Describe Security Threats

Describe and list mitigation methods for common network attacks

Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks

Describe the Cisco Self Defending Network architecture

Secure Cisco Routers

Secure Cisco routers using the SDM Security Audit feature

Use the One-Step Lockdown feature in SDM to secure a Cisco router

Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements

Secure administrative access to Cisco routers by configuring multiple privilege levels

Secure administrative access to Cisco routers by configuring role based CLI

Secure the Cisco IOS image and configuration file

AAA on Cisco Routers

Explain the functions and importance of AAA

Describe the features of TACACS+ and RADIUS AAA protocols

Configure AAA authentication

Configure AAA authorization

Configure AAA accounting

Cisco Routers and ACLs

Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets

Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI

Configure IP ACLs to prevent IP address spoofing using CLI

Discuss the caveats to be considered when building ACLs

Secure Network Management

Use CLI and SDM to configure SSH on Cisco routers to enable secured management access

Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server

Mitigate Layer 2 Attacks

Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features

Implement Firewalls With SDM

Describe the operational strengths and weaknesses of the different firewall technologies

Explain stateful firewall operations and the function of the state table

Implement Zone Based Firewall using SDM

Implement IPS With SDM

Define network based vs. host based intrusion detection and prevention

Explain IPS technologies, attack responses, and monitoring options

Enable and verify Cisco IOS IPS operations using SDM

Implement VPNs With SDM

Explain the different methods used in cryptography

Explain IKE protocol functionality and phases

Describe the building blocks of IPSec and the security functions it provides

Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM