MCSEClasses Certification Training Boot Camp

MCSE MCSD MCDBA Cisco CIW Linux Oracle Java Security

12 Certification - Multi-Security Boot Camp - MCSA/MCSE: Windows 2003 Security, CISSP, Ethical Hacking, CCENT/ CCNA/ CCNA-Security/ CCSP

Course Length:	50 days
Certifications:	MCP MCSA MCSE MCSA: Security MCSE: Security CompTIA Security+ CISSP EC-Council CEH CCENT CCNA CCSP Cisco ASA Specialist
Number of Exams:	15
Cisco® Credits:	200

Class Schedule

Call for Class Schedule

Includes roundtrip airfare from the UK and lodging!
Hands-on instruction by a certified instructor
Includes all course materials and practice exams
Includes all certification exams (with extra test vouchers, if needed)
Onsite Testing
Breakfast and Lunch provided each day

If airfare and lodging are not required, the price is £575 less for 2-week courses, and £285 less for one week courses.

Build your own boot camp!

This course is composed of the following certification boot camps:

The 13 Certification Multi-Security Boot Camp can be taken in separate sections and designed around your busy schedule. Select the links above to view the schedules for each section of the Multi-Security Boot Camp.

The Multi-Security Boot Camp includes up to 4 roundtrip flights to our Atlanta training center.

Call (800) 611-1840 to enroll now!

The MCSA/MCSE: Security exams support the release of Windows Server™ 2003 by identifying systems engineers who can successfully plan and implement a network infrastructure, Active Directory® infrastructure, and client deployment on the Windows 2003 platform, and perform maintenance at a high level for a medium- to large-sized Windows 2003 environment.

The MCSA/MCSE: Security on Windows Server™ 2003 credential offers IT professionals a competitive edge in today's constantly changing business environment by validating the specific experience required by the network and systems administrator job role. The certification provides employers with a means to identify those qualified individuals who have the appropriate skills set to do the job successfully.

CompTIA Security+ is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.

Microsoft Exam 70-270
Microsoft Exam 70-290
Microsoft Exam 70-291
CompTIA Security+
Microsoft Exam 70-293
Microsoft Exam 70-294
Microsoft Exam 70-298
Microsoft Exam 70-299

CED Solutions' CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam. This course reveals the necessary tools and techniques used by system administrators to defeat attacks and hack-proof their networks.

Ethical Hacking and Countermeasures will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems.

CISSP
Ethical Hacking

The CCNA certification (Cisco Certified Network Associate) indicates a foundation in and apprentice knowledge of networking. CCNA certified professionals can install, configure, and operate LAN, WAN, and dial access services for small networks (100 nodes or fewer), including but not limited to use of these protocols: IP, IGRP, Serial, Frame Relay, IP RIP, VLANs, RIP, Ethernet, Access Lists.

Interconnecting Cisco Networking Devices Part 1
Interconnecting Cisco Networking Devices Part 2

CCNA Security Certification meets the needs of IT professionals who are responsible for network security. It confirms an individual's skills for job roles such as Network Security Specialists, Security Administrators, and Network Security Support Engineers. This certification validates skills including installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security structure.

Implementing Cisco IOS Network Security

The CCSP certification (Cisco Certified Security Professional) indicates advanced knowledge of securing Cisco networks. With a CCSP, a network professional can secure and manage network infrastructures to protect productivity and reduce costs. The content emphasizes topics such as perimeter security, virtual private networks, intrusion protection as well as how to combine these technologies in a single, integrated network security solution.

Securing Networks with Cisco Routers and Switches (SNRS)
Securing Networks with ASA Foundation (SNAF)
Securing Networks with ASA Advanced (SNAA)
Securing Networks Using Intrusion Prevention Systems (IPS)

Microsoft Exam 70-270

Installing, Configuring, and Administering Microsoft Windows XP Professional

Installing Windows XP Professional

Perform an attended installation of Windows XP Professional.
Perform an unattended installation of Windows XP Professional.
Upgrade from a previous version of Windows to Windows XP Professional.
Perform post-installation updates and product activation.
Troubleshoot failed installations.

