| |
642-552 SND: Securing Cisco Network Devices Package Includes
- 6 CD-ROMs featuring live instructor-led classroom sessions with full audio, video and demonstration components
- Printable Courseware
- Proven technique - Exam Secrets Review
- Testing Modules to insure that you fully understand the subject matter
Course Introduction
Schedule our instructor led classroom training at your convenience and never miss another lecture or fall behind. You are in complete control. We invited the Best Trainers in the industry to help us develop the ultimate training & certification program which includes everything you will need to fully prepare for and succeed in securing network devices..
The Securing Cisco Network Devices 642-552 SND is the exam associated with the Cisco Certified Security Professional, Cisco Firewall Specialist, Cisco IPS Specialist, and Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the Securing Cisco Network Devices v2.0 (SND) course. This exam tests a candidate's knowledge of securing Cisco routers and switches and their associated networks. Topics covered include; Security threats facing modern network infrastructures, Securing Cisco routers, Implementing basic AAA, Using ACLs to mitigate router and network threats, Implementing secure management and reporting, Mitigating common Layer 2 attacks, and Implementing Cisco IOS Firewall features, Cisco IOS IPS features, and IPsec VPN features using Cisco Security Device Manager
 |
PRESENTER - Kenneth Mayer
Kenneth Mayer, CCSI, MCT, CCNT, CCNP, CCDA. Ken started his career in computer technology in 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies across the United States and Western Europe. He has achieved the Certified Cisco Systems Instructor certification. The CCSI certification involved a two-day lab and observation event held on Cisco in Paris, France Facility. This gave Ken the accreditation to be able to deliver Cisco Authorized Courses as a CCSI. He has taught the full line of Cisco CCNA, CCDA, CCNP, CCDP and CCIP course curriculums, including Cisco's security appliances such as PIX and IDS. Ken is also a Microsoft Certified Trainer and a Certified Ethical Hacker (EC Council) certified trainer and consultant. |
642-552 SND: Securing Cisco Network Devices Contents
|
| |
Chapter 1 - Introduction to Network Security Policies
Building Cisco Self-Defending Networks
Threat Evolution
Port 80 Applications Blur the Network Perimeter
The SQL Slammer Worm: 30 Minutes After “Release”
Network Effects of the SQL Slammer Worm
Cisco Self-Defending Network Strategy
Evolving a Cisco Self-Defending Network
ATD Products, Services, and Architecture Example
Cisco Integrated Security Portfolio
Cisco Self-Defending Network
Understanding the Requirement for a Secure Network Policy
Closed Networks
Open Networks
Threat Capabilities - More Dangerous and Easier to Use
Size of the Problem
Network Security Challenge
E-Business Challenge
Converging Dynamics
Information Assurance - CIA
Information Assurance - Typical Network Architecture
Hackers, Motivations, and Classes of Attack
Integrity
The Human Aspect
Technology
Operations
Defense in Depth
Layered Approach
Network Security Design Factors
Secure the Network
Monitor Security
Test Security
Improve Security
Network Security Infrastructure
Introducing Network Attack Mitigation Techniques
Installation Risk Assessment
Common Threats to Physical Installations
Hardware Threat Mitigation
Environmental Threat Mitigation
Electrical Threat Mitigation
Maintenance - Related Threat Mitigation
Reconnaissance Attacks
Packet Sniffers
Packet Sniffer Attack Mitigation
Port Scans and Ping Sweeps
Port Scan and Ping Sweep Attack Mitigation
Internet Information Queries
Access Attacks
Password Attacks
Demo - Password Attacks
Password Attack Example
Password Attack Mitigation
Trust Exploitation
Trust Exploitation Attack Mitigation
Port Redirection
Buffer Overflow Attack Mitigation
Demo - Buffer Overflow
IP Spoofing
IP Spoofing - Technical Discussion
IP Spoofing - Types of Attack
Man-in-the-Middle Attacks
Demo - Man In The Middle
IP Spoofing Attack Mitigation
DoS Attacks
TCP SYN Flooding DoS Attack
DDoS Attacks
DDoS Example
DoS and DDoS Attack Mitigation
Worm, Virus, and Trojan Horse Attacks
Anatomy of a Worm Attack
Mitigating Worm Attacks
Containing Virus and Trojan Horse Attacks
Application Layer Attacks
Application Layer Attack Mitigation
Configuration Management
Configuration Management Recommendations
Management Protocols
Management Protocol Best Practices
Determining Network Vulnerabilities
Thinking Like a Hacker
Step 1: Footprinting and Fingerprinting
Defeat Footprinting
Step 2: Enumeration
Step 3: Social Engineering
Step 4: Privilege Information
Step 5: Gather Additional Passwords and Secrets
Step 6: Maintaining Access
Step 7: Leverage the Compromised System
Best Practices to Defeat Hackers
Designing a Secure Network Life - Cycle Model
Secure Network Design Factors
Typical Business Goals
Secure Network Life Cycle
PDIOO Applied to the Secure Network Life Cycle
Secure Network Planning Phase
Secure Network Design Phase
Secure Network Implement Phase
Secure Network Operation Phase
Secure Network Optimize Phase
Disposal of Secure Network Components
Principles of Secure Network Design
Selected Principles for IT Security
Developing a Comprehensive Security Policy
What are the Assets?
