ccie training mumbai, india, ccnp, ccna training, cisco training, ccie boot camps

 
Help Center | Contact Number: 0091-22-26206907 / 26206908.
  
     
   
     
Home
About ExcelNet
Our Courses
Cisco Courses
Microsoft Courses
Security Courses
Red Hat Linux
Our Infrastructure
Why ExcelNet
Top Achievers
Corporate Clients
Enquire Now
Packaged Deals
Contact Us
 
  CCIE, CCNA, CCNP And Other Cisco Certifications
Cisco Course in Mumbai  

 

CCSP: Cisco Certified Security Professional

642-523: Securing Networks with PIX & ASA (SNPA)

642-503: Securing Networks with Cisco Routers and Switches (SNRS)

642-552: Securing Cisco Networks Devices (SND)

642-533: Implementing Cisco Intrusion Prevention System (IPS)

642-513: Securing Hosts Using Cisco Security Agents (HIPS)

Duration: 175 Hours (i.e. 35 Hours per Paper)

Faculty: CCSP certified, also available after course completion on request with prior appointments.

Courseware: From CISCO press.

Equipment: Dedicated fully loaded CISCO Rack. 

Practice Time: Unlimited & Even at night (subject to availability of the Labs.) 

642-523 SNPA Securing Networks with PIX and ASA Exam:

Exam Number:

642-523

Associated Certifications:

CCSP, Cisco Firewall Specialist

Duration of the Exam:

90 minutes (60-70 questions)

Available Languages:

English
Exam Description

The Securing Networks with PIX and ASA exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco Firewall Specialist certifications. Candidates can prepare for this exam by taking the SNPA v4.0 course. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco PIX and ASA security appliance products.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Install and configure a security appliance for basic network connectivity

  • Describe the Security Appliance hardware and software architecture
  • Determine the Security Appliance hardware and software configuration and verify if it is correct
  • Use setup or the CLI to configure basic network settings, including interface configurations
  • Use appropriate show commands to verify initial configurations
  • Configure NAT and global addressing to meet user requirements
  • Configure DHCP client option
  • Set default route
  • Configure logging options
  • Describe the firewall technology
  • Explain the information contained in syslog files
  • Configure static address translations
  • Configure Network Address Translations: PAT
  • Configure static port redirection
  • Configure a net static
  • Set embryonic and connection limits on the security appliance
  • Verify network address translation operation

Configure a security appliance to restrict inbound traffic from untrusted sources

  • Configure access-lists to filter traffic based on address, time, and protocols
  • Configure object-groups to optimize access-list processing
  • Configure Network Address Translations: Nat0
  • Configure Network Address Translations: Policy NAT
  • Configure java/activeX filtering
  • Configure URL filtering
  • Verify inbound traffic restrictions

Configure a security appliance to provide secure connectivity using site-to-site VPNs

  • Explain certificates, certificate authorities and how they are used
  • Explain the basic functionality of IPSec
  • Configure IKE with preshared keys
  • Configure IKE to use certificates
  • Differentiate between the types of encryption
  • Configure IPSec parameters
  • Configure crypto-maps and ACLs

Configure a security appliance to provide secure connectivity using remote access VPNs

  • Explain the functions of EasyVPN
  • Configure IPSec using EasyVPN Server/Client
  • Configure the Cisco Secure VPN client
  • Explain the purpose of WebVPN
  • Configure WebVPN services: Server/Client
  • Verify VPN operations

Configure transparent firewall, virtual firewall, and high availability firewall features on a security appliance

  • Explain differences between L2 and L3 operating modes
  • Configure security appliance for transparent mode (L2)
  • Explain purpose of virtual firewalls
  • Configure security appliance to support virtual firewall
  • Monitor and maintain virtual firewall
  • Explain the types, purpose and operation of fail-over
  • Install appropriate topology to support cable-based or LAN-based fail-over
  • Explain the hardware, software and licensing requirements for high-availability
  • Configure the SA for active/standby fail-over
  • Configure the SA for stateful fail-over
  • Configure the SA for active-active fail-over
  • Verify fail-over operation
  • Recover from a fail-over

Configure AAA services for access through a security appliance

  • Configure ACS for security appliance support
  • Configure security appliance to use AAA feature
  • Configure authentication using both local and external databases
  • Configure authorization using an external database
  • Configure the ACS server for downloadable ACLs
  • Configure accounting of connection start/stop
  • Verify AAA operation

Configure routing and switching on a security appliance

  • Enable DHCP server and relay functionality
  • Configure VLANs on a security appliance interface
  • Configure routing functionality of security appliance including OSPF, RIP
  • Configure security appliance to pass multi-cast traffic
  • Configure ICMP on the security appliance

