CCNA Security Certification

Do you want to excel in a Network Security Career? LogicCircles provides you with all the resources, lectureship, and practice lab to gain CCNA Security Certification. It works to achieve a CCNA-level skill set that is essential for ultimate security career success. Cisco, a Network Solutions giant, offers this certification.

A 4-day Cisco CCNA Security course will provide you training and knowledge about security concepts and technology. After this course, you can protect the IT infrastructure of any organization and set up the best security policies to shield organization data and information in the best manner available. You will learn to apply security by making the most of Cisco’s IOS (Internetwork Operating System).

Who can benefit from CCNA Security Certificate?

Highly skilled instructors of LogicCircles will explain it all, from fundamental security concepts to security application in the real world scenario. Here are some core concepts you can cover in this 4-day course.

Course Outline of CCNA Security course:

1.0 Network Security Concepts

1.1 Frequently used security principles

  1. Confidentiality, availability, integrity (CIA) Description
  2. SIEM technology Description
  3. Basic security terms Identification
  4. Basic network security zones Identification

1.2 Understanding security threats

  1. Common network attacks Knowledge
  2. Social engineering Knowledge 
  3. Malware Identification
  4. Vectors of data loss/exfiltration Classification

1.3 Fundamental/Advanced Cryptography concepts

  1. Key exchange Concept
  2. Hash algorithm Concept
  3. Symmetric and asymmetric encryption Comparison/Contrast
  4. Certificates, Digital signature, and PKI Concepts

1.4 Network topologies Concept

  1. Cloud, wide area network (WAN)
  2. Datacenter Info
  3. Small office/home office (SOHO)
  4. Campus area network (CAN)
  5. Virtual environment Network Security

2.0 Safe Access

2.1 Security management

  1. In-band and out-of-band Comparison
  2. Configure secure network management Configuration
  3. Secure access through SNMP v3 using an ACL Configuration and Verification
  4. NTP Security Verification/Configuration
  5. File transfer Via SCP

2.2 Describe AAA 

  1. RADIUS and TACACS+ technologies Concepts
  2. Cisco router Administrative access with TACACS+ Configuration
  3. Cisco router Connectivity to a TACACS+ server Verification
  4. Active Directory Integration with AAA Info
  5. Authentication and authorization via ACS and ISE Concepts

2.3 802.1X Authentication

  1. 802.1X components Functions Identification

2.4 BYOD

  1. BYOD architecture framework Concept
  2. Mobile device management (MDM) Function Description

3.0 VPN

3.1 VPN Description and concepts

  1. IPsec protocols and delivery modes (IKE, tunnel mode, ESP, transport mode, AH) Concept
  2. Always-on, hairpining, NAT traversal, split tunneling Concept

3.2 Remote access VPN

  1. Basic clientless SSL VPN with ASDM Implementation
  2. Clientless connection Verification
  3. Core AnyConnect SSL VPN with ASDM Implementation
  4. AnyConnect connection Verification
  5. Endpoint posture assessment Identification

3.3 VPN site-to-site 

  1. Cisco routers and ASA firewalls’ IPsec site-to-site VPN with pre-shared essential authentication  Implementation 
  2. IPsec site-to-site VPN Verification

4.0 Secure Switching and Routing

4.1 Cisco routers Security

  1. Multiple privilege levels Configuration
  2. Cisco IOS role-based CLI access Configuration.
  3. Cisco IOS resilient Configuration and Implementation

4.2 Routing protocols Security

  1. OSPF routing update authentication Implementation

4.3 Control plane Security

  1. Describe control plane policing Function 

4.4 Understanding of Famous Layer 2 attacks

  1. STP attacks Description
  2. ARP spoofing Concept
  3. MAC spoofing Info
  4. CAM table (MAC address table) overflows Concept
  5. CDP/LLDP reconnaissance Explanation
  6. VLAN hopping Info
  7. DHCP spoofing Concepts 

4.5 Mitigation procedures

  1. DHCP snooping Implementation
  2. Dynamic ARP Inspection and Implementation
  3. Port security Implementation
  4. BPDU guard, loop guard, root guard Concepts
  5. Mitigation procedures Verification

4.6 Secure VLAN 

  1. PVLAN Security Implications Info
  2. Native VLAN Security Implications Description

5.0 Understand Firewall Technologies on Cisco

5.1 Different firewall’s Strengths/Weakness Description

  1. Describe Proxy firewalls 
  2. Describe Application firewall
  3. Describe Personal firewall

5.2 Stateful and stateless firewalls Comparison

  1. Operational Concepts
  2. State Table Function Description

5.3 Cisco ASA 9.x NAT Implementation

  1. Policy NAT, Static, PAT, Dynamic, 
  2. NAT operations Verification

5.4 Zone-based firewall Implementation

5.5 Cisco Adaptive Security Appliance (ASA) 9.x Firewall Feature 

  1. ASA access management Configuration
  2. Security access policies configuration
  3. Cisco ASA interface security levels Configuration
  4. Default Cisco Modular Policy Framework (MPF)Configuration
  5. Deployment Mode Concepts: Transparent/Routed Firewall
  6. Concept of High Availability implementation methods 
  7. Security contexts Concept
  8. Firewall services Concepts

6.0 Concept and Terms of IPS

6.1 IPS deployment considerations Description

  1. Difference between Host- and Network-based IPS
  2. Deployment mode: SPAN/tap/inline
  3. IPS Positioning/Placement within Network
  4. False Positive/Negatives, True Positive/Negatives

6.2 IPS technologies Concepts

  1. Signatures and Rules 
  2. Signature Engines and Detection
  3. Trigger Response and action 
  4. Static and Dynamic Blacklist 

7.0 Secure Endpoint and Content 

7.1 Handling and Mitigation of Email Based Threats

  1. DLP
  2. Email Encryption
  3. SPAM Filter
  4. Anti-malware Filter
  5. Blacklist 

7.2 Handling and Mitigation of Web-Based Threats 

  1. Dealing with cloud-based and local web proxies
  2. Malware scan, Web App Filter, Blacklist, URL Categorization
  3. SSL/TLS description

7.3 Handling and Mitigation of Endpoint Threats

  1. HIPS/Personal Firewall
  2. Local Data Encryption Hardware/Software 
  3. Anti-malware and Anti-virus

Cisco 210-260 IINS - EXAM Info

You will get one hour and thirty minutes to attempt 60-70 questions related to Implementing Cisco Network Security (IINS). Exam Languages are English and Japanese.