✆ (855)77/87-616102
delicious
facebook
email
  • Home
  • Courses
    • Upcoming Courses
  • Partners
  • Contact Us
    • Why with us?
    • About Us

Network Security

February 11, 2022
by admin
Security
Comments are off
Introduction

Today’s organizations are challenged with responding rapidly to emerging network security threats. Security personnel configure and monitor various network security threat mitigation measures, such as device hardening, intrusion prevention systems, and firewalls, to protect data assets and network systems from attack. The purpose of this course is to provide skills and knowledge in the field of network security.

Target Audience

The Network Security course is designed for Cisco Networking Academy® students who are seeking career-oriented, entry-level network security skills. Target students include individuals enrolled in technology degree programs at institutions of higher education and IT professionals who want to pursue a career in the network security field. Learners in this course are exposed to the foundational knowledge required to respond to network security threats through various threat mitigation measures.

Prerequisites

While there are no set prerequisites for the Network Security course, it is RECOMMENDED that students have the following skills and knowledge:

  • PC and internet navigation skills
  • Familiarity with Cisco Packet Tracer
  • Basic understanding of computer networks (CCNA1 ITN and CCNA2 SRWE level)

Course Description

The course has many features to help students understand these concepts:

  • The course is comprised of twenty-two (22) modules. Each module is comprised of topics.
  • Modules emphasize critical thinking, problem solving, collaboration, and the practical application of skills.
  • Many modules contain some way to practice and assess understanding, such as a lab or a Packet Tracer activity. These module-level activities provide feedback and are designed to indicate the learner’s mastery of the skills needed for the course. Learners can ensure their level of understanding well before taking a graded quiz or exam.
  • Some topics may contain a Check Your Understanding interactive quiz. These topic-level assessments are designed to tell learners if they have a good grasp of the topic content, or if they need to review before continuing. Learners can ensure their level of understanding well before taking a graded quiz or exam. Check Your Understanding quizzes do not affect the learner’s overall grade.
  • Rich multimedia content, including activities, videos, and quizzes, addresses a variety of learning styles, helps stimulate learning, and increases knowledge retention.
  • Hands-on labs help students develop critical thinking and complex problem-solving skills.
  • Innovative assessments provide immediate feedback to support the evaluation of knowledge and acquired skills.
  • Technical concepts are explained using language that works well for learners at all levels and embedded interactive activities break up reading of the content and help reinforce understanding.
  • The curriculum encourages students to consider additional IT education, but also emphasizes applied skills and hands-on experience.
  • Cisco Packet Tracer activities are designed for use with Packet Tracer v8.0 or later.

Course Objectives

Network Security helps students develop the skills needed for entry-level network security career opportunities. It provides a theoretically rich, hands-on introduction to network security, in a logical sequence driven by technologies.
The goals of the Network Security course are as follows:

  • Provide an in-depth, theoretical understanding of network security.
  • Provide students with the knowledge and skills necessary to design and support network security.
  • Provide an experience-oriented course that employs industry-relevant instructional approaches to prepare students for entry-level jobs in the industry.
  • Enable students to have significant hands-on interaction with IT equipment to prepare them for exams and career opportunities.

Upon completion of the Network Security course, students will be able to perform the following tasks:

  • Explain the various types of threats and attacks.
  • Explain the tools and procedures to mitigate the effects of malware and common network attacks.
  • Configure command authorization using privilege levels and role-based CLI.
  • Implement the secure management and monitoring of network devices.
  • Configure AAA to secure a network.
  • Implement ACLs to filter traffic and mitigate network attacks on a network.
  • Implement Zone-Based Policy Firewall using the CLI.
  • Explain how network-based Intrusion Prevention Systems are used to help secure a network.
  • Explain endpoint vulnerabilities and protection methods.
  • Implement security measures to mitigate Layer 2 attacks.
  • Explain how the types of encryption, hashes, and digital signatures work together to provide confidentiality, integrity, and authentication.
  • Explain how a public key infrastructure is used to ensure data confidentiality and provide authentication.
  • Configure a site-to-site IPsec VPN, with pre-shared key authentication, using the CLI.
  • Explain how the ASA operates as an advanced stateful firewall.
  • Implement an ASA firewall configuration.
  • Implement an ASA firewall configuration using ASDM (optional).
  • Test network security.

Network Security Outline

Listed below are the current set of modules and their associated competencies outlined for this course. Each module is an integrated unit of learning that consists of content, activities, and assessments that target a specific set of competencies. The size of the module will depend on the depth of knowledge and skill needed to master the competency. Some modules are considered foundational, in that the artifacts presented, while not assessed, enable learning of concepts covered on the exam.

