CISCO - CCSP - SECUR (642-501)


Securing Cisco IOS Networks (SECUR) is one of four exams required to achieve Cisco Security Specialist, and is an elective for the Cisco Certified Internetworking Professional (CCIP) designation. The SECUR trainingcourse from ATS meets or exceeds all exam objectives for the Cisco SECUR exam. Expert instructor Michael Storm explains network security essentials including security policy development and evaluating security threats, as well as demonstrating how to configure various CiscoSecure components including PIX firewalls, perimeter routers and virtual private network clients. At the conclusion of this training course you will understand basic network security principles and be prepared to pass Cisco SECUR exam.

Course Outline

Module 1
Section A: Introduction Overview Cisco Certifications Advanced Certification Outline
Section B: Security Weaknesses Unit One Primary Network Security Issue Security Issues Technology Weaknesses TCP/IP Weaknesses OS & Network Weaknesses Configuration Weaknesses Security Policy Weaknesses
Section C: CiscoSecure Products Overview PIX Firewall Integrated Software VPN Client Access Control Server CiscoSecure Scanner Intruder Detection System Consulting Services
Section D: Cisco's Security Approach Overview Rules 1-2 Rules 3-4 Rules 5-6 Rules 7-9 Rules 10-12 Cisco Security Solution
Section E: Network Reconnaissance Know Your Enemy Internal & External Threats Network Intrusion Reconnaissance Target Discovery Ping Sweeps & Port Scans Eavesdropping Counter-reconnaissance
Section F: Unauthorized Access Overview Gain Privileged Access Password Attacks Gain Secondary Access Unsecure IP Applications Countermeasures Examples Attack Prevention

Module 2
Section A: Denial of Service Overview Resource Overload Attack Out-of-Band Data Attack Overlapped Packet Other DOS Attacks Countermeasures
Section B: Data Manipulation Overview IP Spoofing Session Replay & Hijacking Session Replay Exploit Rerouting Exploit
Section C: Network Case Study Background Information Project Scope Security Goals Dialup Access Internet Access Departments Proposed Secure Network
Section D: Network Security Policy Cost of Security Security Posture Assessment SPA Phases Policy Rules Policy Requirements Policy Comments Using a Policy Monitor Network Security Test Security Auditing Tools Random Auditing Improve Security Posture
Section E: Securing the Admin Interface Potential Threats Common Vulnerabilities Physical Devices Control Access Administrative Interface Secure Router Encrypt Passwords Control Telnet Access
Section F: Securing SNMP Control SNMP Access SNMP Agent Functions SNMP Agent Configuration Configuration Example Configure Traps & Informs

Module 3
Section A: Router-to-Router Security Overview Plaintext Authentication MDS Authentication Secure Configuration Files Control Route Updates Filter Options Inside-out Network Filter Router HTTP Control
Section B: Securing Ethernet Switches Password Options Telnet and SNMP Access Switchport Security Campus Security Lab Verify Configuration Configure MD5 View Configuration Secure SNMP Secure Telnet View Configuration
Section C: AAA Authentication AAA Security Architecture AAA Technology Protect Access with AAA Authentication Methods S/Key Authentication S/Key Server Component Token Card Authentication PAP & CHAP Authentication
Section D: AAA Security Authorization Methods Accounting Methods AAA Security Servers TACACS RADIUS Kerberos Version 5 CiscoSecure ACS ACS for Windows NT ACS for UNIX CiscoSecure GRS
Section E: AAA NAS Configuration NAS AAA Steps Secure Access Ports Globally Enable AAA AAA Authentication Authentication Examples AAA Authorization AAA Accounting Debut & Log

Module 4
Section A: CiscoSecure ACS Overview CSNT Features CSNT Requirements CSUNIX Features ACS Interface User Setup Group Setup Network Configuration System Configuration Interface Configuration
Section B: The Perimeter Environment Perimeter Routers Router Features Firewall Feature Set Perimeter Components Firewall Implementations Firewall Products
Section C: Perimeter IOS Features Prevent Internet Attacks TCP/IP Control Commands Packet Filtering Lock-and-Key Prevent DOS Attacks Control SYN Attacks Network Layer Encryption
Section D: Perimeter Configuration Address Management NAT & PAT Translations Dynamic NAT Logging Events Lab Requirements Security Configuration Access Lists
Section E: IOS Firewall Overview Intrusion Detection IDS Example IOS Firewall Planning CBAC CBAC Restrictions CBAC Configuration
Section F: PIX Firewall Features Overview PIX Firewall Features Additional Features

Module 5
Section A: Basic PIX Operations Basic Concepts Adaptive Security Algorithm ASA Advantages ASA Example ASA Operation Conduits & Static Static & Conduit Example Rowe Command Cut-through Proxy
Section B: PIX Firewall Models Higher PIX Models Lower PIX Models Configure PIX Firewall PDM Configuration Command Line Configuration
Section C: Basic PIX Configuration PIX Interface Security Built-in Security Rules Additional Configuration Firewall Translations Test Basic Config Case Study Complete Basic Config
Section D: Advanced PIX Configuration Overview Network Address Translation NAT Commands NAT Example Required Configuration Multimedia Applications PIX Mail Guard Other Protocols Syslog Output Other Useful Commands
Section E: PIX Management Functions PIX AAA Support PIX AAA Configuration Outbound Access Control Outbound Access Examples URL Filtering SNMP on the PIX Configure SNMP Failover Option Failover Configuration

Module 6
Section A: PIX Advanced Lab Requirements PIX Configuration More PIX Config
Section B: PIX Legacy VPN VPN Features Legacy VPN Example PPTP Support CiscoSecure Policy Manager PIX Maintenance
Section C: Understanding Encryption Technology Encryption Benefits Encryption Components Encryption Types DES Encryption MD5 Message Hashing DSS Encryption Diffie-Hellman Key Agreement
Section D: Implementing CET Overview CET Operation Configure CET Crypto Maps Test & Verify Diagnose Encryption CET Implementation
Section E: IPSec Basics Overview VPN Protocols IPSec Security Associations IKE IPSec Transforms IPSec Modes IPSec Protection Scale IPSec Networks
Section F: Configuring IPSec Configuration Phases Preparation Preparing Sub-steps IKE Policy IPSec Policy Final Prep Steps - IPSec Create Peer Policy Configure Preshared Keys Verify IKE Policy Configure IPSec - Phase III Transform Sets & Lifetimes Crypto ACL/Cry Test & Verify IPSec - Phase IV PIX Firewall
Section G: Scaling IPSec Using CA Sample CA Configuration Verify & Update CA Use Dynamic Crypto MAP VPN Lab Configuration Check IPSec Configuration

Price Per User £ 810 (Bundle of 6)

Complementary Courses
Cisco VPN Secuity Training
Cisco PIX Firewall
Cisco CSIDS Intrusion Detection Systems
Cisco SAFE

<<Back <<Contact Us