Implementing Cisco IOS Network Security v2.0 (IINS)

Similar documents
IINS Implementing Cisco Network Security 3.0 (IINS)

Implementing Cisco IOS Network Security

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Tim Bovles WILEY. Wiley Publishing, Inc.

CCNA Security 2.0 Scope and Sequence

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

CISCO IOS NETWORK SECURITY (IINS)

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Cisco Certified Security Professional (CCSP)

SNRS. Securing Networks with Cisco Routers and Switches. Length 5 days. Format Lecture/lab

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

CCNA Security v1.0 Scope and Sequence

Implementing Cisco Intrusion Prevention System 7.0 (IPS)

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

VPN_2: Deploying Cisco ASA VPN Solutions

Managing Enterprise Security with Cisco Security Manager

Cisco Certified Network Expert (CCNE)

Managing Enterprise Security with Cisco Security Manager

Deploying Cisco ASA VPN Solutions

CCNA Cisco Associate- Level Certifications

CCNA Security v1.0 Scope and Sequence

Implementing Cisco IOS Network Security

Cisco ASA. Administrators

Implementing Cisco Secure AccessSolutions Exam

Chapter 1 The Principles of Auditing 1

Interconnecting Cisco Networking Devices Part 2

How To Learn Cisco Cisco Ios And Cisco Vlan

Implementing Core Cisco ASA Security (SASAC)

(d-5273) CCIE Security v3.0 Written Exam Topics

TABLE OF CONTENTS NETWORK SECURITY 2...1

Securing Cisco Network Devices (SND)

Securing Networks with Cisco Routers and Switches ( )

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

INTERCONNECTING CISCO NETWORKING DEVICES PART 2 V2.0 (ICND 2)

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

CCNA DATA CENTER BOOT CAMP: DCICN + DCICT

Implementing Cisco IOS Network Security (IINS) Foundation Learning Guide

"Charting the Course...

IMPLEMENTING CISCO SWITCHED NETWORKS V2.0 (SWITCH)

CCIE Security Written Exam ( ) version 4.0

Interconnecting Cisco Networking Devices, Part 2 Course ICND2 v2.0; 5 Days, Instructor-led

Cisco Security Certifications

: Interconnecting Cisco Networking Devices Part 2 v1.1

CCNP: Implementing Secure Converged Wide-area Networks

Securing Networks with PIX and ASA

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

For Sales Kathy Hall

Designing Cisco Network Service Architectures ARCH v2.1; 5 Days, Instructor-led

Cisco CCNP Implementing Secure Converged Wide Area Networks (ISCW)

Cisco Discovery 3: Introducing Routing and Switching in the Enterprise hours teaching time

Interconnecting Cisco Network Devices 1 Course, Class Outline

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

How To Pass A Credit Course At Florida State College At Jacksonville

CCNA Security Portable Command Guide

Implementing Cisco Secure Mobility

Scenario: Remote-Access VPN Configuration

Cisco Security Manager 4.2: Integrated Security Management for Cisco Firewall, IPS, and VPN Solutions

Latest IT Exam Questions & Answers

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

: Interconnecting Cisco Networking Devices Part 2 v2.0 (ICND2)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

Cisco Certified Network Associate - Design

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

IPv6 Fundamentals, Design, and Deployment

TABLE OF CONTENTS NETWORK SECURITY 1...1

CCNP Security SECURE

Deploying Cisco Unified Contact Center Express 5.0 (UCCX)

NETWORK SECURITY (W/LAB) Course Syllabus

A Model Design of Network Security for Private and Public Data Transmission

Welcome to Todd Lammle s CCNA Bootcamp

Cisco Secure ACS. By Igor Koudashev, Systems Engineer, Cisco Systems Australia 2006 Cisco Systems, Inc. All rights reserved.

