This is an intensive class and is aimed at students who already have some networking and security experience but who are looking to gain the knowledge and skills required to attain the Cisco CCNA in Security accreditationor understand the Cisco security on the network.
Cisco CCNA Security Boot Camp (Accelerated)
In this course, you will learn how to install, operate, configure, and verify a basic IPv4 and IPv6 network, including configuring a LAN switch, configuring an IP router, managing network devices. You will also learn about the design, implementation, and monitoring of a comprehensive security policy using Cisco IOS security features and technologies as examples. You will also learn about security controls of Cisco IOS devices as well as a functional introduction to the Cisco Adaptive Security Appliance (ASA).
This course enables you to perform basic tasks to secure a network using Cisco IOS security features, which are available through web-based GUIs on the Cisco ASA, and the command-line interface (CLI) on Cisco routers and switches.
Site-to-site virtual private network (VPN) configuration is covered on both the Cisco IOS and the Cisco ASA. Modern malware examples are included in this course as are cryptographic techniques using stronger hashing and encryption algorithms. Current versions of Cisco IOS, Cisco ASA, and Cisco AnyConnect are featured.
This is an intensive accelerated class that runs over extended hours and is aimed at those students who already have some networking and security experience.
Profil uczestnika
Agenda
Korzyści
- Understand Network fundamentals and common network security concepts.
- Build simple LANs
- Establish Internet connectivity
- Manage and secure network devices
- Expand small- to medium-sized networks
- Understands IPv6 basics
- Secure routing and switching infrastructure
- Deploy basic authentication, authorization, and accounting services
- Deploy basic firewalling services
- Deploy basic site-to-site and remote access VPN services
- Advanced security services such as intrusion protection, content security and identity management
- Develop a comprehensive network security policy to counter threats against information security
- Configure routers with Cisco IOS software security features, including management and reporting functions
- Bootstrap the Cisco ASA Firewall for use in a production network
- Configure the Cisco ASA Firewall for remote access to a Secure Sockets Layer (SSL) VPN
- Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security operations on a network
- Configure site-to-site VPNs using Cisco IOS features
- Configure security features on IOS switches to mitigate various Layer 2 and Layer 3 attacks
- How a network can be compromised using freely available tools
- Implement line passwords, and enable passwords and secrets
- Examine authentication, authorization, and accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
- Configure packet filtering on the perimeter router
Wymagane przygotowanie uczestników
Attendees should meet the following prerequsites:
- Basic computer literacy
- Basic Internet usage skills
- Basic address knowledge
- Working knowledge of the Windows operating system
Zagadnienia
Building a Simple Network
- Functions of Networking
- Host-to-Host Communications Model
- Introducing LANs
- Operating Cisco IOS Software
- Starting a Switch
- Ethernet and Switch Operation
- Troubleshooting Common Switch Media Issues
Establishing Internet Connectivity
- TCP/IP Internet Layer
- IP Addressing and Subnets
- TCP/IP Transport Layer
- Functions of Routing
- Configuring a Cisco Router
- Packet Delivery Process
- Enabling Static Routing
- Basics of ACL
Building a Medium-Sized Network
- Implementing VLANs and Trunks
- Routing Between VLANs
- Using a Cisco IOS Network Device as a DHCP Server
- Implementing RIPv2
Network Device Management and Security
- Securing Administrative Access
- Implementing Device Hardening
- Configuring System Message Logging
- Managing Cisco Devices
- Licensing
Introducing IPv6
- Introducing Basic IPv6
- IPv6 Operation
- Configuring IPv6 Static Routes
Security Concepts
- Threatscape
- Threat defense technologies
- Security policy and basic security architectures
- Cryptographic technologies
Secure Network Devices
- Implementing AAA
- Management protocols and systems
- Securing the control plane
Layer 2 Security
- Securing Layer 2 infrastructures
- Securing Layer 2 protocols
Firewall
- Firewall technologies
- Introducing the Cisco ASA v9.2
- Cisco ASA access control and service policies
- Cisco IOS zone based firewall
VPN
- IPsec technologies
- Site-to-site VPN
- Client-based remote access VPN
- Clientless remote access VPN
Advanced Topics
- Intrusion detection and protection
- Endpoint protection
- Content security
- Advanced network security architectures
Labs:
ICND1
- Lab 1: Get Started with Cisco CLI
- Lab 2: Perform Basic Switch Configuration
- Lab 3: Observe How a Switch Operates
- Lab 4: Troubleshoot Switch Media and Port Issues
- Lab 5: Inspect TCP/IP Applications
- Lab 6: Start with Cisco Router Configuration
- Lab 7: Configure Cisco Discovery Protocol
- Lab 8: Configure Default Gateway
- Lab 9: Exploration of Packet Forwarding
- Lab 10: Configure and Verify Static Routes
- Lab 11: Configure and Verify ACLs
- Lab 12: Configure a Provider-Assigned IP Address
- Lab 13: Configure Static NAT
- Lab 14: Configure Dynamic NAT and PAT
- Lab 15: Troubleshoot NAT
- Lab 16: Configure VLAN and Trunk
- Lab 17: Configure a Router on a Stick
- Lab 18: Configure a Cisco Router as a DHCP Server
- Lab 19: Troubleshoot DHCP Issues
- Lab 20: Configure and Verify RIPv2
- Lab 21: Troubleshoot RIPv2
- Lab 6: Summary Challenge Lab: 1
- Lab 7: Summary Challenge Lab: 2
- Lab 17: Implement IPv6 Static Routing
IINS
- Lab 1: Exploring Cryptographic Technologies
- Lab 2: Configure and Verify AAA
- Lab 3: Configuration Management Protocols
- Lab 4: Securing Routing Protocols
- Lab 5: VLAN Security and ACLs on Switches
- Lab 6: Port Security and Private VLAN Edge
- Lab 7: Securing DHCP, ARP, and STP
- Lab 8: Explore Firewall Technologies
- Lab 9: Cisco ASA Interfaces and NAT
- Lab 10: Access Control Using the Cisco ASA
- Lab 11: Exploring Cisco IOS Zone-Based Firewall
- Lab 12: Explore IPsec Technologies
- Lab 13: IOS-Based Site-to-Site VPN
- Lab 14: ASA-Based Site-to-Site VPN
- Lab 15: Remote Access VPN: ASA and AnyConnect
- Lab 16: Clientless Remote Access VPN