Skype | Facebook | Google+ | Home | Sitemap | Contact us | +92 321 3499131











 
ICT Offers
Partnership
Online Training
Online Learning
>> Register Now

CCNA [Cisco Certified Network Associate]

[Download Outline]

CCNA Security Course Contents

Outline

  • Building a Simple Network
  • Establishing Internet Connectivity
  • Managing Network Device Security
  • Introducing IPv6 Building a Medium-Sized Network
  • Troubleshooting Basic Connectivity Wide Area Networks
  • Implementing an EIGRP-Based Solution
  • Implementing a Scalable OSPF-Based Solution Network Device Management

Describe common security threats

  • Common threats to the physical installation
  • Mitigation methods for common network attacks
  • Email-based threats
  • Web-based attacks
  • Mitigation methods for Worm, Virus, and Trojan Horse attacks
  • Phases of a secure network lifecycle
  • Security needs of a typical enterprise with a comprehensive security policy
  • Mobile/remote security
  • DLP

Security and Cisco Routers

Implement Security on Cisco routers

  • CCP Security Audit feature
  • CCP One-Step Lockdown feature
  • Secure router access using strong encrypted passwords, and using IOS login enhancements, IPV6 security
  • Multiple privilege levels
  • Role-Based CLI
  • Cisco IOS image and configuration files

Describe securing the control, data and management plane

Describe CSM

Describe IPv4 to IPv6 transition

  • Reasons for IPv6
  • Understanding IPv6 addressing
  • Assigning IPv6 addresses
  • Routing considerations for IPv6

AAA on Cisco Devices

Implement authentication, authorization, and accounting (AAA)

  • 8.1.a AAA using CCP on routers
  • 8.1.b AAA using CLI on routers and switches
  • AAA on ASA

Describe TACACS+

Describe RADIUS

Describe AAA

  • Authentication
  • Authorization
  • Accounting

Verify AAA functionality

IOS ACLs

Describe standard, extended, and named IP IOS ACLs to filter packets

  • IPv4
  • IPv6
  • Object groups
  • ACL operations
  • Types of ACLs (dynamic, reflexive, time-based ACLs)
  • ACL wild card masking
  • Standard ACLs
  • Extended ACLs
  • Named ACLs
  • VLSM

Describe considerations when building ACLs

  • Sequencing of ACEs
  • Modification of ACEs

Implement IP ACLs to mitigate threats in a network

  • Filter IP traffic
  • SNMP
  • DDoS attacks
  • CLI
  • CCP
  • IP ACLs to prevent IP spoofing
  • VACLs

Secure Network Management and Reporting

Describe secure network management

  • In-band
  • Out of band
  • Management protocols
  • Management enclave
  • Management plane

Implement secure network management

  • SSH
  • syslog
  • SNMP
  • NTP
  • SCP
  • CLI
  • CCP
  • SSL

Common Layer 2 Attacks

Describe Layer 2 security using Cisco switches

  • STP attacks
  • ARP spoofing
  • MAC spoofing
  • CAM overflows
  • CDP/LLDP

Describe VLAN Security

  • Voice VLAN
  • PVLAN
  • VLAN hopping
  • Native VLAN

Implement VLANs and trunking

  • VLAN definition
  • Grouping functions into VLANs
  • Considering traffic source to destination paths
  • Trunking
  • Native VLAN
  • VLAN trunking protocols
  • Inter-VLAN routing

Implement Spanning Tree

  • Potential issues with redundant switch topologies
  • STP operations
  • Resolving issues with STP

Cisco Firewall Technologies

Describe operational strengths and weaknesses of the different firewall technologies

  • Proxy firewalls
  • Packet and stateful packet
  • Application firewall
  • Personal firewall

Describe stateful firewalls

  • Operations
  • Function of the state table

Describe the types of NAT used in firewall technologies

  • Static
  • Dynamic
  • PAT

Implement Zone Based Firewall using CCP

  • Zone to zone
  • Self zone

Implement the Cisco Adaptive Security Appliance (ASA)

  • NAT
  • ACL
  • Default MPF
  • Cisco ASA sec level

Implement NAT and PAT

  • Functions of NAT, PAT, and NAT Overload
  • Translating inside source addresses
  • 7.6.c Overloading Inside global addresses

Cisco IPS

Describe IPS deployment considerations

  • SPAN
  • IPS product portfolio
  • Placement
  • Caveats

Describe IPS technologies

  • Attack responses
  • Monitoring options
  • Syslog
  • SDEE
  • Signature engines
  • Signatures
  • Global correlation and SIO
  • Network-based
  • Host-based

Configure Cisco IOS IPS using CCP

  • Logging
  • Signatures

VPN Technologies

Describe the different methods used in cryptography

  • Symmetric
  • Asymmetric
  • HMAC
  • Message digest
  • PKI

Describe VPN technologies

  • IPsec
  • SSL

Describe the building blocks of IPSec

  • IKE
  • ESP
  • AH
  • Tunnel mode
  • Transport mode

Implement an IOS IPSec site-to-site VPN with pre-shared key authentication

  • CCP
  • CLI

Verify VPN operations

Implement SSL VPN using ASA device manager

  • Clientless
  • AnyConnect

 

Practical Approach

  • A real-time examples will be given throughout the lectures, starting from design, analysis, implementation and maintenance of network.

 

www.ict-trainings.com/curriculum/ccna-security-leaflet.pdf


Training Schedule
Download Full Calendar

24 Jul 2017

Java
Mon-Tue-Wed 11:30 AM-01:00 PM

Spoken English
Mon-Tue-Wed-Thu 07:00 PM-08:00 PM

26 Jul 2017

Web Designing
Mon-Tue-Wed-Thu 05:00 PM-08:30 PM

Web Development
Mon-Tue-Wed 05:00 PM-07:00 PM

27 Jul 2017

CCNA
Thu-Fri-Sat 05:00 PM-06:30 PM

Android
Thu-Fri-Sat 11:00 AM-01:00 PM

C&C++
Thu-Fri-Sat 12:30 PM-02:00 PM

29 Jul 2017

Linux
Sat-Sun 05:00 PM-08:00 PM

Quick Links
>> Success Stories
>> ICT Brochure
>> July Offers
Web Designing & Development Android Mobile App Development SEO Internet Marketing MCSE CCNA CCNP
Home

Contact

Web Development

Java Android

.NET

Graphics Designing

AutoCAD

 MCSE 2012

CCNA

CCNP & CCIE

SharePoint 2013

Spoken English

Ms Office

IELTS
ICT Trainings facebook Icon ICT Trainings Twitter Icon ICT Google Plus Icon ICT Trainings Google Plus Icon ICT Trainings linkedin Icon
Coming Soon ICT Trainings App!
ICT Trainings - iTunes App ICT Trainings - Google Play App
ict

© Copyright 2007-2017 - ICT Trainings - All rights reserved.
Designed by Creative.