Font size:

Description:

This is a bundled training package. It contains training for each of the bundled items below:

Course Price
Cisco IINS 2.0: Introducing Networking Security Fundamentals $74.95
Cisco IINS 2.0: Security Policies and Strategies $74.95
Cisco IINS 2.0: Cisco Network Foundation Protection $74.95
Cisco IINS 2.0: Securing the Management Plane and AAA Configuration $74.95
Cisco IINS 2.0: Securing the Data Plane on Cisco Switches $74.95
Cisco IINS 2.0: Securing the Data Plane in IPv6 Environments $74.95
Cisco IINS 2.0: Threat Control, Mitigation, and Firewalls $74.95
Cisco IINS 2.0: Implementing Firewall Policies $74.95
Cisco IINS 2.0: Implementing IPS $74.95
Cisco IINS 2.0: VPN Technologies and Public Key Infrastructure $74.95
Cisco IINS 2.0: IPsec Fundamentals and VPNs $74.95

Bundle Price: $379.00
Total Savings: $445.45


Cisco IINS 2.0: Introducing Networking Security Fundamentals

The open nature of the Internet makes it increasingly important for growing businesses to pay attention to the security of their networks. As companies move more of their business functions to the public network, they need to take precautions to ensure that their data is not compromised or does not end up in front of the wrong people. It has become increasingly difficult to establish and maintain a secure network computing environment, and the challenge is made more difficult because of increased availability requirements and growing regulatory requirements. Risk management is a building block of effective security architectures, which protects organizational assets against constantly evolving threats. This course provides an explanation of the breadth of the challenge to establish and maintain a secure network environment. It includes a description of the fundamental concepts in Network Security, identifies common vulnerabilities and threats in borderless networks, and describes basic principles for securing networks against common threats.
  • identify the most important criterion when classifying data
  • categorize examples of security controls
  • identify the most recent threat vector trends in information security
  • match types of attackers to descriptions
  • sequence the typical steps for compromising targets and applications
  • categorize threats to borderless networks
  • recognize defense-in-depth principles

Cisco IINS 2.0: Security Policies and Strategies

It is important to know that the security policy that is developed in your organization influences all of the steps that are taken to secure network resources. The development of a comprehensive security policy is covered in this course. In order to create an effective security policy, it is also necessary to perform a risk analysis in order to maximize the effectiveness of the policy. Also, it is essential to frame security policies within the context of a life-cycle approach. This course describes the different phases of the process, their dependencies, and the importance of a sound security policy. In the past, threats from internal and external sources moved slowly, and it was easy to defend against them. Now Internet worms can spread across the world in a matter of minutes. Market trends such as mobility, consumerization, or the use of personal consumer electronic devices in the workplace, as well as the overall changes in the workplace experience, augment these threats and influence the need for a different approach to security. Modern security architectures must provide the required level of protection while maintaining the functionality of the applications and allowing access at any time, from any place, using any device. This course outlines the architecture, components, and underlying technologies, as well as identifying Cisco products and solutions within the architecture.
  • match compliance regulations with descriptions
  • identify elements of an effective computer security awareness and training program
  • match actions in the secure network life cycle process with the phases where they occur
  • match assessment activities with descriptions
  • match actions during the incident response process with the phases of the process where they occur
  • match the key components of a business continuity plan to their descriptions
  • identify characteristics of the Cisco Borderless Networks Architecture
  • describe the Cisco SecureX architecture
  • match Cisco security products with descriptions

Cisco IINS 2.0: Cisco Network Foundation Protection

An important element in the overall security posture of an organization is the security of the network infrastructure. The network infrastructure refers to the routers, switches, and other such equipment that keep a network running. The infrastructure is often the target of denial of service (DoS) and other attacks that can directly or indirectly disrupt the network operation. In order to ensure the availability of the network, it is critical to implement the security tools and best practices that help protect each network element, and the infrastructure as a whole. This course explains how Cisco Network Foundation Protection (NFP) provides an umbrella strategy for infrastructure protection using Cisco IOS security features. Cisco Configuration Professional is an intuitive GUI tool that enables you to easily and reliably deploy and manage the services on Cisco IOS routers. Cisco Configuration Professional simplifies router and security configuration through smart wizards, which help users quickly and easily deploy, configure, and monitor Cisco routers without requiring knowledge of the Cisco IOS Software CLI. This course introduces you to the design of Cisco Configuration Professional and to the features that you can configure from it.
  • identify common threats against the network infrastructure
  • match types of network traffic with descriptions
  • match control plane security controls with descriptions
  • identify the most important measures for securing interactive and management access to an infrastructure device
  • identify ways in which ACLs protect the data plane
  • sequence the steps to perform initial configuration for devices
  • identify the security functions that can be managed using Cisco Configuration Professional
  • define the unique components of Cisco Configuration Professional used for security policy deployment
  • sequence steps to apply a template to multiple devices in Cisco Configuration Professional
  • identify the functions of the Security Audit
  • Not Applicable

