Duration:
Only 17 days
Only 17 days
Study Mode:
Classroom
Classroom
Next Date:
19.11.2024 (tiistai)
19.11.2024 (tiistai)
Opinto Ohjelma
CCNA Security
Common Security Threats
- Common security threats
Security and Cisco Routers
- Implementing security on Cisco routers
- Securing the data, control and management plane
- Cisco Security Manager
- Transition from IPv4 to IPv6
AAA on Cisco Devices
- Implementing AAA (authentication, authorization, and accounting)
- TACACS+
- RADIUS
- AAA
- AAA functionality
IOS ACLs
- Standard, extended, and named IP IOS access control lists (ACLs) to filter packets
- Considerations when building ACLs
- Implementing IP ACLs to mitigate threats in a network
Securing Network Management and Reporting
- Securing network management
- Implementing secure network management
Common Layer 2 Attacks
- Layer 2 security using Cisco switches
- VLAN security
- Implementing VLANs and trunking
- Implementing spanning tree
Cisco Firewall Technologies
- Operational strengths and weaknesses of the different firewall technologies
- Stateful firewalls
- Types of NAT used in firewall technologies
- Implementing zone-based policy firewall using CCP
- Implementing the Cisco Adaptive Security Appliance (ASA)
- Implementing Network Address Translation (NAT) and Port Address Translation (PAT)
Cisco IPS
- Considerations when deploying Cisco Intrusion Prevention System (IPS)
- IPS technologies
- Configuring Cisco IOS IPS using CCP
VPN Technologies
- Different methods used in cryptography
- VPN technologies
- The building blocks of IPSec
- Implementing an IOS IPSec site-to-site VPN with pre-shared key authentication
- Verify VPN operations
- Implementing Secure Sockets Layer (SSL) VPN using ASA device manager
CCNP Security
Cisco ASA adaptive security appliance Basic Configurations
- Identifying the ASA product family
- ASA licensing Implementation
- Managing the ASA boot process
- ASA interface settings Implementation
- ASA management features Implementation
- ASA access control features Implementation
- Network Address Translation (NAT) on the ASA Implementation
- ASDM public server feature Implementation
- ASA quality of service (QoS) settings Implementation
- ASA transparent firewall Implementation
ASA Routing Features
- Implementing ASA static routing
- Implementing ASA dynamic routing
ASA Inspection Policy
- Implementing ASA inspections features
ASA Advanced Network Protections
- Implementing ASA Botnet traffic filter
ASA High Availability
- Implementing ASA Interface redundancy and load sharing features
- Implementing ASA virtualization feature
- Implementing ASA stateful failover
Common Cisco ASA adaptive security appliance VPN Configurations Components
- Identifying ASA VPN licensing requirements
- Identifying the components and features of AnyConnect 3.0 Mobility (VPN, NAM, Web Sec (ScanSafe), an Telemetry)
- Implementing ASA VPN connection profiles, group policies, and user policies
- Implementing Simple Certificate Enrollment Protocol (SCEP) proxy operations using Cisco Adaptive Security Device Manager (ASDM)
- Implementing local and external VPN authorization using ASDM
- Implementing VPN session accounting using ASDM
- Implementing Cisco Secure Desktop and Independent Host Scan operations using ASDM
- Implementing DAP operations using ASDM
- Implementing LOCAL CA operations for Secure Sockets Layer (SSL) VPNs using ASDM
- Implementing certificate maps using ASDM
- Identifying the ASA IPv6 VPN capabilities
- Monitor and verify the resulting CLI commands resulting from the various VPN configurations on the ASA
ASA IP SEC S2S VPN
- Implementing a security high-level design according to policy and environmental requirements by identifying Cisco ASA IPSec S2S VPN features and supporting technologies
- Implementing basic IPSEC S2S VPN operations with PSK and digital certificates using ASDM
- Implementing basic IKEv2 based IPSEC S2S VPN operations using ASDM
- Troubleshooting the initial provisioning IPSec S2S VPN applications due to misconfiguration
ASA EZVPN
- Implementing a security high level design according to policy and environmental requirements by identifying Cisco ASA VPN client features and supporting technologies
- Implementing basic EZVPN server operations on the ASA using ASDM
Basic EZVPN remote operations on the ASA 5505 using ASDM
- Implementing AnyConnect 3.0 IKEv2 RA VPN operations
- Implementing Client Services Server (CSS) feature
- Troubleshooting the initial provisioning IPSec RA VPN applications due to misconfiguration
ASA AnyConnect SSL VPNs
- Implementing a security high-level design according to policy and environmental requirements by identifying Cisco ASA AnyConnect client features and supporting technologies
- Implementing DTLS operations using ASDM
- Implementing basic AnyConnect 3.0 full tunnel SSL VPN operations
- Troubleshoot AnyConnect SSL VPN operations using DART
- Implementing AnyConnect Profiles using ASDM
- Implementing advanced authentication in AnyConnect Full Tunnel SSL VPNs (certificate and multi-authentication) using ASDM
- Troubleshooting the initial provisioning client-based SSL VPN applications due to misconfiguration
