IINS Implementing Cisco Network Security 3.0 (IINS)



Similar documents
Implementing Cisco IOS Network Security

Implementing Cisco IOS Network Security v2.0 (IINS)

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title

Securing Networks with Cisco Routers and Switches 1.0 (SECURE)

SNRS. Securing Networks with Cisco Routers and Switches. Length 5 days. Format Lecture/lab

CCNA Security. IINS v2.0 Implementing Cisco IOS Network Security ( )

Asheville-Buncombe Technical Community College Department of Networking Technology. Course Outline

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Tim Bovles WILEY. Wiley Publishing, Inc.

Interconnecting Cisco Networking Devices, Part 1 (ICND1) v3.0

IMPLEMENTING CISCO IP ROUTING V2.0 (ROUTE)

INTERCONNECTING CISCO NETWORK DEVICES PART 1 V2.0 (ICND 1)

Implementing Core Cisco ASA Security (SASAC)

CCNA Security 2.0 Scope and Sequence

IMPLEMENTING CISCO SWITCHED NETWORKS V2.0 (SWITCH)

Cisco Certified Security Professional (CCSP)

Chapter 1 The Principles of Auditing 1

CCNA Security v1.0 Scope and Sequence

CISCO IOS NETWORK SECURITY (IINS)

INTERCONNECTING CISCO NETWORKING DEVICES PART 2 V2.0 (ICND 2)

(d-5273) CCIE Security v3.0 Written Exam Topics

VPN_2: Deploying Cisco ASA VPN Solutions

Implementing Cisco Secure AccessSolutions Exam

Securing Cisco Network Devices (SND)

Cisco Certified Network Expert (CCNE)

Securing Networks with Cisco Routers and Switches ( )

TABLE OF CONTENTS NETWORK SECURITY 2...1

CCNA Security v1.0 Scope and Sequence

Implementing Cisco IOS Network Security

Evaluating the Cisco ASA Adaptive Security Appliance VPN Subsystem Architecture

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

How To Learn Cisco Cisco Ios And Cisco Vlan

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

Deploying Cisco ASA VPN Solutions

CCNP: Implementing Secure Converged Wide-area Networks

"Charting the Course...

Managing Enterprise Security with Cisco Security Manager

Latest IT Exam Questions & Answers

CCIE Security Written Exam ( ) version 4.0

Securing Networks with PIX and ASA

Implementing Cisco Intrusion Prevention System 7.0 (IPS)

CCNA Cisco Associate- Level Certifications

Juniper Networks Certified Associate Junos Bootcamp, IJOS and JRE (JNCIA-Junos BC)

Cisco ASA. Administrators

To participate in the hands-on labs in this class, you need to bring a laptop computer with the following:

Cisco ASA 5500 Series Adaptive Security Appliance 8.2 Software Release

Interconnecting Cisco Networking Devices Part 2

Managing Enterprise Security with Cisco Security Manager

TABLE OF CONTENTS NETWORK SECURITY 1...1

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

Interconnecting Cisco Network Devices 1 Course, Class Outline

Cisco CCNP Implementing Secure Converged Wide Area Networks (ISCW)

Recommended IP Telephony Architecture

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

How To Pass A Credit Course At Florida State College At Jacksonville

Cisco ASA, PIX, and FWSM Firewall Handbook

For Sales Kathy Hall

Designing Cisco Network Service Architectures ARCH v2.1; 5 Days, Instructor-led

CCNP Security SECURE

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

Cisco ASA 5500-X Series ASA 5512-X, ASA 5515-X, ASA 5525-X, ASA 5545-X, and ASA 5555-X

Configuring the Transparent or Routed Firewall

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Interconnecting Cisco Networking Devices, Part 2 Course ICND2 v2.0; 5 Days, Instructor-led

: Interconnecting Cisco Networking Devices Part 2 v1.1

IMPLEMENTING CISCO VIDEO NETWORK DEVICES PART 2, V1.0 (CIVND2)

Campus LAN at NKN Member Institutions

Högskolan i Halmstad Sektionen för Informationsvetenskap, Data- Och Elektroteknik (IDÉ) Ola Lundh. Name (in block letters) :

How To Extend Security Policies To Public Clouds

Network Security Fundamentals

McAfee Firewall Enterprise System Administration Intel Security Education Services Administration Course

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

- Introduction to PIX/ASA Firewalls -

Interconnecting Cisco Networking Devices: Accelerated (CCNAX) 2.0(80 Hs) 1-Interconnecting Cisco Networking Devices Part 1 (40 Hs)

