CCNA Security Certification

Started by certforumz, July 10, 2013, 12:49:19 AM

Previous topic - Next topic

certforumz

Exam Description

The 640-554 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification. This exam tests a candidate's knowledge of securing Cisco routers and switches and their associated networks. It leads to validated skills for installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security infrastructure.

Exam Topics

The following topics are general guidelines for the content likely to be included on the Implementing Cisco IOS Network Security (IINS) exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.


Common Security Threats


    Describe common security threats


Security and Cisco Routers

    Implement security on Cisco routers

    Describe securing the control, data, and management plane

    Describe Cisco Security Manager

    Describe IPv4 to IPv6 transition


AAA on Cisco Devices

    Implement AAA (authentication, authorization, and accounting)

    Describe TACACS+

    Describe RADIUS

    Describe AAA

    Verify AAA functionality


IOS ACLs

    Describe standard, extended, and named IP IOS access control lists (ACLs) to filter packets

    Describe considerations when building ACLs

    Implement IP ACLs to mitigate threats in a network


Secure Network Management and Reporting

    Describe secure network management

    Implement secure network management


Common Layer 2 Attacks

    Describe Layer 2 security using Cisco switches

    Describe VLAN security

    Implement VLANs and trunking

    Implement spanning tree


Cisco Firewall Technologies

    Describe operational strengths and weaknesses of the different firewall technologies

    Describe stateful firewalls

    Describe the types of NAT used in firewall technologies

    Implement zone-based policy firewall using CCP

    Implement the Cisco Adaptive Security Appliance (ASA)

    Implement Network Address Translation (NAT) and Port Address Translation (PAT)


Cisco IPS

    Describe Cisco Intrusion Prevention System (IPS) deployment considerations

    Describe IPS technologies

    Configure Cisco IOS IPS using CCP


VPN Technologies

    Describe the different methods used in cryptography

    Describe VPN technologies

    Describe the building blocks of IPSec

    Implement an IOS IPSec site-to-site VPN with pre-shared key authentication

    Verify VPN operations

    Implement Secure Sockets Layer (SSL) VPN using ASA device manager

Pamelarig

This course will give the student the knowledge and skills necessary to select, connect, configure, and troubleshoot various Cisco networking devices. Cisco CCNA certified professionals can extend switched networks with virtual local area networks, determine Internet Protocol IP routes, manage IP traffic with access lists, and establish point-to-point and Frame Relay connections.