 |  |  |
 |
 | Module 1 - 10: Outline |
|  |
 |  |  |
 |
 | Module : Vulnerabilities, Threats, and Attacks |
|  |
 |
 | |
| Introduction to Network Security |
|
 | |
| The need for network security |
 |
| Identifying potential risks to network security |
 |
| Open versus closed security models |
 |
| Trends driving network security |
 |
| Information security organizations |
|
 |
| Introduction to Vulnerabilities, Threats, and Attacks |
|
 | |
| Vulnerabilities |
 |
| Threats |
 |
| Attacks |
|
 |
| Attack Examples |
|
 | |
| Reconnaissance attacks |
 |
| Access attacks |
 |
| Denial of service attacks |
 |
| Distributed denial of service attacks |
 |
| Malicious code |
|
 |
| Vulnerability Analysis |
|
 | |
| Policy review |
 |
| Network analysis |
 |
| Host analysis |
 |
| Analysis tools |
|
 |
| |
 | | |
|  |
 |
 | Module : Security Planning and Policy |
|  |
 |
 | |
| Discussing Network Security and Cisco |
|
 | |
| The security wheel |
 |
| Network security policy |
|
 |
| Endpoint Protection and Management |
|
 | |
| Host and server based security components and technologies |
 |
| PC management |
|
 |
| Network Protection and Management |
|
 | |
| Network based security components and technologies |
 |
| Network security management |
|
 |
| Security Architecture |
|
 | |
| Security architecture (SAFE) |
 |
| The Cisco Self-Defending Network |
 |
| Cisco integrated security |
 |
| Plan, Design, Implement, Operate, Optimize (PDIOO) |
|
 |
| Basic Router Security |
|
 | |
| Control access to network devices |
 |
| Remote configuration using SSH |
 |
| Router passwords |
 |
| Router privileges and accounts |
 |
| IOS network services |
 |
| Routing, proxy ARP and ICMP |
 |
| Routing protocol authentication and update filtering |
 |
| NTP, SNMP, router name, DNS |
|
 |
| |
 | | |
|  |
 |
 | Module : Security Devices |
|  |
 |
 | |
| Device Options |
|
 | |
| Appliance-based, server-based, and integrated firewalls |
 |
| Cisco IOS Firewall feature set |
 |
| PIX Security Appliance |
 |
| Adaptive Security Appliance |
 |
| Finesse Operating System |
 |
| Firewall Services Module |
|
 |
| Using Security Device Manager |
|
 | |
| SDM overview |
 |
| SDM software |
 |
| Using the SDM startup wizard |
 |
| SDM user interface |
 |
| SDM wizards |
 |
| Using SDM to configure a WAN |
 |
| Using the factory reset wizard |
 |
| Monitor mode |
|
 |
| Introduction to the Cisco Security Appliance Family |
|
 | |
| PIX Security Appliance models |
 |
| Adaptive Security Appliance models |
 |
| Security appliance licensing |
 |
| Expanding the features of the security appliance |
|
 |
| Getting Started with the PIX Security Appliance |
|
 | |
| User interface |
 |
| Configuring the PIX Security Appliance |
 |
| Security levels |
 |
| Basic PIX Security Appliance configuration commands |
 |
| Additional PIX Security Appliance configuration commands |
 |
| Examining the PIX Security Appliance status |
 |
| Time setting and NTP support |
 |
| Syslog configuration |
|
 |
| PIX Security Appliance Translations and Connections |
|
 | |
| Transport protocols |
 |
| Network address translation (NAT) |
 |
| Port address translation (PAT) |
 |
| The static command |
 |
| The identity nat command |
 |
| Connections and translations |
 |
| Configuring multiple interfaces |
|
 |