CCNA Security Portable Command Guide

How To Use Cisco Cucm For A Test Drive

NETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9

NEW YORK INSTITUTE OF TECHNOLOGY School of Engineering and Technology Department of Computer Science Old Westbury Campus

Cconducted at the Cisco facility and Miercom lab. Specific areas examined

Description: Objective: Attending students will learn:

PCI Compliance for Branch Offices: Using Router-Based Security to Protect Cardholder Data

Implementing Cisco Secure Mobility

Cisco Actualtests Exam Questions & Answers

IPv6 Fundamentals, Design, and Deployment

IMPLEMENTING CISCO QUALITY OF SERVICE V2.5 (QOS)

Deploying Cisco Basic Wireless LANs WDBWL v1.1; 3 days, Instructor-led

: Interconnecting Cisco Networking Devices Part 1 v2.0 (ICND1)

Cisco AnyConnect Secure Mobility Solution Guide

How To Set Up A Cisco Safesa Firewall And Security System

The following chart provides the breakdown of exam as to the weight of each section of the exam.

Network Access Security. Lesson 10

C H A P T E R Management Cisco SAFE Reference Guide OL

IMPLEMENTING CISCO MPLS V3.0 (MPLS)

McAfee Network Security Platform Administration Course

PKI Uncovered. Cisco Press. Andre Karamanian Srinivas Tenneti Francois Dessart. 800 East 96th Street. Indianapolis, IN 46240

CTS2134 Introduction to Networking. Module Network Security

Interconnecting Cisco Networking Devices, Part 2 **Part of CCNA Route/Switch**

Securing the Connected Enterprise

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Transcription:

IINS Implementing Cisco Network Security 3.0 (IINS) COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using Cisco security products to provide hands-on examples. Using instructor-led discussions, extensive hands-on lab exercises, and supplemental materials, this course allows learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular security appliances within a real-life network infrastructure. WHO WILL BENEFIT FROM THIS COURSE? The target audiences are students who aim to be network associates in the domain of network security and who have knowledge that is contained in the Interconnecting Cisco Networking Devices Part 1 (ICND1) course. PREREQUISITES: The knowledge and skills that a learner must have before attending this course are as follows: Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) Working knowledge of the Windows operating system Working knowledge of Cisco IOS networking and concepts Working knowledge of Cisco IOS networking and concepts COURSE OBJECTIVES: Describe common network security concepts Secure routing and switching infrastructure Deploy basic authentication, authorization and accounting services Deploy basic firewalling services Deploy basic site-to-site and remote access VPN services Describe the use of more advanced security services such as intrusion protection, content security and identity management

COURSE OUTLINE: Module 1: Security Concept Lesson 1: Threatscape Threatscape Overview DoS and DDoS Spoofing Reflection and Amplification Attacks Social Engineering Evolution of Phishing Password Attacks Reconnaissance Attacks Buffer Overflow Attacks Man-in-the-Middle Attacks Malware Vectors of Data Loss and Exfiltration Hacking Tools Other Considerations Lesson 2: Threat Defense Technologies Firewalls Intrusion Prevention Systems Content Security VPNs Endpoint Security Logging Lesson 3: Security Policy and Basic Security Architectures Information Security Overview Classifying Assets, Vulnerabilities, and Countermeasures Managing Risk Regulatory Compliance Principles of Secure Network Design Security Policy Security Zones The Functional Planes of the Network

Lesson 4: Cryptographic Technologies Cryptography Overview Hash Algorithms Encryption Overview Cryptanalysis Symmetric Encryption Algorithms Asymmetric Encryption Algorithms Use Case: SSH Digital Signatures PKI Overview PKI Operations Use Case: SSL/TLS Key Management Discovery 1: Exploring Cryptographic Technologies Lesson 5: Module Summary Lesson 6: Module Self-Check Module 2: Secure Network Devices Lesson 1: Implementing AAA Introduction to AAA AAA Databases AAA Protocols AAA Servers SSH Configuration and Operation on IOS IOS Authorization with Privilege Levels Implementing Local AAA Authentication and Authorization Authorization with Role-Based CLI TACACS+ on IOS Discovery 2: Configure and Verify AAA Lesson 2: Management Protocols and Systems IOS File System Copying Files to and from Network Devices Validating IOS Images Using MD5 Digitally Signed Images IOS Resilient Configuration NTP Syslog Memory and CPU Threshold Notifications Netflow Configuration Management Protocol Options HTTPS Configuration and Operation SNMPv3 Configuration and Operation Locking Down Management Access with ACLs Other Password Considerations Discovery 3: Configuration Management Protocols