Table of Contents. Introduction. Audience. At Course Completion

Track 2: Introductory Track PREREQUISITE: BASIC COMPUTER EXPERIENCE

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Course Contents CCNP (CISco certified network professional)

PKI Uncovered. Cisco Press. Andre Karamanian Srinivas Tenneti Francois Dessart. 800 East 96th Street. Indianapolis, IN 46240

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Cisco Actualtests Exam Questions & Answers

Networking: EC Council Network Security Administrator NSA

Cisco Advanced Services for Network Security

AV-006: Installing, Administering and Configuring Windows Server 2012

Network Simulator Lab Study Plan

Designing for Cisco Internetwork Solutions

CCNA Security Official Cert Guide

"Charting the Course... Implementing Citrix NetScaler 11 for App and Desktop Solutions CNS-207 Course Summary

CNS-208 Citrix NetScaler 10 Essentials for ACE Migration

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

Cisco Certified Network Professional (CCNP Routing & Switching)

Security + Certification (ITSY 1076) Syllabus

Transcription:

Implementing Cisco IOS Network Security v2.0 (IINS) Course Overview: Implementing Cisco IOS Network Security (IINS) v2.0 is a five-day instructor-led course that is presented by Cisco Learning Partners to end users and channel partner customers. The content focuses on the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies as examples. The course covers security controls of Cisco IOS devices as well as a functional introduction to the Cisco ASA adaptive security appliance. Using instructor-led discussion, lecture, and hands-on lab exercises, this course allows students to perform basic tasks to secure a small branch office network using Cisco IOS security features that are available through web-based GUIs (Cisco Configuration Professional) and the CLI on Cisco routers, switches, and ASA appliances. Who will benefit from this course? The primary audience for this course is as follows: Network designers Network administrators Network engineers Network managers System engineers Prerequisites: The knowledge and skills that a student must have before attending this course are as follows: Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) Working knowledge of the Windows operating system Working knowledge of Cisco IOS networking and concepts Sunset Learning Differentiators: World Class Instruction Team o All instructors hold Certified Cisco Systems Instructor (CCSI) certification. o All instructors have a four-year technical degree or equivalent work experience. o All instructors have a minimum of either four years teaching technical networking classes or five years consulting experience. Enhanced Learning Experience o The goal of our instructors during class is ensure students understand the material, guide them through our up to date labs and encourage questions and interactive discussions. Enjoyment of the learning process is a primary objective for Sunset Learning instructors. High Quality Real World Lab Environments o Course offerings include real-time access to labs with the latest Cisco equipment o Result is real world experiences to help students prepare for actual networking environments. o Hands on experience aids in Cisco exam preparation. Outstanding Customer Service o Dedicated program manager o Quality instruction team o Creatively designed curriculum to meet your specific needs o Delivery at your location or ours

Course Objectives: Upon completing this course, the student will be able to meet these overall objectives: Describe the components of a comprehensive network security policy that can be used to counter threats against IT systems, within the context of a security policy life cycle Develop and implement security countermeasures that are aimed at protecting network elements as part of the network infrastructure Deploy and maintain threat control and containment technologies for perimeter security in small and midsize networks Describe secure connectivity strategies and technologies using VPNs, as well as configure site-to-site and remote-access VPNs using Cisco IOS features Course Outline: Module 1: Networking Security Fundamentals Lesson 1: Introducing Networking Security Concepts Describe information security within the context of risk management and its underlying concepts Explain the motivation behind networking security, describing the business and security environment of organizations today Classify threat vectors according to multiple criteria, in order to define and plan mitigation strategies Analyze and compare design principles and considerations for network security Lesson 2: Understanding Security Policies Using a Life-Cycle Approach Describe risk management within the context of Describe the testing phases of the life-cycle business and organizational drivers approach and how they relate to other phases Compare different compliance regulations and Describe the incident response phases of the lifecycle approach, comparing high-level techniques describe them as drivers of information security Provide a high-level definition of a security policy that are commonly used to respond efficiently and along with the benefits of creating a sound policy as effectively to security threats part of the life-cycle process Describe the disaster recovery phases of the lifecycle approach and their importance in business Analyze the benefits of using a life-cycle approach to information and network security continuity Describe the assessment phases of the life-cycle approach, comparing and contrasting different methods and considerations Lesson 3: Building a Security Strategy for Borderless Networks Describe the Cisco Borderless Networks Architecture Describe Cisco content security products and to position it as a framework to present the Cisco technologies, illustrating their high-level features security portfolio of products and benefits Describe the Cisco SecureX Architecture at a high Describe Cisco VPN solutions and technologies, level, highlighting its features and benefits and illustrating their high-level features and benefits providing examples of Cisco products that fall Describe security management products and within this category technologies, illustrating their high-level features Describe Cisco threat control and containment and benefit products and technologies, illustrating their highlevel features and benefits