Module/TopicsGoals/Objectives
Module 1. Securing NetworksExplain Network Security.
1.0 IntroductionA brief introduction to the course and the first module.
1.1 Current State of AffairsDescribe the current network security landscape.
1.2 Network Topology OverviewDescribe how all types of networks need to be protected.
1.3 Securing Networks SummaryA brief summary and the module quiz.
Module 2. Network ThreatsExplain the various types of threats and attacks
2.0 IntroductionAn introduction to the module.
2.1 Who is Attacking Our Network?Explain how network threats have evolved.
2.2 Threat Actor ToolsDescribe the various types of attack tools used by Threat Actors.
2.3 MalwareDescribe types of malware.
2.4 Common Network Attacks – Reconnaissance, Access, and Social EngineeringExplain reconnaissance, access, and social engineering network attacks.
2.5 Network Attacks – Denial of Service, Buffer Overflows, and EvasionExplain Denial of Service, buffer overflow, and evasion attacks
2.6 Network Threats SummaryA brief summary and the module quiz.
Module 3. Mitigating ThreatsExplain tools and procedures to mitigate the effects of malware and common network attacks.
3.0 IntroductionAn introduction to the module.
3.1 Defending the NetworkDescribe methods and resources to protect the network.
3.2 Network Security PoliciesExplain several types of network security policies
3.3 Security Tools, Platforms, and ServicesExplain the purpose of security platforms.
3.4 Mitigating Common Network AttacksDescribe the techniques used to mitigate common network attacks.
3.5 Cisco Network Foundation Protection FrameworkExplain how to secure the three functional areas of Cisco routers and switches.
3.6 Mitigating Threats SummaryA brief summary and the module quiz.
Module 4. Secure Device AccessConfigure secure administrative access.
4.0 IntroductionAn introduction to the module.
4.1 Secure the Edge RouterExplain how to secure a network perimeter.
4.2 Configure Secure Administrative AccessUse the correct commands to configure passwords on a Cisco IOS device.
4.3 Configure Enhanced Security for Virtual LoginsUse the correct commands to configure enhanced security for virtual logins.
4.4 Configure SSHConfigure an SSH daemon for secure remote management.
4.5 Secure Device Access SummaryA brief summary and the module quiz.
Module 5. Assign Administrative RolesConfigure command authorization using privilege levels and role-based CLI.
5.0 IntroductionAn introduction to the module.
5.1 Configure Privilege LevelsUse the correct commands to configure administrative privilege levels to control command availability.
5.2 Configure Role-Based CLIUse the correct commands to configure role-based CLI access to control command availability.
5.3 Assign Administrative Roles SummaryA brief summary and the module quiz.
Module 6. Device Monitoring and ManagementImplement the secure management and monitoring of network devices.
6.0 IntroductionAn introduction to the module.
6.1 Secure Cisco IOS Image and Configuration FilesExplain how the Cisco IOS resilient configuration feature and Secure Copy are used to secure the Cisco IOS image and configuration files.
6.2 Lock Down a Router Using AutoSecureUse the correct commands for AutoSecure to enable security on IOS-based routers.
6.3 Routing Protocol AuthenticationUse the correct commands to configure routing protocol authentication.
6.4 Secure Management and ReportingCompare in-band and out-of-band management access.
6.5 Network Security Using SyslogExplain how to configure syslog to log system events.
6.6 NTP ConfigurationConfigure NTP to enable accurate timestamping between all devices.
6.7 SNMP ConfigurationConfigure SNMP to monitor system status.
6.8 Device Monitoring and Management SummaryA brief summary and the module quiz.
Module 7. Authentication, Authorization and Accounting (AAA)Configure AAA to secure a network.
7.0 IntroductionAn introduction to the module.
7.1 AAA CharacteristicsDescribe AAA.
7.2 Configure Local AAA AuthenticationConfigure AAA authentication to validate users against a local database.
7.3 Server-Based AAA Characteristics and ProtocolsDescribe the server-based AAA protocols.
7.4 Configure Server-Based AuthenticationConfigure server-based AAA authentication on Cisco routers.
7.5 Configure Server-Based Authorization and AccountingUse the correct commands to configure server-based AAA authorization and accounting.
7.6 Authentication, Authorization and Accounting (AAA) SummaryA brief summary and the module quiz.
