 |
||
CISCO -
CCSP - SECUR (642-501)
|
Description
|
 |
Course
Outline
Module 1
Section A: Introduction Overview Cisco Certifications Advanced Certification
Outline
Section B: Security Weaknesses Unit One Primary Network Security Issue Security
Issues Technology Weaknesses TCP/IP Weaknesses OS & Network Weaknesses Configuration
Weaknesses Security Policy Weaknesses
Section C: CiscoSecure Products Overview PIX Firewall Integrated Software VPN
Client Access Control Server CiscoSecure Scanner Intruder Detection System Consulting
Services
Section D: Cisco's Security Approach Overview Rules 1-2 Rules 3-4 Rules 5-6
Rules 7-9 Rules 10-12 Cisco Security Solution
Section E: Network Reconnaissance Know Your Enemy Internal & External Threats
Network Intrusion Reconnaissance Target Discovery Ping Sweeps & Port Scans
Eavesdropping Counter-reconnaissance
Section F: Unauthorized Access Overview Gain Privileged Access Password Attacks
Gain Secondary Access Unsecure IP Applications Countermeasures Examples Attack
Prevention
Module 2
Section A: Denial of Service Overview Resource Overload Attack Out-of-Band Data
Attack Overlapped Packet Other DOS Attacks Countermeasures
Section B: Data Manipulation Overview IP Spoofing Session Replay & Hijacking
Session Replay Exploit Rerouting Exploit
Section C: Network Case Study Background Information Project Scope Security
Goals Dialup Access Internet Access Departments Proposed Secure Network
Section D: Network Security Policy Cost of Security Security Posture Assessment
SPA Phases Policy Rules Policy Requirements Policy Comments Using a Policy Monitor
Network Security Test Security Auditing Tools Random Auditing Improve Security
Posture
Section E: Securing the Admin Interface Potential Threats Common Vulnerabilities
Physical Devices Control Access Administrative Interface Secure Router Encrypt
Passwords Control Telnet Access
Section F: Securing SNMP Control SNMP Access SNMP Agent Functions SNMP Agent
Configuration Configuration Example Configure Traps & Informs
Module 3
Section A: Router-to-Router Security Overview Plaintext Authentication MDS Authentication
Secure Configuration Files Control Route Updates Filter Options Inside-out Network
Filter Router HTTP Control
Section B: Securing Ethernet Switches Password Options Telnet and SNMP Access
Switchport Security Campus Security Lab Verify Configuration Configure MD5 View
Configuration Secure SNMP Secure Telnet View Configuration
Section C: AAA Authentication AAA Security Architecture AAA Technology Protect
Access with AAA Authentication Methods S/Key Authentication S/Key Server Component
Token Card Authentication PAP & CHAP Authentication
Section D: AAA Security Authorization Methods Accounting Methods AAA Security
Servers TACACS RADIUS Kerberos Version 5 CiscoSecure ACS ACS for Windows NT
ACS for UNIX CiscoSecure GRS
Section E: AAA NAS Configuration NAS AAA Steps Secure Access Ports Globally
Enable AAA AAA Authentication Authentication Examples AAA Authorization AAA
Accounting Debut & Log
Module 4
Section A: CiscoSecure ACS Overview CSNT Features CSNT Requirements CSUNIX Features
ACS Interface User Setup Group Setup Network Configuration System Configuration
Interface Configuration
Section B: The Perimeter Environment Perimeter Routers Router Features Firewall
Feature Set Perimeter Components Firewall Implementations Firewall Products
Section C: Perimeter IOS Features Prevent Internet Attacks TCP/IP Control Commands
Packet Filtering Lock-and-Key Prevent DOS Attacks Control SYN Attacks Network
Layer Encryption
Section D: Perimeter Configuration Address Management NAT & PAT Translations
Dynamic NAT Logging Events Lab Requirements Security Configuration Access Lists
Section E: IOS Firewall Overview Intrusion Detection IDS Example IOS Firewall
Planning CBAC CBAC Restrictions CBAC Configuration
Section F: PIX Firewall Features Overview PIX Firewall Features Additional Features
Module 5
Section A: Basic PIX Operations Basic Concepts Adaptive Security Algorithm ASA
Advantages ASA Example ASA Operation Conduits & Static Static & Conduit
Example Rowe Command Cut-through Proxy
Section B: PIX Firewall Models Higher PIX Models Lower PIX Models Configure
PIX Firewall PDM Configuration Command Line Configuration
Section C: Basic PIX Configuration PIX Interface Security Built-in Security
Rules Additional Configuration Firewall Translations Test Basic Config Case
Study Complete Basic Config
Section D: Advanced PIX Configuration Overview Network Address Translation NAT
Commands NAT Example Required Configuration Multimedia Applications PIX Mail
Guard Other Protocols Syslog Output Other Useful Commands
Section E: PIX Management Functions PIX AAA Support PIX AAA Configuration Outbound
Access Control Outbound Access Examples URL Filtering SNMP on the PIX Configure
SNMP Failover Option Failover Configuration
Module 6
Section A: PIX Advanced Lab Requirements PIX Configuration More PIX Config
Section B: PIX Legacy VPN VPN Features Legacy VPN Example PPTP Support CiscoSecure
Policy Manager PIX Maintenance
Section C: Understanding Encryption Technology Encryption Benefits Encryption
Components Encryption Types DES Encryption MD5 Message Hashing DSS Encryption
Diffie-Hellman Key Agreement
Section D: Implementing CET Overview CET Operation Configure CET Crypto Maps
Test & Verify Diagnose Encryption CET Implementation
Section E: IPSec Basics Overview VPN Protocols IPSec Security Associations IKE
IPSec Transforms IPSec Modes IPSec Protection Scale IPSec Networks
Section F: Configuring IPSec Configuration Phases Preparation Preparing Sub-steps
IKE Policy IPSec Policy Final Prep Steps - IPSec Create Peer Policy Configure
Preshared Keys Verify IKE Policy Configure IPSec - Phase III Transform Sets
& Lifetimes Crypto ACL/Cry Test & Verify IPSec - Phase IV PIX Firewall
Section G: Scaling IPSec Using CA Sample CA Configuration Verify & Update
CA Use Dynamic Crypto MAP VPN Lab Configuration Check IPSec Configuration
Price Per User £ 810 (Bundle of 6)
Complementary Courses
Cisco VPN Secuity Training
Cisco PIX Firewall
Cisco CSIDS Intrusion Detection Systems
Cisco SAFE
Security+
