SND v2.0 is a five-day, leader-led course which is delivered by Ascoltas
highly trained Security Instructors. This course is an entry level network security
course offered as a pre-requisite to the Cisco Qualified Specialist curriculum.
It provides an opportunity to learn about a broad range of the components embedded
in Cisco SAFE blueprint. In this course learners will recognize threats and
vulnerabilities to networks and learn how to implement basic mitigation measures.
The course provides an introduction to the Cisco products and solutions that
form the basis of the Cisco security portfolio. Learners will be able to perform
basic task to secure network devices at Layers 2 and 3 using command line interface
and web-based GUIs. Devices include routers, switches, access control servers,
IPS sensors and VPN concentrators.
Who should attend this course?
- Channel Partner / Reseller that work with Cisco Routers and Switches and
have a need to secure these devices.
- Cisco Customers who wish to obtain the knowledge for securing Cisco Routers
and Switches or who are pursuing the Cisco Certified Security Professional
Career certification.
- Cisco Employees that need formal training on Securing Cisco devices.
Pre-SND course recommendations
Prerequisites
- Certification as a CCNA or the equivalent knowledge (optional)
- Basic knowledge of the Windows operating system
- Familiarity with networking and security terms and concepts (the concepts
are learned in prerequisite training or by reading industry publications)
- Interconnecting Cisco Network Devices (ICND)
Why are these prerequisites important?
Although this course is an entry level course, the technologies are not easy
to understand unless the learner has a basic networking foundation. The topics
and concepts discussed are taught in full detail, and the lab exercises are
meant to solidify those concepts. Students who struggle with the most basic
Cisco Command Line modes and basic networking knowledge may have a hard time
getting a handle on the important security concepts that are related.
Follow-on courses
Certifications
- CCSP
- Cisco Firewall Specialist
- Cisco IPS Specialist
- Cisco VPN Specialist
Number of Days:
5- Days instructor-led classroom training. (Approx. 7 hours each day.)
Also available in instructor-led Ascolta LIVE training format. (Approx. 4 hours
each day.)
What is Ascolta LIVE training?
Ascolta LIVE training and long distance learning offered by Ascolta using state
of the art virtual classroom software. This learning environment is still led
by a live instructor that is available to answer your questions in real time.
The sessions are recorded so you can review them as necessary. There are no
travel costs, we ship you the learner material, verify that your computer meets
the requirements for the learning environment, and you sit back, relax in the
comfort of your own home or office, and learn.
Call for details. 949-477-2000 option
3
Course Objectives
Successful graduates will be able to secure the network environment
using existing Cisco IOS and CatOS security features, configure the three primary
components of the Cisco IOS Firewall Feature set (context-based access control
(CBAC), intrusion prevention, and authentication proxy), implement secure tunnels(VPNs)
using IPSec technology, and implement basic access switch security. In addition,
they will complete a security audit using functions embedded in Cisco Security
Device Manager.
Course Flow
This is the standard course schedule for a 5 day, instructor-led
class. Adjustments may be made based on the skills, knowledge, and preferences
of the learners in attendance.
| Day 1: Module 1Introduction to Network Security
Policies |
| DAY 1 |
8:308:50 (08300850) |
Course Introduction |
| 9:0010:00 (09001000) |
Lesson 1-1: Understanding the Requirement for a Network Security Policy |
| 10:1011:00 (10101100) |
Lesson 1-2: Introducing Network Attack Mitigation Techniques |
| 11:0011:10 (11001110) |
Break |
11:1012:00 (11101200)
|
Lesson 1-2: Introducing Network Attack Mitigation Techniques |
| 12:001:00 (12001300) |
Lunch |
| 1:001:50 (13001350) |
Lab 1-1: Discovering Network Vulnerabilities and Threats |
| 2:002:15 (14001415) |
Lesson 1-3: Thinking Like a Hacker |
| 2:152:45 (14151445) |
Lesson 1-4: Designing a Secure Network Life-Cycle Model |
| 2:453:00 (14451500) |
Break |
| 3:003:30 (15001530) |
Case Study 1-1: Developing a Comprehensive Network Security Policy |
| 3:404:30 (15401630) |
Lesson 1-5: Developing a Comprehensive Security Policy |
| 4:304:45 (16301645) |
Lesson 1-6: Building Cisco Self Defending Networks and Module 1 Summary
and Self-Check |
| 4:45 (1645) |
Day ends |
