-
0 -
3 -
11 -
1544
2134 plików
81,54 GB
Załączam tylko 1 płytę DVD, która jest najważniejsza z kursu.
Cisco CCNA Security Training - Course Outline
Lesson 1 - Introduction - Welcome to Your CCNA Security Video Course!
Meet your instructor Chris Bryant and get started right way with exam preparation tips.
About Your Instructor
Exam Prep Tips
Lesson 2 - Hackers - Their Motives and Methods
Learn about Hacker Roles and why they hack. Discover what your Network Security Goals should be, and how to implement Network Security Best Practices to achieve those goals to keep from suffering the consequences of ineffective network security.
Why Do Hackers Hack?
General Network Security Goals
The Consequences of Ineffective Network Security
Where Network Attacks Originate From
Social Engineering Attacks
Trojan Horses and Privilege Escalation Attacks
Using Ping Sweeps and Port Scans on Your Own Network
Best Practices
Lesson 3 - Introduction to SDM (Security Device Manager)
Improve productivity, simplify router deployments, and troubleshoot complex connectivity issues using the Security Device Manager. Plus, launch, login, and tour SDM and discover some Real World SDM issues as you learn to manage your router away from the Command Line.
Cisco’s Security Device Manager (SDM)
Pre-installation Configuration
Installing SDM
Launching and Loading SDM
SDM Settings - User Preferences
SDM Configure Window
Additional Tasks Tab
SDM Monitor Window
SDM in Internet Explorer Problem
Lesson 4 - Authentication, Authorization, and Accounting (AAA)
Learn how Authentication works in AAA, what happens when you specify different devices used for Authentication, and discover commands used in Authentication, Authorization, and Accounting that will be useful in the real world and on the exam. Plus, configure TACAS+ and RADIUS security protocols.
What is AAA?
TACAS+ vs. RADIUS
TACAS+ and RADIUS Configuration
Authentication Configuration
No Authentication Option
Telnet Login Problem
Real World Not About AAA Lists
Using AAA for Privileged EXEC Mode and PPP
Accounting
Authorization
Configuring AAA with SDM
Lesson 5 - Layer 2 Security
Learn how to prevent security threats like CAM Overflow attacks by configuring and implementing Port Security, Sticky Addresses, Lightweight Extensible Authentication Protocol (LEAP), and SPAN. Plus, discover the relationship between DHCP Snooping, Dynamic ARP Inspection, and IP Source Guard and learn to configure and operate Root Guard and BPDU Guard.
Basic L2 Security Features
Cisco Password Rules Review
Preventing CAM Overflow Attacks with Port Security
Port Security
Configuring Port Security
Misconfiguring Port Security
Aging Time for Secure Addresses
Sticky Addresses
Configuring MAC Table Event Notification
Dot1x Port-Based Authentication
Cisco Lightweight Extensible Authentication Protocol (LEAP)
Extensible Authentiaction Protocol-Flexible Authentication via Secure Tunneling (EAP-FAST)
Local SPAN Configuration
Remote SPAN Configuration
Filtering Intra-VLAN Traffic
VLAN Access List (VACL)
Private VLAN
DHCP Snooping
Dynamic ARP Inspection
IP Source Guard
MAC Address Flooding Attacks
VLAN Hopping
Root Guard
BPDU Guard
Lesson 6 - Layer 3 Security
This is one of the most important Videos in the course because of the volume of detailed information that you will use on the exam and in the real world. Learn about “Salting” your MD5 to make an encrypted password even stronger and discover how Network Time Protocol (NTP) will be important in your security deployment. Plus, learn to configure and use Superviews, Autosecure, Security Audits, and One-Step Lockdown via SDM to thwart ICMP based attacks, IP Spoofing, and Recon Attacks.
Configuring Enable Password
Privileged Level Password vs. Privleged Level Secret
Encrypting Passwords
Strong Passwords vs. Weak Passwords
Creating and Testing Minimum Length Password Policy
“Salting” your MD5
Network Time Protocol (NTP)
Configuring NTP Master Time Source
Synchronizing System Clocks
Configuring Peering with NTP Peers Command
Other Clock Commands
Telnet and SSH
Creating Banners
Different Types of Network Attacks
Denial of Services (DoS) Attack and SYN Flooding Attack
TCP Intercept Defense
ICMP (Ping) Sweep, Port Scan and Port Sweep
Ping of Death vs. Invite of Death and Ping Floods
Smurf Attacks
Availability Attacks: Don’t Forget the Physical Layer!
IP Spoofing
IP Source Routing
Packet Sniffers and Queries
Other Confidentiality Attacks
Password Attacks
Salami Attack
Other Network Attacks Types - Trust Exploitation
Superviews - Role-Based CLI Views
AutoSecure
One-Step Lockdown
Security Audit
NTP and SSH in SDM
Differences Between SDM and AutoSecure
SNMP
Logging
Viruses and Worms
Cisco IOS Logging Enhancements
Buffer Overflow
Cisco IOS Resilient Conofiguration and Login Enhancements
exec-timeout Command
Lesson 7 - The Intrusion Prevention System (IPS)
Learn the differences between Intrusion Detection (IDS) and Intrusion Prevention (IPS) and how they operate. Plus, discover the different approaches to identifying malicious traffic and learn to use NIPS, HIPS and Honeypots to stop it. We’ll also configure your Intrusion Prevention System using the Security Device Manager (SDM) and we’ll use the Command Line to verify this IPS configuration.
