Call:(+91) 8218653603

 (+91) 8218653603

  • Sign In
  • |
  • Sign Up
CCNA Training Institute in Delhi | Certification Classes India

Related Courses


Join With Our Courses To Develop Yourself.


Courses Overview

CCNA gives security accreditation to the part of employer stability like Network Security Specialist, Security Administrator and Network Security Assistant Engineer.

Cisco Certified Network Associate Security (CCNA Security) curriculum emphasizes core security technologies and skills required to secure Cisco networks.

This course will encourage you how to recognize, secure and secure vulnerabilities in a little center endeavor branch arrange.


This course will also help you improve your skills in developing safety, hazards, infrastructure and safety hazards.


Course Objectives

  • In the context of a security network life cycle, describe the components of the comprehensive network security policy that can be used to deal with the threats against the IT system.

  • As part of the network infrastructure, the development and implementation of security rivals is aimed at the protection of network elements.

  • Configure routers on the network perimeter with Cisco IOS Software security features.

  • Configure a Cisco IOS zone-based firewall to perform basic security operations on a network

  • Configure site-to-site VPNs using Cisco IOS features.

  • Configure IPS on Cisco network routers.

  • Design LAN gadgets to control access, to oppose assaults, to cover other system gadgets and frameworks, and to ensure the trustworthiness and protection of system activity.

Common security principles

  • Describe confidentiality, integrity, availability (CIA)

  • Describe SIEM technology

  • Identify common security terms

  • Identify common network security zones

Describe network topologies

  • Campus area network (CAN)

  • Enable and verify Cisco IOS IPS operations using SDM.

  • Cloud, wide area network (WAN)

  • Data centre

  • Small office/home office (SOHO)

  • Network security for a virtual environment 2015 Cisco Systems, Inc. This document is Cisco Public.


Common security threats

  • Identify common network attacks

  • Describe social engineering

  • Identify malware

  • Classify the vectors of data loss/exfiltration


Cryptography concepts

  • Describe key exchange

  • Describe hash algorithm

  • Compare and contrast symmetric and asymmetric encryption

  • Describe digital signatures, certificates, and PKI


Secure Access

Secure management

  • Compare in-band and out-of band

  • Configure secure network management

  • Configure and verify secure access via SNMP v3 using an ACL

  • Configure and verify security for NTP

  • Use SCP for file transfer


AAA concepts

  • Describe RADIUS and TACACS + technologies

  • Configure administrative access to Cisco Router using TACACS +

  • Verify connectivity on a TACACS + server on a Cisco Router

  • Explain the integration of Active Directory with AAA

  • Describe authentication and authorization using ACS and ISE


802.1X authentication

  • Identify the functions 802.1X components



  • Describe the BYOD architecture framework

  • Describe the function of mobile device management (MDM)


Remote access VPN

  • Implement basic clientless SSL VPN using ASDM

  • Verify clientless connection

  • Implement basic AnyConnect SSL VPN using ASDM

  • Verify AnyConnect connection

  • Identify endpoint posture assessment


Site-to-site VPN

  • Implement an IPsec site-to-site VPN with pre-shared key authentication on Cisco routers and ASA firewalls

  • Verify an IPsec site-to-site VPN


VPN concepts

  • Describe IPsec protocols and delivery modes (IKE, ESP, AH, tunnel mode, transport mode)

  • Describe hairpinning, split tunnelling, always-on, NAT traversal

Secure Routing and Switching

Security on Cisco routers

  • Configure multiple privilege levels

  • Configure Cisco IOS role-based CLI access

  • Implement Cisco IOS resilient configuration


Securing routing protocols

  • Implement routing update authentication on OSPF 2015 Cisco Systems, Inc. This document is Cisco Public.


Securing the control plane

  • Explain the function of control plane policing


Mitigation procedures

  • Implement DHCP snooping

  • Implement Dynamic ARP Inspection

  • Implement port security

  • Describe BPDU guard, root guard, loop guard

  • Verify mitigation procedures


VLAN security

  • Describe the security implications of a PVLAN

  • Describe the security implications of a native VLAN


Cisco Firewall Technologies

Describe operational strengths and weaknesses of the different firewall technologies

  • Proxy firewalls

  • Application firewall

  • Personal firewall


Compare stateful vs. stateless firewalls

  • Operations

  • Function of the state table

Common Layer 2 attacks

  • Describe STP attacks

  • Describe CDP/LLDP reconnaissance

  • Describe ARP spoofing

  • Describe MAC spoofing

  • Describe VLAN hopping

  • Describe DHCP spoofing

  • Describe CAM table (MAC address table) overflows


Implement NAT on Cisco ASA 9.x

  • Static

  • Dynamic

  • PAT

  • Policy NAT

  • Verify NAT operations

Implement zone-based firewall

  • Zone to zone

  • Self-zone

Firewall features on the Cisco Adaptive Security Appliance (ASA) 9.x

  • Configure ASA access management

  • Configure security access policies 2015 Cisco Systems, Inc. This document is Cisco Public.

  • Configure Cisco ASA interface security levels

  • Configure default Cisco Modular Policy Framework (MPF)

  • Describe modes of deployment (routed firewall, transparent firewall)

  • Describe methods of implementing high availability

  • Describe security contexts

  • Describe firewall services



Describe IPS technologies

  • Rules/signatures

  • Detection/signature engines

  • Trigger actions/responses (drop, reset, block, alert, monitor/log, shun)

  • Blacklist (static and dynamic)


Describe IPS deployment considerations

  • Network-based IPS vs. host-based IPS

  • Modes of deployment (inline, promiscuous - SPAN, tap)

  • Placement (positioning of the IPS within the network)

  • False positives, false negatives, true positives, true negatives


Content and Endpoint Security

Describe mitigation technology for endpoint threats

  • Anti-virus/anti-malware

  • Personal firewall/HIPS

  • Hardware/software encryption of local data

Describe mitigation technology for email-based threats

  • SPAM filtering, anti-malware filtering, DLP, blacklisting, email encryption


Describe mitigation technology for web-based threats

  • Local and cloud-based web proxies

  • Blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, TLS/SSL decryption

  • Duration: ---
  • Services

    Technical Support Project, Consultancy Monitoring and Control Smart Metering Data Logging, Dedicated Graphical Interface

    Corporate Training, Industrial Training, Campus Training, Classroom Training, Bootcamp Training, Online Training

    Data Science, Machine Learning, Robotics, Business Intelligance, Finance Controlling, Water Treatment and Power Plants

    Domestic Tech. / Non Tech. and International - Tech. only


    ISO 9001-1015 Yami Cosmo Services Pvt. Ltd Copyright© 2017. TeghDeveloperTechnlogies All right reserved.