Students in this course develop more advanced skills in identifying network security vulnerabilities, including wireless vulnerabilities; conducting risk assessments; preventing, detecting and responding to intrusions; and providing for business continuity and disaster recovery.
Topics include firewall architecture, authentication, intrusion-prevention strategies, web security, cryptography and security gates. This course is based on Cisco Networking Academy content.
- Analyze various internal or external attacks on the network. Describe the attack scenarios and how to deal with each type of attack. Demonstrate the ability to better secure the router against such attacks, as well as secured access to the router
- Create a plan for secure access to the network routers that includes: (1) localized and centralized Encrypted Authentication (2) encrypted communication between the network router and the administrator, and (3) different levels of access-based IT personnel roles
- The student will learn the importance of network traffic control and the implementation of traffic control devices within the network. This includes implementation of firewalls at the network parameter to control traffic from a foreign network, and strategically placed IPS systems throughout the network for added traffic control. The student will demonstrate proficiency with both firewalls and IPS by way of lab assignments
- The student will implement a security plan that addresses the security vulnerabilities of Layer 2 switches. The plan should include mitigation of MAC Spoofing, MAC Flooding, STP, and VLAN Hopping attacks
- The student will describe how confidentiality, integrity, and authentication (CIA) is enabled through the various security concepts such as pre-shared key versus public-key encryption, and hashing methods for integrity and authentication protocols. The student will describe the different components that make up a Public Key Infrastructure (PKI) and the systems that use PKI
- Create a detailed plan for the creation of a Virtual Private Network to maintain data confidentiality and integrity for protected packets between sites, and from remote clients
- Demonstrate your understanding of the Cisco ASA by planning and implementing the firewall to provide firewalling, VPN, and NAT support. Configuration should be implemented using CLI commands, interactive wizards, and GUI administrative tools
- The student will understand the principles of a secure network design, using the industry best practices, as well as the more finely developed Cisco Secure X Architecture. In doing so, the soft practices, such as Risk Management, Disaster Recovery, and Business Continuity Planning are intertwined with the hard practices covered in most of the course
- After completing the study of the entire textbook, the student will be ready to prepare for the CCNA - Security certification exam