 |
|
 |
|
|
|
|
|
| Course Name: | Cisco CCSP® Certification Training |
| Course Duration: | 10 Days |
| Deployment Option: | Onsite Training |
| Course Price: | $6995.00 |
| Course Description: |
| The CCSP certification (Cisco Certified Security Professional) indicates advanced knowledge
of securing Cisco networks. With a CCSP, a network professional can secure and manage network infrastructures to
protect productivity and reduce costs. The content emphasizes topics such as perimeter security, virtual private
networks, intrusion protection as well as how to combine these technologies in a single, integrated network security
solution. * Securing Cisco IOS Networks (SECUR) * Cisco Secure PIX Firewall Advanced (CSPFA) * Cisco Secure Intrusion Detection System (CSIDS) * Cisco Secure VPN (CSVPN) * Cisco SAFE Implementation (CSI) |
| Course Outline: |
| Securing Cisco IOS Networks (SECUR) This task-oriented course teaches the knowledge and skills needed to secure Cisco IOS router networks Course Objectives: After completing this course the student should be able to: * Identify network security threats. * Secure remote access using Cisco Secure ACS for Windows 2000 and Cisco IOS AAA software features. * Protect Internet access by configuring a Cisco perimeter router. * Configure the Cisco IOS Firewall Feature Set Context-Based Access Control. * Configure Cisco IOS Firewall Authentication Proxy * Configure Cisco IOS Firewall Intrusion Detection System * Use IPSec features in Cisco IOS software to create a secure site-to-site VPN using pre-shared keys and digital certificates. * Use Cisco Easy VPN features to create a secure remote access VPN solution. * Use Cisco Router Management Center to manage Cisco Router VPN implementations. Course Outline: * Network Security * Basic Cisco Router Security * Advanced AAA Security for Cisco Router Networks * Cisco Router Threat Mitigation * Cisco IOS Firewall Context-Based Access Control Configuration * Cisco IOS Firewall Authentication Proxy * Cisco IOS Firewall Intrusion Detection System * Building IPSec VPNs Using Cisco Routers * Building Advanced IPSec VPNs Using Cisco Routers and Certificate Authorities * Configuring IOS Remote Access Using Cisco Easy VPN * Managing Enterprise VPN Routers Cisco Secure PIX Firewall Advanced (CSPFA) The CSPFA course is a five-day, leader-led, lab-intensive course. This task-oriented course teaches the knowledge and skill needed to describe, configure, verify and manage the PIX Firewall product family. Course Objectives: After completing this course the student should be able to: * Describe the features, functions, and benefits of the Cisco PIX Firewall. * Identify PIX Firewall features, models, components, and benefits. * Describe PIX Firewall installation procedures. * Perform basic configuration. * Explain the routing functionality of the PIX Firewall. * Configure routing on the PIX Firewall. * Configure the PIX Firewall to send messages to a Syslog server. * Configure the PIX Firewall as a DHCP client. * Configure special protocol handling on the PIX Firewall. * Describe how the PIX Firewall supports call handling sessions and VoIP call signaling. * Configure AAA on the PIX Firewall. * Configure shunning on the PIX Firewall. * Configure a site-to-site VPN using the PIX Firewall. * Configure a VPN Client-to-PIX Firewall VPN. * Configure the PIX Firewall's PPPoE client. * Perform password recovery on the PIX Firewall. * Install the PIX Device Manager and use it to configure the PIX Firewall. * Use the PIX Device Manager to monitor the PIX Firewall. * Configure a site-to-site VPN using the PIX Device Manager. * Test and verify PIX Firewall operations Course Outline: * Introduction * Network Security * Firewalls and the Cisco PIX Firewal * The Cisco PIX Firewall Family * Getting Started with the Cisco PIX Firewall * Translations and ConnectionsAccess Control Lists and Content Filtering * Object Grouping * Advanced Protocol Handling * Attack Guards, Intrusion Detection, and Shunning * Authentication, Authorization, and Accounting * Failover * Virtual Private Networks * System Management * Cisco PIX Device Manager Cisco Secure Intrusion Detection System (CSIDS) v4.0 This task-oriented course teaches the knowledge and skills needed to design, install, and configure a Cisco Intrusion Protection solution for small, medium, and enterprise networks. The course covers Cisco IDS detection platforms including the 4200 series Sensors, and the Catalyst 6000 series Intrusion Detection Module (IDSM). The IDS Device Manager and IDS Management center are used to configure and manage Cisco IDS Sensor platforms. The IDS Event Viewer and IDS Security Monitor Center are used to view and respond to IDS alarms. Course Objectives: After completing this course, students will be able to: * Describe the basic intrusion detection terminology. * Explain the different intrusion detection technologies and evasive techniques. * Design a Cisco IDS protection solution for small, medium, and enterprise customers. * Identify the Cisco IDS Sensor platforms and describe their