Module 2: Protecting the Network Infrastructure Lesson 1: Introducing Cisco Network Foundation Protection Categorize common threats against the network List and compare security controls that protect the infrastructure control plane Describe Cisco NFP as a framework to develop and List and compare security controls that protect the implement security controls to protect the network data plane infrastructure List and compare security controls that protect the management plane Lesson 2: Protecting the Network Infrastructure Using Cisco Configuration Professional Articulate the features and benefits of Cisco Describe the unique components of Cisco Configuration Professional, describing its Configuration Professional that are used for requirements and installation options effective security policy deployment and Demonstrate the Cisco Configuration Professional configuration GUI, showcasing the most relevant options and Describe and implement the One-Step Lockdown and features audit features that are found on Cisco Configuration Professional Lesson 3: Securing the Management Plane on Cisco IOS Devices Describe the management security features of the Demonstrate the use of Cisco Configuration Cisco IOS Software on Cisco routers Professional to configure AAA services using the Demonstrate the configuration of management local user database access using RBAC Compare and contrast different device monitoring Describe the support for AAA services on Cisco options, including SNMP and syslog routers Lesson 4: Configuring AAA on Cisco IOS Devices Using Cisco Secure ACS Describe the features of the Cisco Secure ACS in the Demonstrate the initialization and basic context of a management protection strategy configuration of Cisco Secure ACS acting as a AAA Compare and contrast two popular AAA protocols: server TACACS and RADIUS Utilize CLI commands to verify the correct Demonstrate the configuration of network elements configuration of the router to use AAA authentication and authorization Lesson 5: Securing the Data Plane on Cisco Catalyst Switches Introduce fundamental switching concepts, starting Describe the Spanning Tree Protocol Toolkit that is with the building blocks of VLANs and trunking found on Cisco IOS routers that prevents STP Introduce other building blocks of the switch, operations from having an impact on the security including spanning tree for high availability posture Revisit and explain security threats that exploit Revisit port security and configure it to illustrate vulnerabilities in the switching infrastructure security controls that are aimed at mitigating ARP Plan and develop a strategy for protecting the switch spoofing and other threats data plane Lesson 6: Securing the Data Plane in IPv6 Environments Explain the need for IPv6 from the general perspective of the transition to IPv6 from IPv4 List and describe the fundamental features of IPv6, as well as enhancements when compared to IPv4 Analyze the IPv6 addressing scheme, components, and design principles and configure IPv6 addressing Describe the IPv6 routing function Evaluate how common and specific threats affect IPv6 Develop and implement a strategy for IPv6 security

Module 3: Threat Control and Containment Lesson 1: Planning a Threat Control Strategy Evaluate the current state of enterprise security in the presence of evolving threats Describe design considerations for a threat protection strategy to mitigate threats as part of a risk management strategy Describe how Cisco strategizes threat control and containment Lesson 2: Implementing Access Control Lists for Threat Mitigation List the benefits of ACLs in general Demonstrate the use of Cisco Configuration Describe the building blocks and operational Professional and the CLI to deploy and verify a framework of ACLs threat containment strategy using ACLs Describe summarizable address blocks in the Demonstrate the use of Cisco Configuration context of CIDR and VLSM environments, Professional and the CLI to correlate ACL log and demonstrating how ACL wildcard masks allow for alarm information to monitor their impact and threat mitigation in those environments effectiveness List design considerations when deploying ACLs in Configure object groups to simplify the general implementation of ACLs for threat control Configure ACLs in IPv6 environments, highlighting the operational differences with IPv4 ACLs Lesson 3: Understanding Firewall Fundamentals Describe firewall technologies that historically have played, and still play, a role in network access control and security architectures Introduce and describe the function and building blocks of NAT List design considerations for firewall deployment Describe guidelines for firewall ruleset creation Lesson 4: Implementing Cisco IOS Zone-Based Policy Firewalls Introduce and describe the function, operational List the default policies for the different framework, and building blocks of Cisco IOS zonebased firewalls Demonstrate the configuration and verification of combinations of zone types Describe the functions of zones and zone pairs, as zone-based firewalls using Cisco Configuration well as their relationship in hierarchical policies Professional and the CLI Describe the Cisco Common Classification Policy Demonstrate the configuration of NAT services for Language for creating zone-based firewall policies zone-based firewalls Lesson 5: Configuring Basic Firewall Policies on Cisco ASA Appliances Describe the Cisco ASA family of products, Describe the use of ACLs on Cisco ASA appliances identifying the primary supported features Briefly describe the deployment of policies using the Describe the building blocks of Cisco ASA Cisco Modular Policy Framework configuration Describe the configuration procedure to deploy basic Describe the navigation options, features, and outbound access control on Cisco ASA appliances requirements of Cisco ASDM using Cisco ASDM Lesson 6: Understanding IPS Fundamentals Discuss the fundamentals of intrusion prevention and compare IDS and IPS Describe the building blocks of IPS and introduce the underlying technologies and deployment options Describe the use of signatures in intrusion prevention and highlight their benefits and drawbacks Discuss the need for IPS alarm monitoring and evaluate the options for event managers Analyze the design considerations in deploying IPS

