CCIE_SECURITY_LAB.doc
Upcoming SlideShare
Loading in...5
×
 

CCIE_SECURITY_LAB.doc

on

  • 620 views

 

Statistics

Views

Total Views
620
Views on SlideShare
620
Embed Views
0

Actions

Likes
0
Downloads
10
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

CCIE_SECURITY_LAB.doc CCIE_SECURITY_LAB.doc Document Transcript

  • The following labs will be conducted during the boot camp: CCIE SECURITY LAB COURSE CONTENT I. Day 1 Firewall A. PIX and ASA Firewall 1. Basic Initialization 2. Access Management 3. Address Translation 4. ACLs 5. IP Routing 6. Object Groups 7. VLANs 8. AAA 9. VPNs 10. Filtering 11. Failover 12. Layer 2 Transparent Firewall 13. Security Contexts (Virtual Firewall) 14. Modular Policy Framework 15. Application-Aware Inspection 16. High Availability Scenarios 17. QoS Policies 18. Other Advanced Features B. IOS Firewall 1. CBAC 2. Audit 3. Auth Proxy 4. PAM 5. Access Control 6. Performance Tuning 7. Advanced Features Lab: ASA(Active/Active failover, Traffic inspection, Transparent firewall),CBAC Day 2 C. IPSec LAN-to-LAN D. SSL VPN E. DMVPN
  • F. CA (PKI) G. Remote Access VPN H. VPN3000 Concentrator I. VPN3000 IP Routing J. Unity Client K. WebVPN L. EzVPN Hardware Client M. XAuth, Split-tunnel, RRI, NAT-T N. High Availability O. QoS for VPN P. GRE, mGRE Q. L2TP R. PPTP S. Advanced VPN Features Lab: DMVPN, IPSEC High Availability, TED, Ezvpn Day3 II. Intrusion Prevention System (IPS) A. IPS 4200 Series Sensor Appliance B. Basic Initialization C. Sensor Configuration D. Sensor Management E. Promiscuous and Inline Monitoring F. Signature Tuning G. Custom Signatures H. Blocking I. TCP Resets J. Rate Limiting K. Signature Engines L. IDM M. Event Action N. Event Monitoring O. IOS IPS P. PIX IDS Q. SPAN, RSPAN R. Advanced Features III. Identity Management A. Security Protocols (RADIUS and TACACS+) B. Cisco Secure ACS Configuration C. Access Management (Telnet, SSH, Pwds, Priv Levels) D. Proxy Authentication
  • E. Service Authentication (FTP, Telnet, HTTP, other) F. Network Admission Control (NAC Framework solution) G. 802.1x H. Advanced Features Lab: IDS reset, IPS inline blocking, 802.1X, NAC, ACS (Radius, Tacacs+) Day 4 IV. Advanced Security A. Mitigation Techniques B. Packet Marking Techniques C. Security RFCs (RFC1918, RFC2827, RFC2401) D. Service Provider Security E. Black Holes, Sink Holes F. RTBH Filtering (Remote Triggered Black Hole) G. Traffic Filtering using Access-lists H. NAT I. TCP Intercept J. uRPF K. CAR L. NBAR M. NetFlow N. Flooding O. Spoofing P. Policing Q. Fragmentation R. Sniffer Traces S. Catalyst Management and Security T. Traffic Control and Congestion Management U. Catalyst Features and Advanced Configuration V. IOS Security Features Lab: NBAR, Virus Mitigation, Layer 2 attacks Day 5 V. Network Attacks A. Network Reconnaissance B. IP Spoofing Attacks C. MAC Spoofing Attacks D. ARP Spoofing Attacks E. Denial of Service (DoS) F. Distributed Denial of Service (DDoS)
  • G. Man-in-the-Middle (MiM) Attacks H. Port Redirection Attacks I. DHCP Attacks J. DNS Attacks K. Fragment Attacks L. Smurf Attacks M. SYN Attacks N. MAC Attacks O. VLAN Hopping Attacks P. Other Layer2 and Layer3 Attacks Lab: Layer 2 attacks, IP dhcp snooping, Virus/worm Mitigation Techniques Day 6: SuperLab1 Day 7: SuperLab2