|
|
|
|
|
|
|
|
Training Certification Courses
|
|
|
|
|
|
| |
|
Securing Cisco Network
Devices with PIX
Certification towards
Cisco Certified Security Professional (CCSP)
and Cisco Firewall Specialist
Exam 642-552 SND Securing Cisco Network Devices
with PIX
Option
1 |
|
|
Cisco
Firewall Specialist Module 2 |
|
OR
|
Option
2
 |
|
|
Cisco
Firewall Specialist(Full Certification) |
| PIX
Firewall Module 1 + PIX Module
2 |
|
| |
|
|
End
2 End Process
|
Enrolment
Phone or In Person
Course Fee £690 |
|
|
|
Books
and Course
Material Included |
| |
|
|
| |
|
Hands-on
instructor
led Training on Cisco PIX Firewall for
4 weeks Unlimited Practice Hours |
| |
|
|
| |
|
Cisco Mock
Exam |
| |
|
|
| |
|
Actual Cisco PIX
Exam done
@ BCOC
Fee not included |
| |
|
|
| |
|
Cisco Firewall
Specialist
+
Certified towards CCSP |
|
| |
|
|
|
642-552
SND Securing Cisco Network Devices with
PIX
Certification Exam and Course Highlight |
|
• Securing Cisco Network Devices 642-552 SND
|
• Security threats facing modern network infrastructures
|
• Secure Cisco routers
|
• Implement basic AAA using Cisco routers
|
• Mitigate threats to Cisco routers and networks using ACLs
|
• Secure network management and reporting
|
• Mitigate common Layer 2 attacks
|
• Cisco IOS firewall feature set using SDM |
• Cisco IOS IPS feature set using SDM |
• IPsec VPN on Cisco routers using SDM |
• Cisco lab facilities |
• Unlimited Practical Hours |
|
Securing Cisco Network Devices with PIX
Cisco Firewall Specialist Certification
The Securing Cisco IOS Networks exam (SECUR 642-552)
is one of the exams associated with the Cisco Certified
Security Professional, Cisco Firewall Specialist,
Cisco VPN Specialist, and Cisco IDS Specialist certifications.
Candidates can prepare for this exam by taking the course. This exam includes simulations
and tests a candidate's knowledge and ability to
secure Cisco IOS router networks. CCNA or CCDA recertification
candidates who pass the 642-501 exam will be considered
recertified at the CCNA or CCDA level.
Securing Cisco Network Devices
Course Structure
Security threats facing modern network infrastructures
• Mitigate the common threats to the physical installation
• Mitigation methods for common network attacks
• Mitigation methods for Worm, Virus, and Trojan Horse attacks
• Main activities in each phase of a secure network lifecycle
• Security needs of a typical enterprise with a comprehensive security policy
• Cisco Self Defending Network architecture
Secure Cisco routers
• Secure Cisco routers using the SDM Security Audit feature
• Use the One-Step Lockdown feature in SDM to secure a Cisco router
• Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login
failure rate and using IOS login enhancements
• Secure administrative access to Cisco routers by configuring multiple privilege levels
• Secure administrative access to Cisco routers by configuring role based CLI
• Secure the Cisco IOS image and configuration file
Implement basic AAA using Cisco routers
• Functions and importance of AAA
• Features of TACACS+ and RADIUS AAA protocols
• Authentication that are used to provide access through a router (packet mode)
• Provide access to the router (character mode)
Mitigate threats to Cisco routers and networks using ACLs
• Functionality of standard, extended, and named IP ACLs used by routers to filter packets
• Configure and verify IP ACLs to mitigate given threats
• Filter IP traffic destined for Telnet, SNMP, and DDoS attacks in a network using CLI
• Configure IP ACLs to prevent IP address spoofing using CLI
• Building ACLs
Implement secure network management and reporting
• Factors to be considered when planning for secure management and reporting of network devices
• Use CLI to configure SSH on Cisco routers to enable secured management access
• Use CLI to configure Cisco routers to send Syslog messages to a Syslog server
• SNMPv3 and NTPv3
Mitigate common Layer 2 attacks
• Common Layer 2 attacks and how to mitigate them
• VLAN hopping, STP attacks, ARP spoofing, MAC spoofing, CAM overflow
• Function and benefit of the security features in Cisco Catalyst switches
• IBNS, PVLAN, SPAN port
• Common threats to WLANs
• Security features of the 802.11 protocol
Implement the Cisco IOS firewall feature set using SDM
• Operational strengths and weaknesses of the different firewall technologies
• Stateful firewall operations and the function of the state table
• Types of NAT that can be implemented in a firewall
• Basic and advanced firewall on a Cisco router using SDM
Implement the Cisco IOS IPS feature set using SDM
• Network based vs. host based intrusion detection and prevention
• IPS technologies, attack responses, and monitoring options
• Enable and verify Cisco IOS IPS operations using SDM
Implement IPsec VPN on Cisco routers using SDM
• IKE protocol functionality and phases
• Building blocks of IPsec and the security functions it provides
• Hash-based message authentication code (HMAC) operations
• Different methods of encryption
• Purpose of the Diffie-Hellman key agreement protocol
• IPsec establishes origin authentication
• PKI environment at a high level
• Different types of IPsec VPN implementations
• Configure and verify an IPsec site-to-site VPN with pre-shared key authentication using SDM
• Cisco Easy VPN Server and Cisco Easy VPN Remote
• Remote access VPNs using the Cisco Easy VPN Server feature of Cisco SDM |
|
|
MCSE
Certification 
