ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Transcription

1 ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0 Module 1: Vulnerabilities, Threats, and Attacks 1.1 Fundamental Principles of a Secure Network 1.1 Evolution of Network Security Drivers for Network Security Network Security Organizations Domains of Network Security Network Security Policies 1.2 Viruses, Worms and Trojan Horses Viruses Worms Trojan Horse Mitigating Viruses, Worms and Trojan Horses 1.3 Attack Methodologies Reconnaissance attacks Access attacks Denial of service attacks Mitigating Networks Attacks Module 2: Securing Network Devices 2.1 Securing Device Access Securing the Edge Router Configuring Secure Administrative Access Configuring Enhanced Security for Virtual Logins Configuring SSH 2.2 Assigning Administrative Roles Configuring Privilege Levels Configuring Role-Bases CLI Access 2.3 Monitoring and Managing Devices Securing the Cisco IOS Image and Configuring Files Secure Management and Reporting Using Syslog for Network Security Using SNMP for Network Security Using NTP 2.4 Using Automated Security Features Performing a Security Audit Locking Down a Router Using AutoSecure Locking Down a Router Using SDM

2 Curso CCNA: Seguridad en Redes. Nivel I. Versión Module 3: Authentication, Authorization, and Accounting 3.1 Purpose of AAA AAA Overview AAA Characteristics 3.2 Local AAA Authentication Configuring Local AAA Authentication with CLI Configuring Local AAA Authentication with SDM Troubleshooting Local AAA Authentication 3.3 Server-Bases AAA Server-Bases AAA Characteristics Server-Based AAA Communication Protocols Cisco Secure ACS Configuring Cisco Secure ACS Configuring Cisco Secure ACS Users and Groyups 3.4 Server-Based AAA Authentication Configuring Server-Based AAA Authentication with CLI Configuring Server-Based AAA Authentication with SDM Trouble shooting Server-Bases AAA Authentication 3.5 Server-Based AAA Authorization and Accounting Configuring Server-Bases AAA Authorization Configuring Server-Bases AAA Accounting Module 4: Implementing Firewall Technologies 4.1 Access Control List Configuring Standard and Extended IP ACLs with CLI Using Standard and Extended IP ACLs Topology and Flow for Access Control List Configuring Standard and Extended IP ACLs with SDM Configuring TCP Established and Reflexive ACLs Configuring Dynamic ACLs Configuring Time-Base ACLs Troubleshooting Complex ACL Implementations Mitigating Attacks with ACLs 4.2 Firewall Technologies Securing Networks with Firewalls Type of Firewalls Firewalls in Network Design 4.3 Context-Based Access Control CBAC Characteristics CBAC Operation Configuring CBAC Troubleshooting CBAC 4.4 Zone-Based Policy Firewall Zone-Based Policy Firewall Characteristics Zone-Based Policy Firewall Operation Configuring a Zone-Based Policy Firewall with CLI Configuring a Zone-Based Policy Firewall with Manual SDM Configuring a Zone-Based Policy Firewall with SDM Wizard Troubleshooting Zone-Based Policy Firewall

3 Curso CCNA: Seguridad en Redes. Nivel I. Versión Module 5: Implementing Intrusion Prevention 5.1 IPS Technologies IDS and IPS Characteristics Host-Based IPS Implementations Network-Based IPS Implementations 5.2 IPS Signatures IPS Signatures Characteristics IPS Signatures Alarms Tuning IPS Signature Alarms Tuning IPS Signatures Alarms IPS Signatures Actions Managing and Monitoring IPS 5.3 Implementing IPS Configuring Cisco IOS IPS with CLI Configuring Cisco IOS IPS with SDM Modifying Cisco IOS Signatures 5.4 Verify and Monitor IPS Verifying Cisco IOS IPS Monitoring Cisco IOS IPS Module 6: Securing the Local Area Network 6.1 Endpoint Security Introducing Endpoint Security Endpoint Security with IronPort Endpoint Security with Network Admission Control Endpoint Security with Cisco Security Agent 6.2 Layer s Security Considerations Introducing Layer 2 Security MAC Address Spoofing Attacks MAC Address Table Overflow Attacks STP Manipulations Attacks LAN Storm Attack VLAN Attacks 6.3 Configuring Layer 2 Security Configuring Port Security Verifying Port Security Configuring BPDU Guard and Root Guard Configuring Storm Control Configuring VLAN Trunk Security Configuring Cisco Switched Port Analyzer Configuring Cisco Remote Switched Port Analyzer Recommended Practices for Layer Wireless, VoIP and SAN Security Enterprise Advanced Technology Security Considerations Wireless Security Considerations Wireless Security Solutions VoIP Security Considerations VoIP Security Solutions SAN Security Considerations SAN Security Solutions

4 Curso CCNA: Seguridad en Redes. Nivel I. Versión Module 7: Cryptographic Systems 7.1 Cryptographic Services Securing Communications Cryptography Cryptanalysis Cryptology 7.2 Basic Integrity and Authenticity Cryptographic Hashes Integrity with MD5 and SHA Authenticity with HMAC Key Management 7.3 Confidentiality Encryption Data Encryption Standard DES Advanced Encryption Standard Alternate Encryption Algorithms Diffie-Hellman Key Exchange 7.4 Pubic Key Cryptography Symmetric Versus Asymmetric Encryption Digital Signatures Rivest, Shamir and Alderman Public Key Infrastructure PKI Standards Certificate Authorities Digital Certificates and CAs Module 8: Implementing Virtual Private Networks 8.1 VPN VPNs Overview VPN Topologies Solutions 8.2 GRE VPNs Configuring a Site-to-Site GRE Tunnel 8.3 IPsec VPN Component and Operation Introducing IPsec IPsec Security Protocols Internet Key Exchange 8.4 Implementing Sitye-to-Site IPsec VPNs with CLI Configuring a Site-to-Site IPSec VPN Task 1. Configure Compatible ACLs Task 2. Configure IKE Task 3. Configure the Transform Sets Task 4. Configure the Crypto ACLs Task 5. Apply the Crypto Map Verify and Troubleshooting the IPsec Configuration 8.5 Implementing Sitye-to-Site IPsec VPNs with SDM Configuring IPsec using SDM VPN Wizard. Quick Setup VPN Wizard. Step-by-Step Setup Verifying, Monitoring and Troubleshooting VPNs

5 Curso CCNA: Seguridad en Redes. Nivel I. Versión Implementing Remote-Access VPNs The Changing Corporate Landscape Introducing Remote-Access VPNs SSL VPNs Cisco Easy VPN Configuring a VPN Server with SDM Connect with a VPN Client Module 9: Managing a Secure Network 9.1 Principles of Secure Nwetwork Desing Ensuring a network Secure Threat Identification and Risk Analysis Risk Management and Risk Avoidance 9.2 Cisco Self-Defending Network Introducing the Cisco Self-Defending Network Solutions for the Cisco Self-Defending Network Cisco Integrated Security Portfolio 9.3 Operations Security Introducing Operations Security Principles of Operations Security 9.4 Network Security Testing Introducing Network Security Testing Network Security Testing Tools 9.5 Business Continuity Planning and Disaster Recovery Continuity Planning Disruptions and Backups 9.6 System Development Life Cycle Introducing the SDLC Phases of the SDLC 9.7 Developing a Comprehensive Security Policy Security Policy Overview Structure of a Security Policy Standard, Guidelines and Procedures Roles and Responsibilities Security Awareness and Training Laws and Ethics Responding to a Security Breach