Cisco CCNA Security Boot Camp
Click Here to View Schedules & Pricing and to Enroll Online
Duration: 5 days
Implementing Cisco IOS Network Security (IINS) v2.0 is a 5-day instructor-led course that is presented by Cisco Training Partners to end users and channel partner customers. The content focuses on the design, implementation, and monitoring of a comprehensive security policy, using Cisco IOS security features and technologies as examples. The course covers security controls of Cisco IOS devices as well as a functional introduction to the Cisco Adaptive Security Appliance (ASA). Using instructor-led discussion, lecture, and hands-on lab exercises, this course allows learners to perform basic tasks to secure a small branch office network using Cisco IOS security features available though web-based GUIs (Cisco Configuration Professional) and the CLI on Cisco routers, switches, and ASAs.
This accelerated course focuses on the necessity of a comprehensive security policy and how it affects the posture of the network. Learners will be able to perform basic tasks to secure a small branch type office network using Cisco IOS security features available through web-based GUIs (Cisco Router and Security Device Manager [SDM]) and the command-line interface (CLI) on the Cisco routers and switches.
The CCNA Security certification lays the foundation for job roles such as Network Security Specialist, Security Administrator and Network Security Support Engineer. It is the first step for individuals wishing to obtain their CCNP Security certification.
• Working knowledge of the Windows operating system.
Cisco Certified Network Associate Security (CCNA® Security) validates associate-level knowledge and skills required to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the technologies that Cisco uses in its security structure. Information Systems Security (INFOSEC) Professional Recognition
The National Security Agency (NSA) and the Committee on National Security Systems (CNSS) recognizes that Cisco CCNA Security courseware meets the CNSS 4011 training standard. Valid CCNA or any CCIE Certification can act as a pre-requisite.
The complete Cisco® Press courseware
Subject Matter Experts for instructors. Our instructors are unequaled among training providers, and hold the most prestigious certifications and cutting-edge expertise. They are available to you throughout the day for the length of the course for group instruction, lab exercise leadership and individual coaching.
We teach to accommodate every student's learning needs, including instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, question and answer drills, and friendly competitions between concurrently running classes.
Lab manuals, guidebooks, and Measure Up self-testing software are utilized to augment your courseware and instruction. Best of all, the instructors are with you every step of the way.
State-of-the-art educational facilities. The school has dedicated, well-equipped educational facilities where you will attend instruction and labs, and have access to comfortable study and lounging rooms. Our students consistently say our facilities are unsurpassed!
Breakfast, snacks, freshly-brewed coffee, tea and water are available throughout the day at the training site. Our training facilities are located within walking distance of several eateries and restaurants, offering students the opportunity to satisfy their own tastes and dietary requirements
Test Engine for practice exams
CertSim Practice Test with Cisco Router Simulation
The book in PDF format
Certification test vouchers
Seven (7) full days of intensive instruction, labs, and review
Hands-on practice and skills development on real Cisco Equipment
Unlimited Practice Tests
The exam is delivered at the training center, which is an authorized VUE Testing Center. We will provide a large number of testing stations dedicated to the boot camp. A test administrator will be available throughout the day, and in the evening to register you for the tests.
The Academy is now delivering authorized Cisco® training, as a sponsored organization of Element K a Cisco® Learning Solutions Partner. The Academy has a seven (7)- year history with technical training courses. The Academy is’s premier corporate Information Technology (IT) training provider. As a Cisco® sponsored training center, The Academy is now accepting Cisco® Learning Credits as a payment option.
Topic 1: Describe the security threats facing modern network infrastructures
• Describe and list mitigation methods for common network attacks
• Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks
• Describe the Cisco Self Defending Network architecture
Topic 2: Secure Cisco routers
• Secure Cisco routers using the SDM Security Audit feature
• Use the One-Step Lockdown feature in SDM to secure a Cisco router
• Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements
• Secure administrative access to Cisco routers by configuring multiple privilege levels
• Secure administrative access to Cisco routers by configuring role based CLI
• Secure the Cisco IOS image and configuration file
Topic 3: Implement AAA on Cisco routers using local router database and external ACS
• Explain the functions and importance of AAA
• Describe the features of TACACS+ and RADIUS AAA protocols
• Configure AAA authentication
• Configure AAA authorization
• Configure AAA accounting
Topic 4: Mitigate threats to Cisco routers and networks using ACLs
• Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets
• Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
• Configure IP ACLs to prevent IP address spoofing using CLI
• Discuss the caveats to be considered when building ACLs
Topic 5: Implement secure network management and reporting
• Use CLI and SDM to configure SSH on Cisco routers to enable secured management access
• Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server
Topic 6: Mitigate common Layer 2 attacks
• Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features
Topic 7: Implement the Cisco IOS firewall feature set using SDM
• Describe the operational strengths and weaknesses of the different firewall technologies
• Explain stateful firewall operations and the function of the state table
• Implement Zone Based Firewall using SDM
Topic 8: Implement the Cisco IOS IPS feature set using SDM
• Define network based vs. host based intrusion detection and prevention
• Explain IPS technologies, attack responses, and monitoring options
• Enable and verify Cisco IOS IPS operations using SDM
Topic 9: Implement site-to-site VPNs on Cisco Routers using SDM
• Explain the different methods used in cryptography
• Explain IKE protocol functionality and phases
• Describe the building blocks of IPSec and the security functions it provides
• Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM
- 640-554 IINS : Implementing Cisco IOS Network Security (IINS v2.0)
Academy Code of Honor
The Academy guarantees that students shall pass all vendor examinations during the training program or may re-attend within one year of the program completion date. Students will only be responsible for accommodations and vendor exam fees.