CCIE SECURITY

June 24th, 2010

I have included the Security V3 lab blueprint here with my study goals. It is a work in progress and will be updated regularly. Below the Table is the amount of study hours that I have put into this expedition. These hours are accounted for starting March 24th 2010. It does no account study hours before then (which have been quite a few).

June 24 Update

Well, I have finally made some updates to this table. I have updated the skills I have learned the past few months and it looks like I am making progress (at least I think I am). I still don’t feel ready so the next 2 months are going to be hardcore for me. I hope to update this with all 10′s in a few months time. I hope your studies are going well too.

SectionTopicProficiency 1 Beginner - 10 ExpertStudy Time
1Implementing Secure Networks Using Cisco ASA Firewalls
Configuring and Troubleshooting Cisco ASA FirewallsMar 29 - 7
June 24 - 8
1.01.Initializing the Basic Cisco ASA Firewall (IP Address, Mask, Default Route, etc.)Mar 29 - 9
June 24 - 10
1.02.Understanding Security Levels (Same Security Interface)Mar 29 - 7
June 24 - 10
1.03.Understanding Single vs. MultimodeMar 29 - 9
June 24 - 10
1.04.Understanding Firewall vs. Transparent ModeMar 29 - 9
June 24 - 9
1.05.Understanding Multiple Security ContextsMar 29 - 7
June 24 - 9
1.06.Understanding Shared Resources for Multiple ContextsMar 29 - 9
June 24 - 9
1.07.Understanding Packet Classification in Multiple-Contexts ModeMar 29 - 9
June 24 - 9
1.08.VLAN Subinterfaces Using 802.1Q TrunkingMar 29 - 9
June 24 - 10
1.09.Multiple-Mode Firewall with Outside AccessMar 29 - 9
June 24 - 9
1.10.Single-Mode Firewall Using the Same Security LevelMar 29 - 9
June 24 - 9
1.11.Multiple-Mode, Transparent FirewallMar 29 - 5
June 24 - 9
1.12.Single-Mode, Transparent Firewall with NATMar 29 - 6
June 24 - 6
1.13.ACLs in Transparent Firewall (for Pass-Through Traffic)Mar 29 - 6
June 24 - 7
1.14.Understanding How Routing Behaves on the Adaptive Security Appliance (Egress and Next-Hop Selection Process)Mar 29 - 6
June 24 - 7
1.15.Understanding Static vs. Dynamic RoutingMar 29 - 8
June 24 - 9
1.16.Static RoutesMar 29 - 9
June 24 - 9
1.17.RIP with AuthenticationMar 29 - 9
June 24 - 10
1.18.OSPF with AuthenticationMar 29 - 9
June 24 - 10
1.19.EIGRP with AuthenticationMar 29 - 9
June 24 - 10
1.20.Managing Multiple Routing InstancesMar 29 - 9
June 24 - 9
1.21.Redistribution Between ProtocolsMar 29 - 7
June 24 - 8
1.22.Route SummarizationMar 29 - 5
June 24 - 6
1.23.Route FilteringMar 29 - 6
June 24 - 6
1.24.Static Route Tracking Using an SLAMar 29 - 8
June 24 - 9
1.25.Dual ISP Support Using Static Route TrackingMar 29 - 8
June 24 - 9
1.26.Redundant Interface PairMar 29 - 9
June 24 - 10
1.27.LAN-Based Active/Standby Failover (Routed Mode)Mar 29 - 9
June 24 - 9
1.28.LAN-Based Active/Active Failover (Routed Mode)Mar 29 - 9
June 24 - 9
1.29.LAN-Based Active/Standby Failover (Transparent Mode)Mar 29 - 9
June 24 - 9
1.30.LAN-Based Active/Active Failover (Transparent Mode)Mar 29 - 9
June 24 - 9
1.31.Stateful Failover LinkMar 29 - 9
June 24 - 9
1.32.Device Access ManagementMar 29 - 9
June 24 - 9
1.33.Enabling TelnetMar 29 - 9
June 24 - 10
1.34.Enabling SSHMar 29 - 9
June 24 - 10
1.35.The nat-control Command vs. no nat-control CommandMar 29 - 9
June 24 - 9
1.36.Enabling Address Translation (NAT, Global, and Static)Mar 29 - 9
June 24 - 9
1.37.Dynamic NATMar 29 - 8
June 24 - 9
1.38.Dynamic PATMar 29 - 8
June 24 - 9
