Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline



Similar documents
ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

CCNA Security v1.0 Scope and Sequence

Tim Bovles WILEY. Wiley Publishing, Inc.

CCNA Security v1.0 Scope and Sequence

CISCO IOS NETWORK SECURITY (IINS)

Implementing Cisco IOS Network Security

Implementing Cisco IOS Network Security v2.0 (IINS)

Implementing Cisco IOS Network Security

IINS Implementing Cisco Network Security 3.0 (IINS)

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

Securing Cisco Network Devices (SND)

CCNP: Implementing Secure Converged Wide-area Networks

CCNA Security 2.0 Scope and Sequence

SNRS. Securing Networks with Cisco Routers and Switches. Length 5 days. Format Lecture/lab

(d-5273) CCIE Security v3.0 Written Exam Topics

TABLE OF CONTENTS NETWORK SECURITY 2...1

Cisco Certified Security Professional (CCSP)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

How To Pass A Credit Course At Florida State College At Jacksonville

Cisco CCNP Implementing Secure Converged Wide Area Networks (ISCW)

Chapter 1 The Principles of Auditing 1

CCNA Cisco Associate- Level Certifications

Securing end devices

CCNA Security 1.1 Instructional Resource

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

"Charting the Course...

How To Learn Cisco Cisco Ios And Cisco Vlan

PKI Uncovered. Cisco Press. Andre Karamanian Srinivas Tenneti Francois Dessart. 800 East 96th Street. Indianapolis, IN 46240

TABLE OF CONTENTS NETWORK SECURITY 1...1

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

CCIE Security Written Exam ( ) version 4.0

Network System Design Lesson Objectives

Cisco Router and Security Device Manager (SDM)

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Cisco Firewall. Overview

Cisco Certified Network Expert (CCNE)

CCNP Security SECURE

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Description: Objective: Attending students will learn:

IT Networking and Security

A Preliminary Evaluation of the new Cisco Network Security Course

VNS3 to Cisco ASA Instructions. ASDM 9.2 IPsec Configuration Guide

Interconnecting Cisco Networking Devices, Part 2 Course ICND2 v2.0; 5 Days, Instructor-led

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Managing Enterprise Security with Cisco Security Manager

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

IT Security Standard: Network Device Configuration and Management

: Interconnecting Cisco Networking Devices Part 2 v1.1

Objectives. Background. Required Resources. CCNA Security

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

CCNA Security Portable Command Guide

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

: Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND2)

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

CCNA Security 1.1 Instructional Resource

Managing Enterprise Security with Cisco Security Manager

Network Security Guidelines. e-governance

Fundamentals of Network Security - Theory and Practice-

BUY ONLINE FROM:

GE Measurement & Control. Cyber Security for NEI 08-09

Network Security Pod Version 2.0

THE BUSINESS CASE FOR NETWORK SECURITY: ADVOCACY, GOVERNANCE, AND ROI

Lab 4.4.8a Configure a Cisco GRE over IPSec Tunnel using SDM

INTERCONNECTING CISCO NETWORKING DEVICES PART 2 V2.0 (ICND 2)

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Firewalls, Tunnels, and Network Intrusion Detection

Network Security Fundamentals

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Curran, K. Tutorials. Independent study (including assessment) N/A

Network Security Administrator

ICAB5238B Build a highly secure firewall

Interconnecting Cisco Networking Devices Part 2

Ficha técnica de curso Código: IFCAD111

CISA TIMETABLE (4 DAYS)

CTS2134 Introduction to Networking. Module Network Security

ICANWK406A Install, configure and test network security

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Network Access Security. Lesson 10

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Cisco Advanced Services for Network Security

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

Firewalls, Tunnels, and Network Intrusion Detection. Firewalls

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Lecture 17 - Network Security

Introduction of Intrusion Detection Systems

Security + Certification (ITSY 1076) Syllabus

FBLA Cyber Security aligned with Common Core FBLA: Cyber Security RST RST RST RST WHST WHST

Cisco ASA. Administrators

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Transcription:

