Implementing Cisco IOS Network Security
Course Description
Implementing Cisco IOS Network Security (IINS) is the preparatory CCNA® Security foundation course. This course provides students with the knowledge needed to secure Cisco® routers and switches and their associated networks. By taking this course , you will gain a thorough understanding of how to troubleshoot and monitor network devices to maintain integrity, confidentiality, and availability of data and devices, as well as the technologies that Cisco uses in its security infrastructure.
Course Outline
Introduction to Network Security Principles
· Examining Network Security Fundamentals
· Examining Network Attack Methodologies
· The Principles of Defense in Depth
· Examining Operations Security
· Understanding and Developing a Comprehensive Network Security Policy
· Cisco Self-Defending Networks
Perimeter Security
· Securing Administrative Access to Cisco Routers
· Securing the Cisco IOS Image and Configuration Files
· Configuring Enhanced Support for Virtual Logins
· Configuring AAA on a Cisco Router Using the Local Database
· Configuring AAA on a Cisco Router to Use Cisco Secure ACS
· Implementing Secure Management and Reporting
· Locking Down the Router
Network Security Using Cisco IOS Firewalls
· Introducing Firewall Technologies
· Firewall Fundamentals
· Firewalls in a Layered Defense Strategy
· Static Packet-Filtering Firewalls
· Application Layer Gateways
· Dynamic or Stateful Packet-Filtering Firewalls
· Other Types of Firewalls
· Cisco Family of Firewalls
· Developing an Effective Firewall Policy
· ACL Fundamentals
· ACL Wildcard Masking
· Using ACLs to Control Traffic
· ACL Considerations
· Configuring ACLs Using SDM
· Using ACLs to Permit and Deny Network Services
· Configuring a Cisco IOS Zone-Based Policy Firewall
Fundamentals of Cryptography
· Examining Cryptographic Services
· Examining Symmetric Encryption
· Examining Cryptographic Hashes and Digital Signatures
· Examining Asymmetric Encryption and PKI
Site-to-Site VPNs
· VPN Overview
· Introducing IPsec
· IPsec Protocol Framework
· IKE Protocol
· Building a Site-to-Site IPsec VPN
· Configuring IPsec on a Site-to-Site VPN Using Cisco SDM
Network Security Using Cisco IOS IPS
· Introducing IDS and IPS
· Cisco IPS Management Software
· Host and Network IPS
· Introducing Cisco IPS Appliances
· Signatures and Signature Engines
· IPS Best Practices
· Configuring Cisco IOS IPS
· Verifying IPS Operation
LAN, SAN, Voice, and Endpoint Security Overview
· Examining Endpoint Security
· Examining SAN Security
· Examining Voice Security
· Mitigating Layer 2 Attacks