header
headerhomeService AreasCourse CatalogTraining SchedulesEnrollAbout UsCareers
   

 

Implementing Cisco IOS Network Security (IINS)

5-day Cisco Authorized course

Prepares you for the CCNA Security Certification Exam 640-553 IINS

Course Description

In this course, you'll focus on the necessity of a comprehensive security policy and how it affects the posture of the network. You will learn to perform basic tasks to secure a small branch type office network using Cisco IOS security features available through web-based GUIs (Cisco Router and Security Device Manager [SDM]) and the command-line interface (CLI) on the Cisco routers and switches.

 

Course Objectives

  • Develop a comprehensive network security policy to counter threats against information security
  • Configure routers on the network perimeter with Cisco IOS Software security features
  • Configure a Cisco IOS zone-based firewall to perform basic security operations on a network
  • Configure site-to-site VPNs using Cisco IOS features
  • Configure IPS on Cisco network routers
  • Configure LAN devices to control access, resist attacks, shield other network devices and systems, and protect the integrity and confidentiality of network traffic

 

Intended Audience

  • Network Designers
  • Network Administrators
  • Network Engineers
  • Network Managers
  • Systems Engineers

 

Prerequisites

 

Course Outline

  1. Introduction to Network Security Principles
    • Network Security Fundamentals
    • Network Attack Methodologies
    • Operations Security
    • Security Policy
    • Building Cisco Self-Defending Networks
  2. Perimeter Security
    • Securing Administrative Access to Cisco Routers
    • Cisco SDM
    • Configuring AAA on a Cisco Router Using the Local Database
    • Configuring AAA on a Cisco Router to Use Cisco Secure ACS
    • Implementing Secure Management and Reporting
    • Locking Down the Router
  3. Network Security Using Cisco IOS Firewalls
    • Firewall Technologies
    • Creating Static Packet Filters Using ACLs
    • Configuring Cisco IOS Zone-Based Policy Firewall
  4. Site-to-Site VPNs
    • Cryptographic Services
    • Symmetric Encryption
    • Cryptographic Hashes and Digital Signatures
    • Asymmetric Encryption and PKI
    • IPsec Fundamentals
    • Building a Site-to-Site IPsec VPN
    • Configuring IPsec on a Site-to-Site VPN Using Cisco SDM
  5. Network Security Using Cisco IOS IPS
    • IPS Technologies
    • Configuring Cisco IOS IPS Using Cisco SDM
  6. LAN, SAN, Voice, and Endpoint Security Overview
    • Endpoint Security
    • SAN Security
    • Voice Security
    • Mitigating Layer 2 Attacks

 

Course Labs

  • Lab 1-1: Embedding a Secret Message Using Steganography
  • Lab 1-2: Scanning a Computer System Using Testing Tools
  • Lab 1-3: Scanning a Network Using Testing Tools
  • Lab 2-1: Securing Administration Access to Cisco Routers
  • Lab 2-2: Configuring AAA on Cisco Routers to Use the Local Database
  • Lab 2-3: Configuring AAA on Cisco Routers to Use Cisco Secure ACS
  • Lab 2-4: Implementing Secure Management and Reporting
  • Lab 2-5: Using Cisco SDM One-Step Lockdown and Security Audit
  • Lab 3-1: Creating Static Packet Filters Using ACLs
  • Lab 3-2: Configuring a Cisco IOS Zone-Based Policy Firewall
  • Lab 4-1: Configuring a Site-to-Site IPsec VPN
  • Lab 5-1: Configuring Cisco IOS IPS
  • Lab 6-1: Using Cisco Catalyst Switch Security Features


TOP

 
 

Course Description

Course Objectives

Intended Audience

Prerequisites

Course Outline

Course Labs

 

 
 

 

    
 
Course Catalog Training Schedules Enroll Training Locations Cancellation Policy Contact Us Related Links Site Map
Service Areas Careers About Us Customer Quotes News & Events
 

CCIP, CCIE, CCDA, CCDP, CCNP, CCNA, VLANDirector, TrafficDirector, CiscoWorks 2000, ONS 15454 Secure PIX Firewal, Secure Virtual Private Networks, Cisco, Cisco Systems, Cisco Systems Logo, Catalyst, EtherChannel, IOS and LightStream are registered trademarks of Cisco Systems, Inc. or its affiliates in the US and certain other countries.