| Day 2: Module 2 Securing the Perimeter |
| DAY 2 |
8:008:30 (08000830) |
Review of Day 1 |
| 8:308:55 (08300855) |
Lesson 2-1: Applying a Security Policy for Cisco Routers |
| 9:009:45 (09000945) |
Lesson 2-2: Securing Administrative Access to Cisco Routers |
| 9:459:55 (09450955) |
Break |
| 9:5510:20 (09551020) |
Lesson 2-2: Securing Administrative Access to Cisco Routers |
| 10:2011:25 (10201125) |
Lab 2-1 Securing Administrative Access to Cisco Routers |
| 11:3512:00 (11351200) |
Lesson 2-3: Introducing Cisco SDM |
| 12:001:00 (12001300) |
Lunch |
| 1:001:45 (13001345) |
Lesson 2-4: Configuring AAA Functions on the Cisco IOS Router |
| 1:552:25 (13551425) |
Lab 2-2: Configuring AAA for Cisco Routers |
| 2:353:15 (14351515) |
Lesson 2-5: Disabling Unused Cisco Router Network Services and Interfaces |
| 3:304:20 (15301620) |
Lab 2-3: Using Cisco SDM Security Audit |
| 4:20 (1620) |
Day ends |
| Day 3: Module 2Securing the Perimeter; Module
3Securing LAN and WLAN Devices; Module 4Cisco IOS Firewall
Configuration |
| DAY 3 |
8:008:30 (08000830) |
Review of Day 2 |
| 8:309:00 (08300900) |
Lesson 2-6: Implementing Secure Management and Reporting |
| 9:009:10 (09000910) |
Break |
| 9:109:35 (09100935) |
Lesson 2-6: Implementing Secure Management and Reporting |
| 9:109:35 (09100935) |
Lesson 2-7: Defending the Network Perimeter with Cisco Products |
| 9:359:50 (09350950) |
Module 2 Summary and Self-Check |
| 10:0010:15 (10001015) |
Lesson 3-1: Applying Security Policies to Network Switches |
| 10:1510:50 (10151050) |
Lesson 3-2: Mitigating Layer 2 Attacks |
| 11:0011:20 (11001120) |
Lesson 3-3: Using Cisco Catalyst Switch Security Features |
| 11:2012:00 (11201200) |
Lesson 3-4: Securing WLANs |
| 12:001:00 (12001300) |
Lunch |
| 1:001:20 (13001320) |
Case Study 3-1: Using Cisco Catalyst Switch Security Features |
| 1:201:50 (13201350) |
Lesson 4-1: Introducing Firewall Technologies |
| 1:502:00 (13501400) |
Break |
| 2:002:25 (14001425) |
Lesson 4-1: Introducing Firewall Technologies |
| 2:252:45 (14251445) |
Lesson 4-2: Building Static Packet Filters with Cisco ACLs |
| 2:453:00 (14451500) |
Break |
| 3:003:40 (15001540) |
Lesson 4-2: Building Static Packet Filters with Cisco ACLs |
| 3:504:15 (15501615) |
Lesson 4-3: Configuring a Cisco IOS Firewall with the Cisco SDM Firewall
Wizard |
| 4:155:00 (16151700) |
Lab 4-1: Configuring a Cisco IOS Firewall |
| 5:00 (1700) |
Day ends |
| Day 4: Module 4Cisco IOS Firewall Configuration;
Module 5Securing Networks with Cisco IOS IPS; Module 6Building
IPsec VPNs |
| DAY 4 |
8:008:30 (08000830) |
Review of Day 3 |
| 8:308:55 (08300855) |
Lesson 4-4: Defending Your Network with the Cisco Firewall Product Family |
| 9:1510:00 (09151000) |
Lesson 5-1: Introducing Cisco IOS IPS |
| 10:0010:15 (10001015) |
Break |
| 10:1511:00 (10151100) |
Lesson 5-1: Introducing IDS and IPS |
| 11:1511:45 (11151145) |
Lesson 5-2: Configuring Cisco IOS IPS |
| 11:4512:00 (11451200) |
Lab 5-1: Configuring Cisco IOS IPS |
| 12:001:00 (12001300) |
Lunch |
| 1:001:50 (13001350) |
Lab 5-1: Configuring Cisco IOS IPS |
| 2:002:25 (14001425) |
Lesson 5-3: Defending Your Network with the Cisco IPS Product Family |
| 2:353:20 (14351520) |
Lesson 6-1: Introducing IPSec VPNs |
| 3:303:50 (15301550) |
Lesson 6-2: Building a Site-to-Site IPSec VPN Operation |
| 4:00 (1600) |
Day ends |
| Day 5: Module 6Building IPsec VPNs |
| DAY 5 |
8:008:30 (08000830) |
Review of Day 4 |
| 8:409:10 (08400910) |
Lesson 6-3: Configuring IPSec Site-to-Site VPNs Using Cisco SDM |
| 9:1010:15 (09101015) |
Lab 6-1: Configuring Site-to-Site IPSec VPNs |
| 10:3011:00 (10301100) |
Lesson 6-4: Building Remote-Access VPNs |
| 11:1011:30 (11101130) |
Lab 6-2: Configuring a Remote-Access VPN Client |
| 11:301:00 (11301300) |
Lunch |
| 1:001:15 (13001315) |
Lab 6-2: Configuring a Remote-Access VPN Client |
| 1:152:00 (13151400) |
Lesson 6-5: Defending Your Network with the Cisco VPN Product Family |
| 2:152:30 (14151430) |
Wrap-up |
Lab Topologies
Click Image
to see full size
Hands-on Lab Exercises
- Lab 1-1: Discovering Network Vulnerabilities and Threats
- Lab 2-1: Securing Administrative Access to Cisco Routers
- Lab 2-2: Configuring AAA for Cisco Routers
- Lab 2-3: Using Cisco SDM Security Audit
- Lab 4-1: Configuring a Cisco IOS Firewall
- Lab 5-1: Configuring Cisco IOS IPS
- Lab 6-1: Configuring Site-to-Site IPSec VPNs
- Lab 6-2: Configuring a Remote-Access VPN Client
- Configuration Files Summary
- Lab Activity Solutions
Technical Case Studies
- Case Study 1-1: Developing a Comprehensive Network Security Policy
- Case Study 3-1: Using Cisco Catalyst Switch Security Features
Call for details. 949-477-2000 option
3
