龙八国际娱乐pt老虎机
免费服务热线:13720262153
微信在线咨询:13720262153
龙八国际娱乐pt老虎机:027-87538126
扫一扫
关注我们
CCIE-Security
时间:2017-09-12 15:32    浏览次数:     发布者:润天教育    来源:金信润天    
0
培训课时:120课时
考试编号:
  • 400-251
  • LAB EXAM V5.0
适合人群:
  •  参加过CCNP-RS的学习或则拥CCNP-RS相关基础的从业人员
  •  希望在网络安全领域发展的相关人员
  •  对黑客技术、信息安全技术感兴趣的人员


 
课程内容
 
System Hardening and Availability
1、Routing plane security features (e.g. protocol authentication, route filtering)
2、Control Plane Policing
3、Control Plane Protection and Management Plane Protection
4、Broadcast control and switchport security
5、Additional CPU protection mechanisms (e.g. options drop, logging interval)
6、Disable unnecessary services
7、Control device access (e.g. Telnet, HTTP, SSH, Privilege levels)
8、Device services (e.g. SNMP, Syslog, NTP)
9、Transit Traffic Control and Congestion Management

 
Threat Identification and Mitigation
1、 Identify and protect against fragmentation attacks
2、 Identify and protect against malicious IP option usage
3、 Identify and protect against network reconnaissance attacks
4、 Identify and protect against IP spoofing attacks
5、 Identify and protect against MAC spoofing attacks
6、 Identify and protect against ARP spoofing attacks
7、 Identify and protect against Denial of Service (DoS) attacks
8、 Identify and protect against Distributed Denial of Service (DDoS) attacks
9、 Identify and protect against Man-in-the-Middle (MiM) attacks
10、Identify and protect against port redirection attacks
11、Identify and protect against DHCP attacks
12、Identify and protect against DNS attacks
13、Identify and protect against MAC Flooding attacks
14、Identify and protect against VLAN hopping attacks
15、Identify and protect against various Layer2 and Layer3 attacks
16、NBAR
17、NetFlow
18、Capture and utilize packet captures
 
 
Intrusion Prevention and Content Security
1、IPS 4200 Series Sensor Appliance
2 (a) Initialize the Sensor Appliance
(b) Sensor Appliance management
(c)Virtual Sensors on the Sensor Appliance
(d)Implementing security policies
(e) Promiscuous and inline monitoring on the Sensor Appliance
(f)Tune signatures on the Sensor Appliance
(g) Custom signatures on the Sensor Appliance
(h) Actions on the Sensor Appliance
(i)Signature engines on the Sensor Appliance
(j) Use IDM/IME tothe Sensor Appliance
(k) Event action overrides/filters on the Sensor Appliance
(l) Event monitoring on the Sensor Appliance
2、VACL/SPAN & RSPAN on Cisco switches
3、WSA
(a) Implementing WCCP
(b) Active Dir Integration
(c) Custom Categories
(d) HTTPS Config
(e) Services Configuration (Web Reputation)
(f) Configuring Proxy By-pass Lists
(g) Web proxy modes
(h) App visibility and control

 
Identity Management
1、Identity Based Authentication/Authorization/Accounting
(a) Cisco Router/Appliance AAA
(b) RADIUS
(c) TACACS+
2、Device Admin (Cisco IOS Routers, ASA, ACS5.x)
 
Network Access (TrustSec Model)
(a) Authorization Results for Network Access(ISE)
(b) 802.1X (ISE)
(c) VSAs (ASA / Cisco IOS / ISE)
(d) Proxy-Authentication (ISE/ASA/Cisco IOS)
3、Cisco Identity Services Engine (ISE)
(a) Profiling Configuration (Probes)
(b) Guest Services
(c) Posture Assessment
(d) Client Provisioning (CPP)
(e) Configuring AD Integration/Identity Sources
 
Perimeter Security and Services
1、Cisco ASA Firewall
(a) Basic firewall Initialization
(b) Device management
(c) Address translation (nat, global, static)
(d) Access Control Lists
(e) IP routing/Route Tracking
(f) Object groups
(g) VLANs
(h) Configuring Etherchannel
(i) High Availability and Redundancy
(j) Layer 2 Transparent Firewall
(k) Security contexts (virtual firewall)
(l) Modular Policy Framework
(m) Identity Firewall Services
(n) Configuring ASA with ASDM
(o) Context-aware services
(p) IPS capabilities
(q) QoS capabilities
2、Cisco IOS Zone Based Firewall
(a) Network, Secure Group and User Based Policy
(b) Performance Tuning
(c) Network, Protocol and Application Inspection
3、Perimeter Security Services
(a) Cisco IOS QoS and Packet marking techniques
(b) Traffic Filtering using Access-Lists
(c)Cisco IOS NAT
(d) uRPF
(e) PAM - Port to Application Mapping
(f) Policy Routing and Route Maps
 
Confidentiality and Secure Access
1、IKE (V1/V2)
2、IPsec LAN-to-LAN (Cisco IOS/ASA)
3、Dynamic Multipoint VPN (DMVPN)
4、FlexVPN
5、Group Encrypted Transport (GET) VPN
6、Remote Access VPN
(a) Easy VPN Server (Cisco IOS/ASA)
(b) VPN Client 5.X
(c)Clientless WebVPN
(d)AnyConnect VPN
(e) EasyVPN Remote
(f) SSL VPN Gateway
7、VPN High Availability
8、QoS for VPN
9、VRF-aware VPN
10、MacSec
11、Digital Certificates (Enrollment and Policy Matching)
12、Wireless Access
(a) EAP methods
(b) WPA/WPA-2
(c)WIPS
 
上一篇:没有了
下一篇:没有了
相关推荐
武汉分公司地址:湖北省武汉市洪山区虎泉街凯乐桂园A座9层(虎泉地铁站A出口右手边)
咨询报名电话:13720262153(微信同号)   龙八国际娱乐pt老虎机:027-87538126   
教学就业监督电话:027-87538125    网站地图   备案号:粤ICP备17109740号-1
姓名
手机
电话咨询 在线咨询 QQ客服