Implementing Cisco Network Security Training (IINS) v3.0 Course Description
This is a five-day instructor-led Implementing Cisco Network Security Training (IINS) v3.0 course that focuses on the design, implementation and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies. All IOS examples and hands on experience is done using the IOS CLI. IPS is covered at the theoretical level from the perspective of FirePower technologies.
Site-to-Site VPN configuration is covered on both IOS and the Cisco ASA . Modern malware examples are provided, cryptographic techniques use stronger hashing and encryption algorithms, and current versions of IOS, Cisco ASA and Cisco AnyConnect are highlighted.
More labs have been incorporated to ensure the maximum amount of hands on experience possible. There are two types of labs: Discovery and Challenge. A discovery is a guided lab exercise. Explicit directions are provided to the student to guide them through the activity. Along with the directions are scenarios and explanations specifying why the student is implementing the subject technology and the results after configuration are demonstrated.
Challenges, on the other hand, are evaluation labs. The set of tasks is provided to the student, but directions are not provided. There are job aids which the student may utilize, providing information such as IP addresses and command syntax, but no specific description of procedures. An answer key is available for students who wish to verify their techniques. The instructors will of course be on hand to revisit any areas that may need further clarification.
Duration: 5 days
• We can adapt this Implementing Cisco Network Security Training (IINS) v3.0 course to your group’s background and work requirements at little to no added cost.
• If you are familiar with some aspects of this Implementing Cisco Network Security Training (IINS) v3.0 course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Implementing Cisco Network Security Training (IINS) v3.0 course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Implementing Cisco Network Security Training (IINS) v3.0 course in manner understandable to lay audiences.
Audience / Target Group
This Implementing Cisco Network Security Training (IINS) v3.0 course is aimed at individuals wishing to gain an understanding of Cisco Security on the network or those looking to obtain the Cisco Certified Network Associate for Security Certification
• Network engineers
• Network designers and administrators
• Network managers
• System engineers
Implementing Cisco Network Security Training (IINS) - Objectives:
After completing this Implementing Cisco Network Security Training (IINS) v3.0 course, attendees will be able to:
• Common network security concepts
• Secure routing and switching infrastructure
• Deploy basic authentication, authorization, and accounting services
• Deploy basic firewalling services
• Deploy basic site-to-site and remote access VPN services
• Advanced security services such as intrusion protection, content security and identity management
• Develop a comprehensive network security policy to counter threats against information security
• Configure routers with Cisco IOS software security features, including management and reporting functions
• Bootstrap the Cisco ASA Firewall for use in a production network
• Configure the Cisco ASA Firewall for remote access to a Secure Sockets Layer (SSL) VPN
• Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security operations on a network
• Configure site-to-site VPNs using Cisco IOS features
• Configure security features on IOS switches to mitigate various Layer 2 and Layer 3 attacks
• How a network can be compromised using freely available tools
• Implement line passwords, and enable passwords and secrets
• Examine authentication, authorization, and accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
• Configure packet filtering on the perimeter router
Implementing Cisco Network Security Training (IINS) - Course Content:
Threat Defense Technologies
Security Policy and Basic Security Architectures
Secure Network Devices
Management Protocols and Systems
Securing the Control Plane
Layer 2 Security
Securing Layer 2 Infrastructure
Securing Layer 2 Protocols
Introducing the Cisco ASA v9.2
Cisco ASA Access Control and Service Policies
Cisco IOS Zone Based Firewall
Client Based Remote Access VPN
Clientless Remote Access VPN
Intrusion Detection and Protection
Advanced Network Security Architectures
Challenge Lab 1: Configure AAA and Secure Remote Administration
Challenge Lab 2: Configure Secure Network Management Protocols
Challenge Lab 3: Configure Secure EIGRP Routing
Challenge Lab 4: Configure Secure Layer 2 Infrastructure
Challenge Lab 5: Configure DHCP Snooping and STP Protection
Challenge Lab 6: Configure Interfaces and NAT on the Cisco ASA
Challenge Lab 7: Configure Network Access Control with the Cisco ASA
Challenge Lab 8: Configure Site-to-Site VPN on IOS
Challenge Lab 9: Configure AnyConnect Remote Access VPN on ASA
Challenge Lab 10: Configure Clientless SSL VPN on the ASA