Corso IINS Implementing Cisco Network Security

Descrizione

Cisco E-Learning IINS is an all-inclusive e-learning solution designed to prepare CCNA Security candidates for the exam topics covered by the 210-260 IINS exam. This course allows learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular security appliances within a “real-life” network infrastructure. It focuses on security principles and technologies, using Cisco security products to provide hands-on examples.

This Cisco self-paced course is designed to be as effective as classroom training. Course content is presented in easily-consumable segments via both Instructor Video and text. Interactivity is enabled through Discovery labs, content review questions, and graded Challenge labs and tests. This makes the learning experience hands-on, increasing course effectiveness, and provides students direct feedback on how well they have mastered the material. And gamification features are built in, including earning badges and a leaderboard, to encourage better performance.

Obiettivi Corso:

Modern Network Security Threats
Securing Networks
Network Threats
Mitigating Threats
Securing Network Devices
Securing Device Access
Securing the Edge Router
Configuring Secure Administrative Access
Configuring Enhanced Security fort Virtual Logins
Configuring SSH
Assigning Administrative Roles
Configuring Privilege Levels
Configuring Role-Based CLI
Monitoring and Managing Devices
Securing Cisco IOS Image and Configuration Files
Secure Management and Reporting
Using Syslog for Network Security
Using SNMP for Network Security
Using NTP
Using Automated Security Features
Performing a Security Audit
Locking Down a Router Using AutoSecure
Securing the Control Plane
Routing Protocol Authentication
Control Plane Policing
Authentication, Authorization, and Accounting Purpose of AAA
Purpose of the AAA
Local AAA Authentication
Server-Based AAA Authentication
Server-Based AAA Authorization
Server-Based AAA Accounting
Implementing Firewall Technologies
Access Control Lists
Mitigating Attacks with ACLs
Firewall Technologies
Securing Networks with Firewalls
Firewalls in Network Design
Classic Firewall
Zone-Based Policy Firewalls
Implementing Intrusion Prevention
IPS Technologies
IDS and IPS Characteristics
Network-Based IPS Implementations
Cisco Switched Port Analyzer
IPS Signatures Characteristics
IPS Signatures Alarms
IPS Signatures Actions
Manage and Monitor IPS
IPS Global Correlation
Implement IPS
Securing the Local Area Network
Endpoint Security
Antimalware Protection
Email and Web Security
Controlling Network Access
Layer 2 Security Threats
Mitigating CAM Table Attacks
Mitigating VLAN Attacks
Mitigating DHCP Attacks
Mitigating ARP Attacks
Mitigating Address Spoofing Attacks
Mitigating STP Attacks
Cryptographic Systems
Cryptographic Services
Securing Communications
Cryptography, Cryptanalysis, Cryptology
Basic Integrity and Authenticity
Cryptographic Hashes
Integrity with MD5, SHA-1, and SHA-2
Authenticity with HMAC
Key Management
Confidentiality
Encryption
Data Encryption Standard (DES)
Alternate Encryption Algorithms (AES)
Diffie-Hellman Key Exchange
Public Key Cryptography
Symmetric Versus Asymmetric Encryption
Digital Signatures
Public Key Infrastructure (PKI)
Implementing Virtual Private Networks
VPN Topologies
IPsec VPN Components and Operation
IPsec Protocols
Internet Key Exchange (IKE)
Implementing Site-to-Site IPsec VPNs with CLI
ISAKMP Policy
IPsec Policy
Crypto Map
Implementing the Cisco Adaptive Security Appliance (ASA)
ASA Solutions
Basic ASA Configuration
ASA Firewall Configuration
Configuring Management Settings and Services
Object Groups on an ASA
ACLs on an ASA
NAT Services on an ASA
AAA on an ASA
Service Policies on an ASA
Advanced Cisco Adaptive Security Appliance
ASA Security Device Manager
ASDM Wizard Menu
Configuring Advanced ASDM Features
ASA VPN Configuration
Site-to-Site VPNs on an ASA
Remote-Access VPNs on an ASA
Configuring Clientless SSL VPN
Configuring AnyConnect SSL VPN
Managing a Secure Network
Network Security Testing Techniques
Network Security Testing Tools
Developing a Comprehensive Security Policy
Structure of a Security Policy
Standards, Guidelines, and Procedures
Roles and Responsibilities
Security Awareness Training
Responding to a Security Breach

Target:

• Network Security Specialist
• Security Technician
• Security Administrator
• Network Security Support Engineer
• Principle System Engineers
• Cisco Channel Partners

Prerequisiti:

It is strongly recommended, but not required, that students have the following knowledge and skills:

• Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1)
• Working knowledge of the Windows operating system
• Working knowledge of Cisco IOS networking and concepts