Implementing and Conducting Administration of Resources

Monitor, manage, and troubleshoot access to files and folders.
Manage and troubleshoot access to shared folders.
Connect to local and network print devices.
Configure and manage file systems.
Manage and troubleshoot access to and synchronization of offline files.

Implementing, Managing, Monitoring, and Troubleshooting Hardware Devices and Drivers

Implement, manage, and troubleshoot disk devices.
Implement, manage, and troubleshoot display devices.
Configure Advanced Configuration Power Interface (ACPI).
Implement, manage, and troubleshoot input and output (I/O) devices.
Manage and troubleshoot drivers and driver signing.
Monitor and configure multiprocessor computers.

Monitoring and Optimizing System Performance and Reliability

Monitor, optimize, and troubleshoot performance of the Windows XP Professional desktop.
Manage, monitor, and optimize system performance for mobile users.
Restore and back up the operating system, System State data, and user data.

Configuring and Troubleshooting the Desktop Environment

Configure and manage user profiles and desktop settings.
Configure support for multiple languages or multiple locations.
Manage applications by using Windows Installer packages.

Implementing, Managing, and Troubleshooting Network Protocols and Services

Configure and troubleshoot the TCP/IP protocol.
Connect to computers by using dial-up networking.
Connect to resources using Internet Explorer.
Configure, manage, and implement Internet Information Services (IIS).
Configure, manage, and troubleshoot Remote Desktop and Remote Assistance.
Configure, manage, and troubleshoot an Internet Connection Firewall (ICF).

Configuring, Managing, and Troubleshooting Security

Configure, manage, and troubleshoot Encrypting File System (EFS).
Configure, manage, and troubleshoot a security configuration and local security policy.
Configure, manage, and troubleshoot local user and group accounts.
Configure, manage, and troubleshoot Internet Explorer security settings.

[ back to top ]

Microsoft Exam 70-290

Managing and Maintaining a Microsoft Windows Server 2003 Environment

Managing and Maintaining Physical and Logical Devices

Manage basic disks and dynamic disks.
Monitor server hardware. Tools might include Device Manager, the Hardware Troubleshooting Wizard, and appropriate Control Panel items.
Optimize server disk performance.
Install and configure server hardware devices.

Managing Users, Computers, and Groups

Manage local, roaming, and mandatory user profiles.
Create and manage computer accounts in an Active Directory environment.
Create and manage groups.
Create and manage user accounts.
Troubleshoot computer accounts.
Troubleshoot user accounts.
Troubleshoot user authentication issues.

Managing and Maintaining Access to Resources

Configure access to shared folders.
Troubleshoot Terminal Services.
Configure file system permissions.
Troubleshoot access to files and shared folders.

Managing and Maintaining a Server Environment

Monitor and analyze events. Tools might include Event Viewer and System Monitor.
Manage software update infrastructure.
Manage software site licensing.
Manage servers remotely.
Troubleshoot print queues.
Monitor system performance.
Monitor file and print servers. Tools might include Task Manager, Event Viewer, and System Monitor.
Monitor and optimize a server environment for application performance.
Manage a Web server.

Managing and Implementing Disaster Recovery

Perform system recovery for a server.
Manage backup procedures.
Recover from server hardware failure.
Restore backup data.
Schedule backup jobs.

[ back to top ]

Microsoft Exam 70-291

Implementing, Managing, and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Implementing, Managing, and Maintaining IP Addressing

Configure TCP/IP addressing on a server computer.
Manage DHCP.
Troubleshoot TCP/IP addressing.
Troubleshoot DHCP.

Implementing, Managing, and Maintaining Name Resolution

Install and configure the DNS Server service.
Manage DNS.
Monitor DNS. Tools might include System Monitor, Event Viewer, Replication Monitor, and DNS debug logs.