1.39.Static NATMar 29 - 8
June 24 - 9
1.40.Static PATMar 29 - 8
June 24 - 9
1.41.Policy NATMar 29 - 8
June 24 - 9
1.42.Destination NATMar 29 - 8
June 24 - 9
1.43.Bypassing NAT When NAT Control Is Enabled Using Identity NATMar 29 - 9
June 24 - 10
1.44.Bypassing NAT When NAT Control Is Enabled Using NAT ExemptionMar 29 - 9
June 24 - 10
1.45.Port Redirection Using NATMar 29 - 8
June 24 - 9
1.46.Tuning Default Connection Limits and TimeoutsMar 29 - 6
June 24 - 8
1.47.Basic Interface Access Lists and Access Group (Inbound and Outbound)Mar 29 - 8
June 24 - 9
1.48.Time-Based Access ListsMar 29 - 8
June 24 - 9
1.49.ICMP CommandsMar 29 - 8
June 24 - 9
1.50.Enabling Syslog and ParametersMar 29 - 6
June 24 - 7
1.51.NTP with AuthenticationMar 29 - 9
June 24 - 9
1.52.Object Groups (Network, Protocol, ICMP, and Services)Mar 29 - 9
June 24 - 9
1.53.Nested Object GroupsMar 29 - 9
June 24 - 9
1.54.URL FilteringMar 29 - 8
June 24 - 9
1.55.Java FilteringMar 29 - 8
June 24 - 9
1.56.ActiveX FilteringMar 29 - 8
June 24 - 9
1.57.ARP InspectionMar 29 - 6
June 24 - 7
1.58.Modular Policy Framework (MPF)Mar 29 - 7
June 24 - 8
1.59.Application-Aware InspectionMar 29 - 7
June 24 - 8
1.60.Identifying Injected Errors in Troubleshooting ScenariosMar 29 - 6
June 24 - 7
1.61.Understanding and Interpreting Adaptive Security Appliance show and debug OutputsMar 29 - 6
June 24 - 7
1.62.Understanding and Interpreting the packet-tracer and capture CommandsMar 29 - 8
June 24 - 9
2Implementing Secure Networks Using Cisco IOS Firewalls
Configuring and Troubleshooting Cisco IOS FirewallsMar 29 Overall - 6
June 24 Overall - 7
2.01.Zone-Based Policy Firewall Using Multiple-Zone ScenariosMar 29 - 7
June 24 - 8
2.02.Transparent Cisco IOS Firewall (Layer 2)Mar 29 - 3
June 24 - 9
2.03.Context-Based Access Control (CBAC)Mar 29 - 6
June 24 - 8
2.04.Proxy Authentication (Auth Proxy)Mar 29 - 6
June 24 - 7
2.05.Port-to-Application Mapping (PAM) Usage with ACLsMar 29 - 5
June 24 - 8
2.06.Use of PAM to Change System Default PortsMar 29 - 5
June 24 - 9
2.07.PAM Custom Ports for Specific ApplicationsMar 29 - 5
June 24 - 9
2.08.Mapping Nonstandard Ports to Standard ApplicationsMar 29 - 5
June 24 - 9
2.09.Performance TuningMar 29 - 4
June 24 - 6
2.10.Tuning Half-Open ConnectionsMar 29 - 5
June 24 - 7
2.11.Understanding and Interpreting the show ip port-map CommandsMar 29 - 5
June 24 - 8
2.12.Understanding and Interpreting the show ip inspect CommandsMar 29 - 8
June 24 - 9
2.13.Understanding and Interpreting the debug ip inspect CommandsMar 29 - 7
June 24 - 8
2.14.Understanding and Interpreting the show zone|zone-pair CommandsMar 29 - 7
June 24 - 8
2.15.Understanding and Interpreting the debug zone CommandsMar 29 - 7
June 24 - 8
3Implementing Secure Networks Using Cisco VPN Solutions
Configuring and Troubleshooting Cisco VPN SolutionsMar 29 Overall - 7
June 24 - 8
3.01.Understanding Cryptographic Protocols (ISAKMP, IKE, ESP, Authentication Header, CA)Mar 29 - 8
June 24 - 9
3.02.IPsec VPN Architecture on Cisco IOS Software and Cisco ASA Security ApplianceMar 29 - 8
June 24 - 9
3.03.Configuring VPNs Using ISAKMP ProfilesMar 29 - 8
June 24 - 9
3.04.Configuring VPNs Using IPsec ProfilesMar 29 - 8
June 24 - 9
3.05.GRE over IPsec Using IPsec ProfilesMar 29 - 8
June 24 - 9
3.06.Router-to-Router Site-to-Site IPsec Using the Classical Command Set (Using Preshared Keys and Certificates)Mar 29 - 8
June 24 - 9
3.07.Router-to-Router Site-to-Site IPsec Using the New VTI Command Set (Using Preshared Keys and Certificates)Mar 29 - 9
