For students with Cisco Certified Entry Networking Technician (CCENT) training and/or equivalent experience interested in the technologies Cisco uses in its security infrastructure. Covers securing Cisco routers and switches including their installation, troubleshooting, and monitoring of network devices to maintain integrity, confidentiality, and availability of data and devices. Also includes recognizing network threats and vulnerabilities, and mitigating security threats. Laboratory activities. NOTE: Course topics help students prepare for the CCNA Security certification exam, but the exam is not included in this course. Industry certification exams are administered by an independent testing agency.
Goals, Topics, and Objectives
- Modern Network Security Threats
- How to Secure Network Devices
- Authentication, Authorization, and Accounting (AAA)
- How to Implement Firewall Technologies
- How to Implement Intrusion Prevention
- How to Secure the Local Area Network (LAN)
- Cryptographic Systems
- How to Implement Virtual Private Networks (VPNs)
- How to Manage a Secure Network
- Describe the security threats facing modern network infrastructures.
- Describe network security policies.
- Describe how to mitigate network attacks.
- Secure the physical installation of and the administrative access to Cisco routers.
- Secure Cisco router IOS® software and configuration files.
- Explain the function and operation of the authentication, authorization, and accounting (AAA) protocol.
- Configure AAA.
- Describe various types of access control lists (ACLs).
- Design and configure ACLs to mitigate threats to Cisco routers.
- Describe the major types of firewalls.
- Configure and verify a firewall using the Cisco router IOS® software.
- Describe the intrusion detection system (IDS) and intrusion prevention system (IPS) technology embedded in Cisco host- and network-based IDS and IPS solutions.
- Configure and verify Cisco router IOS® software IPS.
- Describe various LAN attacks, mitigation techniques, and endpoint security mechanisms.
- Plan and implement mechanisms to protect against various Layer 2 attacks.
- Explain the fundamentals of cryptography, and how it is used to ensure authentication, data integrity, and data confidentiality.
- Describe and configure various types of virtual private networks (VPNs).
- Implement security features on a Cisco router using device management software.
- Create a basic security policy.
Assessment and Requirements
Students will be assessed based on lab work, standardized multiple choice online chapter assessments, a midterm, a final exam partly developed by Cisco Systems, and a skills-based practical assessment.