or booking.


Different pricing structures are available including special offers. These include early bird, late availability, multi-place, corporate volume and self-funding rates. Please arrange a discussion with a training advisor to discover your most cost effective option.

Code Location Duration Price Mar Apr May Jun Jul Aug
Later scheduled dates may be available for this course.

Course PDF


Share this Course


Recommend this Course