ASA Clientless SSL VPNs
- Implementing a security high level design according to policy and environmental requirements by identifying Cisco ASA clientless SSL VPN features and supporting technologies
- Implementing basic Clientless SSL VPN operations using ASDM
- Implementing advanced applications access using ASDM
- Implementing the SSO features on the ASA in a clientless SSL
VPN environment
- Implementing advanced authentication in clientless SSL VPNs (certificate and multi-authentication) using ASDM
- Managing the clientless SSL VPN user interface and portal using ASDM
- Implementing basic portal customization
- Troubleshooting the initial provisioning of Clientless SSL VPN applications due to misconfiguration
SSL VPN High Availability
- Implementing SSL and IPSEC VPN high availability features
Pre-Production Design
- Choosing Cisco IOS technologies to implement HLD
- Choosing Cisco products to implement HLD
- Choosing Cisco IOS features to implement HLD 2
- Integrating Cisco network security solutions with other security technologies
- Creating and testing initial Cisco IOS configurations for new devices/services
Complex Operations Support
- Optimising Cisco IOS security infrastructure device performance
- Creating complex network security rules to meet the security policy requirements
- Optimising security functions, rules, and configuration
- Configuring & verifying NAT to dynamically mitigate identified threats to the network
- Configuring & verifying IOS Zone Based Firewalls including advanced application inspections and URL filtering
- Configuring & verifing the IPS features to identify threats and dynamically block them from entering the network
- Maintaining, updating and tuning IPS signatures
- Configuring & verifying IOS VPN features
- Configuring & verifying Layer 2 and Layer 3 security features
Advanced Troubleshooting
- Cisco IOS security software configuraiton fault finding and repairing
- Cisco routers and switches hardware fault finding and repairing
Pre-Production Design
- Choosing Cisco IPS technologies to implement HLD
- Choosing Cisco products to implement HLD
- Choosing Cisco IPS features to implement HLD
- Integrating Cisco network security solutions with other security technologies
- Creating and testing initial Cisco IPS configurations for new devices/services
Complex Support Operations
- Optimising Cisco IPS security infrastructure device performance
- Creating complex network security rules, to meet the security policy requirements
- Configuring and verifing the IPS features to identify threats and dynamically block them from entering the network
- Maintaining, updating and tuning IPS signatures
- Using CSM and MARS for IPS management, deployment, and advanced event correlation.
- Optimising security functions, rules, and configuration
Advanced Troubleshooting
- Cisco IPS security software configuraiton fault finding and repairing
- Cisco IPS sensor and module hardware fault finding and repairing
Kokeet
Valmistamme sinut seuraaviin kokeisiin ja testaamme tietosi niissä:
- Implementing IOS Network Security v2.0 - 640-554
- Implementing Cisco Edge Network Security Solutions - 300-206 SENSS
- Implementing Cisco Threat Control Solutions -300-207 SITCS
- Implementing Cisco Secure Access Solutions - 300-208 SISAS
- Implementing Cisco Secure Mobility Solutions - 300-209 SIMOS
Sisältö
Firebrand tarjoaa huippulaatuista koulutusta täydellisessä koulutuspaketissa, joka on erityisesti suunniteltu opiskelijoidemme tarpeita ja mukavuutta ajatellen. Huolehdimme kaikista yksityiskohdista, jotta voit keskittyä yksinomaan opinto- ja todistustavoitteisiisi.
Todistusohjelmiemme sisältö
- Käytännöllisesti suuntautunut opetus, jossa hyödynnetään (luento | laboratorio | arviointi) -metodeitamme
- Kattavat opinto- ja kurssimateriaalit – sovitamme perinteiset opinto-ohjelmat nopeutetun opiskelun vaatimuksiin.
- Täysin opettajan ohjaama ohjelma ja 24 tunnin pääsy luokkahuoneeseen ja opettajan puheille.
- Kokeet ja testit paikan päällä koulutuskeskuksessamme.
- Majoitus, ateriat, juomat ja välipalat.
- Todistustakuumme – koska olemme varmoja, että läpäiset ensimmäisellä kerralla, tarjoamme ehdottoman takuun, että saat todistuksesi. Sinulla on oikeus tulla takaisin niin usein kuin haluat vuoden aikana ja maksat vain majoituksesta ja kokeista – kaikki muu on ilmaista.
- Kuljetukset lähimmältä lentokentältä/asemalta ennen kurssia ja takaisin kurssin jälkeen.
Included:
- Implementing Cisco IOS Network Security (IINS) Authorized Self-study Guide CCNA Security Exam 640-553 (Ccna Security Learning) ISBN: 9781587058158
- Deploying Cisco ASA Firewall Features v2
- Securing Networks with Cisco Routers and Switches v1.0
- Implementing Cisco Intrusion Prevention Systems v7.0 Student Kit
Vaatimukset
Osallistujat, jotka suorittavat CCNP Security & CCNA Security-kurssimme menestyksellisesti täyttävät seuraavat vaatimukset:
- Exam 640-554 IINS is a prerequisite for the CCNP Security certification - this is included as part of the course. Valid CCNA in good standing is also recommended.
Nopeutettu kurssisi sisältää
Edut
Course Dates
Start
Finish
Status
Study Mode
Prices