Welcome to NCP Network
+91-9910111641 +91-9871481152 +91-01204310416 info@ncpnetwork.com

CCNA SECURITY
The Reasons That You Should Contact Us

Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices
Working knowledge of the Windows operating system
Working knowledge of Cisco IOS networking and concepts
Good knowledge Of CCNA.

Details:
Weekadays Classes 2hr /day (Syllabus Complete aprox. 2months)
Weekaend Classes 2hr /Sat-Sun (Syllabus Complete aprox. 3months )

CCNA Security
Syllabus

Course

001. OSI Model

  • 1. Before OSI
  • 2. No. of OSI Layers
  • 3. Application Layer
  • 4. Presentation Layer
  • 5. Session layer
  • 6. Transport Layer
  • 7. Network Layer Part-1
  • 8. Network Layer Part-2
  • 9. Protocol & port no
  • 10. Data Link Layer
  • 11. Physical Layer
  • 12. Devices on OSI Layers
  • 13. What is PDU
  • 14. Data encapsulation & De-encapsulation process
  • 15. OSI Peer to Peer model
  • 16. OSI & TCP-IP

-

002. CIA Model

  • 1. Confidentiality, integrity, Availability

-

003. Introduction of Network Security Terms

  • 1. Network Security Terms--ASSET-Vulnerability- Counter Measure
  • 2. Data security & Traffic Classification Part-1
  • 3. Data security & Traffic Classification Part-2
  • 4. IPsec VPN is a combination of multiple protocols

-

004. Layer 3 Security--Types of ACL

  • 001. Access Control List Intro & Implentation Rules
  • 002. Task & Solution -Numberd & Named Standard ACL
  • 003. Task & Solution -Numberd & Named Extended ACL
  • 004. Routing Protocols & ACL Part-1
  • 005. Routing Protocols & ACL Part-2
  • 006. Time-Based Access Control List
  • 007. Remote Access Security -(Time-based)
  • 008. Monitoring SYN-Attack with Attacker IP & MAC Address
  • 009. Dynamic ACL-LOCK & KEY
  • 010. Reflexive Access-List
  • 011. IOS Firewall -Context-Based Access Control
  • 012. Zone Based Firewall
  • 013. Unicast Reverse Path Forwarding- URPF
  • 014. TCP Intercept-INTERCEPT & WATCH MODE Part-1
  • 015. TCP Intercept-INTERCEPT & WATCH MODE Part-2

-

005. Layer 3 Security-- User Based

  • 1. Telnet is not Secure
  • 2. Secure Remote Session with SSH--(telnet vs ssh)
  • 3. Auto Command User Security
  • 4. Users Privilege Level Security
  • 5. IOS Login Enhancement- Un-Authorize Login Block
  • 6. IOS Login Enhancement- Quiet Mode with Extended ACL
  • 7. IOS Login Enhancement- Slow Down login Attack
  • 8. IOS Login Enhancement- Authorize & Un-Authorize Logs
  • 9. dot1x security part 1
  • 10. dot1x security part 2

-

006. SECURING ROUTING PROTOCOLS & LINK

  • 1. Secure RIPv2 updates- RIP AUTHENTICATION
  • 2. Secure OSPF Updates- OSPFv2 AUTHENTICATION
  • 3. Secure EIGRP Updates- EIGRP AUTHENTICATION
  • 4. Secure BGP Updates - BGP AUTHENTICATION
  • 5. PPP Authentication
  • 6. Event Manager-Link Security

-

007.Types of NAT on Cisco Router-

  • 1. NAT & its Advantages
  • 2. Types of NAT
  • 3. Range of Private Ip address
  • 4. Comman Lab diagram for Static -dynamic- PAT
  • 5. TEST before NAT configuration part 1
  • 6. TEST before NAT configuration part 2
  • 7. NAT Interface commands (INSIDE & OUTSIDE)
  • 8. STATIC NAT lab configuration
  • 9. DYNAMIC NAT lab configuration
  • 10. PAT lab configuration
  • 11. Configure CISCO Router as a DNS SERVER