features. * Install and configure a Cisco IDS Sensor. * Tune Cisco IDS signatures to work optimally in unique network environments. * Create and implement customized intrusion detection signatures. * Create alarm exceptions to reduce alarms and possible false positives. * Configure a Cisco IDS Sensor to perform device management of supported blocking devices. * Describe the Cisco IDS signatures and determine the immediate threat posed to the network. * Perform maintenance operations such as signature updates and software upgrades. * Describe the Cisco IDS architecture including supporting services and configuration files. * Manage a large scale deployment of Cisco IDS Sensors with Cisco IDS Management and Monitoring software. Course Outline: * Course Introduction * Network Security and Cisco * Intrusion Detection Overview * Intrusion Protection Overview * Capturing Network Traffic for Intrusion Detection Systems * Cisco Intrusion Detection System Architecture * Sensor Appliance Installation * Intrusion Detection System Module * Cisco IDS Command Line * Cisco Intrusion Detection System Device Manager and Event Viewer * Enterprise IDS Management * Sensor Configuration * Cisco Intrusion Detection System Alarms and Signatures * Sensing Configuration * Blocking Configuration * Enterprise IDS Monitoring and Reporting * Sensor Maintenance Cisco Secure Virtual Private Networks (CSVPN) This task-oriented course teaches the knowledge and skills needed to describe, configure, verify, and manage the Cisco VPN 3000 Concentrator, Cisco VPN Software Client, and Cisco VPN 3002 Hardware Client feature set.. Course Objectives: After completing this course, students will be able to: * Describe the features, functions, and benefits of Cisco VPN products. * Explain the IPSec and IKE component technologies that are implemented in Cisco Secure VPN products. * Install and configure the Cisco IPSec VPN Software client. * Configure Cisco VPN 3000 for remote access using pre-shared keys * Configure Cisco VPN 3000 for remote access using digital certificates * Configure Cisco VPN 3000 firewall feature. * Configure Cisco VPN Windows Client auto-initiate feature Course Outline: * Introduction * Network Security and the Cisco Virtual Private Network * Overview of VPN and IPSec Technologies * Cisco Virtual Private Network 3000 Concentrator Series Hardware Overview * Configure Cisco VPN 3000 for Remote Access Using Pre-shared Keys * Configure Cisco VPN 3000 for Remote Access Using Digital Certificates * Configure Cisco VPN Firewall Feature for IPSec Software Client * Configure Cisco VPN Client Auto-initiation * Monitor and Administrer Cisco Virtual Private Network 3000 Remote Access Networks * Configure Cisco Virtual Private Network 3002 Hardware Client Remote Access * Configuring Cisco 3002 Hardware Client for user and unit authentication * Configuring Cisco 3002 Hardware Client for backup server, load balancing and reverse route * Configuring Cisco 3002 Hardware Client for software auto-update * Configuring Cisco 3002 Hardware Client for IPSec over TCP and UDP * Cisco VPN 3000 LAN-to-LAN with Pre-Shared Keys * Configure Cisco VPN Concentrator for LAN-toLAN Using NAT * Configure Cisco Virtual Private Network 3000 LAN-to-LAN Using Digital Certificates Cisco SAFE Implementation (CSI) This task-oriented course teaches the knowledge and skills needed to needed to implement and use the principles and axioms presented in the SAFE Small, Midsize and Remote User White Paper on specific devices. The primary focus in on the labs, which allow the students to build complete end-to-end security solutions using SAFE SMR as the blueprint. The following devices are covered and their configuration and functionality in a SAFE SMR network are described in detail; IOS routers, PIX Firewalls, VPN Concentrators, Cisco IDS Sensors, and the Cisco VPN Client. Course Objectives: * Describe the need for network security. * Identify the components of a complete security policy. * Explain that security is an ongoing process. * Describe the four types of security threats. * Identify the security issues implicit in common management protocols. * Discuss the SAFE design philosophy and how it impacts the decision making process. * Recognize why routers, switches, hosts, networks and applications are targets. * List the devices that are part of Cisco's security portfolio. * Understand the basic guidelines to use for product selection. * Identify the functions of the key modules and key devices in a small network. * Identify the specific threats to the small network. * List the threats mitigated in a SAFE compliant remote user network. * Discuss in detail the four different options for providing secure remote user connectivity. * Identify the mitigation roles of each of the key devices in a secure remote user network. Course Outline: * Cisco SAFE Design Implementation Course Introduction * Security Fundamentals * Architectural Overview * The Cisco Security Portfolio * SAFE Small Network Design * SAFE Medium Network Design * SAFE Remote-User Network Implementation * Case Study |
