CCNA Security 210 -260)

This course includes

  • 22  hours on-demand video ( 210 Lectures)
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion

What you'll learn

  • Describe common network security concepts
  • Secure routing and switching infrastructure
  • Deploy basic authentication, authorization and accounting services (AAA)
  • Deploy basic firewalling services (ASA & IOS Based)
  • Deploy basic site-to-site and remote access VPN services (IPSec & SSL)
  • Describe the use of more advanced security services such as intrusion protection, content security and identity management

Requirements

  • Skills and knowledge equivalent to those learned in CCNA Routing & Switching knowledge
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Description

  • This Course is designed to prepare CCNA Security candidates for the exam topics covered by the 210-260 IINS exam.
  • Trained by expert Triple CCIE certified with 15 + years of training and working experience in production networks.
  • Covers Topics as per the Blueprint (In-depth Core Technology Training)
  • Provided with all Virtual Software’s required for Lab
  • Detailed Workbook free access to anyone (Includes presentations, Labs documented with Outputs & Mock labs)
  • Access to Pre-recorded Video recordings Over 210 lectures and 22 hours of content!

This course allows learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular security appliances within a "real-life" network infrastructure.

  • It focuses on security principles and technologies, using Cisco security products to provide hands-on examples.
  • This Cisco self-paced course is designed to be as effective as classroom training.
  • Course content is presented in easily-consumable segments via both Instructor Video and text. Makes the learning experience hands-on, increasing course effectiveness

The revised CCNA Security (IINS v3.0) curriculum is designed to bring data, device, and administration together to have better network security, which is more relevant and valuable than ever. It is destined to meet the current business demand so that the network security professionals are able to acquire new knowledge, training and vital skills to be successful in evolving job roles.
1. Security Concepts – This section includes security principles, threats, cryptography, and network topologies. It constitutes 12% of the questions asked in the exam.
2. Secure Access – This section deals with secure management, AAA concepts, 802.1 X authentications, and BYOD. It makes 14% of the exam.
3. VPN (Virtual Private Networks) – This focuses on VPN concepts, remote access VPNs, and site-to-site VPNs. It is 17% of the exam.
4. Secure Routing & Switching – This section concentrates on VLAN security, mitigation techniques, layer 2 attacks, routing protocols, and overall security of Cisco routers. That is 18% of the exam.
5. Cisco Firewall Technologies – This section is 18% of the exam and focuses on stateful and stateless firewalls, proxy firewalls, application, and personal firewalls. Additionally, it concentrates on Network Address Translation (NAT) and other features of Cisco ASA 9.x.
6. IPS –  It is 9% of the exam and this portion focuses on network-based and host-based IPS, deployment, and IPS technologies.
7. Content and Endpoint Security –Constituting 12% of the exam, this section checks your understanding on the endpoint, web-based, and email-based threats. Later it leads to apt and effective mitigation technology and techniques to counter those threats.

How to get your own copy of Video access

  • To get a copy of video Online Access, please send mail us at info@noasolutions.com.
  • You can also contact us on the following numbers if any queries
  • WhatsApp - +91 9985048840, +91 – 7036826345

TRAINER PROFILE

Currently we are offering the below Courses in Video Trainings. You can also find some sample Videos at our YouTube Channel.

Over 210 lectures and 22 hours of content!
Course Introduction

  • CCNA Security - Overview
  • CCNA Security 210-260  – Exam Information
  • CCNA Security Contents

Network Security Concepts

  • Network Security Basics - Terminology
  • Goals of Network Security
  • Understanding Threat Types -Mitigation
  • Assets - Classification of Assets
  • Classify Countermeasures
  • Classify Vulnerabilities
  • Network Security - Design Principles

