|
CISCO -
CCSP - PIX Firewall Training CSPFA (642-521)
Description
The Cisco Secure PIX Firewall Advanced (CSPFA) exam (642-521) is one of
five required for the Cisco Security Specialist. In the Cisco PIX Firewall
training course from ATS, you’ll learn how to define and describe network
firewall security procedures and how they work specifically with Cisco PIX
firewalls. Expert instructor Michael Storm will demonstrate how to configure
PIX firewall interfaces, protocols and attack guards to protect networks
from security threats that may arrive via Internet traffic. At the conclusion
of this training course you will be prepared to pass the Cisco Secure PIX
Firewall Advanced exam.
 
|
 |
Course
Outline
Module 1
Section A: Introduction Network Threats Certifications CCIP Course Focus
Section B: Security Threats/Solutions Types of Threats Attack Types Security
Process Security Wheel Security Network Monitor Test/Improve SAFE Framework
Section C: Firewall Technologies Overview Bastion Host Firewall Perimeter Network
Categories Packet Filters Proxy Filters Stateful Packet
Section D: PIX Firewall Features Overview ASA Firewall Traffic Large Enterprise
Med/Large Enterprise Med/Small Enterprise Small Enterprise
Section E: PIX Maintenance Accessing Basic Commands Configuration/Testing New
OS Install Monitor Mode Upgrade OS Password Recovery
Section F: Upgrade PIX OS Show Version New PIX Upgrade New PIX PW Recovery Boot
Recovery Disk Old PIX PW Recovery
Section G: ASA Security Rules Configuration Concepts Security Levels Traffic
Flow Rules Interface Associations Using Security Levels Advantages Algorithm
Conduits
Module 2
Section A: ASA Operations Negotiations Translation Address Assignment Response
Packets
Section B: Six Basic Commands Overview Nameif Interface IP Address NAT Global
Route View Configuration
Section C: Configure PIX Firewall Basic Lab Security Levels Interface Info IP
Addresses Route Address Translation Save/Verify
Section D: Translation Rules TCP/IP Conversations Inside to Outside Outside
to Inside Static Conduit Static/Conduit Example Using ACLs Additional Features
Section E: NAT and PAT Address Allocation NAT Types Address Management NAT/PAT
Limitations NAT Configurations PIX Configuration Managing Translations Managing
Connections
Section F: PIX Device Manager Overview PDM 2.1x Features PDM 3.0 Features Requirements
Install/Upgrade Prepare for PDM Download PDM
Module 3
Section A: Configure PIX with PDM Load PDM PDM Startup Wizard Save Configuration
Access/Translation Hosts/Networks Static Translations Create an ACL System Properties
Section B: Object Grouping Overview Use Object Group ICMP Groups Network Groups
Protocol Groups Service Groups Nesting Groups Groups in PDM
Section C: Syslog Overview Configuring Syslog Logging Levels
Section D: Cut-Through Proxy AAA Support Security Architecture AAA Technology
Remote Security DB Secure ACS Install ACS Advanced Options
Section E: CSACS Configuration ACS Interface Create User Group Setup
Section F: AAA Configuration Overview Authentication Configure Authorization
Enable Authentication Accounting Verification Commands
Section G: Advanced Protocol Handling Overview Protocol Operations FTP Protocol
Rsh Protocol SQL*Net Protocol Configure Fixup
Module 4
Section A: Multimedia Operation Overview Firewall Functions Enable Multimedia
Add Protocols New Version Support
Section B: Attack Guard Mail Guard DNS Guard Frag/Flood Guard Other Options
Websense
Section C: Service Configuration DHCP Server DHCP Config. Steps Config. Example
Intrusion Detection IDS Configuration PDM Service Config. Setup PDM IDS Verify
Audit
Section D: Failover Overview Failover Events Failover Transfer Failover Communication
Monitoring/Testing Failover Types Failover Example Failover Configuration
Section E: IPSec/VPN Overview VPN Topologies VPN Scenarios IPSec IPSec Standards
More IPSec Standards Security Associations
Section F: IPSec Process Overview IPSec Modes IPSec Protection Scaling IPSec
Networks Supported CA Servers
Module 5
Section A: Configuring IPSec Overview Create IKE Policies Pre-shared Keys Crypto
Access Lists Transform Sets Crypto Maps Verify Configuration
Section B: Scaling IPSec Configure CA Sample CA Verify/Update CA
Section C: Configuring PIX VPN Create Access Lists ISAKMP Policy Crypto Map
Check Configuration
Section D: PPPoE/VPN with PDM PPPoE PPPoE on PIX Create Site-to-Site IPSec IKE
Policy Remote Access VPN Authentication Authorization
Section E: Configuring CSIS IOS Firewall IDS Configuration CBAC CBAC Configuration
ACL Filtering Lock-and-Key Prevent DoS Attacks Logging Events
Section F: Authentication Proxy Overview Configuring Auth-Proxy Add Auth-Proxy
Custom Attributes AAA & Auth-Pro
Module 6
Section A: Version 6.3 · Technology Updates · 6.3 vs. 6.2 ·
6.3 Additional Features · Enhanced Security · Other Support
Section B: Security & Licensing · Conduits to ACLs · Conduits
vs. ACLs · Conversion Tools · Licensing Process · Licensing
Options · Activation Key
Section C: 6.3 VPN Enhancements · AES · AES Cipher Process ·
NAT Traversal for IPSec · Enable PIX NAT-T · Management Tools
· VPN Wizard · VPDN Mode Configuration
Section D: Enterprise-Level PIX · FWSM · FWSM Requirements ·
Enterprise Management · Install Mgmt. Console · Prepare PIX Firewall
· Management Center
Section E: Workflow in MC · Basic User Taskflow · Workflow/Tasks
· Implement Steps · Create Activity · Import/Create Device
· View Settings · Access Rules · Deploy Configuration
Section F: Auto Update Server · Setup AUS · Using Auto Update
· Reporting · Administration
Price Per User £ 810 (Bundle of 6)
Complementary Courses
Cisco SECURE
Cisco VPN Security
Cisco CSIDS Intrusion Detection Systems
Cisco SAFE CSI Security
Security+
<<Back
<<Contact Us
|