Module 8. Access Control ListsImplement access control lists (ACLs) to filter traffic and mitigate network attacks on a network.
8.0 IntroductionAn introduction to the module.
8.1 Introduction to Access Control ListsDescribe standard and extended IPv4 ACLs.
8.2 Wildcard MaskingExplain how ACLs use wildcard masks
8.3 Configure ACLsExplain how to configure ACLs.
8.4 Modify ACLsUse sequence numbers to edit existing standard IPv4 ACLs
8.5 Implement ACLsImplement ACLs.
8.6 Mitigate Attacks with ACLsUse ACLs to mitigate common network attacks.
8.7 IPv6 ACLsConfigure IPv6 ACLs using CLI.
8.8 Access Control Lists SummaryA brief summary and the module quiz.
Module 9: Firewall TechnologiesExplain how firewalls are implemented to provide network security.
9.0 IntroductionAn introduction to the module.
9.1 Secure Networks with FirewallsExplain how firewalls are used to help secure networks.
9.2 Firewalls in Network DesignExplain design considerations for implementing firewall technologies
9.3 Firewall Technologies SummaryA brief summary and the module quiz.
Module 10: Zone-Based Policy FirewallsImplement Zone-Based Policy Firewall using CLI.
10.0 IntroductionAn introduction to the module.
10.1 ZPF OverviewExplain how Zone-Based Policy Firewalls are used to help secure a network.
10.2 ZPF OperationExplain the operation of a Zone-Based Policy Firewall.
10.3 Configure a ZPFConfigure a Zone-Based Policy Firewall with CLI.
10.4 Zone-Based Policy Firewalls SummaryA brief summary and the module quiz.
Module 11: IPS TechnologiesExplain how network-based Intrusion Prevention Systems are used to help secure a network.
11.0 IntroductionAn introduction to the module.
11.1 IDS and IPS CharacteristicsExplain the functions and operations of IDS and IPS systems.
11.2 IPS ImplementationsExplain how network-based IPS are implemented.
11.3 IPS on Cisco ISRsDescribe the IPS technologies that are available on Cisco ISR routers.
11.4 Cisco Switched Port AnalyzerConfigure Cisco SPAN.
11.5 IPS Technologies SummaryA brief summary and the module quiz.
Module 12: IPS Operation and ImplementationExplain how signatures are used to detect malicious network traffic.
12.0 IntroductionAn introduction to the module.
12.1 IPS SignaturesDescribe IPS signatures.
12.2 Cisco Snort IPSExplain how the Cisco Snort IPS provides network security services.
12.3 Configure Snort IPSExplain how to configure Snort IPS on a Cisco ISR G2.
12.4 IPS Operation and Implementation SummaryA brief summary and the module quiz.
Module 13: Endpoint SecurityExplain endpoint vulnerabilities and protection methods.
13.0 IntroductionAn introduction to the module.
13.1 Endpoint Security OverviewDescribe endpoint security and the enabling technologies.
13.2 802.1X AuthenticationExplain the functions of 802.1x components.
13.3 Endpoint Security SummaryA brief summary and the module quiz.
Module 14: Layer 2 Security ConsiderationsImplement security measures to mitigate Layer 2 attacks.
14.0 IntroductionAn introduction to the module.
14.1 Layer 2 Security ThreatsDescribe Layer 2 vulnerabilities.
14.2 MAC Table AttacksDescribe MAC address spoofing attacks.
14.3 Mitigate MAC Table AttacksConfigure port security.
14.4 Mitigate VLAN AttacksExplain how to mitigate VLAN attacks.
14.5 Mitigate DHCP AttacksUse the correct command to implement DHCP Snooping for attack mitigation.
14.6 Mitigate ARP AttacksUse the correct command to mitigate ARP attacks.
14.7 Mitigate Address Spoofing AttacksUse the correct command to mitigate address spoofing attacks.
14.8 Spanning Tree ProtocolExplain the operation of Spanning Tree Protocol.
14.9 Mitigate STP AttacksConfigure security measures to mitigate STP attacks.
14.10 Layer 2 Security Considerations SummaryA brief summary and the module quiz.
Module 15: Cryptographic ServicesExplain how the types of encryption, hashes, and digital signatures work together to provide confidentiality, integrity, and authentication.
15.0 IntroductionAn introduction to the module.
15.1 Secure CommunicationsExplain the requirements of secure communications including integrity, authentication, and confidentiality.
15.2 CryptographyDescribe cryptography.
15.3 CryptanalysisDescribe cryptanalysis.
15.4 CryptologyDescribe cryptology.
15.5 Cryptographic Services SummaryA brief summary and the module quiz.
Module 16: Basic Integrity and AuthenticityExplain how cryptography is used to ensure data integrity and authentication.