June 24 - 9
3.08.Router-to-ASA Site-to-Site IPsec (Using Preshared Keys and Certificates)Mar 29 - 8
June 24 - 9
3.09.Understanding DMVPN architecture (NHRP, mGRE, IPsec, Routing)Mar 29 - 8
June 24 - 9
3.10.DMVPN Using NHRP and mGRE (Hub-and-Spoke)Mar 29 - 8
June 24 - 9
3.11.DMVPN Using NHRP and mGRE (Full-Mesh)Mar 29 - 8
June 24 - 9
3.12.DMVPN Through Firewalls and NAT DevicesMar 29 - 6
June 24 - 9
3.13.Understanding GET VPN Architecture (GDOI, Key Server, Group Member, Header Preservation, Policy, Rekey, KEK, TEK, and COOP)Mar 29 - 6
June 24 - 8
3.14.Implementing GET VPN (Using Preshared Keys and Certificates)Mar 29 - 8
June 24 - 9
3.15.GET VPN Unicast RekeyMar 29 - 6
June 24 - 9
3.16.GET VPN Multicast RekeyMar 29 - 6
June 24 - 7
3.17.GET VPN Group Member Authorization ListMar 29 - 6
June 24 - 6
3.18.GET VPN Key Server RedundancyMar 29 - 7
June 24 - 7
3.19.GET VPN Through Firewalls and NAT DevicesMar 29 - 6
June 24 - 8
3.20.Integrating GET VPN with a DMVPN SolutionMar 29 - 8
June 24 - 8
3.21.Basic VRF-Aware IPsecMar 29 - 4
June 24 - 7
3.22.Enabling the CA (PKI) Server (on the Router and Cisco ASA Security Appliance)Mar 29 - 8
June 24 - 9
3.23.CA Enrollment Process on a Router ClientMar 29 - 8
June 24 - 9
3.24.CA Enrollment Process on a Cisco ASA Security Appliance ClientMar 29 - 8
June 24 - 9
3.25.CA Enrollment Process on a PC ClientMar 29 - 8
June 24 - 9
3.26.Clientless SSL VPN (Cisco IOS WebVPN) on the Cisco ASA Security Appliance (URLs)Mar 29 - 8
June 24 - 8
3.27.AnyConnect VPN Client on Cisco IOS SoftwareMar 29 - 8
June 24 - 9
3.28.AnyConnect VPN Client on the Cisco ASA Security ApplianceMar 29 - 8
June 24 - 9
3.29.Remote Access Using a Traditional Cisco VPN Client – on a Cisco IOS RouterMar 29 - 8
June 24 - 8
3.30.Remote Access Using a Traditional Cisco VPN Client – on a Cisco ASA Security ApplianceMar 29 - 8
June 24 - 8
3.31.Cisco Easy VPN – Router Server and Router Client (Using DVTI)Mar 29 - 8
June 24 - 8
3.32.Cisco Easy VPN – Router Server and Router Client (Using Classical Style)Mar 29 - 8
June 24 - 8
3.33.Cisco Easy VPN – Cisco ASA Server and Router ClientMar 29 - 5
June 24 - 7
3.34.Cisco Easy VPN Remote Connection Modes (Client, Network, Network+)Mar 29 - 6
June 24 - 8
3.35.Enabling Extended Authentication (XAUTH) on Cisco IOS Software and the Cisco ASA Security ApplianceMar 29 - 6
June 24 - 8
3.36.Enabling Split Tunneling on Cisco IOS Software and the Cisco ASA Security ApplianceMar 29 - 8
June 24 - 9
3.37.Enabling Reverse Route Injection (RRI) on Cisco IOS Software and the Cisco ASA Security ApplianceMar 29 - 8
June 24 - 9
3.38.Enabling NAT-T on Cisco IOS Software and the Cisco ASA Security ApplianceMar 29 - 7
June 24 - 8
3.39.High-Availability Stateful Failover for IPsec with Stateful Switchover (SSO) and Hot Standby Router Protocol (HSRP)Mar 29 - 6
June 24 - 7
3.40.High Availability Using Link Resiliency (with Loopback Interface for Peering)Mar 29 - 6
June 24 - 8
3.41.High Availability Using HSRP and RRIMar 29 - 6
June 24 - 8
3.42.High Availability Using IPsec Backup PeersMar 29 - 7
June 24 - 8
3.43.High Availability Using GRE over IPsec (Dynamic Routing)Mar 29 - 6
June 24 - 7
3.44.Basic QoS Features for VPN Traffic on Cisco IOS Software and the Cisco ASA Security ApplianceMar 29 - 6
June 24 - 7
3.45.Identifying Injected Errors in Troubleshooting Scenarios (for Site-to-Site, DMVPN, GET VPN, and Cisco Easy VPN)Mar 29 - 7
June 24 - 8
3.46.Understanding and Interpreting the show crypto CommandsMar 29 - 8
June 24 - 8
3.47.Understanding and Interpreting the debug crypto CommandsMar 29 - 8
June 24 - 8
4Configuring Cisco IPS to Mitigate Network Threats
Configuring and Troubleshooting Cisco IPSMar 29 Overall - 4
June 24 Overall - 7
4.01.Understanding Cisco IPS System Architecture (System Design, MainApp, SensorApp, EventStore)Mar 29 - 5
June 24 - 7
4.02.Understanding Cisco IPS User Roles (Administrator, Operator, Viewer, Service)Mar 29 - 5
June 24 - 7
4.03.Understanding Cisco IPS Command Modes (Privileged, Global, Service, Multi-Instance)Mar 29 - 3
June 24 - 6
4.04.Understanding Cisco IPS Interfaces (Command and Control, Sensing, Alternate TCP Reset)Mar 29 - 5
June 24 - 7
4.05.Understanding Promiscuous (IDS) vs. Inline (IPS) MonitoringMar 29 - 7
June 24 - 9
4.06.Initialization Basic Sensor (IP Address, Mask, Default Route, etc.)Mar 29 - 8
June 24 - 10
4.07.Troubleshooting Basic Connectivity IssuesMar 29 - 8
June 24 - 9
4.08.Managing Sensor ACLsMar 29 - 8
June 24 - 9
4.09.Allowing Services Ping and Telnet from/to Cisco IPSMar 29 - 7
June 24 - 8
4.10.Enabling Physical InterfacesMar 29 - 8
June 24 - 10
4.11.Promiscuous ModeMar 29 - 6
June 24 - 8
4.12.Inline Interface ModeMar 29 - 6
June 24 - 9
4.13.Inline VLAN Pair ModeMar 29 - 6
June 24 - 9
4.14.VLAN Group ModeMar 29 - 4
June 24 - 7
4.15.Inline Bypass ModeMar 29 - 4
June 24 - 5
4.16.Interface NotificationsMar 29 - 4
June 24 - 6
4.17.Understanding the Analysis EngineMar 29 - 3
June 24 - 6
4.18.Creating Multiple Security Policies and Applying Them to Individual Virtual SensorsMar 29 - 5
June 24 - 7
4.19.Understanding and Configuring Virtual Sensors (vs0, vs1)Mar 29 - 5
June 24 - 8
4.20.Assigning Interfaces to the Virtual SensorMar 29 - 6
June 24 - 9
4.21.Understanding and Configuring Event Action Rules (rules0, rules1)Mar 29 - 4
June 24 - 7
4.22.Understanding and Configuring Signatures (sig0, sig1)Mar 29 - 4
June 24 - 7
4.23.Adding Signatures to Multiple Virtual SensorsMar 29 - 5
June 24 - 8
4.24.Understanding and Configuring Anomaly Detection (ad0, ad1)Mar 29 - 3
June 24 - 6
4.25.Using the Cisco IDM (IPS Device Manager)Mar 29 - 6
June 24 - 7
4.26.Using Cisco IDM Event MonitoringMar 29 - 6
June 24 - 8
4.27.Displaying Events Triggered Using the Cisco IPS ConsoleMar 29 - 4
June 24 - 8
4.28.Troubleshooting Events Not TriggeringMar 29 - 2
June 24 - 5
4.29.Displaying and Capturing Live Traffic on the Cisco IPS Console (Packet Display and Packet Capture)Mar 29 - 4
June 24 - 6
4.30.SPAN and RSPANMar 29 - 8
June 24 - 8
4.31.Rate LimitingMar 29 - 4
June 24 - 5
4.32.Configuring Event Action VariablesMar 29 - 4
June 24 - 7
4.33.Target Value RatingsMar 29 - 4
June 24 - 7
4.34.Event Action OverridesMar 29 - 4
June 24 - 6
4.35.Event Action FiltersMar 29 - 4
June 24 - 7
4.36.Configuring General SettingsMar 29 - 4
June 24 - 6
4.37.General Signature ParametersMar 29 - 4
June 24 - 7
4.38.Alert FrequencyMar 29 - 4
June 24 - 6
4.39.Alert SeverityMar 29 - 4
June 24 - 8
4.40.Event CounterMar 29 - 4
June 24 - 6
4.41.Signature Fidelity RatingMar 29 - 4
June 24 - 7
4.42.Signature StatusMar 29 - 4
June 24 - 7
4.43.Assigning Actions to SignaturesMar 29 - 5
June 24 - 8
4.44.AIC SignaturesMar 29 - 3
June 24 - 6
4.45.IP Fragment ReassemblyMar 29 - 3
June 24 - 5
4.46.TCP Stream ReassemblyMar 29 - 3
June 24 - 5
4.47.IP LoggingMar 29 - 3
June 24 - 5
4.48.Configuring SNMPMar 29 - 2
June 24 - 5
4.49.Signature Tuning (Severity Levels, Throttle Parameters, Event Actions)Mar 29 - 3
June 24 - 6
4.50.Creating Custom Signatures (Using the CLI and Cisco IDM)Mar 29 - 5
June 24 - 7
4.51.Understanding Various Types of Signature EnginesMar 29 - 3
June 24 - 6
4.52.Understanding Various Types of Signature VariablesMar 29 - 3
June 24 - 6
4.53.Understanding Various Types of Event ActionsMar 29 - 3
June 24 - 6
4.54.Understanding New Cisco IPS 6.0 Features (e.g., Deny Packets for High-Risk Events by Default)Mar 29 - 3
June 24 - 7
4.55.Creating a Custom String TCP SignatureMar 29 - 3
June 24 - 7
4.56.Creating a Custom Flood Engine SignatureMar 29 - 3
June 24 - 5
4.57.Creating a Custom AIC MIME-Type Engine SignatureMar 29 - 3
June 24 - 5
4.58.Creating a Custom Service HTTP SignatureMar 29 - 5
June 24 - 6
4.59.Creating a Custom Service FTP SignatureMar 29 - 3
June 24 - 5
4.60.Creating a Custom ATOMIC.ARP Engine SignatureMar 29 - 3
June 24 - 5
4.61.Creating a Custom ATOMIC.IP Engine SignatureMar 29 - 3
June 24 - 7
4.62.Creating a Custom TCP Sweep SignatureMar 29 - 3
June 24 - 5
4.63.Creating a Custom ICMP Sweep SignatureMar 29 - 3
June 24 - 5
4.64.Creating a Custom Trojan Engine SignatureMar 29 - 3
June 24 - 5
4.65.Enabling Shunning and Blocking (Enabling Blocking Properties)Mar 29 - 5
June 24 - 7
4.66.Shunning on a RouterMar 29 - 2
June 24 - 7
4.67.Shunning on the Cisco ASA Security ApplianceMar 29 - 6
June 24 - 8
4.68.Enabling the TCP Reset FunctionMar 29 - 4
June 24 - 7
4.69.Cisco IOS IPS on a Router Using Version 5.x Format SignaturesMar 29 - 3
June 24 - 10
4.70.Loading a Version 5.x Signature File onto the RouterMar 29 - 3
June 24 - 10
4.71.Understanding the Signature Engines for Cisco IOS IPSMar 29 - 3
June 24 - 7
4.72.Transparent Cisco IOS IPSMar 29 - 2
June 24 - 7
5Implementing Identity ManagementMar 29 Overall - 3
June 24 - 6
Configuring and Troubleshooting Identity ManagementMar 29 Overall - 9
June 24 Overall - 9
5.01Understanding the AAA FrameworkMar 29 - 6
June 24 - 8
5.02Understanding the RADIUS ProtocolMar 29 - 6
June 24 - 8
5.03Understanding RADIUS Attributes (Cisco AV-PAIRS)Mar 29 - 6
June 24 - 8
5.04Understanding the TACACS+ ProtocolMar 29 - 6
June 24 - 8
5.05Understanding TACACS+ AttributesMar 29 - 6
June 24 - 7
5.06Comparison of RADIUS and TACACS+Mar 29 - 6
June 24 - 7
5.07Configuring Basic LDAP SupportMar 29 - 6
June 24 - 8
5.08Overview of Cisco Secure ACSMar 29 - 6
June 24 - 8
5.09How to Navigate Cisco Secure ACSMar 29 - 7
June 24 - 9
5.10.Cisco Secure ACS – Network Settings ParametersMar 29 - 7
June 24 - 7
5.11.Cisco Secure ACS – User Settings ParametersMar 29 - 6
June 24 - 8
5.12.Cisco Secure ACS – Group Settings ParametersMar 29 - 6
June 24 - 8
5.13.Cisco Secure ACS – Shared Profiles Components (802.1X, NAF, NAR, Command Author, Downloadable ACL, etc.)Mar 29 - 4
June 24 - 6
5.14.Cisco Secure ACS – Shell Command Authorization Sets Using Both Per-Group Setup and Shared ProfilesMar 29 - 3
June 24 - 7
5.15.Cisco Secure ACS – System Configuration ParametersMar 29 - 4
June 24 - 6
5.16.Cisco Secure ACS – Posture Validation Policies for NAC SetupMar 29 - 1
June 24 - 8
5.17.Cisco Secure ACS – Using Network Access Profiles (NAPs)Mar 29 - 1
June 24 - 6
5.18.Cisco Secure ACS – MAC Authentication Bypass (MAB) Using NAPMar 29 - 1
June 24 - 4
5.19.Enabling AAA on a Router for vty LinesMar 29 - 6
June 24 - 8
5.20.Enabling AAA on a Switch for vty LinesMar 29 - 6
June 24 - 8
5.21.Enabling AAA on a Router for HTTPMar 29 - 6
June 24 - 8
5.22.Enabling AAA on the Cisco ASA Security Appliance for Telnet and SSH ProtocolsMar 29 - 7
June 24 - 8
5.23.Using Default vs. Named Method ListsMar 29 - 7
June 24 - 9
5.24.Complex Command Authorization and Privilege Levels, and Relevant Cisco Secure ACS ProfilesMar 29 - 3
June 24 - 6
5.25.Proxy Service Authentication and Authorization on the Cisco ASA Security Appliance for Pass-Through Traffic (FTP, Telnet, and HTTP), and Relevant Cisco Secure ACS ProfilesMar 29 - 5
June 24 - 8
5.26.Using Virtual Telnet on the Cisco ASA Security ApplianceMar 29 - 2
June 24 - 10
5.27.Using Virtual HTTP on the Cisco ASA Security ApplianceMar 29 - 2
June 24 - 9
5.28.Downloadable ACLsMar 29 - 6
June 24 - 7
5.29.AAA 802.1X Authentication Using RADIUS on a SwitchMar 29 - 3
June 24 - 9
5.30.NAC-L2-802.1X on a SwitchMar 29 - 3
June 24 - 7
5.31.NAC-L2-IP on a SwitchMar 29 - 3
June 24 - 6
5.32.Troubleshooting Failed AAA Authentication or AuthorizationMar 29 - 6
June 24 - 7
5.33.Troubleshooting Using Cisco Secure ACS LogsMar 29 - 6
June 24 - 8
5.34.Using the test aaa Command on the Router, Switch, or Cisco ASA Security ApplianceMar 29 - 6
June 24 - 9
5.35.Understanding and Interpreting the debug radius CommandMar 29 - 5
June 24 - 8
5.36.Understanding and Interpreting the debug tacacs+ CommandMar 29 - 5
June 24 - 7
5.37.Understanding and Interpreting the debug aaa authentication CommandMar 29 - 6
June 24 - 7
5.38.Understanding and Interpreting the debug aaa authorization CommandMar 29 - 6
June 24 - 7
5.39.Understanding and Interpreting the debug aaa accounting CommandMar 29 - 6
June 24 - 7
6Implementing Control Plane and Management Plane Security
Configuring and Troubleshooting Router Traffic Plane SecurityMar 29 - 6
June 24 - 7
6.01Understanding Four Types of Traffic Planes on a Cisco Router (Control, Management, Data, and Services)Mar 29 - 6
June 24 - 8
6.02Understanding Control Plane Security Technologies and Core Concepts Covering Security Features Available to Protect the Control PlaneMar 29 - 6
June 24 - 8
6.03Understanding Management Plane Security Technologies and Core Concepts Covering Security Features Available to Protect the Management PlaneMar 29 - 6
June 24 - 8
6.04Configuring Control Plane Policing (CoPP)Mar 29 - 6
June 24 - 8
6.05Control Plane Rate LimitingMar 29 - 5
June 24 - 7
6.06Disabling Unused Control Plane Services (IP Source Routing, Proxy ARP, Gratuitous ARP, etc.)Mar 29 - 7
June 24 - 8
6.07Disabling Unused Management Plane Services (Finger, BOOTP, DHCP, Cisco Discovery Protocol, etc.)Mar 29 - 7
June 24 - 8
6.08MPP (Management Plane Protection) and Understanding OOB (Out-of-Band) Management InterfacesMar 29 - 4
June 24 - 7
6.09Configuring Protocol AuthenticationMar 29 - 8
June 24 - 9
6.1Route Filtering and Protocol-Specific FiltersMar 29 - 6
June 24 - 7
6.11ICMP Techniques to Reduce the Risk of ICMP-Related DoS Attacks (IP Unreachable, IP Redirect, IP Mask Reply, etc.)Mar 29 - 6
June 24 - 8
6.12Selective Packet Discard (SPD)Mar 29 - 3
June 24 - 6
6.13MQC and FPM Types of Service Policy on the CoPP InterfaceMar 29 - 5
June 24 - 7
6.14Broadcast Control on a SwitchMar 29 - 4
June 24 - 7
6.15Catalyst Switch Port SecurityMar 29 - 6
June 24 - 8
6.16Cisco IOS Software-Based CPU Protection Mechanisms (Options Drop, Logging Interval, CPU Threshold)Mar 29 - 5
June 24 - 7
6.17The Generalized TTL Security Mechanism Known as “BGP TTL Security Hack” (BTSH)Mar 29 - 7
June 24 - 8
6.18Device Access Control (vty ACL, HTTP ACL, SSH Access, Privilege Levels)Mar 29 - 6
June 24 - 8
6.19SNMP SecurityMar 29 - 4
June 24 - 5
