Cisco CSI Training SAFE Implementation
 While most Cisco ® security training
certification courses focus on the mastery of specific technologies, (example: Cisco ® Secure PIX Firewall Advanced (CSPFA) and Cisco ® Secure Intrusion Detection System
(CSIDS), our Cisco ® SAFE Implementation CSI 2.0 course harnesses the power of all of these major Cisco ® security technologies and presents a clear picture of how these
tools should be used together. Consider this CSI training class a requirement if you are responsible for securing small to medium networks that incorporate remote access.
The security tools explored in our expert-led, hands-on course include the very latest versions of IOS routers, Cisco ® Aironet wireless equipment, PIX Firewalls, VPN Concentrators, Cisco ® IDS
Sensors, Cisco ® Host IDS, and the Cisco ® VPN Client.
Audience
This course is a necessity for any student tasked with helping to secure small to medium sized networks. Cisco ® SAFE Implementation is also important for candidates seeking Cisco ® security certifications.
Prerequisites
Students enrolled in this course should be proficient with basic Cisco ® networking and security technologies.
Successful completion of the following certifications (or equivalent experience) is strongly recommended:
- Cisco ® Certified Networking Associate CCNA Certification
and at least one of the following:
- Firewall Specialist
- IDS Specialist
- VPN Specialist
Upon completion of the Cisco ® SAFE Implementation CSI course, the student will be able to:
- Describe the four common types of security threats
- Describe common attack methods and techniques used by hackers
- List the general recommendations for mitigating common attack methods and techniques
- Identify the components of a complete security policy
- Identify the security issues implicit in common management protocols
- Discuss the SAFE design philosophy and how it impacts the decision making process
- List the devices that are part of Cisco ® 's security portfolio
- Understand the basic guidelines to use for product selection
- Identify the functions of the key modules and key devices in a small network
- Identify the specific threats to the small network
- Describe the mitigation roles of Cisco ® 's devices in a small network
- Implement specific configurations to apply the mitigation roles in a small network
- Recommend alternative devices that can fulfill the same mitigation roles in a small network
- Recommend alternative devices that can fulfill the same mitigation roles in a medium network
Training Course includes
- 24 hours of instructor led full multi-media interactive training. The recorded version of the live now training
course.
- One year unlimited access to Online Live Classes and recorded version 24 x 7.
- Our courseware provides a wholly different – and uniquely effective – learning experience.
- Train at your own pace, when you want to at Home or at Work
- Engaging course demos and real-world examples
- Review questions to test one's retention
- Training conducted by Cisco Authorized Trainers with at least 10 years of experience in the field. CCIE and Double CCIE Credentials
- Cisco Authorized Training - Guarantees you always getting the finest training available
|
Online CSI Training Course
Practice Exam Quizzers
Supplemental Reading Material
Simulated Labs
|
kncsico
|
$1195.00
|
|
|
Cisco All Access
Over 36 courses and 4 Certifications
One Year Access 24 x 7 Details
|
kncisall
|
$2400.00
|
|
Course Content
Included Labs
- PIX Interfaces, SYSLOG Outputs, and DHCP
- Configure Access Through the PIX
- Configure ACLs and URL Filtering
- Configure and Test SSH Sessions
- Configuring AAA Security
- Configure CBAC on Perimeter Router
- Configuring IDS on Perimeter Router
- Configuring NAT
- IP Access Lists
- Install Host Sensor Console and Agent
- Create and Test Policies
- Sensor Appliance Initialization
- Add and Monitor Devices using IEV
- Download and Install IEV Software
- Sensor Configuration
- Create and Test Custom String Signatures
- Blocking Configuration
- Configure the VPN Client to Access the Concentrator
- Configure the Concentrator Using CLI
- Configure the Concentrator Using the Concentrator Series Manager
- Activate Concentrator IKE Proposal and Modify SA
- Configure the Concentrator for Split Tunneling and AYT
- Configure Admin Account Authentication using TACACS+
- Configure and Test AAA
- TACACS+, AAA, and Server-Groups
Our Instructors
Live Now Instructors Profiles
Course Content
Module 1: Introduction & Module 2: Security Fundamentals
- The Closed Network
- What Is a Security Policy?
