CCNA Security
Course Description & Overview
Overview
CEE Corporation’s CCNA Security (Cisco Certified Network Associate Security) training and certification boot camp in Reston, VA prepares you for the arduous Cisco IOS Network Security (IINS) exam and validates associate-level knowledge and skills required to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the technologies that Cisco uses in its security structure.
Click here to create schedule.
CCNA Security is a job role based certification for Security Specialists, Security Administrators, and Network Security Support Engineers. This certification validates skills including installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security structure.
Students completing the recommended Cisco training will gain an introduction to security technologies as well as how to develop security policies and mitigate risks. IT organizations that employ CCNA Security-holders will have IT staff that can develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.
Course Objectives
Upon completing this course, the learner will be able to meet these overall objectives:
- Describe the components of a comprehensive network security policy that can be used to counter threats against IT systems, within the context of a security policy life cycle
- Develop and implement security countermeasures that are aimed at protecting network elements as part of the network infrastructure
- Deploy and maintain threat control and containment technologies for perimeter security in small and midsize networks
- Describe secure connectivity strategies and technologies using VPNs, as well as configure site-to-site and remote-access VPNs using Cisco IOS features
Topics Covered
The following topics are general guidelines for the content likely to be included on the Implementing Cisco IOS Network Security (IINS) exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
Common Security Threats
- Describe common security threats
Security and Cisco Routers
- Implement security on Cisco routers
- Describe securing the control, data, and management plane
- Describe Cisco Security Manager
- Describe IPv4 to IPv6 transition
AAA on Cisco Devices
- Implement AAA (authentication, authorization, and accounting)
- Describe TACACS+
- Describe RADIUS
- Describe AAA
- Verify AAA functionality
IOS ACLs
- Describe standard, extended, and named IP IOS access control lists (ACLs) to filter packets
- Describe considerations when building ACLs
- Implement IP ACLs to mitigate threats in a network
Secure Network Management and Reporting
- Describe secure network management
- Implement secure network management
Common Layer 2 Attacks
- Describe Layer 2 security using Cisco switches
- Describe VLAN security
- Implement VLANs and trunking
- Implement spanning tree
Cisco Firewall Technologies
- Describe operational strengths and weaknesses of the different firewall technologies
- Describe stateful firewalls
- Describe the types of NAT used in firewall technologies
- Implement zone-based policy firewall using CCP
- Implement the Cisco Adaptive Security Appliance (ASA)
- Implement Network Address Translation (NAT) and Port Address Translation (PAT)
Cisco IPS
- Describe Cisco Intrusion Prevention System (IPS) deployment considerations
- Describe IPS technologies
- Configure Cisco IOS IPS using CCP
VPN Technologies
- Describe the different methods used in cryptography
- Describe VPN technologies
- Describe the building blocks of IPSec
- Implement an IOS IPSec site-to-site VPN with pre-shared key authentication
- Verify VPN operations
- Implement Secure Sockets Layer (SSL) VPN using ASA device manager
Pre-requisites
CCNA or any CCIE certification
Required Exam
640-554 IINS Implementing Cisco IOS Network Security (IINS)
The 640-554 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification. This exam tests a candidate’s knowledge of securing Cisco routers and switches and their associated networks. It leads to validated skills for installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security infrastructure.
Course Length
40 Hours
Follow on Course
- Security+
- CEH
- CISSP
Recertification
CCNA Security certifications are valid for three years. To recertify, pass ONE of the following before the certification expiration date:
- Pass any current CCNA Concentration exam (wireless, or security, or voice, or SP Ops), or
- Pass any current 642-XXX Professional level exam, or
- Pass the current CCDA DESGN exam, or
- Pass any current Cisco Specialist exam (excluding Sales Specialist exams or Meeting Place Specialist exams, Implementing Cisco Telepresence Installations (ITI) exams, Cisco Leading Virtual Classroom Instruction exams, or any 650 online exams), or
- Pass any current CCIE Written Exam, or
- Pass the current CCDE Written Exam or current CCDE Practical Exam, or
- Pass the Cisco Certified Architect (CCAr) interview and the CCAr board review to extend lower certifications
Why Choose CEE Corporation for your Expert IT Training?
- Expert Instructors
- Highest Pass Rates
- Choose from Day, Evening & Weekend Classes to meet your busy schedule
- Accelerated Boot Camps Save You Time And Money
- Personal 1-1 Mentoring
- Paid Internships & Job Referrals!
- Meet Your DoD 8570-1 Certification Needs. Get Compliant!
- Lowest Prices! We are locally based keeping our overhead low so we can pass the savings along to you
- Washington, DC is our Home. Most training centers set up shop in hotels or rented centers. When you have a need, request or encounter a problem they are not there to answer. Our physical location in Alexandria is open 7 days a week and our staff always there to help.