6.2System BannersMar 29 - 5
June 24 - 6
6.21Secure Cisco IOS File SystemsMar 29 - 5
June 24 - 7
6.22Understanding and Enabling SyslogMar 29 - 5
June 24 - 7
6.23NTP with AuthenticationMar 29 - 5
June 24 - 8
6.24Role-Based CLI Views and Cisco Secure ACS SetupMar 29 - 3
June 24 - 7
6.25Service Authentication on Cisco IOS Software (FTP, Telnet, HTTP)Mar 29 - 5
June 24 - 7
6.26Network Telemetry Identification and Classification of Security Events (IP Traffic Flow, NetFlow, SNMP, Syslog, RMON)Mar 29 - 4
June 24 - 7
7Configuring Advanced Security
Configuring and Troubleshooting Advanced Security FeaturesMar 29 Overall - 5
June 24 Overall - 7
7.01Implementing RFC 1918 Antispoofing FilteringMar 29 - 8
June 24 - 10
7.02Implementing RFC 2827 Antispoofing FilteringMar 29 - 5
June 24 - 7
7.03Implementing RFC 2401 Antispoofing FilteringMar 29 - 5
June 24 - 7
7.04Marking Packets Using DSCP and IP Precedence and Other ValuesMar 29 - 4
June 24 - 6
7.05Unicast RPF (uRPF) With or Without an ACL (Strict and Loose Mode)Mar 29 - 5
June 24 - 8
7.06RTBH Filtering (Remote Triggered Black Hole)Mar 29 - 2
June 24 - 7
7.07Basic Traffic Filtering Using Access Lists: SYN Flags, Established, etc. (Named vs. Numbered ACLs)Mar 29 - 6
June 24 - 8
7.08Managing Time-Based Access ListsMar 29 - 6
June 24 - 8
7.09Enabling NAT and PAT on a RouterMar 29 - 6
June 24 - 7
7.1Conditional NAT on a RouterMar 29 - 6
June 24 - 8
7.11Multihome NAT on a RouterMar 29 - 5
June 24 - 7
7.12Enabling a TCP Intercept on a RouterMar 29 - 4
June 24 - 7
7.13Enabling a TCP Intercept on the Cisco ASA Security ApplianceMar 29 - 5
June 24 - 7
7.14FPM (Flexible Packet Matching) and Protocol Header Definition File (PHDF) Files and Configuration of Nested Policy MapsMar 29 - 2
June 24 - 6
7.15CAR Rate Limiting with Traffic Classification Using ACLsMar 29 - 4
June 24 - 8
7.16PBR (Policy-Based Routing) and Use of Route MapsMar 29 - 4
June 24 - 5
7.17Advanced MQC (Modular QoS CLI) on a RouterMar 29 - 5
June 24 - 7
7.18Advanced Modular Policy Framework (MPF) on the Cisco ASA Security ApplianceMar 29 - 6
June 24 - 7
7.19.Classification Using NBARMar 29 - 5
June 24 - 8
7.20.Understanding and Enabling NetFlow on a RouterMar 29 - 5
June 24 - 7
7.21Traffic Policing on a RouterMar 29 - 5
June 24 - 6
7.22Port Security on a SwitchMar 29 - 6
June 24 - 8
7.23Storm Control on a SwitchMar 29 - 4
June 24 - 7
7.24Private VLAN (PVLAN) on a SwitchMar 29 - 4
June 24 - 7
7.25Port Blocking on a SwitchMar 29 - 5
June 24 - 7
7.26Port ACL on a SwitchMar 29 - 3
June 24 - 5
7.27MAC ACL on a SwitchMar 29 - 2
June 24 - 5
7.28VLAN ACL on a SwitchMar 29 - 2
June 24 - 5
7.29Spanning Tree Protocol (STP) Protection Using BPDU Guard and Loop Guard on a SwitchMar 29 - 3
June 24 - 6
7.3DHCP Snooping on a SwitchMar 29 - 3
June 24 - 7
7.31IP Source Guard on a SwitchMar 29 - 3
June 24 - 7
7.32Dynamic ARP Inspection (DAI) on a SwitchMar 29 - 3
June 24 - 6
7.33Disabling DTP on All Nontrunking Access PortsMar 29 - 3
June 24 - 9
8Identifying and Mitigating Network Attacks
Configuring and Troubleshooting Network Attacks
Note: This section uses the same products and technologies discussed in all the previous sections above particularly the “Configuring Advanced Security” section, but with greater focus and emphasis on reactive measures and attack mitigationMar 29 Overall - 4
June 24 Overall - 6
8.01Concept of Proactive vs. Reactive MeasuresMar 29 - 6
June 24 - 7
8.02Knowledge of Protocols: TCP, UDP, HTTP, SMTP, ICMP, FTPMar 29 - 7
June 24 - 8
8.03Knowledge of Common Attacks: Network Reconnaissance, IP Spoofing, DHCP Snooping, DNS Spoofing, MAC Spoofing, ARP Snooping, Fragment Attack, Smurf Attack, TCP SYN AttackMar 29 - 6
June 24 - 7
8.04Understanding and Interpreting ARP Header StructureMar 29 - 4
June 24 - 7
8.05Understanding and Interpreting IP Header StructureMar 29 - 4
June 24 - 7
8.06Understanding and Interpreting TCP Header StructureMar 29 - 4
June 24 - 7
8.07Understanding and Interpreting UDP Header StructureMar 29 - 4
June 24 - 7
8.08Understanding and Interpreting HTTP Header StructureMar 29 - 4
June 24 - 6
8.09Understanding and Interpreting ICMP Header structureMar 29 - 4
June 24 - 7
8.1Understanding and Interpreting ICMP Type Name and CodesMar 29 - 5
June 24 - 7
8.11Understanding and Interpreting Syslog MessagesMar 29 - 5
June 24 - 7
8.12Understanding and Interpreting Packet Capture Outputs (Sniffer, Ethereal, Wireshark, TCPDump)Mar 29 - 6
June 24 - 7
8.13Understanding Different Types of Attack VectorsMar 29 - 5
June 24 - 7
8.14Interpreting Various show and debug OutputsMar 29 - 5
June 24 - 7
8.15Traffic CharacterizationMar 29 - 6
June 24 - 8
8.16Packet ClassificationMar 29 - 5
June 24 - 7
8.17Packet-Marking TechniquesMar 29 - 4
June 24 - 6
8.18Classifying Attack Patterns Using FPMMar 29 - 3
June 24 - 7
8.19Memorizing Common Protocol and Port NumbersMar 29 - 6
June 24 - 8
8.2Preventing an ICMP Attack Using ACLsMar 29 - 6
June 24 - 8
8.21Preventing an ICMP Attack Using NBARMar 29 - 5
June 24 - 7
8.22Preventing an ICMP Attack Using PolicingMar 29 - 5
June 24 - 7
8.23Preventing an ICMP Attack Using the Modular Policy Framework (MPF) on the Cisco ASA Security ApplianceMar 29 - 5
June 24 - 7
8.24Preventing a SYN Attack Using ACLsMar 29 - 5
June 24 - 7
8.25Preventing a SYN Attack Using NBARMar 29 - 5
June 24 - 7
8.26Preventing a SYN Attack Using PolicingMar 29 - 5
June 24 - 7
8.27Preventing a SYN Attack Using CBACMar 29 - 6
June 24 - 8
8.28Preventing a SYN Attack Using CARMar 29 - 5
June 24 - 7
8.29Preventing a SYN Attack Using a TCP InterceptMar 29 - 5
June 24 - 7
8.3Preventing a SYN Attack Using the Modular Policy Framework (MPF) on the Cisco ASA Security ApplianceMar 29 - 6
June 24 - 7
8.31Preventing Application Protocol–Specific Attacks Using FPM (e.g., HTTP, SMTP)Mar 29 - 3
June 24 - 7
8.32Preventing Application Protocol–Specific Attacks Using NBAR (e.g., HTTP, SMTP)Mar 29 - 3
June 24 - 7
8.33Preventing Application Protocol–Specific Attacks Using the Modular Policy Framework (MPF) on the Cisco ASA Security Appliance (e.g., HTTP, SMTP)Mar 29 - 4
June 24 - 7
8.34Preventing IP Spoofing Attacks Using Antispoofing ACLsMar 29 - 5
June 24 - 7
8.35Preventing IP Spoofing Attacks Using uRPFMar 29 - 5
June 24 - 7
8.36Preventing IP Spoofing Attacks Using IP Source GuardMar 29 - 5
June 24 - 7
8.37Preventing Fragment Attacks Using ACLsMar 29 - 5
June 24 - 7
8.38Preventing MAC Spoofing Attacks Using Port SecurityMar 29 - 5
June 24 - 8
8.39Preventing ARP Spoofing Attacks Using DAIMar 29 - 4
June 24 - 6
8.4Preventing VLAN Hopping Attacks Using the switchport mode access CommandMar 29 - 4
June 24 - 9
8.41Preventing STP Attacks Using the Root Guard or BPDU GuardMar 29 - 4
June 24 - 8
8.42Preventing DHCP Spoofing Attacks Using Port SecurityMar 29 - 5
June 24 - 7
8.43Preventing DHCP Spoofing Attacks Using DAIMar 29 - 4
June 24 - 6
8.44Preventing Port Redirection Attacks Using ACLsMar 29 - 4
June 24 - 6

Study Hours

March 24 – 20:00-

Comments are closed.