Lesson 3: Securing the Control Plane The Control Plane Control Plane Policing Control Plane Protection Authenticating Routing Protocols OSPF Route Authentication EIGRP Route Authentication Discovery 4: Securing Routing Protocols Lesson 4: Module Summary Lesson 5: Module Self-Check Module 3: Layer 2 Security Lesson 1: Securing Layer 2 Infrastructure Introduction to Layer 2 Security Ethernet Switching Overview VLAN Overview VLAN Configuration 802.1Q Trunking Trunk Attacks Trunk Configuration and Attack Mitigation CDP ACL Primer ACLs on Switches MAC Address Abuse Port Security Private VLANs Private VLAN Edge Private VLAN Proxy Attack and Mitigation Discovery 5: VLAN Security and ACLs on Switches Discovery 6: Port Security and Private VLAN Edge Lesson 2: Securing Layer 2 Protocols STP Overview STP Attacks STP Attack Mitigation DHCP Overview DHCP Attacks DHCP Snooping ARP Overview ARP Cache Poisoning Attack Dynamic ARP Inspection Discovery 7: Securing DHCP, ARP, and STP Lesson 3: Module Summary

Module 4: Firewall Lesson 1: Firewall Technologies Firewall Overview Packet Filters Stateful Firewalls Proxy Servers Next Generation Firewalls Logging Discovery 8: Explore Firewall Technologies Lesson 2: Introducing the Cisco ASA v9.2 Introducing the Cisco ASA Family of Security Appliances Cisco ASA Firewall Features Modes of Deployment Security Contexts High-Availability and Failover Configuring Management Access on the Cisco ASA Configuring Cisco ASA Interfaces NA T Fundamentals Configure NA T on Cisco ASA Configure Static NA T on Cisco ASA Configure Dynamic NA T on Cisco ASA Configure PAT on Cisco ASA Configure Policy NA T on Cisco ASA Verify NA T Operations Discovery 9: Cisco ASA Interfaces and NAT Lesson 3: Cisco ASA Access Control and Service Policies Overview of Interface Access Rules Configure Interface Access Rules Configure Object Groups Introducing Cisco ASA Modular Policy Framework Configuring Cisco MPF Service Policy Rules Discovery 10: Access Control Using the Cisco ASA Lesson 4: Cisco IOS Zone Based Firewall Zone-Based Policy Firewall Overview Zones and Zone Pairs Introduction to Cisco Common Classification Policy Language Default Policies, Traffic Flows, and Zone Interaction Cisco Common Classification Policy Language (C3PL) Configuration Overview Configuring Zone-Based Policy Firewall Class-Maps Configuring Zone-Based Policy Firewall Policy-Maps Discovery 11: Exploring Cisco IOS Zone-Based Firewall Lesson 5: Module Summary Lesson 6: Module Self-Check

Module 5: VPN Lesson 1: IPsec Technologies IPsec VPNs IPsec Security Services IPsec Framework Internet Key Exchange IKE Phase 1 ISAKMP Configuration IPsec Protocols IKE Phase 2 IPsec Configuration Suite B Cryptographic Standard IKE Version 2 IPsec with IPv6 Discovery 12: Explore IPsec Technologies Lesson 2: Site-to-Site VPN Site-to-Site Tunnel Negotiation Process Configuring Site-to-Site IPsec VPN Step 1: Ensure That ACLs Are Compatible with IPsec Step 2: Create ISAKMP IKE Phase 1 Policies Step 3: Configure Transform Sets Step 4: Create Crypto ACLs Using Extended ACLs Step 5: Configure IPsec Crypto Maps Verifying the IPsec Configuration Configuring Site-to-Site VPN on Cisco ASA Monitoring Site-to-Site VPN Configuration in ASDM Discovery 13: IOS-Based Site-to-Site VPN Discovery 14: ASA-Based Site-to-Site VPN Lesson 3: Client Based Remote Access VPN Secure Sockets Layer and Transport Layer Security Basic Cisco AnyConnect SSL VPN Cisco AnyConnect SSL VPN Solution Components SSL VPN Server Authentication SSL VPN Client Authentication SSL VPN Client IP Address Assignment Basic AnyConnect SSL VPN Configuration Tasks Discovery 15: Remote Access VPN: ASA and AnyConnect Lesson 4: Clientless Remote Access VPN Cisco Clientless SSL VPN Use Cases Cisco Clientless SSL VPN Resource Access Methods Basic Clientless SSL VPN Solution Server Authentication in Basic Clientless SSL VPN Client-Side Authentication in Basic Clientless SSL VPN Clientless SSL VPN URL Entry and Bookmarks Basic Access Control for Clientless SSL VPN Basic Clientless SSL VPN Configuration Tasks Discovery 16: Clientless Remote Access VPN

