SILABUS TRAINING CCNA SECURITY

Day 1
1. Modern Network Security Threats
a. Evolution of Network Security
b. Drivers for Network Security
c. Network Security Organizations
d. Malware / Malicious Code
e. Trojan Horses
f. Reconnaissance Attacks
g. Access Attacks
h. DoS Attacks
i. DDoS
j. Mitigating Attacks
k. Thinking Like a Hacker
l. Cisco Network Foundation Protection (NFP)
2. Securing Network Devices
a. Secure Administrative Access
b. Securing Management and Reporting Features
c. Configuring NTP
d. Disabling Unused Cisco Router Network Services and Interfaces
Day 2
3. Authentication, Authorization, and Accounting
a. Implementing Local AAA Authentication
b. Implementing Server-Based AAA Authentication
c. Cisco Secure ACS
d. Configuring Server-Based AAA Authentication
e. Server-Based Authorization
f. Server-Based Accounting
4. Implementing Firewall Technologies
a. ACLs
b. ACL Placement
c. Complex ACLs
d. Troubleshooting ACLs
e. Mitigating Attacks with ACLs
f. IPv6 ACLs
g. Object Groups
h. Securing Networks with Firewalls
i. Firewall Design
j. Zone-Based Policy Firewall
k. CCP Firewall Wizard
l. Manual ZPF using CCP

Day 3
5. Implementing Intrusion Prevention
a. Network-Based IPS
b. IPS Signatures
c. Signature Type
d. Signature Trigger
e. Signature Action
f. Managing and Monitoring IPS
g. Configuring Cisco IOS IPS
h. Configuring IPS using CCP
i. Verifying IOS IPS
6. Securing the Local Area Network
j. Network Admission Control
k. Layer 2 Security
l. Mitigating MAC Spoofing and MAC Table Overflow Attacks
m. Mitigating STP Manipulation
n. Configuring Storm Control
o. Mitigating VLAN Attacks
p. Configuring Cisco Switch Port Analyzer
q. Private VLAN Edge
r. Layer 2 Best Practices
s. Advanced Technology Security Considerations
t. Wireless Networks
u. VoIP Networks
v. SAN Networks
Day 4
7. Cryptographic Systems
a. History of Cryptography
b. Cipher Text
c. Cryptanalysis
d. Cryptology
e. Cryptographic Hashes
f. Hashing for Integrity
g. Hashing for Authenticity
h. Key Management
i. Encryption = Confidentiality
j. Symmetric Algorithms
k. Public Key Cryptography
l. Digital Signatures
m. PKI
n. PKI Standards
o. Certificate Authorities
8. Implementing Virtual Private Networks
p. VPN Terminology

q.
r.
s.
t.
u.
v.
w.
x.
y.

VPNs
VPN Topologies
GRE Tunnel
IPsec
Key Exchange
IPsec Tasks
VPN Lab
Configuring IPsec VPN using CCP
Remote-Access VPNs

Day 5
9. Managing a Secure Network
a. Identifying Threats and Risk Analysis
b. Risk Management and Risk Avoidance
c. Cisco SecureX Architecture
d. Operations Security
e. Network Security Testing
f. Continuity Planning
g. SDLC
h. Security Policy
10.
Implementing the Cisco Adaptive Security Appliance
(ASA)
i. Basic ASA Configuration
j. Configure Basic Settings
k. Introduction to ASDM
l. ASDM Startup Wizard
m. Objects and Object Groups
n. ACLs
o. NAT
p. AAA
q. Modular Policy Framework (MPF)
r. ASA VPN Features
s. Clientless VPN Wizard
t. AnyConnect VPN Wizard