|
Describe Security Threats |
|
Describe and list mitigation methods for common network attacks |
|
Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks |
|
Describe the Cisco Self Defending Network architecture |
|
Secure Cisco Routers |
|
Secure Cisco routers using the SDM Security Audit feature |
|
Use the One-Step Lockdown feature in SDM to secure a Cisco router |
|
Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements |
|
Secure administrative access to Cisco routers by configuring multiple privilege levels |
|
Secure administrative access to Cisco routers by configuring role based CLI |
|
Secure the Cisco IOS image and configuration file |
|
AAA on Cisco Routers |
|
Explain the functions and importance of AAA |
|
Describe the features of TACACS+ and RADIUS AAA protocols |
|
Configure AAA authentication |
|
Configure AAA authorization |
|
Configure AAA accounting |
|
Cisco Routers and ACLs |
|
Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets |
|
Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI |
|
Configure IP ACLs to prevent IP address spoofing using CLI |
|
Discuss the caveats to be considered when building ACLs |
|
Secure Network Management |
|
Use CLI and SDM to configure SSH on Cisco routers to enable secured management access |
|
Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server |
|
Mitigate Layer 2 Attacks |
|
Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features |
|
Implement Firewalls With SDM |
|
Describe the operational strengths and weaknesses of the different firewall technologies |
|
Explain stateful firewall operations and the function of the state table |
|
Implement Zone Based Firewall using SDM |
|
Implement IPS With SDM |
|
Define network based vs. host based intrusion detection and prevention |
|
Explain IPS technologies, attack responses, and monitoring options |
|
Enable and verify Cisco IOS IPS operations using SDM |
|
Implement VPNs With SDM |
|
Explain the different methods used in cryptography |
|
Explain IKE protocol functionality and phases |
|
Describe the building blocks of IPSec and the security functions it provides |
|
Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM |
[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]