Implementing, Managing, and Maintaining Network Security

Implement secure network administration procedures.
Monitor network protocol security. Tools might include the IP Security Monitor Microsoft Management Console (MMC) snap-in and Kerberos support tools.
Troubleshoot network protocol security. Tools might include the IP Security Monitor MMC snap-in, Event Viewer, and Network Monitor.

Implementing, Managing, and Maintaining Routing and Remote Access

Configure Routing and Remote Access user authentication.
Manage remote access.
Manage TCP/IP routing.
Implement secure access between private networks.
Troubleshoot user access to remote access services.
Troubleshoot Routing and Remote Access routing.

Maintaining a Network Infrastructure

Monitor network traffic. Tools might include Network Monitor and System Monitor.
Troubleshoot connectivity to the Internet.
Troubleshoot server services.

[ back to top ]

CompTIA Security+

CompTIA Security+ validates knowledge of systems security, network infrastructure, access control, assessments and audits, cryptography and organizational security.

The CompTIA Security+ (2008 Edition) Certification is a vendor neutral credential. The Security+ exam is an internationally recognized validation of foundation-level security skills and knowledge, and is used by organizations and security professionals around the globe. The skills and knowledge measured by this course are derived from an industry-wide Job Task Analysis (JTA) and were validated through a global survey in Q4, 2007.

Security+ is the primary course you will need to take if your job responsibilities include securing network services, network devices, and network traffic. It is also the main course you will take to prepare for the CompTIA Security+ examination (exam number SY0-201). In this course, you'll build on your knowledge and professional experience with computer hardware, operating systems, and networks as you acquire the specific skills required to implement basic security services on any type of computer network.

The CompTIA Security+ course is 3.5 days including the certification exam.

Target Student: This course is targeted toward an Information Technology (IT) professional who has networking and administrative skills in Windows-based TCP/IP networks and familiarity with other operating systems and to those who want to further a career in IT by acquiring a foundational knowledge of security topics; prepare for the CompTIA Security+ Certification examination; or use Security+ as the foundation for advanced security certifications.

Prerequisites: CompTIA A+ and Network+ certifications, or equivalent knowledge. Experience in networking, including experience configuring and managing TCP/IP is helpful.

Course Content:

Systems Security

Differentiate among various systems security threats.
Explain the security risks pertaining to system hardware and peripherals.
Implement OS hardening practices and procedures to achieve workstation and server security.
Carry out the appropriate procedures to establish application security.
Implement security applications.
Explain the purpose and application of virtualization technology.

Network Infrastructure

Differentiate between the different ports & protocols, their respective threats and mitigation techniques.
Distinguish between network design elements and components.
Determine the appropriate use of network security tools to facilitate network security.
Apply the appropriate network tools to facilitate network security.
Explain the vulnerabilities and mitigations associated with network devices.
Explain the vulnerabilities and mitigations associated with various transmission media.
Explain the vulnerabilities and implement mitigations associated with wireless networking.

Access Control

Identify and apply industry best practices for access control methods.
Explain common access control models and the differences between each.
Organize users and computers into appropriate security groups and roles while distinguishing between appropriate rights and privileges.
Apply appropriate security controls to file and print resources.
Compare and implement logical access control methods.
Summarize the various authentication models and identify the components of each.
Deploy various authentication models and identify the components of each.
Explain the difference between identification and authentication (identity proofing).
Explain and apply physical access security methods.

Assessments & Audits

Conduct risk assessments and implement risk mitigation.
Carry out vulnerability assessments using common tools.
Within the realm of vulnerability assessments, explain the proper use of penetration testing versus vulnerability scanning.
Use monitoring tools on systems and networks and detect security-related anomalies.
Compare and contrast various types of monitoring methodologies.
Execute proper logging procedures and evaluate the results.
Conduct periodic audits of system security settings.

Cryptography

Explain general cryptography concepts.
Explain basic hashing concepts and map various algorithms to appropriate applications.
Explain basic encryption concepts and map various algorithms to appropriate applications.
Explain and implement protocols.
Explain core concepts of public key cryptography.
Implement PKI and certificate management.