Why Do You Need a Security Policy?
What Does a Security Policy Do?
Who Uses the Security Policy?
Comprehensive Security Policy
Governing Policy Comes from the Top
Technical and User Policies
Types of Technical Policies
Security Policy Development
Developing a Security Policy Plan Phase
Developing a Security Policy Design Phase
Assigning Risk to Network Components
Identify Types of Users
Security Analysis Matrix
Developing a Security Policy - Implement Phase
Developing a Security Policy - Operate Phase
Operate Phase Security Monitoring
Operate Phase Incident Response
Developing a Security Policy Optimize Phase
Managing Security Changes
What Makes a Good Security Policy?
Chapter 2 - Securing the Perimeter
Applying a Security Policy for Cisco Routers
Role of Routers in Networks
Threats to and Attacks on Routers
Router Security Principles
How Routers Enforce Perimeter Security Policy
Filtering Packets with a Router
Local and Remote Administrative Access
Keeping Up-to-date
Logging
Conceptual Basis for a Router Security Policy
Creating a Security Policy for a Router
Applying Cisco IOS Security Features
Introducing Cisco SDM
Cisco SDM Overview
Starting Cisco SDM
Files Required to Run Cisco SDM from a Router
Launching Cisco SDM Express
Launching Cisco SDM
Navigating the Cisco SDM Interface
Cisco SDM Wizards in Configuration Mode
Configuration Mode Advanced Configuration
Monitor Mode
Configuring AAA Functions on the Cisco IOS Router
AAA Model - Network Security Architecture
Implementing Cisco AAA
Implementing Authentication Using Local Services
Implementing Authentication Using External Servers
TACACS+ and RADIUS AAA Protocols
Authentication Methods and Ease of Use
Authentication - Remote PC Username and Password
Authentication - Token Cards and Servers
AAA Example - Authentication via PPP Link
Authenticating Router Access
Router Local Authentication Configuration Process
Enable AAA Globally Using the aaa new - model Command
aaa authentication Commands
aaa authentication login Command
aaa authentication ppp Command
aaa authentication enable default Command
Authentication for Lines and Commands
aaa authorization Command
aaa accounting Command
Troubleshooting AAA Using debug Commands
Troubleshooting AAA Using the debug aaa Command
Troubleshooting AAA Using tdebug aaa accounting
Configuring AAA with Cisco SDM
Demo - Authentication
Disabling Unused Cisco Router Network Services and Interfaces
Vulnerable Router Services and Interfaces
What You Need to Do
Management Service Vulnerabilities
Locking Down a Router with Cisco AutoSecure
Locking Down a Router with Cisco SDM
Limitations and Cautions
Demo - Auto Secure
Implementing Secure Management and Reporting
Considerations for Secure Management and Reporting
Architecure of Secure Management and Reporting
In-Band Management Considerations
Secure Management and Reporting
Implementing Log Messaging for Security
Syslog Systems
Cisco Log Severity Levels
Log Message Format
Using Logs to Monitor Network Security
SNMPv1 and SNMPv2 Architecture
Community Strings
SNMP Security Models and Levels
SNMPv3 Architecture
SNMPv3 Operational Model
Configuring an SSH Server for Security
Enabling Syslog Logging With Cisco SDM
Enabling SNMP with Cisco SDM
Enabling NTP with Cisco SDM
Enabling SSH with Cisco SDM
Demo - SSH
Defending the Network Perimeter with Cisco Products
Cisco IOS Router Security
Cisco Secure ACS
Cisco Secure ACS Product Summary
Chapter 3 - Securing LAN and WLAN Devices
Applying Security Policies to Network Switches
Why Worry About Layer 2 Security?
