COURSE DESCRIPTION
- Explain common threats against on-premises and cloud environments
- Compare common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery
- Describe functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate-based authorization
- Compare site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect
- Describe security intelligence authoring, sharing, and consumption
- Explain the role of the endpoint in protecting humans from phishing and social engineering attacks
- Explain North Bound and South Bound APIs in the SDN architecture
- Explain DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting
- Interpret basic Python scripts used to call Cisco Security appliances APIs
CERTIFICATION
The core exam focuses on your knowledge of security infrastructure. Concentration exams focus on emerging and industry-specific topics such as including identity and access management, web and email security, Next Generation Firewalls, Next Generation IPS, VPN solutions and security automation.
LEARNING OUTCOMES
- Compare network security solutions that provide intrusion prevention and firewall capabilities
- Describe deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities
- Describe the components, capabilities, and benefits of NetFlow and Flexible NetFlow records
- Configure and verify network infrastructure security methods (router, switch, wireless)
- Implement segmentation, access control policies, AVC, URL filtering, and malware protection
- Implement management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multi-device manager, in-band vs. out-of-band, CDP, DNS, SCP, SFTP, and DHCP security and risks)
- Configure AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)
- Configure secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)
- Configure and verify site-to-site VPN and remote access VPN
Course Features
- Lectures 0
- Quizzes 0
- Duration 1 hour
- Skill level All levels
- Language English
- Students 0
- Assessments Yes