Lesson 7: Implementing Cisco IOS IPS Describe the operational framework and requirements of Cisco IOS IPS Describe signature files and signature definitions from the operational and maintenance perspectives Evaluate scenarios and analyze a strategy for signature tuning Describe the options for event management using Cisco IOS IPS List the steps to configure Cisco IOS IPS using Cisco Configuration Professional, and implement the configuration using Cisco Configuration Professional wizards Implement signature tuning with Cisco Configuration Professional options Use Cisco Configuration Professional as an event manager, and monitor IPS operations Module 4: Secure Connectivity Lesson 1: Understanding the Fundamentals of VPN Technologies Discuss the state of VPN security and the business Introduce hashing mechanisms and describe their and technical drivers behind it use in VPN operations Describe the required components and deployment Describe the use of cryptographic keys in VPN options for VPNs operations and list the considerations in key Introduce the use of encryption in VPN deployments management Introduce symmetric encryption algorithms and Describe how cryptography plays a role in describe their use in VPN operations commercial implementations such as IPsec and Introduce asymmetric encryption algorithms and SSL/TLS describe their use in VPN operations Lesson 2: Introducing Public Key Infrastructure Describe the asymmetric cryptography fundamentals behind PKI Explain the reasoning and components behind digital signatures and the RSA protocol Lesson 3: Examining IPsec Fundamentals Analyze the architecture of the IPsec protocol Detail the role and operational impact of the main IPsec components Describe PKI requirements, components, and operations List PKI standards and their functions Detail the operations of CAs and RAs Describe IPsec modes of operation in various scenarios Describe the phases of IPsec connectivity Overview the operations of IPv6 VPNs Lesson 4: Implementing Site-to-Site VPNs on Cisco IOS Routers Evaluate the requirements and configuration of siteto-site IPsec VPNs Professional monitoring options to validate the VPN Use CLI commands and Cisco Configuration Use Cisco Configuration Professional to configure configuration site-to-site IPsec VPNs Use CLI commands and Cisco Configuration Professional monitoring options to monitor and troubleshoot the VPN configuration Lesson 5: Implementing SSL VPNs Using Cisco ASA Appliances Describe the use cases and operational requirements Describe the steps to configure Cisco VPN clientless of SSL VPNs mode on the Cisco ASA appliance, and demonstrate Describe the protocol framework for SSL and TLS the configuration on Cisco ASDM Describe a configuration that is based on Describe the steps to configure Cisco full tunnel deployment options and other design considerations mode on the Cisco ASA appliance, and demonstrate the configuration on Cisco ASDM using the Cisco AnyConnect client

Labs: Lab 2-1: Hardening Network Elements Using Cisco Configuration Professional Lab 2-2: Securing Administrative Access to Cisco Routers Lab 2-3: Configuring AAA on Cisco Routers and Switches to Use Cisco Secure ACS Lab 2-4: Configuring Data Plane Security on Layer 2 Switches Lab 3-1: Using ACLs to Implement a Threat Containment Strategy Lab 3-2: Implementing Cisco IOS Zone-Based Firewalls Lab 3-3: Implementing Basic Network Connectivity Using Cisco ASDM on the Cisco ASA Appliance Lab 3-4: Configuring Cisco IOS IPS Lab 4-1: Configuring Site-to-Site IPsec VPNs Lab 4-2: Configuring SSL VPNs on Cisco ASA Appliances Using Cisco ASDM

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information