Common Security Attacks- Mitigation

  • Motivations Behind Network Attacks
  • Social Engineering Attacks
  • Phishing Attacks
  • Social Engineering & Phishing Mitigation
  • Denail of Service Attacks - DoS
  • Distributed Denial of Service Attacks - DDoS
  • Spoofing Attacks
  • Spoofing Attacks - Mitigation
  • Man in the Middle Attacks - MiTM
  • Password Attacks
  • Password Attacks - Mitigation
  • Reflector Attacks
  • Amplification Attacks
  • Reconnaissance Attacks
  • Reconnaissance Attacks - Mitigation

Malicious Codes - Hacking

  • Malicious Codes - VIRUS
  • Malicious Codes - WORMS
  • Malicious Codes - TROJAN HORSES
  • Hacking
  • Hackers - Script Kiddies
  • Malware services Darknet

Threat Defense Technologies

  • AAA- Network Security
  • Cisco Traffic Telemetry methods
  • What is Firewall
  • Virtual Private Networks
  • Next Generation Firewalls

CCNA Security - Lab Setup

  • Cisco Lab Options
  • Physical Lab Setup
  • About GNS3
  • Installing GNS3 on Windows
  • GNS3 - Adding IOS Images
  • Default Topology- IOS Routers -Initial Configurations
  • IOS Default Topology
  • Connecting GNS3 Topology to Host Computer
  • GNS3- VMWARE Integration
  • GNS3 - IOSv L2-L3 Configuration Steps
  • GNS3 - ASAv Setup
  • GNS3- IOU- L2-L3 Configuration Steps

Network Infrastructure Protection

  • Network Infrastructure Overview
  • Network Infrastructure Protection
  • Control Plane
  • Data Plane
  • Identify network Planes
  • Management Plane

Remote Management Telnet -SSH

  • Inband vs OutBand
  • Remote access - telnet
  • SSH- Overview
  • SSH Configuration On IOS Devices

AAA Concepts

  • AAA-Overview
  • AAA -Network Security
  • AAA - Components
  • AAA Protocols TACACS RADIUS
  • AAA - Cisco Authentication Servers

AAA - Authentication- Device Access

  • AAA Authentication - Device Access
  • Authentication - Local Database
  • AAA - External Servers
  • LAB- Authentication - TACACS

AAA - Authorization using local Database

  • Authorization - Device Access
  • IOS Privilege Levels
  • LAB -Local Authorization- Privilege Levels
  • IOS Privilege Levels - Limitations
  • Role based CLI Access - RBAC
  • RBAC - Views Types
  • LAB1- RBAC Views
  • LAB2 - Modify RBAC Views
  • LAB3 - RBAC Views
  • LAB4 - RBAC SuperViews

Cisco Telemetry Services

  • Cisco Traffic Telemetry methods
  • Device Network Events Logging
  • Syslog Terminal Logging
  • Network Time Protocol
  • NTP -Stratum Value
  • LAB - NTP - Configuration

 

Control Plane Security

  • Control Plane - Possible Threats
  • Routing protocol Authentication
  • RIPv2 and EIGRP Authentication
  • OSPF Authentication
  • Control Plane Policing –CoPP
  • Class map -Policy map –Hierarchy
  • CoPP_ Configuration Example

Layer 2 Security - Basic

  • Switch Security - Overview
  • Disable Unused Ports
  • Dynamic Trunking Protocol
  • DTP Vulnerabilities - Mitigation
  • What is Native VLAN
  • VLAN Hopping Attack- Mitigation
  • CDP Overview
  • LLDP Overview
  • CDP-LLDP- Vulnerabilities - Mitigation

Layer 2 Security- Advanced

  • MAC Flooding Attack - Port Security
  • MAC Spoofing Attack - Port Security
  • Port Security - Configuration
  • Spanning-tree Portfast
  • BPDU Guard - BPDU FIlter
  • BPDU Guard - Configuration LAB
  • Root Guard
  • LoopGuard
  • UDLD
  • Err-Disable Recovery
  • DHCP Spoofing Attack- DHCP Snooping
  • DHCP Snooping – Configuration
  • DHCP Starvation Attack – Mitigation
  • ARP Spoofing Attack – DAI
  • Dynamic ARP Inspection – Configuration
  • VLAN ACL
  • VLAN ACL – Configuration
  • Protected Ports - Private VLAN Edge
  • Private VLAN – Overview
  • Private VLAN – Configuration
  • Private VLAN - Configuration Lab