Configure a modular policy on a security appliance

  • Configure a class-map
  • Configure a policy-map
  • Configure a service-policy
  • Configure a ftp-map
  • Configure a http-map
  • Configure an inspection protocol
  • Explain the function of protocol inspection
  • Explain DNS guard feature
  • Describe the AIP-SSM HW and SW
  • Load IPS SW on the AIP-SSM
  • Verify AIP-SSM
  • Configure an IPS modular policy

Monitor and manage an installed security appliance

  • Obtain and apply OS updates
  • Backup and restore configurations and software
  • Explain the security appliance file management system
  • Perform password/lockout recovery procedures
  • Obtain and upgrade license keys
  • Configure passwords for various access methods: Telnet, serial, enable, SSH
  • Configure various access methods: Telnet, SSH, PDM
  • Configure command authorization and privilege levels
  • Configure local username database
  • Verify access control methods
  • Enable ASDM functionality
  • Verify a security appliance configuration via ASDM
  • Verify the licensing available on a security appliance

642-503 SNRS Securing Networks with Cisco Routers and Switches Exam:

Exam Number:

642-503

Associated Certifications:

CCSP

Duration of the Exam:

75 minutes (53 questions)

Available Languages:

English
Exam Description

The Securing Networks With Cisco Routers and Switches exam (SNRS 642-503) is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNRS v2.0 course. This exam includes simulations and tests a candidate's knowledge and ability to secure networks using Cisco routers and switches.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Implement Cisco Layer 2 security

  • Utilize Cisco IOS commands to mitigate Layer 2 attacks
  • Implement Cisco Identity-Based Networking Services on Cisco Catalyst Switches
  • Implement Identity Management using ACS as the Authentication Server

Configure Cisco IOS Firewalls to mitigate network threats using the CLI

  • Identify and describe the advanced capabilities of the IOS firewall feature set
  • Configure IOS Firewall to dynamically mitigate identified threats to the network
  • Verify and troubleshoot IOS Firewall configuration and operation.
  • Configure authentication proxy to apply security policies on a per-user basis
  • Verify and troubleshoot authentication proxy configuration and operation
  • Configure IOS zone-based Firewalls
  • Troubleshoot Zone-based Firewalls
  • Configure APPFW application Firewalls
  • Configure Granular Protocol Inspection

Configure Cisco IOS IPS to identify and mitigate threats to network resources using the CLI

  • Identify and describe the advanced capabilities of the IOS-IPS feature
  • Configure the IPS features to identify threats and dynamically block them from entering the network
  • Verify and troubleshoot IPS operation

Configure Cisco VPNs to provide secure connectivity for site-to-site and remote access communications using the CLI

  • Describe IPSec features and functionality
  • Configure secure connectivity for site-to-site IPSec VPN using pre-shared keys
  • Describe GRE features and functionality
  • Configure secure connectivity for site-to-site VPN using certificate authorities
  • Describe DMVPN features and functionality
  • Configure secure connectivity for site-to-site VPN using DMVPN
  • Verify and troubleshoot secure site-to-site connectivity operations
  • Implement Clientless IOS SSL VPN
  • Verify Clientless IOS SSL VPNs
  • Configure Easy VPN server with pre-shared keys

Configure Authentication, Authorization, and Accounting to provide basic secure access control for networks

  • Configure administrative access to the CSACS server
  • Configure CSACS system settings
  • Configure AAA clients on the CSACS
  • Configure users, groups and access rights
  • Configure shared profile components in CSACS
  • Configure network access profiles in CSACS
  • Configure NADS to enable AAA to use a Radius Server
  • Verify and troubleshoot AAA operation

Implement Network Foundation Protection using the CLI

  • Describe NFP features and functionality
  • Secure the management plane using Cisco IOS security features
  • Secure the data plane using Cisco IOS security features

Secure the control plane using Cisco IOS security features

642-552 SND Securing Cisco Network Devices Exam:

Exam Number:

642-552

Associated Certifications:

CCSP/Cisco Firewall Specialist/Cisco IPS Specialist/Cisco VPN Specialist

Duration of the Exam:

75 minutes
Exam Description

The Securing Cisco Network Devices 642-552 SND is the exam associated with the Cisco Certified Security Professional, Cisco Firewall Specialist, Cisco IPS Specialist, and Cisco VPN Specialist certifications. Candidates can prepare for this exam by taking the Securing Cisco Network Devices v2.0 (SND) course. This exam tests a candidate's knowledge of securing Cisco routers and switches and their associated networks. Topics covered include; Security threats facing modern network infrastructures, Securing Cisco routers, Implementing basic AAA, Using ACLs to mitigate router and network threats, Implementing secure management and reporting, Mitigating common Layer 2 attacks, and Implementing Cisco IOS Firewall features, Cisco IOS IPS features, and IPsec VPN features using Cisco Security Device Manager