Course Number: SEC 150 Course Title: Security Concepts Hours: 2 Lab Hours: 2 Credit Hours: 3 Course Description: This course provides an overview of current technologies used to provide secure transport of information across networks. Topics include data integrity through encryption, Virtual Private Networks, SSL, SSH, and IPSec. Upon completion, students should be able to implement secure data transmission technologies. This is a Cisco Networking Academy course. Prerequisites: SEC 110, NET 110 or NET 125 Corequisites: None Course Content Objectives: Upon successful completion of this course students will be able to: Describe the security threats facing modern network infrastructures Secure network device access Implement AAA on network devices Mitigate threats to networks using ACLs Implement secure network management and reporting Mitigate common Layer 2 attacks Implement firewall features Implement IPS features Implement site-to-site IPSec VPNs Administer effective security policies General Education Objectives: 1) Communicate effectively in speaking, writing, reading and/or listening. 2) Locate, evaluate, and use information to analyze problems and make logical decisions. 3) Apply math skills to make calculations related to distance, time, and conversion. 4) Demonstrate basic competency in computer technology. 5) Demonstrate the ability to succeed as a self-directed learner. 6) Apply critical thinking skills to analyze implementation and troubleshooting situations. 1 of 8

Methods of : Asheville-Buncombe Technical Community College Course Specific Objective Describe the security threats facing modern network infrastructures Secure network device access Implement AAA on network devices Mitigate threats to networks using ACLs Implement secure network management and reporting Associated Learning Activity Methods of (Direct) Methods of (Indirect) General Education Reinforcement 1, 2, 4, 5 1, 2, 4, 5, 6 1, 2, 4, 5, 6 2 of 8

Mitigate common Layer 2 attacks Implement firewall features Implement firewall features Implement site-tosite IPSec VPNs Administer effective security policies Topical Outline: 1. Modern Network Security Threats 1.1. Fundamental Principles of a Secure Network 3 of 8

1.1.1. Evolution of Network Security 1.1.2. Drivers for Network Security 1.1.3. Network Security Organizations 1.1.4. Domains of Network Security 1.1.5. Network Security Policies 1.2. Worms, Viruses and Trojan Horses 1.2.1. Viruses 1.2.2. Worms 1.2.3. Trojan Horses 1.2.4. Mitigating Viruses, Worms, and Trojan Horses 1.3. Attack Methodologies 1.3.1. Reconnaissance Attacks 1.3.2. Access Attacks 1.3.3. Denial of Service Attacks 1.3.4. Mitigating Network Attacks 2. Securing Network Devices 2.1. Securing Device Access and Files 2.1.1. Securing the Edge Router 2.1.2. Configuring Secure Administrative Access 2.1.3. Configuring Enhanced Security for Virtual Logins 2.1.4. Configure SSH 2.2. Privilege Levels and Role-Based CLI 2.2.1. Configuring Privilege Levels 2.2.2. Configuring Role-Based CLI Access 2.3. Monitoring Devices 2.3.1. Securing the Device Image and Configuration Files 2.3.2. Secure Management and Reporting 2.3.3. Using Syslog for Network Security 2.3.4. Using SNMP for Network Security 2.3.5. Using NTP 2.4. Using Automated Features 2.4.1. Performing a Security Audit 2.4.2. Locking Down a Router Using AutoSecure 2.4.3. Locking Down a Router Using SDM 3. Authentication, Authorization and Accounting 3.1. Purpose of AAA 3.1.1. AAA Overview 3.1.2. AAA Characteristics 3.2. Configuring Local AAA 3.2.1. Configuring Local AAA Authentication with CLI 3.2.2. Configuring Local AAA Authentication with SDM 3.2.3. Troubleshooting Local AAA Authentication 3.3. Configure Server-Based AAA 3.3.1. Server-Based AAA Characteristics 3.3.2. Server-Based AAA Communication Protocols 3.3.3. Cisco Secure ACS 4 of 8

