Implementing Cisco IOS Network Security



Similar documents
IINS Implementing Cisco Network Security 3.0 (IINS)

Implementing Cisco IOS Network Security v2.0 (IINS)

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

SNRS. Securing Networks with Cisco Routers and Switches. Length 5 days. Format Lecture/lab

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Tim Bovles WILEY. Wiley Publishing, Inc.

Implementing Core Cisco ASA Security (SASAC)

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Securing Networks with Cisco Routers and Switches ( )

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

CCNA Security 2.0 Scope and Sequence

Chapter 1 The Principles of Auditing 1

VPN_2: Deploying Cisco ASA VPN Solutions

(d-5273) CCIE Security v3.0 Written Exam Topics

Implementing Cisco Secure AccessSolutions Exam

CCNA Security v1.0 Scope and Sequence

Cisco Certified Security Professional (CCSP)

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Managing Enterprise Security with Cisco Security Manager

Securing Cisco Network Devices (SND)

Cisco Certified Network Expert (CCNE)

CISCO IOS NETWORK SECURITY (IINS)

TABLE OF CONTENTS NETWORK SECURITY 2...1

CCNA Security v1.0 Scope and Sequence

Securing Networks with PIX and ASA

How To Learn Cisco Cisco Ios And Cisco Vlan

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

Implementing Cisco IOS Network Security

"Charting the Course...

Latest IT Exam Questions & Answers

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

Cisco ASA. Administrators

TABLE OF CONTENTS NETWORK SECURITY 1...1

Deploying Cisco ASA VPN Solutions

CCNA Cisco Associate- Level Certifications

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

Interconnecting Cisco Network Devices 1 Course, Class Outline

CCNP: Implementing Secure Converged Wide-area Networks

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

Cisco ASA, PIX, and FWSM Firewall Handbook

CCIE Security Written Exam ( ) version 4.0

Managing Enterprise Security with Cisco Security Manager

Interconnecting Cisco Networking Devices Part 2

How To Pass A Credit Course At Florida State College At Jacksonville

IMPLEMENTING CISCO SWITCHED NETWORKS V2.0 (SWITCH)

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

For Sales Kathy Hall

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

Designing Cisco Network Service Architectures ARCH v2.1; 5 Days, Instructor-led

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

Configuring the Transparent or Routed Firewall

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

Implementing Cisco Intrusion Prevention System 7.0 (IPS)

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

Recommended IP Telephony Architecture

Cisco CCNP Implementing Secure Converged Wide Area Networks (ISCW)

Cisco Certified Network Associate - Design

- Introduction to PIX/ASA Firewalls -

CCNP Security SECURE

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Certified Ethical Hacker Exam Version Comparison. Version Comparison

: Interconnecting Cisco Networking Devices Part 2 v1.1

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course

Interconnecting Cisco Networking Devices, Part 2 Course ICND2 v2.0; 5 Days, Instructor-led

How To Set Up A Cisco Safesa Firewall And Security System

Security. Official Cert Guide Learn, prepare, and practice for exam success OMAR SANTOS, CISSP NO JOHN STUPPI, CCIE NO.

Cisco Actualtests Exam Questions & Answers

CCNA Security Portable Command Guide

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

Securing end devices

Cisco AnyConnect Secure Mobility Solution Guide

How To Extend Security Policies To Public Clouds

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

CTS2134 Introduction to Networking. Module Network Security

Description: Objective: Attending students will learn:

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

Implementing Cisco Secure Mobility

Citrix NetScaler 10.5 Essentials for ACE Migration CNS208; 5 Days, Instructor-led

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Network Access Security. Lesson 10

C H A P T E R Management Cisco SAFE Reference Guide OL

1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Campus LAN at NKN Member Institutions

IPv6 Fundamentals, Design, and Deployment

CCT vs. CCENT Skill Set Comparison

Network Security Fundamentals

Implementing and Configuring Cisco Identity Services Engine SISE v1.3; 5 Days; Instructor-led

Cisco Certified Network Associate (CCNA) 120 Hours / 12 Months / Self-Paced WIA Fee: $

CNS-207 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

INTRODUCTION TO FIREWALL SECURITY

Configuring Role-Based Access Control

Transcription:

Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using Cisco security products to provide hands-on examples. Using instructor-led discussions, extensive hands-on lab exercises, and supplemental materials, this course allows learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular security appliances within a real-life network infrastructure. Objectives Upon completing this course, the learner will be able to meet these overall objectives: Describe common network security concepts Secure routing and switching infrastructure Deploy basic authentication, authorization and accounting services Deploy basic firewalling services Deploy basic site-to-site and remote access VPN services Describe the use of more advanced security services such as intrusion protection, content security and identity management Prerequisites The knowledge and skills that a learner must have before attending this course are as follows: Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) Working knowledge of the Windows operating system Working knowledge of Cisco IOS networking and concepts Who Should Attend The target audiences of this course are learners who aim to be network associates in the domain of network security and who have knowledge that is contained in the Interconnecting Cisco Networking Devices Part 1 (ICND1) course. Course Outline Module 1: Security Concepts Lesson 1: Threatscape Threatscape Overview

