Font size:


This is a bundled training package. It contains training for each of the bundled items below:

Course Price
Cisco IINS 2.0: Securing the Data Plane in IPv6 Environments $74.95
Cisco IINS 2.0: Threat Control, Mitigation, and Firewalls $74.95
Cisco IINS 2.0: Implementing Firewall Policies $74.95
Cisco IINS 2.0: Implementing IPS $74.95
Cisco IINS 2.0: VPN Technologies and Public Key Infrastructure $74.95
Cisco IINS 2.0: IPsec Fundamentals and VPNs $74.95

Bundle Price: $219.00
Total Savings: $230.70

Cisco IINS 2.0: Securing the Data Plane in IPv6 Environments

IP version 6 (IPv6) shares some of the same security concerns and considerations as IP version 4 (IPv4). However, some IPv6-specific vulnerabilities and threats will affect how you develop and implement a strategy to protect IPv6 infrastructures and services. This course explains the need for IPv6; describes the fundamental features of IPv6; and analyzes the IPv6 addressing scheme, components, design principles, and configuration. It then evaluates how common and specific threats affect IPv6. Finally, it recommends best practices to protecting IPv6 networks.

Learning Objectives
  • Identify the need for IPv6
  • Recognize the advantages of IPv6 over IPv4
  • Shorten a given IPv6 address
  • Recognize characteristics of different types of IPv6 addresses
  • Match ways of assigning IPv6 addresses to descriptions
  • Identify new vulnerabilities specific to IPv6
  • Identify specific recommended practices for IPv6 security

Cisco IINS 2.0: Threat Control, Mitigation, and Firewalls

Current trends in security threat vectors require a carefully planned threat control strategy. Trends that affect security include persistent application-layer threats that use social engineering to exploit the trust architecture of the enterprise, the pervasiveness of mobility and consumerization, and the insidious motivations behind the behavior of the attacker. All these trends result in the need for dynamic security intelligence gathering and distribution, early warning systems, and application layer inspection for mobile services where data and applications are hosted in the cloud. This course suggests design principles to plan a threat control and containment strategy using firewalls and intrusion prevention systems (IPSs) in Cisco IOS environments. Cisco provides basic traffic filtering capabilities with access control lists (ACLs). You can configure ACLs for all routed network protocols to filter packets as the packets pass through a router or security appliance. There are many reasons to configure ACLs. For example, you can use ACLs to restrict the contents of routing updates or to provide traffic flow control. One of the most important reasons to configure ACLs is to provide security for your network. This course outlines the types of ACLs that are available and offers guidelines on creating ACLs to provide network security in IP version 4 (IPv4) and IP version 6 (IPv6) environments. A firewall protects network devices from intentional hostile intrusion that could threaten information assurance (that is, availability, confidentiality, and integrity) or lead to a denial of service (DoS) attack. A firewall can protect a hardware device or a software program running on a secure host computer. This course ends with an introduction to the firewall technologies that Cisco uses in routers and security appliances.

Learning Objectives
  • Identify design guidelines for threat control and containment architecture
  • Identify Cisco IPS threat control solutions
  • Describe the security benefits of ACLs
  • Match command parameters for a numbered extended ACL with their descriptions
  • Identify the IP address and wildcard mask required to filter IP subnets in an example
  • Identify ACL configuration considerations
  • Match types of rules in Cisco Configuration Professional to their descriptions
  • Recognize steps in the procedure to configure an access rule for generating log entries
  • Recognize the steps required to create an ACL that can permit or deny traffic to the configured object groups
  • Not Applicable
  • Describe benefits of different types of firewalls
  • Match NAT modes to criteria for selecting them
  • Match types of firewall access rules to examples
  • Describe guidelines for creating firewall rules