| Manage a PIX Security Appliance with Adaptive Security Device Manager |
|
 | |
| ASDM overview |
 |
| ASDM operating requirements |
 |
| Prepare for ASDM |
 |
| Using ASDM to configure the PIX Security Appliance |
|
 |
| PIX Security Appliance Routing Capabilities |
|
 | |
| Virtual LANs |
 |
| Static and RIP routing |
 |
| OSPF |
 |
| Multicast routing |
|
 |
| Firewall Services Module Operation |
|
 | |
| Firewall Services Module overview |
 |
| Getting started with the FWSM |
 |
| Using PDM with the FWSM |
|
 |
| |
 | | |
|  |
 |
 | Module : Trust and Identity Technology |
|  |
 |
 | |
| AAA |
|
 | |
| TACACS+ |
 |
| RADIUS |
 |
| Comparing TACACS+ and RADIUS |
|
 |
| Authentication Technologies |
|
 | |
| Static passwords |
 |
| One-time passwords and token cards |
 |
| Digital certificates |
 |
| Biometrics |
|
 |
| Identity Based Networking Services (IBNS) |
|
 | |
| Introduction to IBNS |
 |
| 802.1x |
 |
| Wired and wireless implementations |
|
 |
| Network Admission Control (NAC) |
|
 | |
| NAC components |
 |
| NAC phases |
 |
| NAC operation |
 |
| NAC vendor participation |
|
 |
| |
 | | |
|  |
 |
 | Module : Cisco Secure Access Control Server |
|  |
 |
 | |
| Cisco Secure Access Control Server for Windows |
|
 | |
| Cisco Secure Access Control Server product overview |
 |
| Authentication and user databases |
 |
| The Cisco Secure ACS user database |
 |
| Keeping databases current |
 |
| Cisco Secure ACS for Windows architecture |
 |
| How Cisco Secure ACS authenticates users |
 |
| User changeable passwords |
|
 |
| Configuring RADIUS and TACACS+ with CSACS |
|
 | |
| Installation steps |
 |
| Administering Cisco Secure ACS for Windows |
 |
| Troubleshooting |
 |
| Enabling TACACS+ |
 |
| Verifying TACACS+ |
 |
| Configuring RADIUS |
|
 |
| |
 | | |
|  |
 |
 | Module : Configure Trust and Identity at Layer 3 |
|  |
 |
 | |
| Cisco IOS Firewall Authentication Proxy |
|
 | |
| Cisco IOS Firewall authentication proxy |
 |
| AAA server configuration |
 |
| AAA configuration |
 |
| Allow AAA traffic to the router |
 |
| Authentication proxy configuration |
 |
| Test and verify authentication proxy |
|
 |
| Introduction to PIX Security Appliance AAA Features |
|
 | |
| PIX Security Appliance authentication |
 |
| PIX Security Appliance authorization |
 |
| PIX Security Appliance accounting |
 |
| AAA server support |
|
 |
| Configure AAA on the PIX Security Appliance |
|
 | |
| PIX Security Appliance access authentication |
 |
| Interactive user authentication |
 |
| The local user database |
 |
| Authentication prompts and timeout |
 |
| Cut-through proxy authentication |
 |
| Authentication of Non-Telnet, FTP, or HTTP traffic |
 |
| Authorization configuration |
 |
| Downloadable ACLs |
 |
| Accounting configuration |
 |
| Troubleshooting the AAA configuration |
|
 |
| |
 | | |
|  |
 |
 | Module : Configure Trust and Identity at Layer 2 |
|  |
 |
 | |
| Identity-Based Networking Services (IBNS) |
|
 | |
| IBNS overview |
 |
| IEEE 802.1x |
 |
| 802.1x components |
 |
| 802.1x applications with Cisco IOS Software |
 |
| How 802.1x works |
 |
| Selecting the correct EAP |
 |
| IBNS and Cisco Secure ACS |
 |
| ACS deployment considerations |
 |
| Cisco Secure ACS RADIUS profile configuration |
|
 |
| Configuring 802.1x Port-Based Authentication |
|
 | |
| 802.1x port-based authentication configuration tasks |
