Cisco Certified Internetwork Expert (Security)

Firewall – PIX and ASA Firewall

  • Basic Initialization
  • Access Management
  • Address Translation
  • ACLs
  • IP Routing
  • Object Groups
  • VLANs
  • AAA
  • VPNs
  • Filtering
  • Failover
  • Layer 2 Transparent Firewall
  • Security Contexts (Virtual Firewall)
  • Modular Policy Framework
  • Application-Aware Inspection
  • High Availability Scenarios
  • QoS Policies
  • Other Advanced Features

Firewall – IOS Firewall

  • CBAC
  • Audit
  • Auth Proxy
  • PAM
  • Access Control
  • Performance Tuning
  • Advanced Features

VPN

  • IPSec LAN-to-LAN
  • SSL VPN
  • DMVPN
  • CA (PKI)
  • Remote Access VPN
  • VPN3000 Concentrator
  • VPN3000 IP Routing
  • Unity Client
  • WebVPN
  • EzVPN Hardware Client
  • XAuth, Split-tunnel, RRI, NAT-T
  • High Availability
  • QoS for VPN
  • GRE, mGRE
  • L2TP
  • PPTP
  • Advanced VPN Features

Intrusion Prevention System (IPS)

  • IPS 4200 Series Sensor Appliance
  • Basic Initialization
  • Sensor Configuration
  • Sensor Management
  • Promiscuous and Inline Monitoring
  • Signature Tuning
  • Custom Signatures
  • Blocking
  • TCP Resets
  • Rate Limiting
  • Signature Engines
  • IDM
  • Event Action
  • Event Monitoring
  • IOS IPS
  • PIX IDS
  • SPAN, RSPAN
  • Advanced Features

Identity Management

  • Security Protocols (RADIUS and TACACS+)
  • Cisco Secure ACS Configuration
  • Access Management (Telnet, SSH, Pwds, Priv Levels)
  • Proxy Authentication
  • Service Authentication (FTP, Telnet, HTTP, other)
  • Network Admission Control (NAC Framework solution)
  • 802.1x
  • Advanced Features

Advanced Security

  • Mitigation Techniques
  • Packet Marking Techniques
  • Security RFCs (RFC1918, RFC2827, RFC2401)
  • Service Provider Security
  • Black Holes, Sink Holes
  • RTBH Filtering (Remote Triggered Black Hole)
  • Traffic Filtering using Access-lists
  • NAT
  • TCP Intercept
  • uRPF
  • CAR
  • NBAR
  • NetFlow
  • Flooding
  • Spoofing
  • Policing
  • Fragmentation
  • Sniffer Traces
  • Catalyst Management and Security
  • Traffic Control and Congestion Management
  • Catalyst Features and Advanced Configuration
  • IOS Security Features

Network Attacks

  • Network Reconnaissance
  • IP Spoofing Attacks
  • MAC Spoofing Attacks
  • ARP Spoofing Attacks
  • Denial of Service (DoS)
  • Distributed Denial of Service (DDoS)
  • Man-in-the-Middle (MiM) Attacks
  • Port Redirection Attacks
  • DHCP Attacks
  • DNS Attacks
  • Fragment Attacks
  • Smurf Attacks
  • SYN Attacks
  • MAC Attacks
  • VLAN Hopping Attacks
  • Other Layer2 and Layer3 Attacks

Leave a Reply

Your email address will not be published. Required fields are marked *