Cisco IINS 2.0: Implementing Firewall Policies

Network security threats have the potential to significantly impede productivity, disrupt business and operations, and result in loss of information, which can lead to financial losses and noncompliance. Hackers continue to develop new techniques to gain access to information for their own financial gain, and these techniques are harder than ever to detect. Businesses need comprehensive solutions that are highly manageable and operational to proactively address these threats. One of these solutions is the zone-based policy firewall which changes the original implementation of Cisco IOS Classic Firewall stateful inspection from the older interface-based model to a more flexible, more easily understood zone-based configuration model. This course covers the features of Cisco IOS zone-based policy firewalls and how to use Cisco Configuration Professional to configure them. Another solution is the Cisco ASA Adaptive Security Appliance which implements a rich set of security technologies that can be effectively implemented as a perimeter firewall using several deployment modes. This course introduces Cisco ASA Security Appliance functionality, features, and underlying technologies. Finally, the course demonstrates how to configure the Cisco ASA 5505 Adaptive Security Appliance for basic connectivity using Cisco Adaptive Security Device Manager (ASDM).

Learning Objectives
  • Describe the function of Cisco IOS zone-based firewalls
  • Describe the nature and functions of zones and zone pairs
  • Identify zone-based policy firewall rules for application traffic
  • Recognize how to configure a zone-based firewall using Cisco Configuration Professional
  • Not Applicable
  • Describe how to configure NAT services for zone-based firewalls
  • Match varieties of NAT that are supported by Cisco ASA Security Appliance to their descriptions
  • Define Cisco ASA appliance CLI configuration modes
  • Describe Cisco ASDM features
  • Identify default interface access security rules on Cisco ASA appliances
  • Match the key constructs of the Cisco Modular Policy Framework to their definitions
  • Identify match criteria allowed by Cisco ASA Layers 3 and 4 class maps
  • Recognize the procedure for preparing a Cisco ASA device for ASDM
  • Sequence the procedure for using the ASDM Startup Wizard to configure an ASA device

Cisco IINS 2.0: Implementing IPS

Intrusion detection system (IDS) and intrusion prevention system (IPS) solutions form an important part of a robust network defense solution. Maintaining secure network services is an essential requirement of a profitable IP-based business. This course defines intrusion prevention architectures, and introduces the underlying technologies and recommended practices for their deployment. Configuring the Cisco IOS Intrusion Prevention System (IPS) is a core competency for a network security administrator. This course describes how to configure Cisco IOS IPS on routers using Cisco Configuration Professional. The course includes a description of the building blocks of Cisco IOS IPS, its deployment options, and guidelines for signature tuning.

Learning Objectives
  • Compare and contrast IDS and IPS
  • Recognize the advantages of deploying the IPS and IDS platforms
  • Match intrusion detection techniques to advantages
  • Recognize how IPS responds to attack
  • Match evasion methods to IPS antievasion features
  • Identify considerations for implementing alarms in IPS signatures
  • Recognize the need for IPS alarm monitoring and options for event managers
  • Identify the recommended practices in deploying IPS
  • Recognize Cisco IOS IPS signature features
  • Identify support for SDEE and Syslog in the Cisco IOS IPS solution
  • Recognize how to work with signature files
  • Recognize the steps for downloading Cisco IOS IPS signature package to a local PC
  • Identify the tasks to verify the configuration of Cisco IOS IPS signature package
  • Not Applicable

Cisco IINS 2.0: VPN Technologies and Public Key Infrastructure

An IP Security (IPsec) VPN uses the Internet to connect branch offices, remote employees, and business partners to the resources of your company. It is a reliable way to maintain your company privacy while streamlining operations, reducing costs, and allowing flexible network administration. VPNs are an integral part of any security architecture. Providing confidentiality, integrity, and endpoint authentication, VPNs are ubiquitous and provide data loss prevention mechanisms for data that is in transit at multiple levels. From Secure Sockets Layer (SSL) VPNs to IP Security (IPsec) VPNs, site-to-site VPNs, or remote-access options, this security control is now embedded in networks and applications and should be available in a transparent and manageable fashion. This course introduces the cryptographic elements of VPNs, including symmetric and asymmetric algorithms, and describes the components, deployment options, and operational framework of VPN technologies. A public key infrastructure (PKI) is an increasingly critical component to ensure confidentiality, integrity, and authentication in an enterprise. PKI is based on the fundamentals of asymmetric encryption. PKI uses the power of private and public keys, digital signatures, and trust models that are derived from asymmetric encryption. PKI provides services that range from identity management to software code signing, and from encrypted file systems and email to VPNs and others. This course discusses the principles behind asymmetric encryption that result in PKI solutions and explains the operational framework of such solutions.

