Font size:

Description:

This is a bundled training package. It contains training for each of the bundled items below:

Course Price
Cisco SECURE 1.0: Advanced Control Plane Security Controls $74.95
Cisco SECURE 1.0: Deploying Advanced Management Plane Security Controls $74.95
Cisco SECURE 1.0: Deploying Network Address Translation $74.95
Cisco SECURE 1.0: Deploying Basic Zone-Based Policy Firewalls $74.95
Cisco SECURE 1.0: Deploying Advanced Zone-Based Policy Firewalls $74.95
Cisco SECURE 1.0: Deploying Cisco IOS Software IPS $74.95

Bundle Price: $219.00
Total Savings: $230.70


Cisco SECURE 1.0: Advanced Control Plane Security Controls

The control plane in an Open Systems Interconnection (OSI) Layer 3 device provides traffic routing functions by building the device routing and forwarding tables. This often involves cooperation with nearby devices using dynamic routing protocols. These interactions must be controlled in multiple aspects by authenticating the associations between devices, discarding malicious routing information, and protecting the resources of each device against excessive use. This course examines a number of defenses in Cisco IOS Software that protect the control plane: infrastructure access control lists (ACLs), Control Plane Policing (CoPP), Control Plane Protection, routing protocol authentication, and routing protocol information filtering.

Learning Objectives
  • Sequence the steps to deploy control plane security features
  • Recognize how to deploy infrastructure ACLs
  • Sequence the tasks to configure Control Plane Policing
  • Configure Control Plane Policing
  • Describe the guidelines for implementing Control Plane Protection
  • Configure Control Plane Protection
  • Configure routing protocol authentication
  • Identify the guidelines for implementing routing protocol authentication without keychains
  • Identify the guidelines for deploying routing protocol filtering

Cisco SECURE 1.0: Deploying Advanced Management Plane Security Controls

The management plane performs all the management functions for a device and coordinates functions between the control and the data planes. These functions make the management plane a prime target for attacks. This course introduces you to some strategies for protecting the management plane by limiting access to it, limiting access to its individual features, and using role-based access control (RBAC). You can also configure security features of Simple Network Management Protocol version 3 (SNMPv3), use digitally signed software images, and configure the detection of resource exhaustion denial-of-service attacks.

Learning Objectives
  • Recognize the parameters necessary to plan the deployment of Cisco IOS Software management plane security controls
  • Configure and verify various Cisco IOS Software management access control features
  • Configure Management Plane Protection
  • Configure and verify Cisco IOS Software RBAC
  • Configure and verify security features of the Cisco IOS Software SNMP server
  • Verify digitally signed Cisco IOS Software images
  • Configure Cisco IOS Software CPU and memory thresholding

Cisco SECURE 1.0: Deploying Network Address Translation

Cisco IOS Network Address Translation (NAT) and Port Address Translation (PAT) are mechanisms that you can use to conserve registered IP version 4 (IPv4) addresses in large networks, resolve overlapping addressing scenarios, and simplify IPv4 address management tasks. NAT and PAT translate IPv4 addresses within private internal networks to legal IPv4 addresses for transport over public external networks, such as the Internet, without requiring a registered subnet address. Incoming traffic is translated back for delivery within the inside network. This translation of IPv4 addresses eliminates the need for host renumbering and allows the same IPv4 address range to be used in multiple intranets. This course describes the features that are offered by NAT and PAT and describes how to configure NAT and PAT on Cisco routers.

Learning Objectives
  • Identify the input parameters necessary to plan the deployment of basic Cisco IOS NAT features
  • Configure and verify Cisco IOS static NAT and PAT
  • Configure Cisco IOS dynamic NAT and PAT
  • Identify the steps to troubleshoot Cisco IOS NAT operation

Cisco SECURE 1.0: Deploying Basic Zone-Based Policy Firewalls

The Cisco IOS Zone-Based Policy Firewall represents the latest generation of Cisco IOS Software firewall functions. Designed as a replacement technology for Cisco IOS Classic firewalls, also known as Context-Based Access Control (CBAC) firewalls, Zone-Based Policy Firewalls change the firewall from the older interface-based model to a more easily understood zone-based model. In this course, you will learn to configure, verify, and troubleshoot Open Systems Interconnection (OSI) Layer 3 and 4 access control features of the Zone-Based Policy Firewall.