Cisco IINS 2.0: Securing the Management Plane and AAA Configuration

Authentication, authorization, and accounting (AAA) solutions are widely supported in Cisco IOS Software as an additional security service available for securing access to network devices and networks. One of the options you have when configuring your network to work with AAA is to use a local username and password database to provide security greater than a simple password. It is likely that smaller organizations will configure AAA to operate locally. This course presents an introduction to implementing AAA. It describes how to securely implement the management and reporting features of Cisco IOS devices, including the following technologies: syslog, Network Time Protocol (NTP), Secure Shell (SSH), Simple Network Management Protocol version 3 (SNMPv3), and AAA. Additionally, some design aspects of a management infrastructure are examined. Cisco Secure Access Control Server (ACS) for Windows provides a centralized identity networking solution and simplified user management experience across all Cisco devices and security management applications. This course finishes up by discussing what Cisco Secure ACS is and what you can use it for, the requirements for installing Cisco Secure ACS for Windows, the Cisco Secure ACS installation procedure, and its configuration for router AAA services.
  • identify principles for in-band management of the management architecture
  • sequence the commands to configure views limit the privileges of users at the CLI by configuring views
  • recognize true statements about the use of method lists in CCP
  • identify commands for configuring AAA for local authentication using CCP
  • match syslog severity levels with examples
  • match SNMP security levels with the security mechanism used at this level
  • Not Applicable
  • describe Cisco Secure ACS features used in a management protection strategy
  • compare the TACACS+ and RADIUS AAA protocols
  • match AAA accounting parameters with their definitions
  • sequence steps to configure Cisco Secure ACS for device administration
  • identify the CLI commands used to verify the correct configuration of the router

Cisco IINS 2.0: Securing the Data Plane on Cisco Switches

Like routers, both Layer 2 and Layer 3 switches have their own set of network security requirements. Access to switches is a convenient entry point for attackers who are intent on illegally gaining access to a corporate network. With access to a switch, an attacker can set up rogue access points and protocol analyzers, and launch all types of attacks from within the network. Attackers can even spoof the MAC and IP addresses of critical servers and do significant damage. This course introduces basic switching concepts, explains security threats that exploit vulnerabilities in the switching infrastructure, and examines strategies to mitigate those threats.
  • describe what VLANs are and how they work
  • describe how to configure trunks
  • identify guidelines to follow when creating VLANs
  • describe how STP provides a loop-free network topology
  • match the security threats that exploit vulnerabilities in the switching infrastructure to their description
  • sequence the steps involved in a double-tagging VLAN hopping attack
  • identify strategies for protecting the switch data plane
  • identify spanning-tree features on Cisco IOS routers that prevent STP operations from having an impact on the security posture
  • sequence steps to configure port security on an access port using CLI
  • match switch port port-security parameters to their descriptions

Cisco IINS 2.0: Securing the Data Plane in IPv6 Environments

IP version 6 (IPv6) shares some of the same security concerns and considerations as IP version 4 (IPv4). However, some IPv6-specific vulnerabilities and threats will affect how you develop and implement a strategy to protect IPv6 infrastructures and services. This course explains the need for IPv6; describes the fundamental features of IPv6; and analyzes the IPv6 addressing scheme, components, design principles, and configuration. It then evaluates how common and specific threats affect IPv6. Finally, it recommends best practices to protecting IPv6 networks.
  • identify the need for IPv6
  • recognize the advantages of IPv6 over IPv4
  • shorten a given IPv6 address
  • recognize characteristics of different types of IPv6 addresses
  • match ways of assigning IPv6 addresses to descriptions
  • identify new vulnerabilities specific to IPv6
  • identify specific recommended practices for IPv6 security