Domino Effect
Switches Are Targets
Securing Network Access at Layer 2
Protecting Administrative Access
Password Encryption
Password Guidelines
Protecting the Management Port
Turning Off Unused Network Services
Shutting Down Interfaces
Mitigating Layer 2 Attacks
VLAN Hopping by Switch Spoofing
VLAN Hopping by Double Tagging
Mitigating VLAN Hopping Network Attacks
STP Attack
bpdu-guard and guard root Commands
Spoofing the DHCP Server
DHCP Snooping
ARP Spoofing: Man-in-the-Middle Attacks
Mitigating Man-in-the-Middle Attacks with DAI
DAI in Action
MAC Learning
CAM Learns MAC B Is on Port 2
CAM Table Is Updated Flooding Stops
Intruder Launches macof Utility
The CAM Table Overflows
MAC Address Spoofing Attack
Using Port Security to Mitigate Attacks
Port Security Fundamentals
Port Security Configuration
Port Security Defaults
Configuring Port Security on a Cisco Catalyst Switch
Port Security Configuration Script
Verify the Configuration
Layer 2 Best Practices
Demo - Switch Port Security |
Continued
Using Cisco Catalyst Switch Security Features
Switching Infrastructure and Security
Identity - Based Networking Services
VLAN ACL
Private VLAN
Notification of Intrusions
Rate Limiting
Switched Port Analyzer
Management Encryption
Securing Wireless LANs
Wireless LANs Extend Wired LANs
Comparing WLANs with LANs
WLAN Characteristics
Typical WLAN Components and Topologies
Cisco Unified Wireless Network
Threats to WLANs
Evolution of WLAN Security
Open Access Phase - SSID
Initial Phase -WEP
802.11 Open Authentication
802.11 Shared Key Authentication
Basic 802.11 Security Issues
Exploits of 802.11 Security Vulnerabilities
Enhanced 802.11 Security
Interim Phase -WPA
Present Phase - WPA2
802.1x for WLANs
802.1x EAP Deployment Comparison
802.1x Advantages for WLANs
“Present” Phase - WLAN IDS
Demo - Private VLANs
Chapter 4 - Configuring a Cisco IOS Firewall
Introducing Firewall Technologies
What Is a Firewall?
Evolution of Firewall Technologies
Static Packet Filtering Firewalls
Static Packet Filtering Example
Pros and Cons of Packet Filters
Circuit Level Firewall
Application Layer Firewall
Application Layer Proxy Firewall
Application Level Proxy Firewall
Proxy Server Communication Process
Limitations and Uses of Application Layer Firewalls
Stateful or Dynamic Packet Filtering
Stateful Filtering
Limitations and Uses of Stateful Firewalls
Cut-Through Proxy Firewall Communication Process
Implementing NAT on a Firewall
Network Address Translation
Port Address Translation
Configuring NAT with Cisco SDM
Limitations and Uses of NAT
Application Inspection Firewall
Application Inspection Firewall Operation
Application Inspection Firewalls
Content Filtering Using Websense
Firewalls in a Layered Defense Strategy
Building Static Packet Filters with Cisco ACLs
Access Control Lists
Standard and Extended ACLs
Identifying ACLs
Enable Turbo ACLs
Guidelines for Developing ACLs
Applying ACLs to Inbound and Outbound Interfaces
Applying ACLs to Interfaces
Traffic Filtering with ACLs
Reference Network Topology
vty Filtering
SNMP Service Filtering
RIPv2 Route Filtering
IP Address Spoof Mitigation Inbound
IP Address Spoof Mitigation Outbound
DoS TCP SYN Attack Mitigation Blocking External Access
DoS Smurf Attack Mitigation
Filtering ICMP Messages Inbound
Filtering ICMP Messages Outbound
Filtering UDP Traceroute Messages
Basics of DDoS Attacks
DDoS Attack Mitigation Trin00
DDoS Attack Mitigation Stacheldraht
DDoS Attack Mitigation Trinity v3
DDoS Attack Mitigation SubSeven
Combining Access Functions
ACL Caveats
Configuring a Cisco IOS Firewall with the Cisco SDM Wizard
Choosing the Type of Firewall You Need
SDM Firewall Wizard Help Screens
Step-by-Step Help Screens
Basic Firewall
Creating an Advanced Firewall
Configuring Firewall Inspection Rules
Application Security Configuration
Advanced Firewall Configuration Summary
Delivering the Commands to the Router
Editing a Firewall Policy
Editing the Application Security Policy
Editing Firewall Global Settings
Defending Your Network with the Cisco Firewall Product Family
Cisco Firewall Product Family
Cisco IOS Firewall Features
When to Use a Cisco IOS Firewall
Cisco PIX 500 Series Security Appliances
Cisco PIX 500 Series Security Appliances Features
Cisco Catalyst 6500 Series Firewall Services Module