DoS and DDoS Spoofing Reflection and Amplification Attacks Social Engineering Evolution of Phishing Password Attacks Reconnaissance Attacks Buffer Overflow Attacks Man-in-the-Middle Attacks Malware Vectors of Data Loss and Exfiltration Hacking Tools Other Considerations Lesson 2: Threat Defense Technologies Firewalls Intrusion Prevention Systems Content Security VPNs Endpoint Security Logging Lesson 3: Security Policy and Basic Security Architectures Information Security Overview Classifying Assets, Vulnerabilities, and Countermeasures Managing Risk Regulatory Compliance Principles of Secure Network Design Security Policy Security Zones The Functional Planes of the Network Lesson 4: Cryptographic Technologies Cryptography Overview Hash Algorithms Encryption Overview Cryptanalysis

Symmetric Encryption Algorithms Asymmetric Encryption Algorithms Use Case: SSH Digital Signatures PKI Overview PKI Operations Use Case: SSL/TLS Key Management Discovery 1: Exploring Cryptographic Technologies Lesson 5: Module Lesson 6: Module Self-Check Module 2: Secure Network Devices Lesson 1: Implementing AAA Introduction to AAA AAA Databases AAA Protocols AAA Servers SSH Configuration and Operation on IOS IOS Authorization with Privilege Levels Implementing Local AAA Authentication and Authorization Authorization with Role-Based CLI TACACS+ on IOS Discovery 2: Configure and Verify AAA Lesson 2: Management Protocols and Systems IOS File System Copying Files to and from Network Devices Validating IOS Images Using MD5 Digitally Signed Images IOS Resilient Configuration NTP Syslog Memory and CPU Threshold Notifications

Netflow Configuration Management Protocol Options HTTPS Configuration and Operation SNMPv3 Configuration and Operation Locking Down Management Access with ACLs Other Password Considerations Discovery 3: Configuration Management Protocols Lesson 3: Securing the Control Plane The Control Plane Control Plane Policing Control Plane Protection Authenticating Routing Protocols OSPF Route Authentication EIGRP Route Authentication Discovery 4: Securing Routing Protocols Lesson 4: Module Lesson 5: Module Self-Check Module 3: Layer 2 Security Lesson 1: Securing Layer 2 Infrastructure Introduction to Layer 2 Security Ethernet Switching Overview VLAN Overview VLAN Configuration 802.1Q Trunking Trunk Attacks Trunk Configuration and Attack Mitigation CDP ACL Primer ACLs on Switches MAC Address Abuse Port Security Private VLANs Private VLAN Edge

Private VLAN Proxy Attack and Mitigation Discovery 5: VLAN Security and ACLs on Switches Discovery 6: Port Security and Private VLAN Edge Lesson 2: Securing Layer 2 Protocols STP Overview STP Attacks STP Attack Mitigation DHCP Overview DHCP Attacks DHCP Snooping ARP Overview ARP Cache Poisoning Attack Dynamic ARP Inspection Discovery 7: Securing DHCP, ARP, and STP Lesson 3: Module Lesson 4: Module Self-Check Module 4: Firewall Lesson 1: Firewall Technologies Firewall Overview Packet Filters Stateful Firewalls Proxy Servers Next Generation Firewalls Logging Discovery 8: Explore Firewall Technologies Lesson 2: Introducing the Cisco ASA v9.2 Introducing the Cisco ASA Family of Security Appliances Cisco ASA Firewall Features Modes of Deployment Security Contexts

High-Availability and Failover Configuring Management Access on the Cisco ASA Configuring Cisco ASA Interfaces NAT Fundamentals Configure NAT on Cisco ASA Configure Static NAT on Cisco ASA Configure Dynamic NAT on Cisco ASA Configure PAT on Cisco ASA Configure Policy NAT on Cisco ASA Verify NAT Operations Discovery 9: Cisco ASA Interfaces and NAT Lesson 3: Cisco ASA Access Control and Service Policies Overview of Interface Access Rules Configure Interface Access Rules Configure Object Groups Introducing Cisco ASA Modular Policy Framework Configuring Cisco MPF Service Policy Rules Discovery 10: Access Control Using the Cisco ASA Lesson 4: Cisco IOS Zone Based Firewall Zone-Based Policy Firewall Overview Zones and Zone Pairs Introduction to Cisco Common Classification Policy Language Default Policies, Traffic Flows, and Zone Interaction Cisco Common Classification Policy Language (C3PL) Configuration Overview Configuring Zone-Based Policy Firewall Class-Maps Configuring Zone-Based Policy Firewall Policy-Maps Discovery 11: Exploring Cisco IOS Zone-Based Firewall Lesson 5: Module Lesson 6: Module Self-Check Module 5: VPN