Cisco IINS 2.0: Threat Control, Mitigation, and Firewalls

Current trends in security threat vectors require a carefully planned threat control strategy. Trends that affect security include persistent application-layer threats that use social engineering to exploit the trust architecture of the enterprise, the pervasiveness of mobility and consumerization, and the insidious motivations behind the behavior of the attacker. All these trends result in the need for dynamic security intelligence gathering and distribution, early warning systems, and application layer inspection for mobile services where data and applications are hosted in the cloud. This course suggests design principles to plan a threat control and containment strategy using firewalls and intrusion prevention systems (IPSs) in Cisco IOS environments. Cisco provides basic traffic filtering capabilities with access control lists (ACLs). You can configure ACLs for all routed network protocols to filter packets as the packets pass through a router or security appliance. There are many reasons to configure ACLs. For example, you can use ACLs to restrict the contents of routing updates or to provide traffic flow control. One of the most important reasons to configure ACLs is to provide security for your network. This course outlines the types of ACLs that are available and offers guidelines on creating ACLs to provide network security in IP version 4 (IPv4) and IP version 6 (IPv6) environments. A firewall protects network devices from intentional hostile intrusion that could threaten information assurance (that is, availability, confidentiality, and integrity) or lead to a denial of service (DoS) attack. A firewall can protect a hardware device or a software program running on a secure host computer. This course ends with an introduction to the firewall technologies that Cisco uses in routers and security appliances.
  • identify design guidelines for threat control and containment architecture
  • identify Cisco IPS threat control solutions
  • describe the security benefits of ACLs
  • match command parameters for a numbered extended ACL with their descriptions
  • identify the IP address and wildcard mask required to filter IP subnets in an example
  • identify ACL configuration considerations
  • match types of rules in Cisco Configuration Professional to their descriptions
  • recognize steps in the procedure to configure an access rule for generating log entries
  • recognize the steps required to create an ACL that can permit or deny traffic to the configured object groups
  • Not Applicable
  • describe benefits of different types of firewalls
  • match NAT modes to criteria for selecting them
  • match types of firewall access rules to examples
  • describe guidelines for creating firewall rules

Cisco IINS 2.0: Implementing Firewall Policies

Network security threats have the potential to significantly impede productivity, disrupt business and operations, and result in loss of information, which can lead to financial losses and noncompliance. Hackers continue to develop new techniques to gain access to information for their own financial gain, and these techniques are harder than ever to detect. Businesses need comprehensive solutions that are highly manageable and operational to proactively address these threats. One of these solutions is the zone-based policy firewall which changes the original implementation of Cisco IOS Classic Firewall stateful inspection from the older interface-based model to a more flexible, more easily understood zone-based configuration model. This course covers the features of Cisco IOS zone-based policy firewalls and how to use Cisco Configuration Professional to configure them. Another solution is the Cisco ASA Adaptive Security Appliance which implements a rich set of security technologies that can be effectively implemented as a perimeter firewall using several deployment modes. This course introduces Cisco ASA Security Appliance functionality, features, and underlying technologies. Finally, the course demonstrates how to configure the Cisco ASA 5505 Adaptive Security Appliance for basic connectivity using Cisco Adaptive Security Device Manager (ASDM).
  • describe the function of Cisco IOS zone-based firewalls
  • describe the nature and functions of zones and zone pairs
  • identify zone-based policy firewall rules for application traffic
  • recognize how to configure a zone-based firewall using Cisco Configuration Professional
  • Not Applicable
  • describe how to configure NAT services for zone-based firewalls
  • match varieties of NAT that are supported by Cisco ASA Security Appliance to their descriptions
  • define Cisco ASA appliance CLI configuration modes
  • describe Cisco ASDM features
  • identify default interface access security rules on Cisco ASA appliances
  • match the key constructs of the Cisco Modular Policy Framework to their definitions
  • identify match criteria allowed by Cisco ASA Layers 3 and 4 class maps
  • recognize the procedure for preparing a Cisco ASA device for ASDM
  • sequence the procedure for using the ASDM Startup Wizard to configure an ASA device

Cisco IINS 2.0: Implementing IPS

Intrusion detection system (IDS) and intrusion prevention system (IPS) solutions form an important part of a robust network defense solution. Maintaining secure network services is an essential requirement of a profitable IP-based business. This course defines intrusion prevention architectures, and introduces the underlying technologies and recommended practices for their deployment. Configuring the Cisco IOS Intrusion Prevention System (IPS) is a core competency for a network security administrator. This course describes how to configure Cisco IOS IPS on routers using Cisco Configuration Professional. The course includes a description of the building blocks of Cisco IOS IPS, its deployment options, and guidelines for signature tuning.
  • compare and contrast IDS and IPS
  • recognize the advantages of deploying the IPS and IDS platforms
  • match intrusion detection techniques to advantages
  • recognize how IPS responds to attack
  • match evasion methods to IPS antievasion features
  • identify considerations for implementing alarms in IPS signatures
  • recognize the need for IPS alarm monitoring and options for event managers
  • identify the recommended practices in deploying IPS
  • recognize Cisco IOS IPS signature features
  • identify support for SDEE and Syslog in the Cisco IOS IPS solution
  • recognize how to work with signature files
  • recognize the steps for downloading Cisco IOS IPS signature package to a local PC
  • identify the tasks to verify the configuration of Cisco IOS IPS signature package
  • Not Applicable

