|
CISCO -
CCSP - SECUR (642-501)
|
Description
Securing Cisco IOS Networks (SECUR) is one of four exams required to achieve
Cisco Security Specialist, and is an elective for the Cisco Certified
Internetworking Professional (CCIP) designation. The SECUR trainingcourse
from ATS meets or exceeds all exam objectives for the Cisco SECUR exam.
Expert instructor Michael Storm explains network security essentials including
security policy development and evaluating security threats, as well as
demonstrating how to configure various CiscoSecure components including
PIX firewalls, perimeter routers and virtual private network clients.
At the conclusion of this training course you will understand basic network
security principles and be prepared to pass Cisco SECUR exam.
 
|
 |
Course
Outline
Module 1
Section A: Introduction Overview Cisco Certifications Advanced Certification
Outline
Section B: Security Weaknesses Unit One Primary Network Security Issue Security
Issues Technology Weaknesses TCP/IP Weaknesses OS & Network Weaknesses Configuration
Weaknesses Security Policy Weaknesses
Section C: CiscoSecure Products Overview PIX Firewall Integrated Software VPN
Client Access Control Server CiscoSecure Scanner Intruder Detection System Consulting
Services
Section D: Cisco's Security Approach Overview Rules 1-2 Rules 3-4 Rules 5-6
Rules 7-9 Rules 10-12 Cisco Security Solution
Section E: Network Reconnaissance Know Your Enemy Internal & External Threats
Network Intrusion Reconnaissance Target Discovery Ping Sweeps & Port Scans
Eavesdropping Counter-reconnaissance
Section F: Unauthorized Access Overview Gain Privileged Access Password Attacks
Gain Secondary Access Unsecure IP Applications Countermeasures Examples Attack
Prevention
Module 2
Section A: Denial of Service Overview Resource Overload Attack Out-of-Band Data
Attack Overlapped Packet Other DOS Attacks Countermeasures
Section B: Data Manipulation Overview IP Spoofing Session Replay & Hijacking
Session Replay Exploit Rerouting Exploit
Section C: Network Case Study Background Information Project Scope Security
Goals Dialup Access Internet Access Departments Proposed Secure Network
Section D: Network Security Policy Cost of Security Security Posture Assessment
SPA Phases Policy Rules Policy Requirements Policy Comments Using a Policy Monitor
Network Security Test Security Auditing Tools Random Auditing Improve Security
Posture
Section E: Securing the Admin Interface Potential Threats Common Vulnerabilities
Physical Devices Control Access Administrative Interface Secure Router Encrypt
Passwords Control Telnet Access
Section F: Securing SNMP Control SNMP Access SNMP Agent Functions SNMP Agent
Configuration Configuration Example Configure Traps & Informs
Module 3
Section A: Router-to-Router Security Overview Plaintext Authentication MDS Authentication
Secure Configuration Files Control Route Updates Filter Options Inside-out Network
Filter Router HTTP Control
Section B: Securing Ethernet Switches Password Options Telnet and SNMP Access
Switchport Security Campus Security Lab Verify Configuration Configure MD5 View
Configuration Secure SNMP Secure Telnet View Configuration
Section C: AAA Authentication AAA Security Architecture AAA Technology Protect
Access with AAA Authentication Methods S/Key Authentication S/Key Server Component
Token Card Authentication PAP & CHAP Authentication
Section D: AAA Security Authorization Methods Accounting Methods AAA Security
Servers TACACS RADIUS Kerberos Version 5 CiscoSecure ACS ACS for Windows NT
ACS for UNIX CiscoSecure GRS
Section E: AAA NAS Configuration NAS AAA Steps Secure Access Ports Globally
Enable AAA AAA Authentication Authentication Examples AAA Authorization AAA
Accounting Debut & Log
Module 4
Section A: CiscoSecure ACS Overview CSNT Features CSNT Requirements CSUNIX Features
ACS Interface User Setup Group Setup Network Configuration System Configuration
Interface Configuration
Section B: The Perimeter Environment Perimeter Routers Router Features Firewall
Feature Set Perimeter Components Firewall Implementations Firewall Products
Section C: Perimeter IOS Features Prevent Internet Attacks TCP/IP Control Commands
Packet Filtering Lock-and-Key Prevent DOS Attacks Control SYN Attacks Network
Layer Encryption
Section D: Perimeter Configuration Address Management NAT & PAT Translations
Dynamic NAT Logging Events Lab Requirements Security Configuration Access Lists
Section E: IOS Firewall Overview Intrusion Detection IDS Example IOS Firewall
Planning CBAC CBAC Restrictions CBAC Configuration
Section F: PIX Firewall Features Overview PIX Firewall Features Additional Features
Module 5
Section A: Basic PIX Operations Basic Concepts Adaptive Security Algorithm ASA
Advantages ASA Example ASA Operation Conduits & Static Static & Conduit
Example Rowe Command Cut-through Proxy
Section B: PIX Firewall Models Higher PIX Models Lower PIX Models Configure
PIX Firewall PDM Configuration Command Line Configuration
Section C: Basic PIX Configuration PIX Interface Security Built-in Security
Rules Additional Configuration Firewall Translations Test Basic Config Case
Study Complete Basic Config
Section D: Advanced PIX Configuration Overview Network Address Translation NAT
Commands NAT Example Required Configuration Multimedia Applications PIX Mail
Guard Other Protocols Syslog Output Other Useful Commands
Section E: PIX Management Functions PIX AAA Support PIX AAA Configuration Outbound
Access Control Outbound Access Examples URL Filtering SNMP on the PIX Configure
SNMP Failover Option Failover Configuration
Module 6
Section A: PIX Advanced Lab Requirements PIX Configuration More PIX Config
Section B: PIX Legacy VPN VPN Features Legacy VPN Example PPTP Support CiscoSecure
Policy Manager PIX Maintenance
Section C: Understanding Encryption Technology Encryption Benefits Encryption
Components Encryption Types DES Encryption MD5 Message Hashing DSS Encryption
Diffie-Hellman Key Agreement
Section D: Implementing CET Overview CET Operation Configure CET Crypto Maps
Test & Verify Diagnose Encryption CET Implementation
Section E: IPSec Basics Overview VPN Protocols IPSec Security Associations IKE
IPSec Transforms IPSec Modes IPSec Protection Scale IPSec Networks
Section F: Configuring IPSec Configuration Phases Preparation Preparing Sub-steps
IKE Policy IPSec Policy Final Prep Steps - IPSec Create Peer Policy Configure
Preshared Keys Verify IKE Policy Configure IPSec - Phase III Transform Sets
& Lifetimes Crypto ACL/Cry Test & Verify IPSec - Phase IV PIX Firewall
Section G: Scaling IPSec Using CA Sample CA Configuration Verify & Update
CA Use Dynamic Crypto MAP VPN Lab Configuration Check IPSec Configuration
Price Per User £ 810 (Bundle of 6)
Complementary Courses
Cisco VPN Secuity Training
Cisco PIX Firewall
Cisco CSIDS Intrusion Detection Systems
Cisco SAFE
Security+
<<Back
<<Contact Us
|
