Mar 19, 2024  
2021-2022 Course Catalog 
    
2021-2022 Course Catalog [ARCHIVED CATALOG]

Add to Portfolio (opens a new window)

NET 350 - Cisco Security

Credits: 4
Lecture Hours: 2
Lab Hours: 4
Practicum Hours: 0
Work Experience: 0
Course Type: Voc/Tech
The Cisco Networking Security course provides a next step for individuals who want to enhance their CCENT-level skill set and help meet the growing demand for network security professionals. The curriculum provides an introduction to the core security concepts and skills needed for the installation, troubleshooting, and monitoring of network devices to maintain the integrity, confidentiality, and availability of data and devices.
Prerequisite: NET 225  
Competencies
  1. Evaluate modern network security threats
    1. Describe the evolution of network security
    2. Distinguish the major organizations responsible for enhancing network security
    3. Describe computer network viruses, worms, and Trojan Horses
    4. Describe mitigation techniques for viruses, worms, and Trojan Horses
    5. Explain how reconnaissance, access, and Denial of Service attacks are launched
    6. Give examples of how to secure the three functional areas of Cisco routers and switches
  2. Assess how to secure network devices
    1. Explain how to secure a network perimeter
    2. Configure secure administrative access to Cisco routers and enhanced security for virtual logins
    3. Use role-based CLI access to control command availability
    4. Compare in-band and out-of-band management access
    5. Configure SNMP to monitor system status
    6. Use NTP to enable accurate time stamping between all devices
  3. Evaluate Authentication, Authorization, and Accounting as it pertains to network security
    1. Configure AAA authentication using the CLI and CCP, to validate users against a local database
    2. Describe the benefits of server-based AAA and compare the TACACS+ and RADIUS authentication protocols
    3. List the features of Cisco Secure ACS for Windows
    4. Configure server-based AAA authentication using the CLI and CCP on Cisco routers
    5. E. Troubleshoot sever-based AAA authentication using Cisco Secure ACS
  4. Analyze firewall implementation technologies
    1. Configure standard and extended IPv4 and IPv6 ACLs using CLI and CCP
    2. Verify functionality of a configured ACL in relation to the network topology
    3. Configure TCP established, reflexive, dynamic, and time-based ACLs
    4. Use ACLs to mitigate common network attacks
    5. Explain how firewalls are used to help secure networks
    6. Describe the operation and benefits of a Zone-Based Policy Firewall
  5. Examine intrusion prevention as implemented on a network
    1. Describe the characteristics of IPS signatures
    2. Explain how the signature actions affect network traffic
    3. Configure, verify, and monitor Cisco IOS IPS configuration
  6. Assess methods of securing a local network
    1. Describe endpoint security and the enabling technologies
    2. Explain how Cisco IronPort and Cisco NAC products are used to ensure endpoint security
    3. Describe Layer 2 vulnerabilities, MAC address spoofing, and table overflow attacks
    4. Demonstrate how to mitigate STP manipulation, LAN storm attacks, and VLAN attacks
    5. Configure and verify port security using BPDU Guard, BPDU Filter, and Root Guard
    6. Configure VLAN trunk security to mitigate VLAN hopping attacks
    7. Describe fundamental aspects of enterprise, wireless, VoIP, and SAN security
  7. Compare and contrast methods of cryptographic systems
    1. Describe integrity, authentication, and confidentiality
    2. Explain cryptography, cryptanalysis, and cryptology and provide examples
    3. Examine the importance and functions of cryptographic hashes
    4. Describe the features and functions of the MD5 and SHA-1 algorithms
    5. Illustrate the mechanisms used to ensure data confidentiality
    6. Describe the function of DES, 3DES, and AES algorithms
    7. Explain the difference between symmetric and asymmetric encryptions
    8. Discuss the functionality of digital signatures
    9. Describe the principles behind a public key infrastructure (PKI) and various PKI standards
  8. Evaluate methods of implementing virtual private networks
    1. Describe VPNs and their benefits
    2. Identify the Cisco VPN product line and the security features of these products
    3. Describe the IPsec protocol and its basic features
    4. Compare AH and ESP protocols
    5. Explain how to prepare IPsec by ensuring that ACLs are compatible with IPsec
    6. Configure a site-to-site VPN using Quick Setup and step-by-step VPN Wizard in CCP
    7. Explain how the corporate landscape is changing to support telecommuting
    8. Examine how SSL is used to establish a secure VPN connection
  9. Evaluate the Cisco Adaptive Security Appliance
    1. Describe and compare ASA solutions to other routing firewall technologies
    2. Configure an ASA to provide basic firewall services using ADSM
    3. Explain and configure access lists with object groups on an ASA
    4. Configure an ASA to provide NAT services
    5. Assess access control using the local database and AAA server
    6. Describe the configuration of ASA policies using the Cisco Modular Policy Framework
    7. Describe ASA VPN features
    8. Configure remote-access VPN support using a clientless SSL VPN and Cisco Anyconnect
  10. Critique methods of managing a secure network
    1. Describe the high level considerations for ensuring that a network is secure
    2. List the benefits of risk management and the measures to take to optimize risk management
    3. Define and describe the components, technologies and devices of the Cisco SecureX Architecture
    4. Explain the overarching concepts and core principles of operations security
    5. Evaluate the purpose of, the techniques, and the tools used in network security testing
    6. Describe business continuity and disaster recovery
    7. Review the goals of a security policy
    8. Assess the roles and responsibilities entailed within a security policy
    9. Describe the concepts of security awareness
    10. Evaluate ethical guidelines and laws for network security
    11. Describe how to respond to a security breach



Add to Portfolio (opens a new window)