Organizational Security

Explain redundancy planning and its components.
Implement disaster recovery procedures.
Differentiate between and execute appropriate incident response procedures.
Identify and explain applicable legislation and organizational policies.
Explain the importance of environmental controls.
Explain the concept of and how to reduce the risks of social engineering.

[ back to top ]

Microsoft Exam 70-293

Planning and Maintaining a Microsoft Windows Server 2003 Network Infrastructure

Planning and Implementing Server Roles and Server Security

Configure security for servers that are assigned specific roles.
Plan a secure baseline installation.
Plan security for servers that are assigned specific roles. Roles might include domain controllers, Web servers, database servers, and mail servers.
Evaluate and select the operating system to install on computers in an enterprise.

Planning, Implementing, and Maintaining a Network Infrastructure

Plan a TCP/IP network infrastructure strategy.
Plan and modify a network topology.
Plan an Internet connectivity strategy.
Plan network traffic monitoring. Tools might include Network Monitor and System Monitor.
Troubleshoot connectivity to the Internet.
Troubleshoot TCP/IP addressing.
Plan a host name resolution strategy.
Plan a NetBIOS name resolution strategy.
Troubleshoot host name resolution.

Planning, Implementing, and Maintaining Routing and Remote Access

Plan a routing strategy.
Plan security for remote access users.
Implement secure access between private networks.
Troubleshoot TCP/IP routing. Tools might include the route, tracert, ping, pathping, and netsh commands and Network Monitor.

Planning, Implementing, and Maintaining Server Availability

Plan services for high availability.
Identify system bottlenecks, including memory, processor, disk, and network related bottlenecks.
Implement a cluster server.
Monitor Network Load Balancing. Tools might include the Network Load Balancing Monitor Microsoft Management Console (MMC) snap-in and the WLBS cluster control utility.
Plan a backup and recovery strategy.

Planning and Maintaining Network Security

Configure network protocol security.
Configure security for data transmission.
Plan for network protocol security.
Plan secure network administration methods.
Plan security for wireless networks.
Plan security for data transmission.
Troubleshoot security for data transmission. Tools might include the IP Security Monitor MMC snap-in and the Resultant Set of Policy (RSoP) MMC snap-in.

Planning, Implementing, and Maintaining Security Infrastructure.

Configure Active Directory directory service for certificate publication.
Plan a public key infrastructure (PKI) that uses Certificate Services.
Plan a framework for planning and implementing security.
Plan a security update infrastructure. Tools might include Microsoft Baseline Security Analyzer and Microsoft Software Update Services.

[ back to top ]

Microsoft Exam 70-294

Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure

Planning and Implementing an Active Directory Infrastructure

Plan a strategy for placing global catalog servers.
Plan flexible operations master role placement.
Implement an Active Directory directory service forest and domain structure.
Implement an Active Directory site topology.
Plan an administrative delegation strategy.

Managing and Maintaining an Active Directory Infrastructure

Manage an Active Directory forest and domain structure.
Manage an Active Directory site.
Monitor Active Directory replication failures. Tools might include Replication Monitor, Event Viewer, and support tools.
Restore Active Directory directory services.
Troubleshoot Active Directory.

Planning and Implementing User, Computer, and Group Strategies

Plan a security group strategy.
Plan a user authentication strategy.
Plan an OU structure.
Implement an OU structure.

Planning and Implementing Group Policy

Plan Group Policy strategy.
Configure the user environment by using Group Policy.
Deploy a computer environment by using Group Policy.

Managing and Maintaining Group Policy

Troubleshoot issues related to Group Policy application. deployment. Tools might include RSoP and the gpresult command.
Maintain installed software by using Group Policy.
Troubleshoot the application of Group Policy security settings. Tools might include RSoP and the gpresult command.

[ back to top ]

Microsoft Exam 70-298

Designing Security for a Microsoft Windows Server 2003 Network

Creating the Conceptual Design for Network Infrastructure Security by Gathering and Analyzing Business and Technical Requirements

Analyze business requirements for designing security. Considerations include existing policies and procedures, sensitivity of data, cost, legal requirements, end-user impact, interoperability, maintainability, scalability, and risk.
Design a framework for designing and implementing security. The framework should include prevention, detection, isolation, and recovery.
Analyze technical constraints when designing security.