Lesson 1: IPsec Technologies IPsec VPNs IPsec Security Services IPsec Framework Internet Key Exchange IKE Phase 1 ISAKMP Configuration IPsec Protocols IKE Phase 2 IPsec Configuration Suite B Cryptographic Standard IKE Version 2 IPsec with IPv6 Discovery 12: Explore IPsec Technologies Lesson 2: Site-to-Site VPN Site-to-Site Tunnel Negotiation Process Configuring Site-to-Site IPsec VPN Step 1: Ensure That ACLs Are Compatible with IPsec Step 2: Create ISAKMP IKE Phase 1 Policies Step 3: Configure Transform Sets Step 4: Create Crypto ACLs Using Extended ACLs Step 5: Configure IPsec Crypto Maps Verifying the IPsec Configuration Configuring Site-to-Site VPN on Cisco ASA Monitoring Site-to-Site VPN Configuration in ASDM Discovery 13: IOS-Based Site-to-Site VPN Discovery 14: ASA-Based Site-to-Site VPN Lesson 3: Client Based Remote Access VPN Secure Sockets Layer and Transport Layer Security Basic Cisco AnyConnect SSL VPN Cisco AnyConnect SSL VPN Solution Components SSL VPN Server Authentication SSL VPN Client Authentication SSL VPN Client IP Address Assignment Basic AnyConnect SSL VPN Configuration Tasks Discovery 15: Remote Access VPN: ASA and AnyConnect

Lesson 4: Clientless Remote Access VPN Cisco Clientless SSL VPN Cisco Clientless SSL VPN Use Cases Cisco Clientless SSL VPN Resource Access Methods Basic Clientless SSL VPN Solution Server Authentication in Basic Clientless SSL VPN Client-Side Authentication in Basic Clientless SSL VPN Clientless SSL VPN URL Entry and Bookmarks Basic Access Control for Clientless SSL VPN Basic Clientless SSL VPN Configuration Tasks Discovery 16: Clientless Remote Access VPN Lesson 5: Module Lesson 6: Module Self-Check Module 6: Advanced Topics Lesson 1: Intrusion Detection and Protection Introduction to IPS IPS Terminology Evasion Techniques and Countermeasures Protecting the Network with FireSIGHT FireSIGHT Protection Before an Attack FireSIGHT Protection During an Attack FireSIGHT Protection After an Attack FireSIGHT Deployment Options Inline and Passive Mode Deployment Options Lesson 2: Endpoint Protection Endpoint Security Overview Personal Firewalls Antivirus and Antispyware Centralized Endpoint Policy Enforcement Cisco AMP for Endpoints

Lesson 3: Content Security Cisco ESA Deployment Cisco ESA Overview Cisco ESA Features and Benefits Cisco ESA GUI Management Cisco ESA Mail Processing Cisco WSA Deployment Cisco WSA Overview Cisco WSA Features and Benefits Cisco WSA GUI Management Cisco CWS Deployment Cisco CWS Overview Cisco CWS Features and Benefits Lesson 4: Advanced Network Security Architectures Modular Network Architectures Security Issues in Modern Networks Identity Management BYOD Challenge Cisco TrustSec Lesson 5: Module Lesson 6: Module Self-Check Lab Outline Challenge 1: Configure AAA and Secure Remote Administration Configure AAA and Secure Remote Administration Challenge 2: Configure Secure Network Management Protocols Configure Secure Network Management Protocols Challenge 3: Configure Secure EIGRP Routing Configure EIGRP route authentication Challenge 4: Configure Secure Layer 2 Infrastructure Configure Secure Layer 2 Infrastructure Challenge 5: Configure DHCP Snooping and STP Protection Configure DHCP Snooping and STP Protection

Challenge 6: Configure Interfaces and NAT on the Cisco ASA Configure Interfaces and NAT on Cisco ASA Challenge 7: Configure Network Access Control with the Cisco ASA Configure Network Access Control with the Cisco ASA Challenge 8: Configure Site-to-Site VPN on IOS Configure Site-to-Site VPN on IOS Challenge 9: Configure AnyConnect Remote Access VPN on ASA Configure AnyConnect Remote Access VPN on ASA Challenge 10: Configure Clientless SSL VPN on the ASA Configure Clientless SSL VPN on the ASA

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information