Cisco CCNA Security plus ASA
-
The training provided was high quality and the trainer really knew his job and was good at it. They communicated things properly and comprehend topics very clearly. I would recommend their services to all.
← | →
-
The training session from Joe was great and excellent. I had a great time. The session was informative and engaging. It was a great course. Thanks a lot. I learned a lot in such a short time.
← | →
-
Joining here was the best decision ever and I am glad I did that. Joe is a great person and he explained everything in a great manner. It's a great place if you're looking for a good networking session. Thanks a lot, it was a great time overall.
← | →
Course
In London
Improve your Networking Skills!
-
Type
Course
-
Location
London
-
Duration
12 Days
-
Start date
Different dates available
If you already have some knowledge in IT but no experience in Networking, this course just added by Emagister is for you!
With the Cisco CCNA Security plus ASA has been designed to build knowledge and show competency with network security. With this course added byEmagister you will be an IT professional qualify for a range of roles in an established area of the industry.
Don’t miss this opportunity to take further your career!
Facilities
Location
Start date
Start date
Reviews
-
The training provided was high quality and the trainer really knew his job and was good at it. They communicated things properly and comprehend topics very clearly. I would recommend their services to all.
← | →
-
The training session from Joe was great and excellent. I had a great time. The session was informative and engaging. It was a great course. Thanks a lot. I learned a lot in such a short time.
← | →
-
Joining here was the best decision ever and I am glad I did that. Joe is a great person and he explained everything in a great manner. It's a great place if you're looking for a good networking session. Thanks a lot, it was a great time overall.
← | →
Course rating
Recommended
Centre rating
Frank
Jeremy
Len
Slash
Rihanna
This centre's achievements
All courses are up to date
The average rating is higher than 3.7
More than 50 reviews in the last 12 months
This centre has featured on Emagister for 15 years
Subjects
- Access
- LAN
- Motivation
- CCNA
- Frame relay
- Networking
- IP
- Networks
- Network Training
- Cisco
- Network
Course programme
What’s on the Commsupport 5 day CCNA Security +ASA FIREWALL course in Detail
Below are the contents that we include in our CCNA Security course
Mitigate common Layer 2 attacks
You think your LAN network is safe. Not a chance! We will show you how vulnerable your network is. On the first day you learn how to defend your LAN from attackers. By the end of the day you will be able to prevent layer 2 attacks by configuring Catalyst switch security features.
• IP Source Guard
• Dynamic ARP inspection
• IP DHCP Snooping
• Private VLAN’s
• Vlan Access Control Lists
• Port Security using MAC security
• Port Security using 802.x security
Mitigate threats to Cisco routers and networks using ACLs
• You think you know ACL’s? think again, you will learn that ACL’s are the Devil when it comes to securing your router. But you will learn the functionality of standard, extended, and named IP ACLs used by routers to filter packets
• You will learn how to configure Reflexive and Dynamic ACL’s, plus you will configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
• Configure IP ACLs to prevent IP address spoofing using CLI
Implement secure network management and reporting
• Use CLI and CCP to configure SSH on Cisco routers to enable secured management access
• Use CLI and CCP to configure Cisco routers to send Syslog messages to a Syslog server
• Implement the Cisco IOS firewall feature set using CCP
• Describe the operational strengths and weaknesses of the different firewall technologies
Context Based Access Control
CBAC, what it is and what it does. You will learn how to configure a powerful firewall on your router, you will learn how to set up CBAC using the CLI and CCP and you will learn how to configure IOS TCP Intercept and Transparent IOS Firewall.
You will understand and explain what it means for a firewall to be stateful along with the operations and the function of the state table.
Implement Zone Based Firewall
(ZBF) using CCP and command line, learn to configure the Zones using the CLI. Master the Modular Policy Framework (MPF). How you can block anything from URL’s to file extensions using the immensely powerful ZBF
Understand and Configure the MPF
• Class maps
• Policy maps
• Zone pairings
• Service Policies
• Inspect rules
• What is the Self Zone and how it affects your router
• Getting traffic through the ZBF
• NAT and the ZBF
• VPN’s and the ZBF
• ZBPF Exceptions
• Port to Application Mapping (PAM)
• ZBPF Parameter Tuning
• ZBPF Application Inspection
Implement the Cisco IOS IPS feature set using CCP and CLI
• Define network based vs. host based intrusion detection and prevention, learn the difference between false positives and true negatives.