Cisco IINS 2.0: VPN Technologies and Public Key Infrastructure

An IP Security (IPsec) VPN uses the Internet to connect branch offices, remote employees, and business partners to the resources of your company. It is a reliable way to maintain your company privacy while streamlining operations, reducing costs, and allowing flexible network administration. VPNs are an integral part of any security architecture. Providing confidentiality, integrity, and endpoint authentication, VPNs are ubiquitous and provide data loss prevention mechanisms for data that is in transit at multiple levels. From Secure Sockets Layer (SSL) VPNs to IP Security (IPsec) VPNs, site-to-site VPNs, or remote-access options, this security control is now embedded in networks and applications and should be available in a transparent and manageable fashion. This course introduces the cryptographic elements of VPNs, including symmetric and asymmetric algorithms, and describes the components, deployment options, and operational framework of VPN technologies. A public key infrastructure (PKI) is an increasingly critical component to ensure confidentiality, integrity, and authentication in an enterprise. PKI is based on the fundamentals of asymmetric encryption. PKI uses the power of private and public keys, digital signatures, and trust models that are derived from asymmetric encryption. PKI provides services that range from identity management to software code signing, and from encrypted file systems and email to VPNs and others. This course discusses the principles behind asymmetric encryption that result in PKI solutions and explains the operational framework of such solutions.
  • describe the benefits of VPNs
  • identify the OSI layers where MPLS VPNs operate
  • match the type of VPN to the appropriate descriptions
  • describe the role of cryptology in VPN implementations
  • identify the use of ciphers in VPN deployments
  • identify the use of encryption algorithms in VPN deployments
  • identify the use of cryptanalysis in VPN deployments
  • identify symmetric encryption algorithms and their use in VPN operations
  • identify asymmetric encryption algorithms and their use in VPN operations
  • describe the functions of cryptographic hashes
  • identify the components of key management
  • describes the role of cryptography plays in commercial implementations such as IPsec and SSL/TLS
  • describe how PKI uses asymmetric cryptography to accomplish confidentiality
  • describe how PKI uses asymmetric cryptography to accomplish authentication
  • describe the features and functions of the RSA algorithm
  • describe the principles behind a PKI
  • describe PKI standards
  • identify the role of CAs in a PKI

Cisco IINS 2.0: IPsec Fundamentals and VPNs

The IP Security (IPsec) VPN is an essential tool for providing a secure network for business communication, and this course addresses the different protocols and algorithms that IPsec uses and the different security services that IPsec provides. The course also introduces different VPN technologies and examines the various Cisco products that are available and the best practices that you should use with them. Site-to-site VPNs are the option of choice for organizations of all kinds in implementing a corporate network across public and private networks. Internet-based VPN environments and Multiprotocol Label Switching (MPLS) VPN environments benefit from the flexibility of deployment and standards-based implementation of cryptographic mechanisms. The choice of device terminating VPNs becomes an important factor in implementing site-to site VPNs. Organizations benefit from leveraging their existing network elements and using an integrated approach to VPN deployments. This course highlights the use of Cisco IOS routers as site-to-site VPN termination points in IP Security (IPsec) environments. Mobility and IT consumerization market trends influence the need for comprehensive remote access security policies. Secure Sockets Layer (SSL) VPNs are commonly used as a remote access service. As such, SSL VPNs must integrate strong cryptography and standards-based components with deployment and operational efficiencies and endpoint security. To complete this course the SSL protocol framework and the benefits of the Cisco SSL VPN solution are described. The configuration of clientless and full tunnel SSL VPNs using Cisco Adaptive Security Device Manager (ASDM) and the Cisco AnyConnect Client is also demonstrated.
  • identify the essential security functions of IPsec
  • distinguish between AH and ESP protocols
  • distinguish between IKEv1 and IKEv2
  • identify actions to take when preparing for a site-to-site IPsec VPN deployment
  • describe actions that can be completed using CCP's Step-by-step Wizard for configuring a site-to-site IPsec VPN
  • recognize how CLI commands are used to verify the IPsec configuration
  • recognize what is indicated by specific IPsec states
  • Not Applicable
  • describe the main challenges facing IT organizations to provide remote and mobile access to corporate resources
  • recognize the steps involved in establishing an SSL session
  • identify features of full network access SSL VPNs
  • identify the tasks required to configure a Clientless SSL VPN using Cisco ASDM
  • identify tasks involved in launching the Cisco AnyConnect VPN Wizard
Register Now
IINS 2.0: Implementing Cisco IOS Network Security e-learning bundle
  • Course ID:
    271370
  • Duration:
    n/a
  • Price:
    $379