CCNA Security Implementing Cisco IOS Network Security (IINS) 2.0
CLASS DATE(s):

The course specified is not currently on the VTEC Schedule.

Contact us to request a class: 1-866-644-8832.


COURSE LENGTH: 5 Days

COURSE COST: $3,295*

COURSE TIMES: 9:00am - 4:30pm

Printable version of this course
print

COURSE OVERVIEW

Implementing Cisco IOS Network Security (IINS) v2.0 is a 5-day instructor-led course that is presented by Cisco Training Partners to end users and channel partner customers. The content focuses on the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies as examples. The course covers security controls of Cisco IOS devices as well as a functional introduction to the Cisco Adaptive Security Appliance (ASA). Using instructor-led discussion, lecture, and hands-on lab exercises, this course allows learners to perform basic tasks to secure a small branch office network using Cisco IOS security features available through web-based GUIs (Cisco Configuration Professional) and the CLI on Cisco routers, switches, and ASAs.

This course prepares the learner for the CCNA Security Certification (Exam 640-554 IINS).

AUDIENCE AND PREREQUISITES

Upon completing this course, the learner will be able to meet these overall objectives:

  • Describe the components of a comprehensive network security policy that can be used to counter threats against IT systems, within the context of a security policy lifecycle.
  • Develop and implement security countermeasures that are aimed at protecting network elements as part of the network infrastructure.
  • Deploy and maintain threat control and containment technologies for perimeter security in small and midsize networks.
  • Describe secure connectivity strategies and technologies using VPNs, and configure site-to-site and remote access VPNs using Cisco IOS features.


Who Should Attend Channel Partner / Reseller Customer Employee The knowledge and skills that a learner must have before attending this course are as follows:

COURSE TOPICS:


I. Networking Security Fundamentals
Network Security Concepts and Policies
Building Blocks of Information Security
Adversaries, Methodologies, and Classes of Attack
Evaluating and Managing the Risk
Security Policies
Secure Network Lifecycle Management
IT Governance, Risk Management, and Compliance
Secure Network Life Cycle
Network Security Testing
Incident Management
Disaster Recovery and Business Continuity Planning

2: Security Strategy and Cisco Borderless Network
Borderless Networks
Cisco Borderless Network Security Architecture
Borderless Security Products
SecureX, a Context-Aware Security Approach
Cloud Security, Content Security, and Data Loss Prevention
Secure Connectivity Through VPNs
Security Management

3: Network Foundation Protection and Cisco Configuration Professional
Threats Against the Network Infrastructure
Cisco NFP Framework
Cisco Configuration Professional
Cisco Configuration Professional Building Blocks

4. Securing the Management Plane on Cisco IOS Devices and AAA
Configuring Secure Administration Access
Implementing Secure Management and Reporting
Configuring AAA on a Cisco Router
TACACS+ and RADIUS Protocols
AAA on a Cisco Router Using an External Database
Deploying and Configuring Cisco Secure ACS

5. Securing the Data Plane on Cisco Catalyst Switches
Overview of VLANs and Trunking
Spanning Tree Overview
Mitigating Layer 2 Attacks

6. Securing the Data Plane in IPv6 Environments
The Need for IPv6
IPv6 Features and Enhancements
IPv6 Addressing
IPv6 and Cisco Routers
Revisiting Threats: Considerations for IPv6

7. Planning a Threat Control Strategy
Threats Revisited
Integrated Threat Control Strategy
Cisco Threat Control and Containment Solutions Fundamentals

8. Access Control Lists for Threat Mitigation
ACL Fundamentals
ACL Wildcard Masking and VLSM Review
Configuring ACLs for Threat Control Using Cisco Configuration Professional

9. Firewall Fundamentals and Network Address Translation
Introducing Firewall Technologies
NAT Fundamentals
Firewall Designs

10. Cisco Firewalling Solutions: Cisco IOS Zone-Based Firewall and Cisco ASA
Cisco Firewall Solutions
Cisco IOS Zone-Based Policy Firewall
Introduction to Cisco Common Classification Policy Language
Cisco ASA Firewall

11. Intrusion Prevention Systems
IPS Fundamentals
Cisco IOS IPS
Signatures
Signature Tuning
Configuring Cisco IOS IPS Using Cisco Configuration Professional
Configuring Cisco IOS IPS Using the CLI

12. Fundamentals of Cryptography and VPN Technologies
VPN Overview
Examining Cryptographic Services
Symmetric and Asymmetric Encryption Overview
Cryptographic Hashes and Digital Signatures
Diffie-Hellman
Asymmetric Encryption: Digital Signatures
Public Key Infrastructure

13. IPsec Fundamentals
IPsec Framework
IPsec Protocol
IKE Protocol
IPv6 VPNs

14. Site-to-Site IPsec VPNs with Cisco IOS Routers
Site-to-Site IPsec: Planning and Preparation
Configuring a Site-to-Site IPsec VPN Using CCP
Verifying the IPsec Configuration Using CCP and CLI
Monitoring Established IPsec VPN Connections

15. SSL VPNs with Cisco ASA
SSL VPNs in Borderless Networks
SSL and TLS Protocol Framework
Cisco SSL VPN Deployment Options and Considerations
SSL VPN on Cisco ASA in Clientless Mode
SSL VPN on ASA Using the Cisco AnyConnect VPN Client