-

008. CONTROL PLANE Protection --CCP & CPPr

  • 1. ICMP Rate Limit with CoPP--Control Plane policy
  • 2. Control-Plane policy Vs Control-Plane Protection
  • 3. Block TELNET to the CPU Via Control-Plane host(CPPr)
  • 4. Drop ARP to CPU--Control Plane cef-exception(CPPr)
  • 5. Filter Traffic based on Packet Length

-

009. Management Plane Protection

  • 1. Syslog Server & Syslog Messages
  • 2. Configure & verify Syslog Server Message
  • 3. AAA Security part 1
  • 4. AAA Security part 2
  • 5. SNMP & Its Components
  • 6. SNMP version 1 Messages
  • 7. SNMP version 2c
  • 8. SNMP version 3 & Its Configuration Steps
  • 9. SNMP version 3 LAB-Verification of User Authentication & Traffic Encryption
  • 10. NTP Server -Client -Authentation
  • 11. Parser View -

-

010.LAYER 2 SECURITY

  • 1. How to configure DHCP on CISCO Router-T
  • 2. How to configure DHCP on CISCO Router-L
  • 3. DHCP Packets OR DORA Process
  • 4. Man-In-The-Middle Attack via Rogue DHCP Server
  • 5. Mitigate DHCP Attack via DHCP Snooping
  • 6. Switchport Security with Protected Mode
  • 7. Port-Security with MAC Address
  • 8. VACL--VLAN Access Control List Part-1
  • 9. VACL--VLAN Access Control List Part-2
  • 10. VACL--VLAN Access Control List Part-3
  • 11. Private Vlan security Part-1
  • 12. Private Vlan Security Part-2
  • 13. Port mirroring or SPAN
  • 14. Local SPAN with Access Link
  • 15. Local SPAN with VLAN -TRUNK-EC
  • 16. Remote SPAN
  • 17. Protect Switch Topology with BPDUGUARD
  • 18. How to Recover Errordisable Port
  • 19. Protect Switch Topology with ROOT GUARD
  • 20. Protect Switch Topology with BPDU FIlter -
  • 21. Dynamic ARP Inspection -
  • 22. IP Source Guard -
  • 23. Strong Control -
  • 24. CDP and LLDP -

-

011.VPN SECURITY

  • 1. Basic Fundamental of VPN
  • 2. Types of VPN Model
  • 3. Classification of VPN
  • 4. VPN Terminology in Overlay model -GRE
  • 5. Introduction of GRE
  • 6. Configuration of Single & Multiple GRE Tunnels
  • 7. Site -To- Site VPN -IPSEC Part-1
  • 8. Site -To- Site VPN -IPSEC Part-2
  • 9. IPSec over GRE Part-1
  • 10. IPSec over GRE Part-2

-

012.CISCO ADAPTIVE SECURITY APPLIANCE

  • 1. What is Firewll
  • 2. Types of Cisco Firewll
  • 3. Firewll Technologies
  • 4. Types of Table in ASA Firewall
  • 5. State Table & its Components for TCP & UDP Part-1
  • 6. State Table & its Components for TCP & UDP Part-2
  • 7. TCP Pointer or TCP Flag
  • 8. Security Algorithm Rules
  • 9. Firewall Security Levels
  • 10. Firewall Logical Names
  • 11. Inbound & Outbound Connnection
  • 12. How Cisco ASA works Part-1
  • 13. How Cisco ASA works Part-2
  • 14. How Cisco ASA works Part-3
  • 15. Basic Configuration of ASA Part-1
  • 16. Basic Configuration of ASA Part-2
  • 17. Testing of ASA Default behaviour Part-1
  • 18. Testing of ASA Default behaviour Part-2
  • 19. How to Telnet ASA from Inside & DMZ
  • 20. Configuring Static & Default Route on ASA Part-1
  • 21. Configuring Static & Default Route on ASA Part-2
  • 22. Object Group & Its Type
  • 23. Configure Network Object Group Part-1
  • 24. Configure Network Object Group Part-2
  • 25. Configure Network Object Group Part-3
  • 26. Static NAT Part-1
  • 27. Static NAT Part-2
  • 28. Dynamic NAT Part-1
  • 29. Dynamic NAT Part-2
  • 30. Dynamic PAT Part-1
  • 31. Dynamic PAT Part-2
  • 32. FTP Traffic Inspection via MPF Part-1
  • 33. FTP Traffic Inspection via MPF Part-2

-

End of Course