16.0 IntroductionAn introduction to the module.
16.1 Integrity and AuthenticityExplain the role of cryptography in ensuring the integrity and authenticity of data.
16.2 Key ManagementDescribe the components of key management.
16.3 ConfidentialityExplain how cryptographic approaches enhance data confidentiality.
16.4 Basic Integrity and Authenticity SummaryA brief summary and the module quiz.
Module 17: Public Key CryptographyExplain how a public key infrastructure is used to ensure data confidentiality and provide authentication.
17.0 IntroductionAn introduction to the module.
17.1 Public Key Cryptography with Digital SignaturesExplain public key cryptography.
17.2 Authorities and the PKI Trust SystemExplain how the public key infrastructure functions.
17.3 Applications and Impacts of CryptographyExplain how the use of cryptography affects cybersecurity operations.
17.4 Public Key Cryptography SummaryA brief summary and the module quiz.
Module 18: VPNsExplain the purpose of VPNs.
18.0 IntroductionAn introduction to the module.
18.1 VPN OverviewDescribe VPNs and their benefits.
18.2 VPN TopologiesCompare remote-access and site-to-site VPNs.
18.3 IPsec OverviewDescribe the IPsec protocol and its basic functions.
18.4 IPsec ProtocolsCompare AH and ESP protocols.
18.5 Internet Key ExchangeDescribe the IKE protocol.
18.6 VPNs SummaryA brief summary and the module quiz.
Module 19: Implement Site-to-Site IPsec VPNs with CLIConfigure a site-to-site IPsec VPN, with pre-shared key authentication, using CLI.
19.0 IntroductionAn introduction to the module.
19.1 Configure a Site-to-Site IPsec VPNDescribe IPsec negotiation and the five steps of IPsec configuration.
19.2 ISAKMP PolicyUse the correct commands to configure an ISAKMP policy.
19.3 IPsec PolicyUse the correct commands to configure the IPsec policy.
19.4 Crypto MapUse the correct command to configure and apply a Cryptomap.
19.5 IPsec VPNConfigure the IPsec VPN.
19.6 Implement Site-to-Site IPsec VPNs with CLI SummaryA brief summary and the module quiz.
Module 20: Introduction to the ASAExplain how the ASA operates as an advanced stateful firewall.
20.0 IntroductionAn introduction to the module.
20.1 ASA SolutionsCompare ASA solutions to other routing firewall technologies.
20.2 The ASA 5506-X with FirePOWER ServicesDescribe three ASA deployment scenarios.
20.3 Introduction to the ASA SummaryA brief summary and the module quiz.
Module 21: ASA Firewall ConfigurationImplement an ASA firewall configuration.
21.0 IntroductionAn introduction to the module.
21.1 Basic ASA Firewall ConfigurationExplain how to configure an ASA-5506-X with FirePOWER Services.
21.2 Configure Management Settings and ServicesConfigure management settings and services on a ASA5506-X firewall.
21.3 Object GroupsExplain how to configure object groups on an ASA.
21.4 ASA ACLsUse the correct commands to configure access lists with object groups on an ASA.
21.5 NAT Services on an ASAUse the correct commands to configure an ASA to provide NAT services.
21.6 AAAUse correct command to configure access control using the local database and AAA server.
21.7 Service Policies on an ASAConfigure service policies on an ASA
21.8 ASA Firewall Configuration SummaryA brief summary and the module quiz.
21.9 Introduction to ASDM (Optional)
Module 22: Network Security TestingDescribe the various techniques and tools used for network security testing.
22.0 IntroductionAn introduction to the module.
22.1 Network Security Testing TechniquesDescribe the techniques used in network security testing.
22.2 Network Security Testing ToolsDescribe the tools used in network security testing
22.3 Network Security Testing SummaryA brief summary and a module quiz.
Social Share
Other Courses
  • Upcoming Courses
  • IT Essentials
  • Cisco CCNAv7
  • Cisco CCNA1v7
  • Cisco CCNA2v7
  • Cisco CCNA3v7
  • Introduction to Cybersecurity
  • Cybersecurity Essentials
  • CyberOps Associate
  • Network Security
  • Cloud Security
  • MikroTik MTCNA
  • INE
  • VoIP and PABX
  • CCNA Exam Preparation

PPIC is qualified IT Training Center that authorized to teach Cisco and MikroTik courses in Phnom Penh, Cambodia.

Address: #194D, Russian Federation Blvd, CPC, Toeuk Thlar, Sen Sok, Phnom Penh, Cambodia.

  • Why with us?
  • Upcoming Courses
  • Contact Us
Facebook Pagelike Widget
https://t.me/ppictraining Our Telegram Channel
✆ (855)77-616102 ✆ (855)87-616102 ✉ info@ppic-training.com
© Copyright 2022, PPIC