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Describe the security threats facing modern network infrastructures

  • Describe and mitigate the common threats to the physical installation
  • Describe and list mitigation methods for common network attacks
  • Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks
  • Describe the main activities in each phase of a secure network lifecycle
  • Explain how to meet the security needs of a typical enterprise with a comprehensive security policy
  • Describe the Cisco Self Defending Network architecture

Secure Cisco routers

  • Secure Cisco routers using the SDM Security Audit feature
  • Use the One-Step Lockdown feature in SDM to secure a Cisco router
  • Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements
  • Secure administrative access to Cisco routers by configuring multiple privilege levels
  • Secure administrative access to Cisco routers by configuring role based CLI
  • Secure the Cisco IOS image and configuration file

Implement basic AAA using Cisco routers

  • Explain the functions and importance of AAA
  • Describe the features of TACACS+ and RADIUS AAA protocols
  • Describe the methods of authentication that are used to provide access through a router (packet mode) and to provide access to the router (character mode)

Mitigate threats to Cisco routers and networks using ACLs

  • Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets
  • Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
  • Configure IP ACLs to prevent IP address spoofing using CLI
  • Discuss the caveats to be considered when building ACLs

Implement secure network management and reporting

  • Describe the factors to be considered when planning for secure management and reporting of network devices
  • Use CLI to configure SSH on Cisco routers to enable secured management access
  • Use CLI to configure Cisco routers to send Syslog messages to a Syslog server
  • Describe SNMPv3 and NTPv3

Mitigate common Layer 2 attacks

  • Describe the common Layer 2 attacks and how to mitigate them (VLAN hopping, STP attacks, ARP spoofing, MAC spoofing, CAM overflow)
  • Describe the function and benefit of the security features in Cisco Catalyst switches (IBNS, PVLAN, SPAN port)
  • Describe common threats to WLANs
  • Describe the security features of the 802.11 protocol

Implement the Cisco IOS firewall feature set using SDM

  • Describe the operational strengths and weaknesses of the different firewall technologies
  • Explain stateful firewall operations and the function of the state table
  • Explain the types of NAT that can be implemented in a firewall
  • Configure and verify basic and advanced firewall on a Cisco router using SDM

Implement the Cisco IOS IPS feature set using SDM

  • Define network based vs. host based intrusion detection and prevention
  • Explain IPS technologies, attack responses, and monitoring options
  • Enable and verify Cisco IOS IPS operations using SDM

Implement IPsec VPN on Cisco routers using SDM

  • Explain IKE protocol functionality and phases
  • Describe the building blocks of IPsec and the security functions it provides
  • Explain hash-based message authentication code (HMAC) operations
  • Explain the different methods of encryption
  • Explain the purpose of the Diffie-Hellman key agreement protocol
  • Describe how IPsec establishes origin authentication
  • Describe the PKI environment at a high level
  • Describe the different types of IPsec VPN implementations
  • Configure and verify an IPsec site-to-site VPN with pre-shared key authentication using SDM
  • Explain Cisco Easy VPN Server and Cisco Easy VPN Remote
  • Configure and verify remote access VPNs using the Cisco Easy VPN Server
  • feature of Cisco SDM
642-533 IPS Securing Networks Using Intrusion Prevention Systems Exam:

Exam Number:

642-533

Associated Certifications:

CCSP, Cisco IPS Specialist

Duration of the Exam:

90 minutes (60-70 questions)
Exam Description

The Securing Networks Using Intrusion Prevention Systems exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco IPS Specialist certifications. Candidates can prepare for this exam by taking the IPS v5.0 course. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco IPS appliance products.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Describe how Cisco IDS/IPS sensors are used to mitigate network security threats

  • Select the best sensor platform to protect a given network
  • Describe the features of the IDSM-2
  • Describe the features of the NM-CIDS
  • List sensor requirements for inline operations
  • List platforms on which the 50 image will run
  • Explain the difference between inline and promiscuous mode sensor operations
  • Select the most effective location for the sensor and other defense-in-depth components
  • Explain how Cisco IDS/IPS protects network devices from attacks (Describe signatures, alerts, and actions)
  • Explain the similarities and differences among the various intrusion detection technologies
  • Explain the evasive techniques used by hackers and how Cisco IDS defeats those techniques
  • Explain the differences between HIPS and Network IPS
  • Describe the network sensors that are currently available and their features
  • Describe the considerations necessary for selection, placement, and deployment of a network intrusion prevention system
  • Explain the features, benefits, and system requirements of the IDM
  • Describe traffic that is not inspected by the NM-CIDS
  • Define intrusion detection
  • Define intrusion prevention
  • Explain the Cisco IDS/IPS signature features