Lesson 5: Module Summary Lesson 6: Module Self-Check Module 6: Advanced Topics Lesson 1: Intrusion Detection and Protection Introduction to IPS IPS Terminology Evasion Techniques and Countermeasures Protecting the Network with FireSIGHT FireSIGHT Protection Before an Attack FireSIGHT Protection During an Attack FireSIGHT Protection After an Attack FireSIGHT Deployment Options Inline and Passive Mode Deployment Options Lesson 2: Endpoint Protection Endpoint Security Overview Personal Firewalls Antivirus and Antispyware Centralized Endpoint Policy Enforcement Cisco AMP for Endpoints Lesson 3: Content Security Cisco ESA Deployment Cisco ESA Overview Cisco ESA Features and Benefits Cisco ESA GUI Management Cisco ESA Mail Processing Cisco WSA Deployment Cisco WSA Overview Cisco WSA Features and Benefits Cisco WSA GUI Management Cisco CWS Deployment Cisco CWS Overview Cisco CWS Features and Benefits Lesson 4: Advanced Network Security Architectures Modular Network Architectures Security Issues in Modern Networks Identity Management BYOD Challenge Cisco TrustSec Lesson 5: Module Summary Lesson 6: Module Self-Check

Discovery Labs: Discovery 1: Exploring Cryptographic Technologies Discovery 2: Configure and V erify AAA Discovery 3: Configuration Management Protocol Discovery 4: Securing Routing Protocols Discovery 5: VLAN Security and ACLs on Switches Discovery 6: Port Security and Private VLAN Edge Discovery 7: Securing DHCP, ARP, and STP Discovery 8: Explore Firewall Technologies Discovery 9: Cisco ASA Interfaces and NAT Discovery 10: Access Control Using the Cisco ASA Discovery 11: Exploring Cisco IOS Zone-Based Firewall Discovery 12: Explore IPsec Technologies Discovery 13: IOS-Based Site-to-Site VPN Discovery 14: ASA-Based Site-to-Site VPN Discovery 15: Remote Access VPN: ASA and AnyConnect Discovery 16: Clientless Remote Access VPN Challenge Labs Challenge 1: Configure AAA and Secure Remote Administration Challenge 2: Configure Secure Network Management Protocols Challenge 3: Configure Secure EIGRP Routing Challenge 4: Configure Secure Layer 2 Infrastructure Challenge 5: Configure DHCP Snooping and STP Protection Challenge 6: Configure Interfaces and NAT on the Cisco ASA Challenge 7: Configure Network Access Control with the Cisco ASA Challenge 8: Configure Site-to-Site VPN on IOS Challenge 9: Configure AnyConnect Remote Access VPN on ASA Challenge 10: Configure Clientless SSL VPN on the ASA

(SLI) DIFFERENTIATORS: Sunset Learning Institute (SLI) has been an innovative leader in developing and delivering authorized technical training since 1996. Our goal is to help our customers optimize their cloud technology investments by providing convenient, high quality technical training that our customers can rely on. We empower students to master their desired technologies for their unique environments. What sets SLI apart is not only our immense selection of trainings options, but our convenient and consistent delivery system. No matter how complex your environment is or where you are located, SLI is sure to have a training solution that you can count on! Premiere World Class Instruction Team All SLI instructors have a four-year technical degree, instructor level certifications and field consulting work experience. Sunset Learning has won numerous Instructor Excellence and Instructor Quality Distinction awards since 2012 Enhanced Learning Experience The goal of our instructors during class is ensure students understand the material, guide them through our labs and encourage questions and interactive discussions. Convenient and Reliable Training Experience You have the option to attend classes at any of our established training facilities or from the convenience of your home or office with the use of our HD-ILT network (High Definition Instructor Led Training) All Sunset Learning Institute classes are guaranteed to run you can count on us to deliver the training you need when you need it! Outstanding Customer Service Dedicated account manager to suggest the optimal learning path for you and your team Enthusiastic Student Services team available to answer any questions and ensure a quality training experience

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information