Friday, 19 July 2013

CCSP Online Training | call us +917386622889

CCSP Online Training            CLICK HERE FOR ENQUIRY   

MODULE 1: Securing networks on routers and switches (SNRS)                           
 ACL
 Time-based Access List
  • Reflexive Access List
  • Dynamic Access List
  • Preventing IP Spoofing Using ACL’s and RPF
 IOS Services
 Configuring NAT on Routers
  • Configuring IP TCP Intercept
  • Configuring NTP
  • Disabling Unnecessary Services on the Routers
  • Implementing Quos for Traffic Control and Congestion
 Management
 Configuring CB-WFQ
  • Configuring LLQ
  • Rate-limiting
 Using NBAR
 Using NBAR for CB-WFQ
  • Using NBAR for LLQ
  • Using NBAR for Traffic Analysis
Blocking Attacks Using ACL’s
  • Blocking Fraggle, Smurf and Fragment Attacks
  • IP Spoofing Attacks
 Mitigating Layer 2 Attacks
 Mitigating MAC Spoofing Attacks
  • Mitigating ARP Spoofing Attacks
  • Mitigating Man-in-the-Middle Attacks
  • Preventing VLAN Hopping Attacks
  • Mitigating DHCP Attacks
 Preventing DoS Attacks
 Mitigating DoS attacks using CAR
  • Mitigating DoS and Syn attacks using CBAC
  • Mitigating DoS and Syn attacks using IP TCP Intercept
 Mitigating Attacks using NBAR and FPM
 Blocking HTTP attacks using NBAR
  • Blocking File Transfer Attacks using NBAR
  • Blocking Fragmented UDP Attacks using FPM
  • Blocking TCP SYN Flood Attacks using FPM
 Service Provider Security
 Blocking Attacks using PBR
  • Blocking Attacks Using Remote Triggered Black Hole
  • Troubleshooting
 Module-2  Firewalls – ASA & IOS Firewall
Basic ASA/IOS Configurations
  • Basic Configurations
  • Configure Static and Default Routes
  • Translations using Dynamic NAT/PAT configurations
  • Configuring communications between interface with the same security level interfaces.
  • Configuring Translations
  • Configuring Timeouts and Connection Limits
  • Configuring Management Protocols on the ASA
  • Configuring Service Protocols on the ASA
  • Access Control
  • Object Groups
  • Running RIP on the ASA
  • Running OSPF on the ASA
  • Running EIGRP on the ASA
  • Configuring Multicast Routing on the ASA
  • Configuring Java, ActiveX and URL Filtering
 Advanced ASA Configurations
  • Layer 2 Transparent Firewall
  • Configuring Management on a Transparent Firewall
  • Configuring ACLs on a Transparent Firewall
  • Configuring ARP Inspection on a Transparent Firewall
  • Configuring Failover
  • Configuring State full Failover
  • Configuring Application Aware Inspection
  • Configuring Quos on the ASA
  • Configuring TCP Normalization
Security Contexts and Redundancy
  • Configuring Multiple Contexts
  • Active/Active Failover using Security Contexts
  • Multi-Mode Transparent Firewall
  • Interface Redundancy
  • Route Tracking Using SLA Monitor
IOS Firewall – Basic Configurations
  • Basic IOS Firewall Configurations
  • Tuning DoS attack parameters
  • Enabling Auditing
  • Filtering (Java and URL Filtering)
  • PAM
IOS Firewall – Advanced Configurations
  • Configuring Zone Based Firewall – Creation of Zones
  • Configuring Zone Based Firewall – Configuring Traffic Policies for Inter-zone Traffic
  • Configuring Parameter-Maps for DoS Thresholds and Deep Packet Inspections
Module -3 Virtual Private Networks (VPN)
LAN to LAN Tunnels – Basic
  • IPSec LAN-to-LAN Router to Router VPN
  • GRE/IPSec Using IPSec Profiles
  • IPSec LAN-to-LAN Router to ASA VPN
  • IPSec LAN-to-LAN Disabling NAT-T thru ASA
  • Multi-Point GRE Tunnel
LAN-to-LAN – Advanced
  • IPSec LAN-to-LAN using DMVPN
  • IPSec LAN-to-LAN with NAT (Overlapping Subnets)
  • High Availability VPN – Without HSRP
  • High Availability VPN – Using HSRP
  • IPSec LAN-to-LAN using GET VPN
  • IPSec LAN-to-LAN using ISAKMP Profiles
 EZVPN Configurations
  • EZVPN Router-Router – Client Mode
  • EZVPN Router-Router – Network Extension Mode
  • EZVPN with Router-Cisco VPN Client
  • EZVPN ASA to Router/Cisco VPN client
  • IPSec Hair pinning with EZVPN
IPSec using CA Server
  • IPSec LAN-to-LAN Router Using CA Server
  • DMVPN Using CA Server
 SSL VPN
  • SSL VPN on the ASA – Basic
  • SSL VPN on the ASA – Advanced
Module 4 – IPS/IDS
IPS Sensor Configurations – Inline Mode
  • IPS Sensor in Inline Mode
  • Signature Tuning on IPS Sensor
  • Signature Firing – Throttle Parameters
  • Configuring Multiple Virtual Sensors – Inline Mode
  • Custom Signatures
  • Configuring Custom Stream Signatures
  • Configuring Custom Packet Signatures
  • Configuring Custom HTTP Signatures
  • Tuning Fragmentation Parameters on the IPS Sensor
  • Configuring Custom Meta Signature
  • Configuring Custom AIC Signatures
IPS Sensor Tuning
  • Configuring Event Overrides
  • Configuring Event Filtering
  • Configuring SNMP Traps
Module-5 Access Management
Configuring AAA Authentication for Management Access
  • Configuring AAA Clients on ACS Server
  • Configuring User & Group Accounts on the ACS Server
  • Configuring AAA Authentication on Routers/Switches
  • Configuring AAA Authentication on ASA
 Configuring AAA for Command Authorization
  • Configuring AAA Command Authorization for   Routers/Switches
  • Configuring AAA Command Authorization for ASA
 Configuring AAA Accounting
  • Configuring AAA Accounting for Router/Switches
  • Configuring AAA Accounting for ASA
  • Configuring AAA Usage Quotas for Users
 Configuring Advanced Features
  • Configuring Authorization Proxy on the Router
  • Configuring Authorization Proxy on the ASA
  • Configuring Downloadable ACLS on the ASA
  • Configuring HTTP Authentication & Authorization on the Router
Posted by at No comments:
Subscribe to: Comments (Atom)