|
Module 1: Network Connectivity Requirements
Lesson 1: Describing Network Requirements
- IIN and Cisco SONA Framework
- Cisco Network Models
- Remote Connection Requirements in a Converged Network
Module 2: Teleworker Connectivity
Lesson 1: Describing Topologies for Facilitating Remote Connections
- Remote Connection Topologies
- The Challenge of Connecting the Teleworker
Lesson 2: Describing Cable Technology
- Cable Technology Terms
- Cable System Components
- Cable Features
- Digital Signals over RF Channels
- Data over Cable
- Cable Technology: Putting It All Together
- Provisioning a Cable Modem
Lesson 3: Describing DSL Technology
- DSL Features
- DSL Types
- DSL Limitations
- ADSL
- ADSL and POTS Coexistence
- ADSL Channels and Encoding
- Data over ADSL: PPPoE
- Data over ADSL: PPPoA
Lesson 4: Configuring the CPE as the PPPoE or PPPoA Client
- Configuration of a Cisco Router as the PPPoE Client
- Configuration of a PPPoE Client
- Configuration of the PPPoE DSL Dialer Interface
- Configuration of PAT
- Configuration of DHCP to Scale DSL
- Configuration of a Static Default Route
- Verifying a PPPoE Configuration
- Configuration of a PPPoA DSL Connection
- Configuration of the DSL ATM Interface
Lesson 5: Verifying Broadband ADSL Configurations
- Layer Troubleshooting
- Layer 1 Issues
- Administratively Down State for an ATM Interface
- Correct DSL Operating Mode?
- Layer 2 Issues
- Data Received from the ISP
- Proper PPP Negotiation
Module 3: Frame Mode MPLS Implementation
Lesson 1: Introducing MPLS Networks
- The MPLS Conceptual Model
- Router Switching Mechanisms
- MPLS Architecture
- MPLS Labels
- Label Switch Routers
- LSR Component Architecture
Lesson 2: Assigning MPLS Labels to Packets
- Label Allocation in a Frame Mode MPLS Environment
- Label Distribution and Advertisement
- Populating the LFIB Table
- Packet Propagation Across an MPLS Network
- Penultimate Hop Popping
Lesson 3: Implementing Frame Mode MPLS
- The Procedure to Configure MPLS
- Configuring IP CEF
- Configuring MPLS on a Frame Mode Interface
- Configuring the MTU Size in Label Switching
Lesson 4: Describing MPLS VPN Technology
- Defining MPLS VPN
- MPLS VPN Architecture
- Propagation of Routing Information Across the P-Network
- End-to-End Routing Information Flow
- MPLS VPNs and Packet Forwarding
Module 4: IPsec VPNs
Lesson 1: Understanding IPsec Components and IPsec VPN Features
- IPsec Overview
- Internet Key Exchange
- IKE: Other Functions
- ESP and AH
- Message Authentication and Integrity Check
- Symmetric and Asymmetric Encryption Algorithms
- PKI Environment
Lesson 2: Implementing Site-to-Site IPsec VPN Operations
- Site-to-Site IPsec VPN Operations
- Configuring IPsec
- Site-to-Site IPsec Configuration: Phase 1
- Site-to-Site IPsec Configuration: Phase 2
- Site-to-Site IPsec Configuration: Apply VPN Configuration
- Site-to-Site IPsec Configuration: Interface ACL
Lesson 3: Configuring IPsec Site-to-Site VPN Using SDM
- Introducing the SDM VPN Wizard Interface
- Site-to-Site VPN Components
- Launching the Site-to-Site VPN Wizard
- Connection Settings
- IKE Proposals
- Transform Set
- Defining What Traffic to Protect
- Completing the Configuration
Lesson 4: Configuring GRE Tunnels over IPsec
- Generic Routing Encapsulation
- Introducing Secure GRE Tunnels
- Configuring GRE over IPsec Site-to-Site Tunnel Using SDM
- Backup GRE Tunnel Information
- VPN Authentication Information
- IKE Proposals
- Transform Set
- Routing Information
- Completing the Configuration
Lesson 5: Configuring High-Availability Options
- High Availability for IOS IPsec VPNs
- IPsec Backup Peer
- Hot Standby Routing Protocol