 |
| Enabling 802.1x authentication |
 |
| Configuring the switch-to-RADIUS-server communication |
 |
| Enabling periodic re-authentication |
 |
| Manually re-authenticating a client connected to a port |
 |
| Enabling multiple hosts |
 |
| Resetting the 802.1x configuration to the default values |
 |
| Displaying 802.1x statistics and status |
|
 |
| |
 | | |
|  |
 |
 | Module : Configure Filtering on a Router |
|  |
 |
 | |
| Filtering Technologies |
|
 | |
| Packet filtering |
 |
| Stateful filtering |
 |
| URL filtering |
|
 |
| Cisco IOS Firewall Context-Based Access Control |
|
 | |
| Context-based Access Control (CBAC) |
 |
| Cisco IOS ACLs |
 |
| How CBAC works |
 |
| CBAC supported protocols |
|
 |
| Configure Cisco IOS Firewall Context-Based Access Control |
|
 | |
| CBAC configuration tasks |
 |
| Prepare for CBAC |
 |
| Set audit trails and alerts |
 |
| Set global timeouts |
 |
| Set global thresholds |
 |
| Half-open connection limits by host |
 |
| System-defined port-to-application mapping |
 |
| User-defined port-to-application mapping |
 |
| Define inspection rules for applications |
 |
| Define inspection rules for IP fragmentation |
 |
| Define inspection rules for ICMP |
 |
| Apply inspection rules and ACLs to interfaces |
 |
| Test and verify CBAC |
 |
| Configure an IOS firewall using SDM |
|
 |
| |
 | | |
|  |
 |
 | Module : Configure Filtering on a PIX Security Appliance |
|  |
 |
 | |
| Configure ACLs and Content Filters |
|
 | |
| PIX Security Appliance ACLs |
 |
| Configuring ACLs |
 |
| ACL line numbers |
 |
| The icmp command |
 |
| nat 0 ACLs |
 |
| Turbo ACLs |
 |
| Using ACLs |
 |
| Malicious code filtering |
 |
| URL filtering |
|
 |
| Object Grouping |
|
 | |
| Overview of object grouping |
 |
| Getting started with object groups |
 |
| Configure object groups |
 |
| Nested object groups |
 |
| Manage object groups |
|
 |
| Configure a Security Appliance Modular Policy |
|
 | |
| Modular policy overview |
 |
| Configure a class map |
 |
| Configure a policy map |
 |
| Configure a service policy |
|
 |
| Configure Advanced Protocol Inspection |
|
 | |
| Introduction to advanced protocol inspection |
 |
| Default traffic inspection and port numbers |
 |
| FTP inspection |
 |
| FTP deep packet inspection |
 |
| HTTP inspection |
 |
| Protocol application inspection |
 |
| Multimedia support |
 |
| Real-Time Streaming Protocol (RTSP) |
 |
| Protocols required to support IP telephony |
 |
| DNS inspection |
|
 |
| |
 | | |
|  |
 |
 | Module : Configure Filtering on a Switch |
|  |
 |
 | |
| Introduction to Layer 2 Attacks |
|
 | |
| Types of attacks |
|
 |
| MAC Address, ARP, and DHCP Vulnerabilities |
|
 | |
| CAM table overflow attack |
 |
| Mitigating the CAM table overflow attack |
 |
| MAC spoofing – man in the middle attacks |
 |
| Mitigating MAC spoofing attacks |
 |
| Using dynamic ARP inspection to mitigate MAC spoofing attacks |
 |
| DHCP starvation attacks |
 |
| Mitigating DHCP starvation attacks |
|
 |
| VLAN Vulnerabilities |
|
 | |
| VLAN hopping attacks |
 |
| Mitigating VLAN hopping attacks |
 |
| Private VLAN vulnerabilities |
 |
| Defending private VLANs |
|
 |
| Spanning-Tree Protocol Vulnerabilities |
|
 | |
| Spanning-Tree Protocol vulnerabilities |
 |
| Preventing Spanning-Tree Protocol manipulation |
|
 |
| |
 | | |
|  |
 |  |  |