3.3.4. Configuring Cisco Secure ACS 3.3.5. Configuring Cisco Secure ACS Users and s 3.4. Server-Based AAA Authentication 3.4.1. Configuring Server-Based AAA Authentication with CLI 3.4.2. Configuring Server-Based AAA Authentication with SDM 3.4.3. Troubleshooting Server-Based AAA Authentication 3.5. Configuring Server-Based AAA Authorization and Accounting 3.5.1. Configuring Server-Based AAA Authorization 3.5.2. Configuring Server-Based AAA Accounting 4. Implementing Firewall Technologies 4.1. Access Control Lists 4.1.1. Configuring Standard and Extended IP ACLs with CLI 4.1.2. Using Standard and Extended IP ACLs 4.1.3. Topology and Flow for Access Control Lists 4.1.4. Configuring Standard and Extended ACLs with SDM 4.1.5. Configuring TCP Established and Reflexive ACLs 4.1.6. Configuring Dynamic ACLs 4.1.7. Configuring Time-Based ACLs 4.1.8. Troubleshooting Complex ACL Implementations 4.1.9. Mitigating Attacks with ACLs 4.2. Firewall Technologies 4.2.1. Securing Networks with Firewalls 4.2.2. Types of Firewalls 4.2.3. Firewalls in Network Design 4.3. Context-Based Access Control 4.3.1. CBAC Characteristics 4.3.2. CBAC Operation 4.3.3. Configuring CBAC 4.3.4. Troubleshooting CBAC 4.4. Zone-Based Policy Firewall 4.4.1. Zone-Based Policy Firewall Characteristics 4.4.2. Zone-Based Policy Firewall Operation 4.4.3. Configuring a Zone-Based Policy Firewall with CLI 4.4.4. Configuring Zone-Based Policy Firewall with Manual SDM 4.4.5. Configuring Zone-Based Policy Firewall with SDM Wizard 4.4.6. Troubleshooting Zone-Based Policy Firewall 5. Implementing Intrusion Prevention 5.1. IPS Technologies 5.1.1. IDS and IPS Characteristics 5.1.2. Host-Based IPS Implementations 5.1.3. Network-Based IPS Implementations 5.2. IPS Signatures 5.2.1. IPS Signature Characteristics 5.2.2. IPS Signature Alarms 5.2.3. Tuning IPS Signature Alarms 5.2.4. IPS Signature Actions 5 of 8

5.2.5. Managing and Monitoring IPS 5.3. Implementing IPS 5.3.1. Configuring Cisco IOS IPS with CLI 5.3.2. Configuring Cisco IOS IPS with SDM 5.3.3. Modifying Cisco IOS IPS Signatures 5.4. Verify and Monitor IPS 5.4.1. Verifying Cisco IOS IPS 5.4.2. Monitoring Cisco IOS IPS 6. Securing the Local Area Network 6.1. Endpoint Security 6.1.1. Introducing Endpoint Security 6.1.2. Endpoint Security with IronPort 6.1.3. Endpoint Security with Network Admission Control 6.1.4. Endpoint Security with Cisco Security Agent 6.2. Layer 2 Security Considerations 6.2.1. Introducing Layer 2 Security 6.2.2. MAC Address Spoofing Attacks 6.2.3. MAC Address Table Overflow Attacks 6.2.4. STP Manipulation Attacks 6.2.5. LAN Storm Attack 6.2.6. VLAN Attacks 6.3. Configuring Layer 2 Security 6.3.1. Configuring Port Security 6.3.2. Verifying Port Security 6.3.3. Configuring BPDU Guard and Root Guard 6.3.4. Configuring Storm Control 6.3.5. Configuring VLAN Trunk Security 6.3.6. Configuring Cisco Switched Port Analyzer 6.3.7. Configuring Cisco Remote Switched Port Analyzer 6.3.8. Recommended Practices for Layer 2 6.4. Wireless, VoIP and SAN Security Considerations 6.4.1. Enterprise Advanced Technology Security Considerations 6.4.2. Wireless Security Considerations 6.4.3. Wireless Security Solutions 6.4.4. VoIP Security Considerations 6.4.5. VoIP Security Solutions 6.4.6. SAN Security Considerations 6.4.7. SAN Security Solutions 7. Cryptography 7.1. Cryptographic Services 7.1.1. Securing Communications 7.1.2. Cryptography 7.1.3. Cryptanalysis 7.1.4. Cryptology 7.2. Basic Integrity and Authenticity 7.2.1. Cryptographic Hashes 6 of 8