• Explain IPS, signatures, honey pots, policy based IPS, Fail opens and Fail closes, attack responses, and monitoring options.
• Configure IOS based IPS operations using CCP and CLI
Securing IPv6 Data Plane
• Why IPv6
• Understanding IPv6 address formats
• Ipv6 address types
• Best practises common to IPv6 and IPv4
• Threats common to both IPv6 and IPv4
• New Potential Risks
• IPv6 best practises
Implement site-to-site VPNs on Cisco Routers using CCP and CLI
Don’t know your Diffie Hellman from your RSA! You will learn the different methods used in cryptography, key generation and distribution
ISAKMP and IKE keeping you awake at night? Don’t know which is which? don’t fret we will show you how these protocols work. What to do when phase one fails to establish and what can go wrong along with how to fix phase one issues
How does IPSEC work and what are the building blocks and the security functions it
provides
You will learn how to Configure and verify an IPSec site-to-site VPN with pre-shared key and certificate authentication using the CLI and the CCP. We go through all the possible scenarios you will encounter in the real world
• Site to Site VPN’s
• Site to Site VPN’s through a Firewall
• Site to Site VPN’s through NAT
• Site to Site VPN’s using Certificates
• Implement Client and Clientless VPN’S on Cisco Routers using CCP and CLI
• Learn how to configure Remote site client based VPN’s
• Learn how to configure Remote site clientless SSL VPN’s
• Learn how to configure Remote site client based Anyconnect VPN’s
• Describe the security threats facing modern network infrastructures
• Describe and list mitigation methods for common network attacks
• Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks
• Describe the Cisco Self Defending Network architecture
Secure Cisco routers
• Secure Cisco routers using the CCP Security Audit feature
• Use the One-Step Lockdown feature in CCP to secure a Cisco router
• Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements
• Secure administrative access to Cisco routers by configuring multiple privilege levels
• Secure administrative access to Cisco routers by configuring role based CLI
• Secure the Cisco IOS image and configuration file.
Implement AAA on Cisco routers using local router database and external ACS
• Explain the functions and importance of AAA
• Describe the features of TACACS+ and RADIUS AAA protocols
• Configure AAA authentication
• Configure AAA authorization
• Configure AAA accounting
CISCO ASA SECTION
Getting Started with Cisco Security Appliances
• Security appliance file management system
• Security appliance security levels
• ASA requirements and capabilities
• Use the CLI to configure and verify basic network settings, and prepare the security
• appliance for configuration via ASDM
• Verify security appliance configuration and licensing via ASDM
Essential Security Appliance Configuration
• Configure a security appliance for basic network connectivity
• Verify the initial configuration
• Password Recovery
• System IOS Recovery
• SSH
• Set the clock and synchronize the time on security appliances
• Configure the security appliance to send syslog messages to a syslog server
• Configuring the ASDM
Configuring Network Address Translations and Connection Limits
• Function of TCP and UDP protocols within the security appliance
• Function of static NAT and dynamic address translations
• Configure dynamic address translation
• Configure static address translation
• Set connection limits
•
Using ACLs and Content Filtering
• Configure the basic function of ACLs
• Configure additional functions of ACLs
• Configure active code filtering (ActiveX and Java applets)
• Configure the security appliance for URL filtering
Configuring Object Grouping
• Object grouping feature of the security appliance and its advantages
• Configure object groups and use them in ACLs
Using Transparent Firewalls
• Firewall Mode Overview
• Configuring Transparent Firewall Mode
• Controlling Traffic in Transparent Mode
• Using ARP Inspection
• Disabling MAC address learning
Multi-Mode aka Multi Context Firewalls
• Cisco Virtual Firewall Overview
• Deployment Choices and Limitations
• Configuring the System Execution Context
• The Admin Context
• Creating Security Contexts
• Managing Security Contexts
• Packet Classification
• Creating Resource-classes
• Verifying Resource management
Configuring Hardware Stateless and Stateful Failover
• ASA Failover overview
• Detecting an ASA failover
• Configuring Primary and Secondary Units
• Configure Failover using the CLI
• Configuring Interface Failover
• Configure Failover timers
• Configure ASA Failover Health Monitoring
• Configuring Zero Downtime Failover
Configuring VPN’s on a Cisco ASA firewall
• Anyconnect VPN’s
• SSL Clientless VPN’s
• Site to Site VPN’s
Cisco CCNA Security plus ASA