Learning Objectives
  • Describe the benefits of VPNs
  • Identify the OSI layers where MPLS VPNs operate
  • Match the type of VPN to the appropriate descriptions
  • Describe the role of cryptology in VPN implementations
  • Identify the use of ciphers in VPN deployments
  • Identify the use of encryption algorithms in VPN deployments
  • Identify the use of cryptanalysis in VPN deployments
  • Identify symmetric encryption algorithms and their use in VPN operations
  • Identify asymmetric encryption algorithms and their use in VPN operations
  • Describe the functions of cryptographic hashes
  • Identify the components of key management
  • Describes the role of cryptography plays in commercial implementations such as IPsec and SSL/TLS
  • Describe how PKI uses asymmetric cryptography to accomplish confidentiality
  • Describe how PKI uses asymmetric cryptography to accomplish authentication
  • Describe the features and functions of the RSA algorithm
  • Describe the principles behind a PKI
  • Describe PKI standards
  • Identify the role of CAs in a PKI

Cisco IINS 2.0: IPsec Fundamentals and VPNs

The IP Security (IPsec) VPN is an essential tool for providing a secure network for business communication, and this course addresses the different protocols and algorithms that IPsec uses and the different security services that IPsec provides. The course also introduces different VPN technologies and examines the various Cisco products that are available and the best practices that you should use with them. Site-to-site VPNs are the option of choice for organizations of all kinds in implementing a corporate network across public and private networks. Internet-based VPN environments and Multiprotocol Label Switching (MPLS) VPN environments benefit from the flexibility of deployment and standards-based implementation of cryptographic mechanisms. The choice of device terminating VPNs becomes an important factor in implementing site-to site VPNs. Organizations benefit from leveraging their existing network elements and using an integrated approach to VPN deployments. This course highlights the use of Cisco IOS routers as site-to-site VPN termination points in IP Security (IPsec) environments. Mobility and IT consumerization market trends influence the need for comprehensive remote access security policies. Secure Sockets Layer (SSL) VPNs are commonly used as a remote access service. As such, SSL VPNs must integrate strong cryptography and standards-based components with deployment and operational efficiencies and endpoint security. To complete this course the SSL protocol framework and the benefits of the Cisco SSL VPN solution are described. The configuration of clientless and full tunnel SSL VPNs using Cisco Adaptive Security Device Manager (ASDM) and the Cisco AnyConnect Client is also demonstrated.

Learning Objectives
  • Identify the essential security functions of IPsec
  • Distinguish between AH and ESP protocols
  • Distinguish between IKEv1 and IKEv2
  • Identify actions to take when preparing for a site-to-site IPsec VPN deployment
  • Describe actions that can be completed using CCP's Step-by-step Wizard for configuring a site-to-site IPsec VPN
  • Recognize how CLI commands are used to verify the IPsec configuration
  • Recognize what is indicated by specific IPsec states
  • Not Applicable
  • Describe the main challenges facing IT organizations to provide remote and mobile access to corporate resources
  • Recognize the steps involved in establishing an SSL session
  • Identify features of full network access SSL VPNs
  • Identify the tasks required to configure a Clientless SSL VPN using Cisco ASDM
  • Identify tasks involved in launching the Cisco AnyConnect VPN Wizard
Register Now
IINS 2.0: Implementing Cisco IOS Network Security Part 2 e-learning bundle
  • Course ID:
  • Duration:
    11 hours
  • Price: