CCNA Security
210-260 Cisco IINS
Cisco IINS 3.0: Cisco ASA Access Control and Service Policies
Cisco IINS 3.0: Cisco IOS Zone Based Firewall
Cisco IINS 3.0: Cryptographic Technologies, PKI and Digital Certificates
Cisco IINS 3.0: Implementing AAA, Management Protocols and Systems
Cisco IINS 3.0: Introducing the Cisco ASA v9.2
Cisco IINS 3.0: Intrusion Detection and Protection
Cisco IINS 3.0: IPsec Technologies
Cisco IINS 3.0: Remote Access VPNs
Cisco IINS 3.0: Securing Layer 2 Infrastructure
Cisco IINS 3.0: Securing Layer 2 Protocols and Firewall Technologies
Cisco IINS 3.0: Site-to-Site VPN
Cisco IINS 3.0: Threatscape, Security Policies and Basic Architectures
Mentoring 210-260 Implementing Cisco Network Security (IINS)
TestPrep 210-260 Implementing Cisco Network Security (IINS)

Cisco IINS 3.0: Cisco ASA Access Control and Service Policies

Course Number:
cc_seci_a07_it_enus
Lesson Objectives

Cisco IINS 3.0: Cisco ASA Access Control and Service Policies

  • start the course
  • describe interface access rules
  • describe how to configure interface access rules
  • configure interface access rules
  • implement configuring interface access rules
  • describe object groups
  • describe and create a service object group
  • describe and use object groups with access rules
  • describe Cisco ASA modular policy framework
  • describe the configuration tasks
  • describe creating a service policy rule
  • describe the policy-map global policy
  • describe the service policy rules
  • describe network objects
  • create a network object group
  • assign an ACL to allow DMZ access
  • describe how to deny all connections from a DMZ
  • describe how to limit access to the DMZ

Overview/Description
It is easy to simply focus on protecting the endpoints and the servers, however the control, management, and data planes of infrastructure devices are huge points of vulnerability that are often overlooked. The Cisco IOS provides control plane security features for networking devices. These security features can protect your network against degradation or failure as well as against data loss or compromise caused by attacks or unintended mistakes by network users. This course covers control plan protection and routing protocol authentication.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Cisco IOS Zone Based Firewall

Course Number:
cc_seci_a08_it_enus
Lesson Objectives

Cisco IINS 3.0: Cisco IOS Zone Based Firewall

  • start the course
  • describe Cisco IOS zone-based policy firewall
  • describe zones and zone pairs
  • describe a zone-based topology
  • describe Cisco common classification policy language
  • describe class map considerations
  • describe policy map considerations
  • describe policy map actions
  • describe zones and zone pair assignments
  • describe zone-based policy firewall rules
  • describe zone-based policy firewall rules for self zone
  • describe C3PL configuration procedure
  • describe IOS zone-based firewall configuration
  • configure IOS zone-based firewall
  • describe the zone-based policy firewall
  • define and verify policies
  • define and verify an inside to outside policy

Overview/Description
For years, security was focused primarily on Layer 3 of the OSI model with Layer 2 getting less attention. This 'house of cards' scenario must be prevented in today's modern networks. The data link layer 2 of the OSI model, provides MAC address based connectivity within a broadcast domain, such as an Ethernet LAN. Network technologies are implemented in stacks, broken into layers. This layer can be protected with a wide array of techniques for securing VLANs and 802.1Q trunks. Various solutions like ACLs, VACLs, and PACLs are explored as well.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Cryptographic Technologies, PKI and Digital Certificates

Course Number:
cc_seci_a02_it_enus
Lesson Objectives

Cisco IINS 3.0: Cryptographic Technologies, PKI and Digital Certificates

  • start the course
  • describe cryptology
  • describe cryptographic hashes
  • describe cryptographic authentication using hash technology
  • compare hashing algorithms
  • describe the process of encryption
  • describe cryptanalysis
  • describe symmetric encryption algorithms
  • compare symmetric encryption algorithms
  • describe asymmetric encryption algorithms
  • describe confidentiality with asymmetric encryption
  • describe authentication with asymmetric encryption
  • describe digital signatures
  • describe digital signature process
  • describe trusted third party
  • describe PKI terminology and components
  • describe public key cryptography standards
  • describe X.509v3 certificate fields
  • describe certificate enrollment
  • describe authentication using certificates
  • describe certificate revocation and revocation checks

Overview/Description
Learn why not having a security policy is a recipe for failure and how you cannot construct a building or security initiative without a proven architecture. This course describes the components of a comprehensive network security policy that can be used to counter threats against IT systems, within the context of a security policy life cycle and introduces the Cisco modular network architecture best practices, designs and configurations.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Implementing AAA, Management Protocols, and Systems

Course Number:
cc_seci_a03_it_enus
Lesson Objectives

Cisco IINS 3.0: Implementing AAA, Management Protocols, and Systems

  • start the course
  • describe authentication, authorization, and accounting
  • describe local and centralized AAA
  • describe AAA protocols
  • compare functional differences between RADIUS and TACACS+
  • describe AAA servers
  • describe the configuring SSH access to an IOS device
  • implement local authentication and authorization
  • describe authorization with role-based CLI
  • describe authentication using external servers
  • describe validating IOS images using MD5
  • describe digitally signed images
  • describe IOS resilient configuration
  • describe verifying and restoring IOS resilient configuration
  • describe syslog
  • describe syslog severity levels
  • configure syslog
  • describe configuration management protocol options
  • describe HTTPS configuration and operation
  • describe SNMPv3 operation
  • describe SNMPv3 configuration
  • describe SNMP
  • describe SNMP traps
  • describe logging

Overview/Description
Every member of a forensics security team has to begin somewhere and this exploration of cryptology is an excellent starting place. VPNs are an integral part of any security architecture. Providing confidentiality, integrity, and endpoint authentication, VPNs are ubiquitous and provide data loss prevention mechanisms for data that is in transit at multiple levels. From SSL VPNs to IPsec VPNs, site-to-site VPNs, or remote-access options, this security control is now embedded in networks and applications and should be available in a transparent and manageable fashion. This course introduces the cryptographic elements of VPNs, including symmetric and asymmetric algorithms, digital signatures.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances, and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Introducing the Cisco ASA v9.2

Course Number:
cc_seci_a06_it_enus
Lesson Objectives

Cisco IINS 3.0: Introducing the Cisco ASA v9.2

  • start the course
  • describe Cisco ASA firewall features
  • describe modes of deployment
  • describe security contexts
  • describe management access configuration
  • describe configuring Cisco ASA interface parameters
  • describe security levels in action
  • describe interface configuration
  • describe NAT
  • describe the NAT example
  • describe NAT deployment modes
  • describe NAT on Cisco ASA
  • configure static NAT on Cisco ASA
  • configure dynamic NAT on Cisco ASA
  • configure PAT on Cisco ASA
  • configure policy NAT on Cisco ASA
  • verify NAT operations
  • configure the ASA DMZ

Overview/Description
You have to 'protect the protectors' at the outset so make certain that all of your infrastructure and security devices are being configured, managed, and operated in a secure manner. Managing the running configuration on IOS devices, and saving the running configuration to the startup configuration is one large aspect of managing IOS devices. But, there are several other vital management tasks including managing operating system images, keeping device clocks in sync, and monitoring the status of network devices. These aspects will be considered in this course.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Intrusion Detection and Protection

Course Number:
cc_seci_a12_it_enus
Lesson Objectives

Cisco IINS 3.0: Intrusion Detection and Protection

  • start the course
  • compare IPS and IDS
  • describe terms fundamental to IPS
  • describe security control decision classifications
  • describe IDS and IPS actions
  • describe packet fragmentation evasion technique
  • describe Cisco FireSIGHT capabilities
  • describe protection across the entire attack continuum
  • compare blacklisting, AMP, and IPS
  • describe FireSIGHT discovery and awareness
  • describe dynamic file analysis
  • describe connection data and summaries
  • describe sensor placement considerations
  • describe sensor deployment modes
  • describe the considerations for sensor placement in the network
  • describe SPAN for passive mode deployment

Overview/Description
The Cisco Adaptive Security Appliance is an industry-leading high-end all-in-one security appliance suitable for any size organization. This course looks at this awesome Cisco product. This course covers the Cisco Adaptive Security Appliances (ASA). These are purpose-built solutions that integrate firewall, unified communications security, VPN, IPS, and content security services in a unified platform. The ASA is basically a stateful packet filter with Application Inspection and Control (AIC), combined with a rich set of optional integrated software and hardware features that allow you to expand functionality. The ASA provides intelligent threat defense that stops attacks before they penetrate the network perimeter, controls network and application activity, and delivers secure remote access and site-to-site connectivity. Cisco offers several models of the ASA to meet customer's needs ranging from remote/teleworker to high-end data center models.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: IPsec Technologies

Course Number:
cc_seci_a09_it_enus
Lesson Objectives

Cisco IINS 3.0: IPsec Technologies

  • start the course
  • describe cryptographic algorithms in IPsec
  • describe Internet Key Exchange
  • describe IKE phase 1
  • describe first exchange in IKE phase 1
  • describe second exchange in IKE phase 1
  • describe third exchange in IKE phase 1
  • describe IPsec protocols
  • describe ESP
  • compare tunnel mode and transport mode
  • describe IKE phase 2
  • describe IPsec configuration
  • describe suite B cryptographic standard
  • describe IKE version 2

Overview/Description
Most Layer 2 vulnerabilities can be addressed with some good base configuration practices combined with an accurate DHCP binding of legitimate MAC addresses to IP addresses. More power techniques will be discovered in this course. This course will show the learner how to protect MAC address mappings, ARP functions, and more with port security and Private VLANs (PVLANs)

Target Audience
This course is directed toward networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances, and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Remote Access VPNs

Course Number:
cc_seci_a11_it_enus
Lesson Objectives

Cisco IINS 3.0: Remote Access VPNs

  • start the course
  • describe secure sockets layer and transport layer security
  • describe SSL cryptography
  • describe basic Cisco AnyConnect SSL VPN
  • describe Cisco AnyConnect SSL VPN solution components
  • describe Cisco ASA SSL server authentication
  • describe SSL VPN client authentication
  • describe SSL VPN clients IP address assignment
  • describe basic AnyConnect SSL VPN configuration tasks
  • describe remote access VPN services
  • install a root CA certificate
  • describe the ASDM anyconnect VPN wizard
  • install the Cisco anyconnect client and define a localhost entry
  • monitor VPN sessions
  • configure hairpin access
  • configure split tunneling
  • describe Cisco clientless SSL VPN
  • describe Cisco clientless SSL VPN use cases
  • describe Cisco clientless SSL VPN resource access methods
  • describe clientless SSL VPN portal
  • describe basic Cisco clientless SSL VPN
  • describe authentication in basic clientless SSL VPN
  • describe clientless SSL VPN URL entry and bookmarks
  • describe basic access control using web ACLs
  • describe basic clientless SSL VPN configuration tasks

Overview/Description
For most organizations the first line of defense is the firewall system. This term can actually represent different components and this course explores this interesting concept. The term firewall is a metaphor for protecting separate zones or domains. In a network, a firewall is intended to control what passes from one security zone to another. If a system is compromised in one zone, firewalls help to contain the attack to within that zone. Also, within a network, firewalls also have the function of preventing the undesirable access in the first place. This course explores the fundamentals of firewall technologies.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances, and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Securing Layer 2 Infrastructure

Course Number:
cc_seci_a04_it_enus
Lesson Objectives

Cisco IINS 3.0: Securing Layer 2 Infrastructure

  • start the course
  • describe a VLAN hopping attack
  • describe double-tagging VLAN hopping attack
  • describe trunk configuration and attack mitigation
  • describe ACLs on switches
  • describe PACLs
  • describe VACLs
  • verify a VACL configuration
  • describe MAC spoofing
  • describe ARP cache poisoning
  • describe port security
  • describe how to configure port security
  • configure port security
  • describe how to verify port security configuration
  • verify port security configuration
  • describe MAC address tables
  • describe port security
  • describe ARP and ARP poisoning

Overview/Description
In a global society, there has got to be scalable and secure way to conduct financial transactions, contracts, and agreements over untrusted networks. Here is an answer. A huge challenge with both asymmetric encryption and digital certificates is the secure distribution of public keys. This is where public key infrastructure comes into play.

Target Audience
This course is directed toward networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Securing Layer 2 Protocols and Firewall Technologies

Course Number:
cc_seci_a05_it_enus
Lesson Objectives

Cisco IINS 3.0: Securing Layer 2 Protocols and Firewall Technologies

  • start the course
  • describe STP
  • compare PortFast, BPDU guard, and root guard
  • describe STP attack mitigation
  • describe DHCP
  • describe DHCP starvation
  • describe DHCP Snooping
  • describe ARP
  • describe DAI in action
  • describe a unidirectional man-in-the-middle attack
  • describe DHCP snooping
  • describe DAI
  • describe how to enable PortFast, BPDU guard, and root guard
  • compare firewalls and security zones
  • describe firewall characteristics
  • describe packet filters
  • describe stateful firewalls
  • describe stateful firewalls and FTP
  • describe proxy servers
  • describe pairing a proxy server with a stateful firewall
  • describe next-generation firewalls

Overview/Description
How can you control what an entity can do unless they are identified? Once identified, then what actions can be performed? In addition, when did they start, finish, and what was the duration? Answer these vital questions with AAA services. AAA is short for authentication, authorization, and accounting. Authentication is determining identity. Authorization is defining what actions that individual or groups of identities can perform. Accounting is about tracking what individual identities have done. This course compares local and centralized AAA, examines authentication services, compares ACS to ISE, and more.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances, and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Site-to-Site VPN

Course Number:
cc_seci_a10_it_enus
Lesson Objectives

Cisco IINS 3.0: Site-to-Site VPN

  • start the course
  • describe site-to-site tunnel negotiation process
  • configure site-to-site IPsec VPN
  • describe ensuring that ACLs are compatible with IPsec
  • describe IKE policy negotiation
  • describe site-to-site IPsec configuration in phase 1
  • configure transform sets
  • describe transform set negotiation
  • describe crypto ACL function
  • describe creating crypto ACLs using extended ACLs
  • configure symmetric peer crypto ACLs
  • configure IPsec crypto maps
  • verify the IPsec configuration
  • describe the show crypto map command
  • describe monitoring IPsec phase 1 SA
  • describe show crypto ipsec sa
  • configure site-to-site VPN on Cisco ASA
  • describe IPsec site-to-site VPN wizard
  • configure an IPsec VPN
  • configure a crypto map
  • configure a hub and spoke VPN
  • verify hub and spoke VPN configuration
  • configure a site-to-site tunnel
  • describe the negotiation and establishment of a VPN tunnel
  • describe the site-to-site VPN created by the wizard

Overview/Description
Like routers, both Layer 2 and Layer 3 switches have their own security requirements. Switch access is a common entry point for crackers who are intent on gaining illegal access to a corporate network. An attacker can then introduce rogue access points and protocol analyzers and launch all types of attacks from within the network. Attackers can also spoof the MAC and IP addresses of critical servers and do significant damage. In this course, you will examine various Layer 2 attacks and strategies to mitigate them.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Cisco IINS 3.0: Threatscape, Security Policies, and Basic Architectures

Course Number:
cc_seci_a01_it_enus
Lesson Objectives

Cisco IINS 3.0: Threatscape, Security Policies, and Basic Architectures

  • start the course
  • describe Threatscape
  • describe DDoS attacks
  • describe social engineering
  • describe phishing
  • describe pharming
  • describe password attacks
  • describe reconnaissance attacks
  • describe buffer overflow attacks
  • describe the characteristics of a man-in-the-middle attack
  • describe man-in-the-middle attacks
  • compare the types of malicious software
  • describe advanced persistent threats
  • describe network security objectives
  • describe assets, vulnerabilities, and threats
  • describe risk
  • describe classifying assets
  • describe classifying vulnerabilities
  • describe classifying countermeasures
  • describe why you need a security policy
  • describe who uses the security policy
  • describe the components of a comprehensive security policy
  • describe standards, guidelines, and procedures
  • describe responsibilities for the security policy
  • describe security awareness

Overview/Description
Put your finger on the pulse on the existing critical state of security threats and technology defense solutions. This course describes a variety of attack vectors and threat categories prevalent in the corporate landscape today. Also, an examination of threat countermeasure technologies including firewalls, IPS, VPNs, content security, and endpoint protection. This course is one of a series in the Skillsoft learning path that covers the objectives for the Cisco exam Implementing Cisco Network Security (IINS) exam (210-260 IINS). This exam counts toward the CCNA Security certification.

Target Audience
This course is directed towards networking professionals who need to understand common security concepts and deploy basic security techniques using a variety of popular security solutions including IOS routers, IOS switches, Cisco Adaptive Security Appliances and Windows and Linux hosts. This course is also designed for security practitioners who want to pass the IINS 3.0 exam.

Mentoring 210-260 Implementing Cisco Network Security (IINS)

Lesson Objectives

Mentoring 210-260 Implementing Cisco Network Security (IINS)

  • Security Concepts
  • Secure Access
  • VPN
  • Secure Routing and Switching
  • Cisco Firewall Technologies
  • IPS
  • Content and Endpoint Security

Overview/Description
Skillsoft Mentors are available to help students with their studies for exam 210-260 Implementing Cisco Network Security (IINS). You can reach them by entering a Mentored Chat Room or by using the Email My Mentor service.

Target Audience
Individuals who are studying the associated Skillsoft content in preparation for, or to become familiar with, the skills and competencies being measured by the actual certification exam.

TestPrep 210-260 Implementing Cisco Network Security (IINS)

Course Number:
cc_seci_a01_tp_enus
Lesson Objectives

TestPrep 210-260 Implementing Cisco Network Security (IINS)

  • >

Overview/Description
To test your knowledge on the skills and competencies being measured by the vendor certification exam. TestPrep can be taken in either Study or Certification mode. Study mode is designed to maximize learning by not only testing your knowledge of the material, but also by providing additional information on the topics presented. Certification mode is designed to test your knowledge of the material within a structured testing environment, providing valuable feedback at the end of the test.

Target Audience
Individuals seeking practice in a structured testing environment, covering the skills and competencies being measured by the vendor certification exam.

Prerequisites: none

Close Chat Live