Course Name: Official Cisco CCIE (Written & Lab) Security Training
Course Duration: 7 Days
Deployment Option: Onsite Training
Course Price: $6995.00
   

Prerequisites
 

This course is not for the novice student. The Bootcamp is designed for people who are:

  • Already CCNP® / CCSP™ certified AND/OR
  • Have 2+ years of mid-to-high end Cisco® networking experience.
  • Candidates going through the whole Cisco® track (CCNA®+CCSP™ +CCIE®).
 
Course Description:
 
CCIE® is the highest level of certification in the field of networking and it sets a professional benchmark for Internetwork experts. Certified CCIE® can design, install, configure, debug, implement security and operate LAN, WAN, and dial access services for organizations with networks from hundreds to thousands of nodes.

Eno's training for CCIE® security (written and Lab) is also highly recommended for those who have already passed the CCIE® security (written and Lab) exam.
 
Course Outline:
 

Cisco CCIE Written (Security) Table of Content:

Security Protocols

  • Remote Authentication Dial In User Service (RADIUS)
  • Terminal Access Controller Access Control System Plus (TACACS+)
  • Kerberos
  • Virtual Private Dial-up Networks (VPDN/Virtual Profiles)
  • Data Encryption Standard (DES)
  • Triple DES (DES3)
  • IP Secure (IPSec)
  • Internet Key Exchange (IKE)
  • Certificate Enrollment Protocol (CEP)
  • Point to Point Tunneling Protocol (PPTP)
  • Layer 2 Tunneling Protocol (L2TP)

Operating Systems

  • UNIX
  • Windows (NT/95/98/2000/XP)

Application Protocols

  • Domain Name System (DNS)
  • Trivial File Transfer Protocol (TFTP)
  • File Transfer Protocol (FTP)
  • Hypertext Transfer Protocol (HTTP)
  • Secure Socket Layer (SSL)
  • Simple Mail Transfer Protocol (SMTP)
  • Network Time Protocol (NTP)
  • Secure Shell (SSH)
  • Lightweight Directory Access Protocol (LDAP)
  • Active Directory

General Networking

  • Networking Basics
  • TCP/IP
  • Switching and Bridging (including: VLANs, Spanning Tree, etc.)
  • Routed Protocols
  • Routing Protocols (including: RIP, EIGRP, OSPF, BGP)
  • Point to Point Protocol (PPP)
  • IP Multicast
  • Integrated Services Digital Network (ISDN)
  • Async
  • Access Devices (for example: Cisco® AS 5300 series)

Security Technologies

  • Concepts
  • Packet Filtering
  • Proxies
  • Port Address Translation (PAT)
  • Network Address Translation (NAT)
  • Firewalls
  • Active Audit
  • Content Filters
  • Public Key Infrastructure (PKI)
  • Authentication Technologies
  • Virtual Private Networks (VPN)

Cisco Security Applications

  • Cisco® Secure UNIX
  • Cisco® Secure NT
  • Cisco® Secure PIX Firewall
  • Cisco® Secure Policy Manager (formerly Cisco® Security Manager)
  • Cisco® Secure Intrusion Detection System (formerly NetRanger)
  • Cisco® Secure Scanner (formerly NetSonar)
  • IOS® Firewall Feature Set

Security General

  • Policies
  • Standards Bodies
  • Incident Response Teams
  • Vulnerability discussions
  • Attacks and Common Exploits
  • Intrusion Detection

Cisco® General

  • IOS Specifics

Cisco CCIE Lab (Security) Table of Content

Topology

  • Physical layout
  • IP Layout
  • PIX connection
  • VPN concentrator's connections
  • IDS Sensor connections
  • Catalyst 3550 Port Layout
  • Frame-Relay Connections and DLCI numbers
  • Rules

Logical Topology

  • Setting up Frame-Relay
  • Catalyst 3550 and Features
  • RIP v1 & v2
  • Disabling Unnecessary Services
  • DoS Attacks
  • Rate Limiting
  • Simple Network Management Protocol (SNMP)
  • Logging & Logging Levels (SYSLOG)
  • Context Based Access Control (CBAC)
  • Dynamic Access-List

Logical Topology

  • Setting up Frame-Relay
  • EIGRP
  • ATM setting up PVC
  • ISDN with Dialer Watch
  • Redistribution
  • Network Time Protocol (NTP)
  • Timestamps
  • HSRP
  • Intrusion Detection IOS bases
  • Intrusion Detection Using IDS Senor
  • Time Based ACL's
  • TCP Intercept
  • Reflexive Access-List

Logical Topology

  • Setting up Frame-Relay
  • Catalyst 3550 and Features
  • OSPF
  • ISDN Demand Circuit
  • DHCP
  • IRDP

Ipsec/ISAKMP:

  • IPSec Router to Router With GRE Tunnel
  • IPSec Hub and Spoke three way tunnel
  • IPSec Pix to Router
  • Ipsec Client to VPN concentrator
  • IPSec Tunnel Mode
  • IPSec Transport Mode

PIX

  • Password Management Using AAA
  • Network & Port Address Translation
  • Global Configuration
  • ARP Timeout
  • Static Configurations
  • Access Lists
  • DMZ Configuration

Logical Topology

  • Setting up Frame-Relay
  • Catalyst 3550
  • IGP

AAA:

  • AAA On routers
  • Authorization
  • Accounting
  • TACACS+
  • RADIUS
  • Privilege Levels
  • Console Authorization
  • Backup Methods
  • Authentication-Proxy (TACACS+)
  • Authentication-Proxy (RADIUS)

BGP
Advances BGP

Logical Topology

  • Setting up Frame-Relay
  • Catalyst 3550 and Features
  • IS-IS
  • ATM setting up SVC

ISDN Backup:

  • AAA
  • PPP with TACACS+
  • PPP with RADIUS


5.6.0 NAT:

  • Outside Global and Local
  • NAT Overload (Port Address Translation / PAT)
  • Static NAT


5.7.0 Context Based Access Control (CBAC)
5.8.0 PIX:

  • URL Filtering
  • SNMP
  • Fixup
  • Logging
  • Telnet, SSH
  • Sysopt
  • Guards


About Eno.com | Contact Us | Site Map
Copyright © 1996-2005 E&A Inc. All rights reserved.