Specialized Pentesting Courses | Home | About | Contact | Blog | Glossary         



Download in PDF:    This Course   

Cisco Certified Network Associate (CCNA) Security

More than any other area, security and risk management skills are some of the highly sought across the network, and demand is continuing to grow. The Cisco CCNA Security certification meets the needs of today's IT professionals responsible for network security.

Cisco Certified Network Associate Security (CCNA Security) validates associate-level knowledge and skills required to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the technologies that Cisco uses in its security structure.

Students preparing for CCNA Security certification exam can opt for the exam paper mentioned in the table below.

CCNA Security Certification Track

CCNA Security Prerequisites

  • Valid CCNA or any CCIE Certification can act as a pre-requisite

  • Exams Exam Code Recommended Training Exam Fee
     Exam 1   640-553 IINS   Implementing Cisco IOS Network Security (IINS v1.0) $250
     Exam 1   640-554 IINS   Implementing Cisco IOS Network Security (IINS v2.0) $250
    640-553IINS v1.0 expires on September 30, 2012

    Training we offer:

    Course Name  CCNA Security ( IINS ) 
    Course Duration  2 weeks 
    Course Mode  Training Academy or On-site Training for Corporates & Colleges
    Prerequisite  CCNA 

    CCNA Security Syllabus

    Network Address Translation
  • Basics of NAT and PAT
  • Configuring NAT and PAT
  • Maintaining NAT and PAT
  • Advanced Concepts

  • Introduction to Network Security Principles
  • Network Security Fundamentals
  • Network Attack Methodologies
  • Testing Network for Weaknesses
  • Operations Security
  • Security Policy
  • Building Cisco Self-Defending Networks
  • Cryptographic Services
  • Symmetric Encryption
  • Cryptographic Hashes and Digital Signatures
  • Asymmetric Encryption and PKI

  • Securing IOS Administrative Access
  • Set Passwords on the Physical Lines
  • Set Passwords on Virtual Consoles
  • Other securiyt parameters
  • Privilege Levels

  • Preparing Cisco SDM
  • Install SDM on the Admin PC
  • Manage IOS-FW Keys and Certificates
  • Verify Router Configuration

  • Perimeter Security
  • Configuring IOS AAA with the Local Database
  • Configure Role-Based CLI
  • Role-Based CLI and AAA Authorization
  • SDM's Built-In Roles
  • Enhanced Login Features
  • Verify the Router Configuration
  • Configuring IOS AAA with ACS
  • Set Up IOS-FW to ACS Communication
  • Configure ACS-Based Authentication & Authorization
  • Configure ACS & Active Directory Integration
  • Test the Fallback Method
  • Command Authorization Sets
  • AAA Accounting
  • Implementing Secure Management & Reporting
  • Locking Down the Router
  • Verify the Router Configuration

  • IOS Secure Management and Reporting
  • Configure SSH Server
  • Configure NTP on the IOS-FW and Perimeter Router
  • Configure Syslog on the IOS-FW
  • Configure Syslog on the Perimeter Router
  • Configure Unicast-RPF Verification
  • Configure Route Authentication
  • Verify the Router Configuration

  • Packet Filtering Using ACLs
  • Limit VTY Access
  • Filter Bogon Packets, Allow Outbound Connections
  • Understand Packet Filter Limitations
  • Allow Expected Traffic to the DMZ Server
  • Allow Other Services from the Inside
  • Test ACL Policy
  • Insert Lines into an Existing ACL
  • Verify Router Configuration

  • IOS Zone-Based Firewall
  • Basic Firewall Wizard
  • Implement the DMZ Inbound & DMZ Outbound
  • Allow Perimeter Router Management
  • Demonstrate Attack Mitigation
  • Verify the Router Configuration

  • Virtual Private Networks
  • Site-to-Site VPN: Traditional & IPsec
  • Site-to-Site VPN: GRE and IPsec
  • Configuring IPsec on a Site-to-Site VPN Using Cisco SDM
  • Configuring IPsec on a Site-to-Site VPN CLI
  • Generate, Update and Apply the Mirror Configuration
  • Troubleshoot the Tunnel
  • IPsec over GRE
  • Verify the Router Configuration

  • IOS Intrusion Prevention System
  • IOS IPS Wizard
  • Deobfuscation
  • Signature Definitions
  • IPS Manager Express
  • Signature Actions
  • Event Action Overrides & Filters
  • Verify the Router Configuration

  • LAN, SAN, Voice & Endpoint Security Overview
  • Endpoint Security
  • SAN Security
  • Voice Security
  • Mitigating Layer 2 Attacks

  • Layer 2 Security
  • Perform Port Based Attacks
  • Configure Port Security
  • Demonstrate Attack Mitigation
  • Perform an ARP Cache Poisoning Attack
  • Configure Private VLAN Edge
  • Verify the Switch Configuration

  • Back to top

    ARIZONA Infotech © Copyright 2020 . All Rights Reserved