Join With Our Courses To Develop Yourself.
CCNA gives security accreditation to the part of employer stability like Network Security Specialist, Security Administrator and Network Security Assistant Engineer.
Cisco Certified Network Associate Security (CCNA Security) curriculum emphasizes core security technologies and skills required to secure Cisco networks.
This course will encourage you how to recognize, secure and secure vulnerabilities in a little center endeavor branch arrange.
This course will also help you improve your skills in developing safety, hazards, infrastructure and safety hazards.
In the context of a security network life cycle, describe the components of the comprehensive network security policy that can be used to deal with the threats against the IT system.
As part of the network infrastructure, the development and implementation of security rivals is aimed at the protection of network elements.
Configure routers on the network perimeter with Cisco IOS Software security features.
Configure a Cisco IOS zone-based firewall to perform basic security operations on a network
Configure site-to-site VPNs using Cisco IOS features.
Configure IPS on Cisco network routers.
Design LAN gadgets to control access, to oppose assaults, to cover other system gadgets and frameworks, and to ensure the trustworthiness and protection of system activity.
Common security principles
Describe confidentiality, integrity, availability (CIA)
Describe SIEM technology
Identify common security terms
Identify common network security zones
Describe network topologies
Campus area network (CAN)
Enable and verify Cisco IOS IPS operations using SDM.
Cloud, wide area network (WAN)
Small office/home office (SOHO)
Network security for a virtual environment 2015 Cisco Systems, Inc. This document is Cisco Public.
Common security threats
Identify common network attacks
Describe social engineering
Classify the vectors of data loss/exfiltration
Describe key exchange
Describe hash algorithm
Compare and contrast symmetric and asymmetric encryption
Describe digital signatures, certificates, and PKI
Compare in-band and out-of band
Configure secure network management
Configure and verify secure access via SNMP v3 using an ACL
Configure and verify security for NTP
Use SCP for file transfer
Describe RADIUS and TACACS + technologies
Configure administrative access to Cisco Router using TACACS +
Verify connectivity on a TACACS + server on a Cisco Router
Explain the integration of Active Directory with AAA
Describe authentication and authorization using ACS and ISE
Identify the functions 802.1X components
Describe the BYOD architecture framework
Describe the function of mobile device management (MDM)
Remote access VPN
Implement basic clientless SSL VPN using ASDM
Verify clientless connection
Implement basic AnyConnect SSL VPN using ASDM
Verify AnyConnect connection
Identify endpoint posture assessment
Implement an IPsec site-to-site VPN with pre-shared key authentication on Cisco routers and ASA firewalls
Verify an IPsec site-to-site VPN
Describe IPsec protocols and delivery modes (IKE, ESP, AH, tunnel mode, transport mode)
Describe hairpinning, split tunnelling, always-on, NAT traversal
Secure Routing and Switching
Security on Cisco routers
Configure multiple privilege levels
Configure Cisco IOS role-based CLI access
Implement Cisco IOS resilient configuration
Securing routing protocols
Implement routing update authentication on OSPF 2015 Cisco Systems, Inc. This document is Cisco Public.
Securing the control plane
Explain the function of control plane policing
Implement DHCP snooping
Implement Dynamic ARP Inspection
Implement port security
Describe BPDU guard, root guard, loop guard
Verify mitigation procedures
Describe the security implications of a PVLAN
Describe the security implications of a native VLAN
Cisco Firewall Technologies
Describe operational strengths and weaknesses of the different firewall technologies
Compare stateful vs. stateless firewalls
Function of the state table
Common Layer 2 attacks
Describe STP attacks
Describe CDP/LLDP reconnaissance
Describe ARP spoofing
Describe MAC spoofing
Describe VLAN hopping
Describe DHCP spoofing
Describe CAM table (MAC address table) overflows
Implement NAT on Cisco ASA 9.x
Verify NAT operations
Implement zone-based firewall
Zone to zone
Firewall features on the Cisco Adaptive Security Appliance (ASA) 9.x
Configure ASA access management
Configure security access policies 2015 Cisco Systems, Inc. This document is Cisco Public.
Configure Cisco ASA interface security levels
Configure default Cisco Modular Policy Framework (MPF)
Describe modes of deployment (routed firewall, transparent firewall)
Describe methods of implementing high availability
Describe security contexts
Describe firewall services
Describe IPS technologies
Trigger actions/responses (drop, reset, block, alert, monitor/log, shun)
Blacklist (static and dynamic)
Describe IPS deployment considerations
Network-based IPS vs. host-based IPS
Modes of deployment (inline, promiscuous - SPAN, tap)
Placement (positioning of the IPS within the network)
False positives, false negatives, true positives, true negatives
Content and Endpoint Security
Describe mitigation technology for endpoint threats
Hardware/software encryption of local data
Describe mitigation technology for email-based threats
SPAM filtering, anti-malware filtering, DLP, blacklisting, email encryption
Describe mitigation technology for web-based threats
Local and cloud-based web proxies
Blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, TLS/SSL decryption