- IPsec Stateful Failover
- Backing Up a WAN Connection with an IPsec VPN
Lesson 6: Configuring Cisco Easy VPN and Easy VPN Server Using SDM
- Introducing Cisco Easy VPN
- Describe Easy VPN Server and Easy VPN Remote
- Cisco Easy VPN Server Configuration Tasks
- Configuring Easy VPN Server
- IKE Proposals
- Transform Set
- Group Policy Configuration Location
- User Authentication
- Local Group Policies
- Completing the Configuration
Lesson 7: Implementing the Cisco VPN Client
- Cisco VPN Client Configuration Tasks
- Use the Cisco VPN Client to Establish a VPN Connection and Verify the Connection Status
Module 5: Cisco Device Hardening
Lesson 1: Mitigating Network Attacks
- Cisco Self-Defending Network
- Types of Network Attacks
- Reconnaissance Attacks and Mitigation
- Access Attacks and Mitigation
- DoS Attacks and Mitigation
- Worm, Virus, and Trojan Horse Attacks and Mitigation
- Application Layer Attacks and Mitigation
- Management Protocols and Vulnerabilities
- Determining Vulnerabilities and Threats
Lesson 2: Disabling Unused Cisco Router Network Services and Interfaces
- Vulnerable Router Services and Interfaces
- Locking Down Routers with AutoSecure
- AutoSecure Process Overview
- Locking Down Routers with the SDM
Lesson 3: Securing Cisco Router Installations and Administrative Access
- Configuring Router Passwords
- Setting a Login Failure Rate
- Setting Timeouts
- Setting Multiple Privilege Levels
- Configuring Banner Messages
- Configuring Role-Based CLI
- Secure Configuration Files
Lesson 4: Mitigating Threats and Attacks with Access Lists
- Cisco ACLs
- Applying ACLs to Router Interfaces
- Using Traffic Filtering with ACLs
- Filtering Network Traffic to Mitigate Threats
- Mitigating Distributed DoS with ACLs
- Combining Access Functions
- Caveats
Lesson 5: Securing Management and Reporting Features
- Secure Management and Reporting Planning Considerations
- Secure Management and Reporting Architecture
- Configuring an SSH Server for Secure Management and Reporting
- Using Syslog Logging for Network Security
- Configuring Syslog Logging
- SNMP Version 3
- Configuring an SNMP Managed Node
- Configuring NTP Client
- Configuring NTP Server
Lesson 6: Configuring AAA on Cisco Routers
- Introduction to AAA
- Router Access Modes
- AAA Protocols: RADIUS and TACACS+
- Configure AAA Login Authentication on Cisco Routers Using CLI
- Configure AAA Login Authentication on Cisco Routers Using SDM
- Troubleshoot AAA Login Authentication on Cisco Routers
- AAA Authorization Commands
- AAA Accounting Commands
Module 6: Cisco IOS Threat Defense Features
Lesson 1: Introducing the Cisco IOS Firewall
- Layered Defense Strategy
- Firewall Technologies
- Stateful Firewall Operation
- Introducing the Cisco IOS Firewall Feature Set
- Cisco IOS Firewall Functions
- Cisco IOS Firewall Process
Lesson 2: Implementing Cisco IOS Firewalls
- Configuring Cisco IOS Firewall from the CLI
- Basic and Advanced Firewall Wizards
- Configuring a Basic Firewall
- Configuring Interfaces on an Advanced Firewall
- Configuring a DMZ on an Advanced Firewall
- Advanced Firewall Security Configuration
- Complete the Configuration
- Viewing Firewall Activity
Lesson 3: Introducing Cisco IOS IPS
- Introducing Cisco IOS IDS and IPS
- Types of IDS and IPS Systems
- IDS and IPS Signatures
- Cisco IOS IPS Alarms
Lesson 4: Configuring Cisco IOS IPS
- Configuring Cisco IOS IPS
- Cisco IOS IPS SDM Tasks
- Selecting Interfaces and Configuring SDF Locations
- Viewing the IPS Policy Summary and Delivering the Configuration to the Router
- Configuring IPS Policies and Global Settings
- Viewing SDEE Messages
- Tuning Signatures
|
