Ccna security

7,099 views

Published on

Published in: Technology, Education
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
7,099
On SlideShare
0
From Embeds
0
Number of Embeds
30
Actions
Shares
0
Downloads
418
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide
  • More than any other area, Security and risk management skills are some of the most highly sought across the network and demand is growing. Recent CompTia study found 73% of IT professionals in mature countries identified security, data privacy, firewalls as most important skill but only 57% said their employees were proficient I these skills. 76% of IT profs. In developing countries identified security as most important, with 57% saying their professionals were proficient.Holders with be able to recognize threats and vulnerabilities to networks and mitigate security threats.For career starters, career switchers, career enhancers. Starters can build on foundation of R&S and specialize, R&S professionals can switch or broaden to new specialties.Those with vendor neutral certifications or knowledge in Symantec/checkpoint can expand to training on latest Cisco security technologies Cisco,More effective and successful in their job role—employers can now hire or add associate level skills in their security organizations to handle operating and monitoring tasks.Trained on the latest Cisco security technologies Will serve as pre-requisite for CCSP, for first year CCNA +SND will be accepted
  • Ccna security

    1. 1. CCNA SECURITY EVENING SEMINAR Deniz Kaya New Horizons Bulgaria
    2. 2. Situation: Global IT Talent Gap Challenge EvolutionoftheNetwork Time Voice Transport Telecommuting / VPN Wireless Web 2.0 Apps Unified Communications IP Video, TelePresence Enhanced Security Switching Routing Storage Role of the Network Grows Knowledge Gap Converged Solutions  50% of Security is secure routers.  35% of Voice is router-embedded.  Wireless is 15% and growing annually. 3.12 M Gap by 2012
    3. 3. In all markets, especially emerging markets, training and certification for specialized skills are in demand •80% of surveyed companies worldwide expect dedicated security role with 5 years (currently 46%) •69% expect dedicated voice role (40%) •66% expect dedicated wireless job role (36%) Forrester Consulting Findings…
    4. 4. Cisco Learning Partner COURSE: Implementing Cisco Unified Wireless Networking Essentials (IUWNE) EXAM: IUWNE 640-721 CCNA Wireless Cisco Learning Partner COURSE: Implementing Cisco IOS Network Security (IINS) EXAM: IINS 640-453 CCNA Security CCNA Concentrations: One Pre-Requisite Three Pathways to Success… Cisco Learning Partner COURSE: Implementing Cisco IOS Unified Communications (IIUC) EXAM: IIUC 640-460 CCNA Voice Requirements: Hold active CCNA Certification (640-802 CCNA comp exam or 640- 822 ICND1 and 640-816 ICND2 exams) and pass the corresponding CCNA Concentration exams
    5. 5. CCNA Security • Verifies an individual’s skills in the following roles: – Network Security Specialists – Security Administrators – Network Security Support Engineers • Enables installation, troubleshooting and monitoring of Cisco Security devices/technologies. • Ability to administer security policies and identify risks in networks • Serves as prerequisite for CCSP Certification • Employers hiring individuals can feel confident their staff has the skills needed to install, troubleshoot and monitor Cisco security technologies.
    6. 6. CCNA Security Overview • In-depth network security education • Comprehensive understanding of network security concepts • Hands-on knowledge and skills, emphasizing practical experience • For entry-level job roles in network security • Installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices • Prepares students for CCNA Security certification (IINS 640-553 exam)
    7. 7. Benefits for Students CCNA Security helps students: • Gain an introduction to core security technologies • Learn how to develop security policies and mitigate risks • Acquire the skills needed to develop a security infrastructure • Recognize vulnerabilities to networks • Mitigate potential security threats • Prepare for the CCNA Security certification exam • Start or build a career in networking security • Differentiate themselves in the market with specialized skills and expertise to achieve success
    8. 8. Security Certifications SND Cisco Certified Security Professional (CCSP) Certification (as originally designed) CCNA Certification (SND is Moved to CCNA Security) SNRS SNPA IPS Elective Exam SNAF IPS SNRS CCSP Certification (Revised in 2009) Professional-level Associate-level Elective Exam IINS exam (640-553) CCNA Security Course CCNA certification is a pre-requisite for CCNA Security certification CCNA Security Certification
    9. 9. CCNA Security Target Audience • Career starters seeking career-oriented, entry-level security specialist skills • Working IT professionals looking to expand their core routing and switching skills to change or enhance their career • Students in technical degree programs at institutions of higher education (colleges, universities, technical schools)
    10. 10. What is in the course? • Describe the security threats facing modern network infrastructures • Secure Cisco routers • Implement AAA on Cisco routers using local router database and external ACS • Mitigate threats to Cisco routers and networks using ACLs • Implement secure network management and reporting • Mitigate common Layer 2 attacks • Implement the Cisco IOS firewall feature set using SDM • Implement the Cisco IOS IPS feature set using SDM • Implement site-to-site VPNs on Cisco Routers using SDM
    11. 11. Describe the security threats facing modern network infrastructures • Describe and list mitigation methods for common network attacks • Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks • Describe the Cisco Self Defending Network architecture
    12. 12. Secure Cisco routers • Secure Cisco routers using the SDM Security Audit feature • Use the One-Step Lockdown feature in SDM to secure a Cisco router • Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements • Secure administrative access to Cisco routers by configuring multiple privilege levels • Secure administrative access to Cisco routers by configuring role based CLI • Secure the Cisco IOS image and configuration file No, too simple….
    13. 13. Implement AAA on Cisco routers using local router database and external ACS • Explain the functions and importance of AAA • Describe the features of TACACS+ and RADIUS AAA protocols • Configure AAA authentication • Configure AAA authorization • Configure AAA accounting
    14. 14. Mitigate threats to Cisco routers and networks using ACLs • Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets • Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI • Configure IP ACLs to prevent IP address spoofing using CLI • Discuss the caveats to be considered when building ACLs
    15. 15. Implement secure network management and reporting • Use CLI and SDM to configure SSH on Cisco routers to enable secured management access • Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server
    16. 16. Mitigate common Layer 2 attacks • Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features
    17. 17. Implement the Cisco IOS firewall feature set using SDM • Describe the operational strengths and weaknesses of the different firewall technologies • Explain stateful firewall operations and the function of the state table • Implement Zone Based Firewall using SDM
    18. 18. Implement the Cisco IOS IPS feature set using SDM • Define network based vs. host based intrusion detection and prevention • Explain IPS technologies, attack responses, and monitoring options • Enable and verify Cisco IOS IPS operations using SDM
    19. 19. Implement site-to-site VPNs on Cisco Routers using SDM • Explain the different methods used in cryptography • Explain IKE protocol functionality and phases • Describe the building blocks of IPSec and the security functions it provides • Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM
    20. 20. Q and A

    ×