Firewalls - Introduction

  • What is Firewall?
  • Stateful packet Filtering
  • Stateless Packet Filtering
  • Application Level Gateways - Proxy Servers
  • Next Generation Firewalls
  • Which Firewall - Vendors
  • Reasons to have Firewall in Network
  • Modern Firewall Design

 

  • Cisco StateFull Firewalls - IOS-ASA
  • ASA-Supported Features-Part 1
  • ASA-Supported Features-Part 2
  • ASA - Compare models
  • Cisco ASA Firewalls

 

ASA -Basic Configurations

  • Manage Cisco ASA-CLI-GUI
  • ASA Basic CLI Modes - Commands
  • ASA Security levels
  • ASA Interface configuration
  • ASA Security Policies - Default
  • ASA - Routing

ASA - ACL- Object Groups

  • ASA ACLs - Overview
  • ACL ACLs- Basic Example
  • Traffic between Same Security level
  • ACL Object-Groups
  • ACL Object-Groups - LAB

ASA -Network Address Translation

  • Public-Private IP
  • What is NAT
  • NAT Types
  • Dynamic NAT on ASA
  • Dynamic PAT on ASA
  • Dynamic PAT using Exit Interface
  • Dynamic NAT-PAT Combination
  • Static NAT on ASA
  • Static PAT on ASA

IOS - Zone Based Firewalls

  • IOS - Zone based Firewall
  • ZBF- Configuration overview
  • ZBF- Security zones
  • ZBF- Security Zone Configuration
  • ZBF - Default Traffic flow
  • ZBF - Classify Traffic using Class-maps
  • ZBF- Class-map Configuration
  • ZBF- Policy map- Zone Pairs

Cryptography

  • What is Cryptography
  • Goals of Cryptography
  • What is Hashing & How it works
  • Hashing Drawbacks - 1-41 seconds
  • Hashing with HMAC
  • What is Encryption - Decryption
  • Encryption Algorithms - Symmetric vs Asymmetric
  • Cryptanalysis - Attacks
  • Asymmetric Encryption - Drawbacks
  • Public Key Infrastructure

VPN Foundations

  • Traditional Leased Lines
  • Virtual Private Networks
  • VPN Types - Remote Access - Site to Site
  • VPN - Default Lab setup

IPsec Site to site VPN

  • What is IPsec
  • IPsec Security Services
  • IPsec Modes - Tunnel vs Transport
  • How IPsec VPN works
  • Step-1 Interesting Traffic Configuration
  • Step-2 IKE Phase-1
  • Step-3- IKE - Phase 2
  • IKE Phase -2 Configuration- Verification

Remote Access VPN - SSL VPN

  • Remote Access VPN
  • What is SSL - TLS
  • How SSL-TLS Works
  • What is SSL VPN
  • SSL VPN Modes

IPS Concepts

  • What is Intrusion
  • Intrusion Prevention System - IPS
  • IDS vs IPS
  • Host based IPS vs Network Based IPS
  • IPS deployments - Inline vs Promiscuous
  • Cisco IPS Solutions
  • IPS Threat Detection Methods
  • IPS Signature Alarm Types
  • IPS Signature Actions
  • IPS Evasion Methods - Countermeasures

Web Security -Email Security - Endpoint Security

  • Web Based Attacks -Threats
  • Web Based Security
  • Cisco Web Security - WSA - CWS
  • What is WSA - How it Works
  • WSA Deployment Modes
  • Email Based Threats
  • Cisco Email Security - ESA - CES

 

To get a copy of video Online Access, please send mail us at info@noasolutions.com.
You can also contact us on the following numbers if any queries
WhatsApp - 9985048840, +91 – 7036826345, Call - +9140-66490380

 

TRAINER PROFILE