Intrusion Detection (IDS) vs. Intrusion Prevention (IPS)
Signatures and Signature Types
NIPS and HIPS
Honeypots
Configuring IPS in SDM
Editing IPS Rules
Editing Global Settings
SDEE Message Logs
Viewing Signatures
Editing and Deleting Signatures
Verifying Your IPS Configuration
Lesson 8 - Firewalls
Learn to enable a Cisco router to act as a firewall using the Cisco IOS Firewall Set. Plus, discover concepts relatively new to Cisco like Zone-based Firewalls that are meant to phase out CBAC and the “ip inspect” command. We’ll also configure and edit a firewall using the Security Device Manager’s (SDM) Basic Firewall Wizard and we’ll draw distinctions between the Basic Firewall Wizard and SDM’s Advanced Firewall Wizard.
Firewall Basics
Stateless and Stateful Firewalls
Application Layer Gateway (ALG)
The Cisco IOS Firewall Feature Set Components
Authentication Proxy
Plan for Firewall Success Then Succeed!
ACL Review
Extended ACL Review
Extended Access Control Lists
Real-World ACL Success Tips
Introduction to Turbo ACLs
CBAC and “ip inspect” command
Real-World Tips and Best Practices
TCP and UDP Generic Inspection
Deep Pocket Inspection (DPI)
Zone-Based Firewall Configuration
Class Maps and Policy Maps
Basic Zone Commands
Configuring Zone Pairs
Configuring Firewall with SDM’s Basic Firewall Wizard
Editing Firewall with SDM
SDM’s Advanced Firewall Wizard
Watch Your Directions - More Tips
ICMP Inspection
Final Note
Lesson 9 - Cryptography and Virtual Private Networks (VPNs)
Learn how Asymetric and Symetric Algorithms can be used to implement Cryptography Techniques that help encrypt clear text passwords. Plus, configure your own IKE policy using the Command Line and get your hands dirty by using the Security Device Manager (SDM) to configure Site-to-Site VPN and Generic Routing Encapsulation (GRE) over IPsec.
Cryptography Techniques
Asymmetric and Symmetric Algorithms
RSA Algorithm
Diffie-Hellman (DH)
A Word or Two About SHA
What is VPN?
VPN Terminology and Theory
Introduction to PKI and the Certificate of Authority
Public Key Cryptography Standards (PKCS)
Internet Key Exchange (IKE)
Steps to Configure Site-to-Site VPN
Configuring IKE Policy Using Command Line
Policy Match Criteria
Crypto ACLs
Mirror Configuration
Creating Crypto Map
Using SDM to Configure Site-to-Site VPN
Generating Mirror in SDM
Testing Our Configuration
Verifying SDM Configuration Using Command Line
The Return of Generic Routing Encapsulation (GRE) Over IPSec
Using SDM to Configure GRE over IPSec
Lesson 10 - Introduction to Voice and SAN Security
You do not need to be an expert in Voice Networking or Storage Area Networking (SAN) to learn how to keep these types of networks secure. Learn the differences between FCAP and FCPAP, discover the details of LUN and LUN Masking, and delve deeper into VoIP (Voice Over IP). Whatever your experience level may be, this detailed overview of Voice and SAN Networking will provide you the insight you need to get into one of the fastest growing areas in the IT field.
Voice Over IP Overview
Gateways and Gatekeepers
VoIP Protocols
Typical VoIP Attacks and Precautions
Introduction to Storage Area Networking (SAN)
SAN Transport Technologies and Protocols
SAN Security - LUNS and LUN Masking
SAN Zones
Virtual SANs (VSANs)
FCAP and FCPAP
Lesson 11 - Introduction to Cisco Network Solutions
This video will introduce you to Cisco Network Solutions including: ASA 5500, Cisco Self-Defending Network, Cisco Security Management Suite, and Cisco Security Agent. Plus, learn about the five phases of the Cisco SDLC (System Development Life Cycle) and discover the differences between Quantitative Risk Analysis and Qualitative Risk Analysis.
System Development Life Cycle
Cisco SDLC Phase 1 - Initiation
Cisco SDLC Phase 2 - Acquisition and Development
Cisco SDLC Phase 3 - Implementation
Cisco SDLC Phase 4 - Operation and Maintenance
Cisco SDLC Final Phase - Disposition
Disaster Recover - Hot, Warm and Cold Sites
Risk Analysis - Quantitative and Qualitative
Cisco Self-Defending Network
Cisco Security Management Suite
IronPort
Cisco Security Agent
Cisco Security Agent Interceptors
Cisco ACS
“in-band” and “out of band”
Nie ma plików w tym folderze
-
0 -
0 -
0 -
0
0 plików
0 KB