Install Cisco IDS/IPS sensors and configure essential system parameters

  • Install a sensor appliance in the network
  • Use the IDM to configure SSH and TLS communications
  • Use the CLI to install the sensor's software image
  • Select the appropriate image file for a sensor
  • Select a router to host the NM-CIDS
  • Configure communications between the router and the NM-CIDS
  • Describe the functions of the various IDSM-2 ports
  • Describe the tasks for configuring the NM-CIDS
  • Describe the interfaces and components of the NM-CIDS
  • Explain how the NM-CIDS works
  • Explain how the IDSM-2 obtains access to network traffic
  • Explain the importance of accurate time on the NM-CIDS and how the NM-CIDS should obtain the accurate time
  • Explain the importance of accurate time on the IDSM-2 and how the IDSM-2 should obtain the accurate time
  • Install the IDSM-2 in a switch
  • Install the NM-CIDS in a router
  • Select a switch to host the IDSM-2
  • Use the CLI to initialize the sensor
  • Describe user accounts and how they provide sensor security
  • Use the IDM to configure and manage user accounts
  • Use the IDM to verify secure management access to the sensor
  • Obtain management access to the sensor appliance
  • Obtain management access to the NM-CIDS
  • Obtain management access to the IDSM-2
  • Describe allowed hosts
  • Use the IDM to configure allowed hosts
  • Describe sensor interfaces and interface pairs
  • Use the IDM to configure the sensor's interfaces (enable, create pairs, assign to virtual sensor)
  • Describe software bypass mode
  • Use the IDM to configure software bypass mode
  • Use the IDM to configure the sensor's network settings (IP address, netmask, default gateway, etc)
  • Describe sensor communications with external management and monitoring systems
  • Launch, navigate, and use the IDM to manage and monitor the sensor
  • Use the IDM to set the sensor's time
  • Define traffic flow notification
  • Use the IDM to configure traffic flow notification
  • Describe the various CLI modes
  • Navigate the sensor CLI
  • List the tasks for installing and configuring the IDSM-2

Describe Cisco IDS/IPS sensor advanced system parameters

  • Plan the mitigation of specific network vulnerabilities and exploits
  • Describe sensor tuning
  • Describe sensor tuning methods
  • Explain IP fragment and TCP stream reassembly options
  • Describe the IP logging capabilities of the sensor
  • Explain how IP logging should be used
  • Explain the use of Event Variables
  • Determine the need for a custom signature
  • Describe the signature engines and their functionality
  • Describe the types of signatures supported by each engine
  • Describe common engine parameters and their effects on signatures
  • Describe engine-specific parameters and their effects on signatures
  • Describe the device management capability of the sensor and how it is used to perform blocking with a Cisco device
  • Determine which response actions need to be configured for a given scenario
  • Determine the need for Event Action Filters in a given scenario
  • Describe the purpose of the Meta Event Generator
  • Explain Target Value Ratings and how they are used
  • Determine the need for Event Action Rules in a given scenario
  • Explain event Risk Ratings and how they are used
  • Explain the sensor's SNMP support
  • Determine if the sensor's application policy enforcement feature is needed in a given scenario

Tune Cisco IDS/IPS sensor advanced system parameters to optimize attack mitigation performance

  • Use the IDM to tune the sensor to work optimally in the network
  • Use the IDM to tune signatures to provide maximum protection for a network
  • Use the IDM to create custom signatures as needed
  • Configure response actions for a signature
  • Configure the sensor to take response actions based on a risk rating
  • Configure the sensor to minimize false alerts
  • Use the IDM to create a Meta signature and disable alert production for the component signatures
  • Use the IDM to configure the sensor to support SNMP
  • Configure Event Action Filters
  • Configure Event Action Overrides
  • Configure Target Value Ratings
  • Configure general settings for Event Action Rules
  • Use the IDM to configure IP logging
  • Configure Event Variables
  • Use the IDM to configure blocking for a given scenario
  • Use the IDM to configure the sensor to use a Master Blocking Sensor
  • Use the IDM to configure IP fragment and TCP stream reassembly options
  • Use the sensor's application policy enforcement feature

Analyze Cisco IDS/IPS sensor events to determine the appropriate response to network attacks

  • Configure the IDM events display
  • Analyze alerts and make configuration changes to respond to attacks
  • Use the CLI and the IDM to monitor events
  • Classify an alarm as true, false, positive or negative
  • Explain the fields in a Cisco IDS/IPS alert
  • Describe the various types of events generated by the sensor