CCNA Security

Enquire Now

 

Overview

CCNA Security focuses on security principles and technologies, using Cisco security products to provide hands-on examples. Using instructor-led discussions, extensive hands-on lab exercises, and supplemental materials, this course allows learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular security appliances within a “real-life” network infrastructure

Key Features of CCNA Training:

  • Guaranteed Training on Real Time Devices.
  • CCNA Concepts explained in practical and theoretical context.
  • 24*7 Lab Access.
  • 60+ hours of classroom-style training using an interactive whiteboard and projector session.
  • Course Revision – By enrolling once you can avail classes for same training up to 2 times.
  • Smart classrooms fully equipped with projectors, Wi-Fi connectivity, Digital Pads.
  • Support and Guidance if you are applying for Cisco Global Certification.
  • Late night and early morning batch facility
  • 24*7 Trainers Availability
  • Training delivered by Experienced and Certified Trainers.
    • Mr. Naiman Khan #54008 Mumbai

      CCIE Security #54008

    • Mr. Maqsood #XXXXX Delhi

      CCIE Collaboration #XXXX

    • Mr. Farhan #XXXXX Bangalore

      CCIE Collaboration, Data Center #XXXX

    • Mr. Vikas #XXXXX Pune

      CCIE Collaboration #XXXX

Devices to be used during the Training Program:

  • Router : Cisco 2611 XM, 1841, 1905, 2811
  • Switches: Cisco 2950, 2960, 3750, 3560
  • ASA Firewall : Cisco 5510
  • IPS: 4255

Course Details

Course Prerequisites

Skills and knowledge equivalent to those learned in CCNA R&S.
Working knowledge of the Windows operating system.
Working knowledge of Cisco IOS networking and concepts.

( Not sure if you meet all the prerequisites? Chat with the Experts Now! )

Topics:

1.0 Security Concepts

1.1  Common security principles

  • 1.1.a Describe confidentiality, integrity, availability (CIA)
  • 1.1.b Describe SIEM technology
  • 1.1.c Identify common security terms
  • 1.1.d Identify common network security zones

1.2 Common security threats

  • 1.2.a Identify common network attacks
  • 1.2.b Describe social engineering
  • 1.2.c Identify malware
  • 1.2.d Classify the vectors of data loss/exfiltration

1.3 Cryptography concepts

  • 1.3.a Describe key exchange
  • 1.3.b Describe hash algorithm
  • 1.3.c Compare and contrast symmetric and asymmetric encryption
  • 1.3.d Describe digital signatures, certificates, and PKI

1.4 Describe network topologies

  • 1.4.a Campus area network (CAN)
  • 1.4.b Cloud, wide area network (WAN)
  • 1.4.c Data center
  • 1.4.d Small office/home office (SOHO)
  • 1.4.e Network security for a virtual environment

2.0 Secure Access

2.1   Secure management

  • 2.1.a Compare in-band and out-of band
  • 2.1.b Configure secure network management
  • 2.1.c Configure and verify secure access through SNMP v3 using an ACL
  • 2.1.d Configure and verify security for NTP
  • 2.1.e Use SCP for file transfer

2.2 AAA concepts

  • 2.2.a Describe RADIUS and TACACS+ technologies
  • 2.2.b Configure administrative access on a Cisco router using TACACS+
  • 2.2.c Verify connectivity on a Cisco router to a TACACS+ server
  • 2.2.d Explain the integration of Active Directory with AAA
  • 2.2.e Describe authentication and authorization using ACS and ISE

2.3 802.1X authentication

  • 2.3.a   Identify the functions 802.1X components

2.4 BYOD

  • 2.4.a Describe the BYOD architecture framework
  • 2.4.b Describe the function of mobile device management (MDM)

3.0 VPN

3.1  VPN concepts

  • 3.1.a Describe IPsec protocols and delivery modes (IKE, ESP, AH, tunnel mode, transport mode)
  • 3.1.b Describe hairpinning, split tunneling, always-on, NAT traversal

3.2 Remote access VPN

  • 3.2.a Implement basic clientless SSL VPN using ASDM
  • 3.2.b Verify clientless connection
  • 3.2.c Implement basic AnyConnect SSL VPN using ASDM
  • 3.2.d Verify AnyConnect connection
  • 3.2.e Identify endpoint posture assessment

3.3 Site-to-site VPN

  • 3.3.a Implement an IPsec site-to-site VPN with pre-shared key authentication on Cisco routers and ASA firewalls
  • 3.3.b Verify an IPsec site-to-site VPN

4.0 Secure Routing and Switching

4.1 Security on Cisco routers

  • 4.1.a Configure multiple privilege levels
  • 4.1.b Configure Cisco IOS role-based CLI access
  • 4.1.c Implement Cisco IOS resilient configuration