Learning Objectives
  • Identify the considerations for deploying a basic Zone-Based Policy Firewall
  • Recognize how to configure Zone-Based Policy Firewall zones and zone pairs
  • Configure zones
  • Recognize how to configure a basic OSI Layer 3 and 4 interzone access policy
  • Recognize how to configure basic OSI Layer 3 and 4 interzone and intrazone access policies
  • Configure access control between zones
  • Recognize how the self zone works
  • Identify the guidelines for implementing self zone access control
  • Configure inspection of local traffic
  • Recognize how to tune Zone-Based Policy Firewall stateful engine and connection settings
  • Recognize how to configure Zone-Based Policy Firewall transparent mode
  • Recognize how to troubleshoot the operation of basic Zone-Based Policy Firewall functions

Cisco SECURE 1.0: Deploying Advanced Zone-Based Policy Firewalls

Deploying access control based on Open Systems Interconnection (OSI) Layer 3 and 4 parameters establishes a minimal connectivity policy for network applications. However, such filtering alone cannot provide protection to exposed applications, user awareness in dynamic environments, and control over access to specific types of content on the Internet. The Cisco IOS Zone-Based Policy Firewall provides advanced application layer (OSI Layer 5 to 7) filtering, user-based controls, and content filtering controls to address these scenarios when risk assessment demands them. This course enables you to configure and verify these advanced controls of the Zone-Based Policy Firewall feature set.

Learning Objectives
  • Recognize the parameters necessary to plan the deployment of Cisco IOS Software management plane security controls
  • Recognize how to use regular expressions to customize application-layer access policies
  • Recognize how to configure Zone-Based Policy Firewall application-layer policies
  • Configure Zone-Based Policy Firewall application-layer policies
  • Configure application-layer filtering on the Zone Based Policy Firewall
  • Sequence the steps to configure and verify Zone-Based Policy Firewall user-based policies
  • Configure Zone-Based Policy Firewall user-based policies
  • Sequence the steps to configure Zone-Based Policy Firewall URL filtering
  • Configure Zone-Based Policy Firewall URL filtering
  • Configure URL filtering

Cisco SECURE 1.0: Deploying Cisco IOS Software IPS

In modern IT infrastructures, it is becoming increasingly more important to protect company resources. Not only must company resources be defended passively, but also the protection must be constantly monitored and enhanced with systems that actively inspect the data that is passed over allowed and open connections. Intrusion prevention and intrusion detection systems are two technologies that can provide such risk reduction. This course covers the Cisco IOS Intrusion Prevention System (IPS). You will learn how to configure a Cisco router for intrusion prevention, including enabling IPS, working with signatures, and monitoring activity with syslog or Security Device Event Exchange (SDEE).

Learning Objectives
  • Identify the features of signature-based Cisco IOS IPS
  • Identify how to plan the deployment of signature-based Cisco IOS IPS
  • Configure Cisco IOS IPS signature policies
  • Verify Cisco IOS IPS signature policies
  • Configure Cisco IOS Software IPS
  • Recognize the risk factor ratings used to tune Cisco IOS IPS signature policies to the local environment
  • Sequence the steps to tune Cisco IOS IPS signature policies to the local environment
  • Configure Cisco IOS IPS signature policy tuning
  • Implement individual Cisco IOS IPS signature tuning
  • Configure Cisco IOS IPS Signature Auto Update
  • Configure and verify a Cisco IOS IPS event-monitoring solution Troubleshoot Cisco IOS IPS operation
  • Identify the recommended task flow for troubleshooting Cisco IOS IPS operation
  • Implement Cisco IOS IPS event monitoring
Register Now
SECURE 1.0: Securing Networks with Cisco Routers and Switches Part 2 e-learning bundle
  • Course ID:
    252719
  • Duration:
    11 hours
  • Price:
    $219