Cisco CCNP SCORE
The Implementing and Operating Cisco Security Core Technologies (SCOR) Exam Prep course helps you prepare for the Cisco CCNP Security, CCIE Security certifications and for senior-level security roles.
In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cyber-security attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcement. You will get extensive hands-on experience deploying Cisco Firepower® Next-Generation Firewall and Cisco Adaptive Security Appliance (Cisco ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch® Enterprise and Cisco Stealthwatch Cloud threat detection features.
Course Objectives
After completing this course, students will be able to :
- Describe information security concepts and strategies within the network
- Describe common TCP/IP, network application, and endpoint attacks
- Describe how various network security technologies work together to guard against attacks
- Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
- Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
-
Describe and implement web content security features and functions provided by Cisco Web Security Appliance
-
Describe Cisco Umbrella® security capabilities, deployment models, policy management, and Investigate console
-
Introduce VPNs and describe cryptography solutions and algorithms
-
Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW)
-
Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication
-
Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features
-
Examine various defenses on Cisco devices that protect the control and management plane
-
Configure and verify Cisco IOS Software Layer 2 and Layer 3 data plane controls
-
Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
-
Describe basics of cloud computing and common cloud attacks and how to secure cloud environment
Target Audience
- Security engineer
- Network engineer
- Network designer
- Network administrator
- Systems engineer
- Consulting systems engineer
- Technical solutions architect
- Network manager
- Cisco integrators and partners
Course Pre-requisite
To fully benefit from this course, you should have the following knowledge and skills:
- Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA®) v1.0 course
- Familiarity with Ethernet and TCP/IP networking
- Working knowledge of the Windows operating system
- Working knowledge of Cisco IOS networking and concepts
- Familiarity with basics of networking security concepts
Course Summary
Course Fee
৳ 20,000
Training Method
Offline/Online
Total Modules
32
Course Duration
90 Hours
Total Session
45
Class Duration
2 Hours
Details Course Outlines
Module-01
Describing Information Security Concepts
- Information Security Overview
- Assets, Vulnerabilities, and Countermeasures
- Managing Risk
Module-02
Describing Common TCP/IP Attacks
- Legacy TCP/IP Vulnerabilities
- IP Vulnerabilities
- Internet Control Message Protocol (ICMP) Vulnerabilities
Module-03
Describing Common Network Application Attacks
- Password Attacks
- Domain Name System (DNS)-Based Attacks
- DNS Tunneling
Module-04
Describing Common Endpoint Attacks
- Buffer Overflow
- Malware
- Reconnaissance Attack
Module-05
Describing Network Security Technologies
- Defense-in-Depth Strategy
- Defending Across the Attack Continuum
- Network Segmentation and Virtualization Overview
Module-06
Deploying Cisco ASA Firewall
- Cisco ASA Deployment Types
- Cisco ASA Interface Security Levels
- Cisco ASA Objects and Object Groups
Module-07
Deploying Cisco Firepower Next-Generation Firewall
- Cisco Firepower NGFW Deployments
- Cisco Firepower NGFW Packet Processing and Policies
- Cisco Firepower NGFW Objects
Module-08
Deploying Email Content Security
- Cisco Email Content Security Overview
- Simple Mail Transfer Protocol (SMTP) Overview
- Email Pipeline Overview
Module-09
Deploying Web Content Security
- Cisco Web Security Appliance (WSA) Overview
- Deployment Options
- Network Users Authentication
Module-10
Deploying Cisco Umbrella
- Cisco Umbrella Architecture
- Deploying Cisco Umbrella
- Cisco Umbrella Roaming Client
Module-11
Explaining VPN Technologies and Cryptography
- VPN Definition
- VPN Types
- Secure Communication and Cryptographic Services
Module-12
Introducing Cisco Secure Site-to-Site VPN Solutions
- Site-to-Site VPN Topologies
- IPsec VPN Overview
- IPsec Static Crypto Maps
Module-13
Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs
- Cisco IOS VTIs
- Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2 VPN Configuration
Module-14
Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW
- Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW
- Cisco ASA Point-to-Point VPN Configuration
- Cisco Firepower NGFW Point-to-Point VPN Configuration
Module-15
Introducing Cisco Secure Remote Access VPN Solutions
- Remote Access VPN Components
- Remote Access VPN Technologies
- Secure Sockets Layer (SSL) Overview
Module-16
Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW
- Remote Access Configuration Concepts
- Connection Profiles
- Group Policies
Module-17
Explaining Cisco Secure Network Access Solutions
- Cisco Secure Network Access
- Cisco Secure Network Access Components
- AAA Role in Cisco Secure Network Access Solution
Module-18
Describing 802.1X Authentication
- 802.1X and Extensible Authentication Protocol (EAP)
- EAP Methods
- Role of Remote Authentication Dial-in User Service (RADIUS) in 802.1X Communications
Module-19
Configuring 802.1X Authentication
- Cisco Catalyst® Switch 802.1X Configuration
- Cisco Wireless LAN Controller (WLC) 802.1X Configuration
- Cisco Identity Services Engine (ISE) 802.1X Configuration
Module-20
Describing Endpoint Security Technologies
- Host-Based Personal Firewall
- Host-Based Anti-Virus
- Host-Based Intrusion Prevention System
Module-21
Deploying Cisco Advanced Malware Protection (AMP) for Endpoints
- Cisco AMP for Endpoints Architecture
- Cisco AMP for Endpoints Engines
- Retrospective Security with Cisco AMP
Module-22
Introducing Network Infrastructure Protection
- Identifying Network Device Planes
- Control Plane Security Controls
- Management Plane Security Controls
Module-23
Deploying Control Plane Security Controls
- Infrastructure ACLs
- Control Plane Policing
- Control Plane Protection
Module-24
Deploying Layer 2 Data Plane Security Controls
- Overview of Layer 2 Data Plane Security Controls
- Virtual LAN (VLAN)-Based Attacks Mitigation
- Spanning Tree Protocol (STP) Attacks Mitigation
Module-25
Deploying Layer 3 Data Plane Security Controls
- Infrastructure Antispoofing ACLs
- Unicast Reverse Path Forwarding
- IP Source Guard
Module-26
Deploying Management Plane Security Controls
- Cisco Secure Management Access
- Simple Network Management Protocol Version 3
- Secure Access to Cisco Devices
Module-27
Deploying Traffic Telemetry Methods
- Network Time Protocol
- Device and Network Events Logging and Export
- Network Traffic Monitoring Using NetFlow
Module-28
Deploying Cisco Stealthwatch Enterprise
- Cisco Stealthwatch Offerings Overview
- Cisco Stealthwatch Enterprise Required Components
- Flow Stitching and Deduplication
Module-29
Describing Cloud and Common Cloud Attacks
- Evolution of Cloud Computing
- Cloud Service Models
- Security Responsibilities in Cloud
Module-30
Securing the Cloud
- Cisco Threat-Centric Approach to Network Security
- Cloud Physical Environment Security
- Application and Workload Security
Module-31
Deploying Cisco Stealthwatch Cloud
- Cisco Stealthwatch Cloud for Public Cloud Monitoring
- Cisco Stealthwatch Cloud for Private Network Monitoring
- Cisco Stealthwatch Cloud Operations
Module-32
Describing Software-Defined Networking (SDN)
- Software-Defined Networking Concepts
- Network Programmability and Automation
- Cisco Platforms and APIs