4.2 Securing routing protocols

  • 4.2.a Implement routing update authentication on OSPF

4.3 Securing the control plane

  • 4.3.a Explain the function of control plane policing

4.4 Common Layer 2 attacks

  • 4.4.a Describe STP attacks
  • 4.4.b Describe ARP spoofing
  • 4.4.c Describe MAC spoofing
  • 4.4.d Describe CAM table (MAC address table) overflows
  • 4.4.e Describe CDP/LLDP reconnaissance
  • 4.4.f Describe VLAN hopping
  • 4.4.g Describe DHCP spoofing

4.5 Mitigation procedures

  • 4.5.a Implement DHCP snooping
  • 4.5.b Implement Dynamic ARP Inspection
  • 4.5.c Implement port security
  • 4.5.d Describe BPDU guard, root guard, loop guard
  • 4.5.e Verify mitigation procedures

4.6 VLAN security

  • 4.6.a Describe the security implications of a PVLAN
  • 4.6.b Describe the security implications of a native VLAN

5.0 Cisco Firewall Technologies

5.1  Describe operational strengths and weaknesses of the different firewall technologies

  • 5.1.a Proxy firewalls
  • 5.1.b Application firewall
  • 5.1.c Personal firewall

5.2 Compare stateful vs. stateless firewalls

  • 5.2.a Operations
  • 5.2.b Function of the state table

5.3 Implement NAT on Cisco ASA 9.x

  • 5.3.a Static
  • 5.3.b Dynamic
  • 5.3.c PAT
  • 5.3.d Policy NAT
  • 5.3 e Verify NAT operations

5.4 Implement zone-based firewall

  • 5.4.a Zone to zone
  • 5.4.b Self zone

5.5 Firewall features on the Cisco Adaptive Security Appliance (ASA) 9.x

  • 5.5.a Configure ASA access management
  • 5.5.b Configure security access policies
  • 5.5.c Configure Cisco ASA interface security levels
  • 5.5.d Configure default Cisco Modular Policy Framework (MPF)
  • 5.5.e Describe modes of deployment (routed firewall, transparent firewall)
  • 5.5.f Describe methods of implementing high availability
  • 5.5.g Describe security contexts
  • 5.5.h Describe firewall services

6.0 IPS

6.1 Describe IPS deployment considerations

  • 6.1.a Network-based IPS vs. host-based IPS
  • 6.1.b Modes of deployment (inline, promiscuous – SPAN, tap)
  • 6.1.c Placement (positioning of the IPS within the network)
  • 6.1.d False positives, false negatives, true positives, true negatives

6.2 Describe IPS technologies

  • 6.2.a Rules/signatures
  • 6.2.b Detection/signature engines
  • 6.2.c Trigger actions/responses (drop, reset, block, alert, monitor/log, shun)
  • 6.2.d Blacklist (static and dynamic)

7.0 Content and Endpoint Security

7.1  Describe mitigation technology for email-based threats

  • 7.1.a SPAM filtering, anti-malware filtering, DLP, blacklisting, email encryption

7.2 Describe mitigation technology for web-based threats

  • 7.2.a Local and cloud-based web proxies
  • 7.2.b Blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, TLS/SSL decryption

7.3  Describe mitigation technology for endpoint threats

  • 7.3.a Anti-virus/anti-malware
  • 7.3.b Personal firewall/HIPS
  • 7.3.c Hardware/software encryption of local data

Exam Details

Exam Name Exam Code Duration Registration
Implementing Cisco Network Security (IINS) 210-260 IINS 90 minutes (60-70 questions) Pearson VUE

Upon completion of the course, students will have the knowledge and skills to:

  • 1

    Describe common network security concepts.

  • 2

    Secure routing and switching infrastructure.

  • 3

    Deploy basic authentication, authorization and accounting services.

  • 4

    Deploy basic firewalling services.

  • 5

    Deploy basic site-to-site and remote access VPN services.

  • 6

    Describe the use of more advanced security services such as intrusion protection, content security and identity management.

Job Oppurnities

  • Network Engineers
  • Networking Administrators
  • Networking Specialists
  • Network Support Specialists
  • Network Consultants
  • System Integrators
  • System Engineers

Training Plan

Weekday Batch: Mon - Fri
Duration Timing Mode Cost
4 weeks 4 Hours / Day Online/Onsite 9500 INR
Weekend Batch: Sat - Sun
Duration Timing Mode Cost
2 months 6 Hours / Day Online/Onsite 9500 INR

Group Discount

  • In a Group of 2 discount will be 10% per head
  • In a Group of 3 discount will be 15% per head
  • In a Group of 4 discount will be 20% per head

Schedule

Upcoming Batches
Batch Date Location
Weekday 1 Jan 2018 Delhi
29 Jan 2018 Mumbai
24 Feb 2018 Gurgaon
23 Mar 2018 Bangalore
21 Apr 2018 Pune
20 May 2018 Mumbai
Weekend 6 Jan 2018 Delhi
25 Feb 2018 Mumbai
25 Mar 2018 Bangalore
25 Apr 2018 Pune
25 May 2018 Gurgaon
25 Jun 2018 Delhi
  • Demo Videos
  • Online Training Videos
  • Onsite Training Videos

Post a Review

Reviews

Name
Email
Review Title
Rating
Review Content

Get In Touch