Embed Size (px)
Citation preview
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
CCNA Security OverviewUpdated February 2012
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 2
Contents
Overview
Course Design
Instructor Training
1
2
3
Where to Find More Information 4
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 3
Overview
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 4
CCNA Security Course Goals
CCNA Security helps students:
• Understand core security concepts and how to develop and implement security policies to mitigate risks
• Acquire skills needed configure, monitor, and troubleshoot network security using actual equipment and simulation tools
• Prepare for CCNA Security certification exam
• Start or build a career in network security
• Differentiate themselves in the market with specialized skills and expertise to achieve success
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 5
CCNA Security v1.1 – Key CompetenciesSubtitle: Size 24, Left Aligned
Upon completion of the course, students will be able to:
• Describe the security threats facing modern network infrastructures
• Secure network device access
• Implement AAA on network devices
• Mitigate threats to networks using ACLs
• Implement secure network management and reporting
• Mitigate common Layer 2 attacks
• Implement the Cisco IOS firewall feature set
• Implement an ASA
• Implement the Cisco IOS IPS feature set
• Implement site-to-site IPSec VPNs
• Administer effective security policies
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 6
New in Version 1.1
• Aligns with updated CCNA Security (IINS) Certification Exam (640-554)
• Cisco ASA content added in a new chapter (Ch. 10) including four ASA labs
• Cisco Configuration Professional (CCP) replaced Security Device Manager (SDM) throughout the course content and labs
• Expanded scope of existing content, including the following: • Info on mitigating SNMP threats
• Discussion on IPv6 ACLs and object groups
• Content on IPS Global Correlation and Security Intelligence Operation (SIO)
• Info on Bridge Protocol Data Unit (BPDU) filtering
• Info on Cisco protected port feature (PVLAN Edge)
• Content on Cisco SecureX security architecture
• Info on the Secure Copy (SCP) command
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 7
Course and Certification Exam Availability
Course Exam Name Exam Number Availability
CCNA Security v1.0 IINS 640-553 Available through September 30, 2012
CCNA Security v1.1 IINS 640-554 From February 28, 2012
End-of-Life Announcement
Last Class Start Date
Last Class End date
End-of-Support and End-of-Availability
8-MAR-2012 31-May-2012 31-Aug-2012 31-Aug-2012
Cisco IINS Certification Exam Availability
End-of-Life Milestones for CCNA Security v1.0
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 8
CCNA Security CourseWho Should Enroll?
• College and university-level students seeking career-oriented, entry-level security specialist skills
• IT professionals wishing to broaden or add specialized skills to their technology expertise
• Current CCNA Certification holders who wish to continue to build on their CCNA knowledge base
• Prerequisites: CCNA-level networking concepts and skills
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 9
PACKET TRACER
Student Networking Knowledge and Skills
IT Essentials: PC Hardware and Software
Networking for Home and Small Businesses
Working at a Small-to-Medium Business or ISP
Introducing Routing and Switching in the Enterprise
Designing and Supporting Computer Networks
Network Fundamentals
Routing Protocols and Concepts
LAN Switching and Wireless
Accessing the WAN
CCNASecurity
Curricula Portfolio ROUTE: Implementing IP Routing
SWITCH: Implementing IP Switched Networks
TSHOOT: Troubleshooting and Maintaining IP Networks
Network Professional
IT Technician
Network Technician
Network Associate
Network Specialist
CCNA Discovery
CCNA Exploration
CCNP
CCNA Security
IT Essentials
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 10
Courses Align with Globally Recognized Certifications
Alignment to Industry Certifications
CompTIA A+
CCNACCENT
CCNACCNA
SecurityCCNP
CCNA Discovery
CCNA Exploration CCNP
CCNA Security
IT Essentials
Student Networking Knowledge and Skills
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 11
Cisco Security Certifications
Certification Name
Years of Experience
Job RoleNumber
of Exams
CCNA Security 1 – 3
Network Security Specialist, Security Administrator,
Network Security Support Engineer
1
CCNP Security 3 – 5 Network Security Engineer 4
CCIE Security 7+ Network Security Engineer 2
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 12
CCNA Security CertificationMeets Growing Demand
• Verifies an individual’s skills in the following roles:
Network Security Specialists
Security Administrators
Network Security Support Engineers
• Enables installation, troubleshooting and monitoring of Cisco Security devices/technologies
• Ability to develop security policies and mitigate risk in networks
• Serves as prerequisite for CCNP Security Certification
• Employers hiring individuals can feel confident their staff has the skills needed to install, troubleshoot and monitor Cisco security technologies
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 13
Course Design
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 14
CCNA Security v1.1 Course Design
• Same Graphical User Interface (GUI) as the CCNA Discovery and CCNA Exploration curricula
• 10 chapters and chapter exams• 10 Packet Tracer activities• 16 hands-on labs• One Packet Tracer Practice skills-based assessment• One final exam and one skills-based assessment• Balance of theory, hands-on practice, and application• Available in English only, no translated versions are planned• Enabled for both in-person and blended learning environments
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 15
CCNA Security v1.1Equipment Requirements
Leverages CCNA Discovery/CCNA Exploration equipment bundle and topology and is identical to the v1.0 equipment list with the addition of a Cisco ASA (Model 5505).