Cisco ASA 5500 Series Adaptive Security Appliances
Adaptive Solution with Converged Security Services
Migrating from Cisco PIX to Cisco Security Appliance
Best Practices for Firewall Policy Development
Demo - Access List
Chapter 5 - Securing Networks with Cisco IOS IPS
Introducing IDS and IPS
Defining IDS and IPS
IDS and IPS Common Characteristics
IDS and IPS Operational Differences
Comparing IDS and IPS Solutions
Placement of IDS and IPS Sensors
Types of IDS and IPS Sensors
Cisco IOS IPS Attack Responses
Event Monitoring and Management
Security - MARS IPS Monitoring System
HIPS Features
HIPS Operation Details
Cisco HIPS Deployment
NIPS Features
Cisco NIPS Deployment
Comparing HIPS and Network IPS
HIPS and Network IPS Monitoring
IPS Signature Operational Characteristics
Attack Methods, IPS Signature Types, and Capabilities
Signature Definition Files
Memory Requirements of Pre-Built SDFs
Distributed Threat Mitigation with Intrusion Prevention System
Benefits of DTM with Cisco IOS IPS Software
Signature Micro-Engines
Supported Signature Micro-Engines
Signature Micro-Engine and SDF Build Failures
Cisco Signature Alarm Types
Support for SDEE and Syslog
Viewing SDEE Alarm Messages
Implementing Alarms in Signatures
Configuring Cisco IOS IPS
Cisco IOS IPS Intrusion Detection Technology
Primary Benefits of the Cisco IOS IPS Solution
Cisco IOS IPS Signature Features
Using Cisco SDM to Configure Cisco IOS IPS
Using Cisco SDM GUI to Create IPS Rules
Using Cisco SDM GUI to Edit Existing IPS Rules
Launching the IPS Rule Wizard
Confirming IOS IPS on Interfaces
Configuring Signatures Using Cisco SDM
Importing Signature Definition Files
Configuring Global Settings
Saving the Cisco IOS IPS Configuration
Defending Your Network with the Cisco IPS Product Family
Cisco IPS Platforms
Throughput on Cisco IOS Routers
Performance and Limitations of Platforms
Performance and Limitations of Cisco ASA 5500 Series
Relative Positioning of Cisco IPS Sensors
Cisco IPS Management Software
CSA Architecture
Application, Kernel, and Interceptors
CSA Interceptors
CSA Features
Cisco IPS Selection Considerations
IPS Configuration Best Practices
Accommodating Network Growth
Scaling HIPS Systems
Chapter 6 - Building IPsec VPNs
Introducing IPsec VPNs
Introducing Ipsec
Internet Key Exchange
IKE Communication Negotiation Phases
IKE: Other Functions
ESP and AH Header
Transport and Tunnel Mode
Message Authentication and Integrity Check Using Hash
MD5 and SHA-1
Symmetric vs. Asymmetric Encryption Algorithms
Symmetrical Key Encryption Algorithms
DH and RSA Asymmetric Encryption Algorithms
PKI Certificates
PKI Message Exchange
PKI Credentials
Building a Site-to-Site IPsec VPN Operation
Site-to-Site IPsec VPN
Site-to-Site IPsec Configuration
Site-to-Site IPsec Configuration - Phase 1
Site-to-Site IPsec Configuration - Phase 2
Site-to-Site IPsec - Apply VPN Configuration
Site-to-Site IPsec - Interface Access List
Configuring IPsec Site-to-Site VPN Using Cisco SDM
Introducing the Cisco SDM VPN Wizard Interface
Site-to-Site VPN Components
Launching the Site-to-Site VPN Wizard
Quick Setup
Step-by-Step Setup
Connection Settings
IKE Proposals
Transform Set
Option 1: Single Source and Destination Subnet
Option 2: Using an ACL
Review the Generated Configuration
Test Tunnel Configuration and Operation
Monitor Tunnel Operation
Advanced Monitoring
Troubleshooting
Building Remote Access VPNs
Cisco Easy VPN Components
Remote Access Using Cisco Easy VPN
Cisco Easy VPN Remote Connection Process
Cisco Easy VPN Tasks for the Cisco Easy VPN Server Wizard
Starting the Cisco Easy VPN Server Wizard
Choosing an Interface for Terminating IPsec
Configuring IKE Policies
Configuring IPsec Transform Sets
Configuring a Group Policy Local Router Configuration
Configuring a Group Policy External Location via RADIUS
Configuring a Local User Database: User Authentication
Configuring Local Group Policies
Configuring Local Group Policy Parameters
Confirming Configuration Settings
Testing the Cisco Easy VPN Server Configuration
Managing Cisco Easy VPN Server Connections
Editing, Cloning, or Deleting Group Policies
Creating or Editing a Local Pool for IP Addresses
Cisco VPN Client Software
Configuring Cisco Easy VPN Remote
Managing Cisco Easy VPN Remote Connections |
