The content focuses on the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies as examples. The course covers security controls of Cisco IOS devices as well as a functional introduction to the Cisco Adaptive Security Appliance (ASA). Using instructor-led discussion, lecture, and hands-on lab exercises, this course allows learners to perform basic tasks to secure a small branch office network using Cisco IOS security features available through web-based GUIs (Cisco Configuration Professional) and the CLI on Cisco routers, switches, and ASAs.
Duration – 5 Days hands-on training
Vendor – Cisco
Audience – Network Security Engineers
Level – Associate
Technology – Cisco
Category – Security Borderless Networking / CCNA Security
Delivery Method – Instructor-led (Classroom)
1. Course Introduction
- Learner Skills and Knowledge
- Course Goal and Objectives
- Course Flow
2. Network Security Fundamentals
- Introducing Networking Security Concepts
- Understanding Security Policies Using a Life-Cycle Approach
- Building a Security Strategy for Borderless Networks
3. Protecting the Network Infrastructure
- Introducing Cisco Network Foundation Protection
- Protecting the Network Infrastructure Using Cisco Configuration Professional
- Securing the Management Plane on Cisco IOS Devices
- Configuring AAA on Cisco IOS Devices Using Cisco Secure ACS
- Securing the Data Plane on Cisco Catalyst Switches
- Securing the Data Plane in IPv6 Environments
4. Threat Control and Containment
- Planning a Threat Control Strategy
- Implementing Access Control Lists for Threat Mitigation
- Understanding Firewall Fundamentals
- Implementing Cisco IOS Zone-Based Policy Firewalls
- Configuring Basic Firewall Policies on Cisco ASA Appliances
- Understanding IPS Fundamentals
- Implementing Cisco IOS IPS
5. Secure Connectivity
- Understanding the Fundamentals of VPN Technologies
- Introducing Public Key Infrastructure
- Examining IPsec Fundamentals
- Implementing Site-to-Site VPNs on Cisco IOS Routers
- Implementing SSL VPNs Using Cisco ASA Appliances
The knowledge and skills that a learner must have before attending this course is as follows:
- Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices Part 1 (ICND1) course
- Working knowledge of the Windows operating system.
- Working knowledge of Cisco IOS networking and concepts.
Upon completing this course, the learner will be able to meet these overall objectives:
- Describe the components of a comprehensive network security policy that can be used to counter threats against IT systems, within the context of a security policy lifecycle.
- Develop and implement security countermeasures that are aimed at protecting network elements as part of the network infrastructure.
- Deploy and maintain threat control and containment technologies for perimeter security in small and midsize networks.
- Describe secure connectivity strategies and technologies using VPNs, and configure site-to-site and remote access VPNs using Cisco IOS features.
This course is intended primarily for:
- Network designers , Network administrators Network engineers