NDG NetLab-compatible topology—enabled for remote operation The Advanced IP Service feature set (ISR G1) and the Security Technology Package
(SEC) license required are available for academies that are part of Networking Academy Maintenance
Minimum System Requirements Curriculum requirements:
1 Student PC per student1 local curriculum server
Lab bundle requirements for CCNA Security:
3 Cisco routers, 2 with the Security Technology Package3 Two-Port Serial WAN Interface Cards 3 Cisco switches1 Cisco Adaptive Security Appliance (ASA) Assorted Ethernet and Serial cables and hubs
Detailed equipment information is available in the Instructor version of the Lab Manual and in the official CCNA Security Equipment List on in the Equipment Information section on Academy Connection.
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 16
CCNA Security Course OutlineCourse Chapters and Goals
Ch. 1 Modern Network Security ThreatsGoal: Explain network threats, mitigation techniques, and the basics of securing a network.
Ch. 2 Securing Network DevicesGoal: Securing administrative access on Cisco routers.
Ch. 3 Authentication, Authorization and AccountingGoal: Securing administrative access with AAA.
Ch. 4 Implementing Firewall TechnologiesGoal: Implement firewall technologies to secure the network perimeter.
Ch. 5 Implementing Intrusion PreventionGoal: Configure IPS to mitigate attacks on the network.
Ch. 6 Securing the Local Area NetworkGoal: Describe LAN security considerations and implement endpoint and Layer 2 security features.
Ch. 7 Cryptographic SystemsGoal: Describe methods for implementing data confidentiality and integrity.
Ch. 8 Implementing Virtual Private NetworksGoal: Implement secure virtual private networks.
Ch. 9 Managing A Secure NetworkGoal: Given the security needs of an enterprise, create and implement a comprehensive security policy.
Ch. 10 Implementing the Cisco Adaptive Security Appliance (ASA)Goal: Implement firewall technologies using the ASA to security the network perimeter.
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 17
Instructor Training
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 18
CCNA Security Instructor Training
• All instructors should have CCNA-level networking knowledge and skills
• New CCNA Security instructors• Instructor training required• Fast track possible with evidence of CCNA
Security or higher certification or industry experience
• Instructor training format and materials• Delivered by CCNA Security Training
Centers or Instructor Training Centers (ITCs)
• 40 hours training—in-person, blended (3-day in-person), or remote delivery formats
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 19
CCNA Security Training Centers
• Instructor training is delivered by authorized CCNA Security Training Centers
• Open model—instructors can participate in instructor training from any training center in their region
• Complete global list of authorized CCNA Security Training Centers available on CCNA Security Course Catalog page on Academy Connection
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 20
Offering CCNA Security at Your Academy
HasInstructorpassed
CCNA Security Training?
Yes
No
Academies who have completed their Academy Evolution migration should contact the Networking Academy Global Support Desk to
request the addition of the CCNA Security curriculum to their academy. If your academy has not yet completed migration ,your CCNA Security
Training Center will be able to add the curriculum for you.
Register for a CCNA Security instructor training class with a CCNA Security Training Center or Instructor Training Center (ITC) in your region
Academy wants to offer
CCNA Security
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 21
CCNA Security CourseAcademy Connection System Prerequisites
StudentsPrerequisites for Student Enrollment
No Academy Connection Prerequisites Students must have:
•CCNA-level networking knowledge and skills•Basic PC and internet navigation skills
Students encouraged to complete CCNA Discovery or CCNA Exploration curricula
InstructorsPrerequisites to Teach Student Classes
CCNA Security AND OrientationOR
CCNA Security Instructor Fast Track AND Orientation
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 22
For More Information
• Latest documents are posted on CCNA Security Course Catalog page on Academy Connection
CCNA Security Scope and Sequence
CCNA Security FAQs
CCNA Security Datasheet
CCNA Security At A Glance
CCNA Security Overview Presentation
• The CCNA Security v1.1 Instructor learning opportunity located @ http://lms.netacad.net/index.php
• Certification information
CCNA Concentrations Q&A
CCNA Security certification
Thank you.