7.2.2. Integrity with MD5 and SHA-1 7.2.3. Authenticity with HMAC 7.2.4. Key Management 7.3. Confidentiality 7.3.1. Encryption 7.3.2. Data Encryption Standard 7.3.3. 3DES 7.3.4. Advanced Encryption Standard 7.3.5. Alternate Encryption Algorithms 7.3.6. Diffie-Hellman Key Exchange 7.4. Public Key Cryptography 7.4.1. Symmetric Versus Asymmetric Encryption 7.4.2. Digital Signatures 7.4.3. Rivest, Shamir, and Alderman 7.4.4. Public Key Infrastructure 7.4.5. PKI Standards 7.4.6. Certificate Authorities 7.4.7. Digital Certificates and CAs 8. Implementing Virtual Private Networks 8.1. VPNs 8.1.1. VPN Overview 8.1.2. VPN Topologies 8.1.3. VPN Solutions 8.2. GRE VPNs 8.2.1. Configuring a Site-to-Site GRE Tunnel 8.3. IPSec VPN Components and Operation 8.3.1. Introducing IPsec 8.3.2. IPsec Security Protocols 8.3.3. Internet Key Exchange 8.4. Implementing Site-to-Site IPSec VPNs with CLI 8.4.1. Configuring a Site-to-Site IPsec VPN 8.4.2. Configure Compatible ACLs 8.4.3. Configure IKE 8.4.4. Configure the Transform Sets 8.4.5. Configure the Crypto ACLs 8.4.6. Task 5 - Apply the Crypto Map 8.4.7. Verify and Troubleshoot the IPsec Configuration 8.5. Implementing Site-to-Site IPsec VPNs with SDM 8.5.1. Configuring IPsec Using SDM 8.5.2. VPN Wizard - Quick Setup 8.5.3. VPN Wizard - Step-by-Step Setup 8.5.4. Verifying, Monitoring, and Troubleshooting VPNs 8.6. Implementing a Remote Access VPN 8.6.1. The Changing Corporate Landscape 8.6.2. Introducing Remote-Access VPNs 8.6.3. SSL VPNs 7 of 8

8.6.4. Cisco Easy VPN 8.6.5. Configure a VPN Server with SDM 8.6.6. Connect with a VPN Client 9. Managing a Secure Network 9.1. Principles of Secure Network Design 9.1.1. Ensuring a Network is Secure 9.1.2. Threat Identification and Risk Analysis 9.1.3. Risk Management and Risk Avoidance 9.2. Self-Defending Network 9.2.1. Cisco Self-Defending Network 9.2.2. Solutions for the Cisco SDN 9.2.3. Cisco Integrated Security Portfolio 9.3. Operations Security 9.3.1. Introducing Operations Security 9.3.2. Principles of Operations Security 9.4. Network Security Testing 9.4.1. Introducing Network Security Testing 9.4.2. Network Security Testing Tools 9.5. Business Continuity Planning and Disaster Recovery 9.5.1. Continuity Planning 9.5.2. Disruptions and Backups 9.6. System Development Life Cycle 9.6.1. Introducing the SDLC 9.6.2. Phases of the SDLC 9.7. Developing a Comprehensive Security Policy 9.7.1. Security Policy Overview 9.7.2. Structure of a Security Policy 9.7.3. Standards, Guidelines, and Procedures 9.7.4. Roles and Responsibilities 9.7.5. Security Awareness and Training 9.7.6. Laws and Ethics 9.7.7. Responding to a Security Breach Prepared By: Lewis R. Lightner, Jr. Revision Date: 2/25/2011 Dean Vice President 8 of 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information