- Variety of Attacks
- Reconnaissance Attacks
- Access Attacks
- Denial of Service Attacks
- Worm, Virus, and Trojan Horse Attacks
- Configuration Management
Summary
Module 3: SAFE Blueprint Overview
- SAFE Goals
- SAFE Environment
- A Target-Rich Environment
- Summary
Module 4: The Cisco ® Security Portfolio
- Cisco ® Security Solutions
- Secure Connectivity
- Cisco ® VPN 3000 Concentrator Series
- Cisco ® VPN-Optimized Routers
- Perimeter Security - PIX Firewall
- Overview - Intrusion Detection Deployment Scenarios
- Host-Based Intrusion Prevention System
- Cisco ® Secure ACS - Features
- Cisco ® IP Solution Center Security Management
- Cisco ® AVVID Overview
- Summary
Module 5: SAFE Small Network Design
- SAFE Design for Small Networks
- Small Network Corporate Internet Module Components and Key Devices
- Small Network Campus Module Key Devices
- ISP Router - Implementation Commands
- The Cisco ® IOS Firewall
- Cisco ® PIX Firewall - Implementation Commands
- CSA MC Menu Bar
- Summary
- PIX Interfaces, SYSLOG Outputs, and DHCP
- Configure Access Through the PIX
- Configure ACLs and URL Filtering
- Configure and Test SSH Sessions
- Configuring AAA Security
- Configure CBAC on Perimeter Router
- Configuring IDS on Perimeter Router
- Configuring NAT
- IP Access Lists
Module 6: SAFE Midsize Network Design
- SAFE Design for Midsize Network
- Design Guidelines for the ISP Router
- Midsize Network Campus Module Key Devices
- Design Guidelines for the Core Switch
- Midsize Network WAN Module Key Devices and Expected Threats
- ISP Router - Implementation Commands Summary
- Sensor Interface Overview
- VPN 3000 Concentrator Implementation
- Cisco ® Layer 3 Switch - Implementation Commands
- Summary
- Install Host Sensor Console and Agent
- Create and Test Policies
- Sensor Appliance Initialization
- Add and Monitor Devices using IEV
- Download and Install IEV Software
- Sensor Configuration
- Create and Test Custom String Signatures
- Blocking Configuration
Module 7: Remote User Network Implementation
- Design Overview - Remote User Connectivity
- SAFE Remote User - Key Devices
- Software Access Option - Attack Mitigation Roles
- Remote Site Firewall - Attack Mitigation Roles
- VPN Hardware Client - Attack Mitigation Roles
- emote-Site Router - Attack Mitigation Roles
- Summary
- Configure the VPN Client to Access the Concentrator
- Configure the Concentrator Using CLI
- Configure the Concentrator Using the Concentrator Series Manager
- Activate Concentrator IKE Proposal and Modify SA
- Configure the Concentrator for Split Tunneling and AYT
- Configure Admin Account Authentication using TACACS+
- Configure and Test AAA
- TACACS+, AAA, and Server-Groups
Module 8: SAFE Enterprise Network Design
- Enterprise Network SAFE Block Diagram
- Enterprise Network Campus
- Enterprise Network Edge
- Summary
Module 9: SAFE: IP Telephony Security in Depth
- The Need for IP Telephony
- SAFE IP Telephony Caveats
- SAFE IP Telephony Axioms
- Cisco ® IP Communications
- IP Telephony Design Fundamentals
- Small Network IP Telephony Design
- Medium IP Telephony Design
- Large Network IP Telephony Design
- Summary
Module 10: SAFE: Wireless LAN Security in Depth
- 10-3 The Need for Wireless
- SAFE WLAN Caveats
- WLAN Networks are Targets - Security Extensions Are Required
- SWAN
- WLAN Network Design Fundamentals
- Standard WLAN Design Guidelines
- Enterprise Network - EAP with TKIP Option
- Medium Network - EAP with TKIP Option
- Small Network EAP WLAN Design
- Remote WLAN Design
- Access Point - Setup Menu Options
- Summary
|