Creating the Logical Design for Network Infrastructure Security

Design a public key infrastructure (PKI) that uses Certificate Services.
Design a logical authentication strategy.
Design security for network management.
Design a security update infrastructure.

Creating the Physical Design for Network Infrastructure Security

Design network infrastructure security.
Design security for wireless networks.
Design user authentication for Internet Information Services (IIS).
Design security for Internet Information Services (IIS).
Design security for communication between networks.
Design security for communication with external organizations.
Design security for servers that have specific roles. Roles include domain controller, network infrastructure server, file server, IIS server, terminal server, and POP3 mail server.

Designing an Access Control Strategy for Data

Design an access control strategy for directory services.
Design an access control strategy for files and folders.
Design an access control strategy for the registry.

Creating the Physical Design for Client Infrastructure Security

Design a client authentication strategy.
Design a security strategy for client remote access.
Design a strategy for securing client computers. Considerations include desktop and portable computers.

[ back to top ]

Microsoft Exam 70-299

Implementing and Administering Security in a Microsoft Windows Server 2003 Network

Implementing, Managing, and Troubleshooting Security Policies

Plan security templates based on computer role. Computer roles include SQL Server computer, Microsoft Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server.
Configure security templates.
Deploy security templates.
Troubleshoot security template problems.
Configure additional security based on computer roles. Server computer roles include SQL Server computer, Exchange Server computer, domain controller, Internet Authentication Service (IAS) server, and Internet Information Services (IIS) server. Client computer roles include desktop, portable, and kiosk.

Implementing, Managing, and Troubleshooting Patch Management Infrastructure

Plan the deployment of service packs and hotfixes.
Assess the current status of service packs and hotfixes. Tools include MBSA and the MBSA command-line tool.
Deploy service packs and hotfixes.

Implementing, Managing, and Troubleshooting Security for Network Communications

Plan IPSec deployment.
Configure IPSec policies to secure communication between networks and hosts. Hosts include domain controllers, Internet Web servers, databases, e-mail servers, and client computers.
Deploy and manage IPSec policies.
Troubleshoot IPSec.
Plan and implement security for wireless networks.
Deploy, manage, and configure SSL certificates, including uses for HTTPS, LDAPS, and wireless networks. Considerations include renewing certificates and obtaining self-issued certificates instead of publicly issued certificates.
Configure security for remote access users.

Planning, Configuring, and Troubleshooting Authentication, Authorization, and PKI

Plan and configure authentication.
Plan group structure.
Plan and configure authorization.
Install, manage, and configure Certificate Services.

[ back to top ]

CISSP

Businesses make substantial investments in information assets, including technology, architecture, and processes. These assets are protected on the strengths of the professionals in charge.

Industry standards, ethics and certification of IS professionals becomes critical to ensuring that higher standards for security are achieved. Training for the CISSP exam covers all ten domains of the Common Body of Knowledge.

This course should be attended by network and firewall administrators, information security officers, and anyone interested in understanding the principles, best practices, and core concepts of information systems security.

Please Note: The CISSP exam is one of only two exams not available at CED Solutions, LLC. It is only offered by (ISC)². (ISC)² will not accept third party payments or applications for any (ISC)² examination.

The cost of the CISSP exam is NOT included in the price of the boot camp. You are responsible for the cost of the CISSP exam and scheduling the exam. The cost is $549.00 if scheduled 16 days in advance and $599.00 if it is within 16 days of the exam date.

You will need to register through (ISC)² in advance to confirm that you get a seat in the Atlanta location for the last day of class. If you are unable to get a seat on that date, you can schedule to take the exam in one of the other (ISC)² locations close to your home.

You can register for your exam at the Atlanta (ISC)² location throught the (ISC)² website:
https://www.isc2.org/cgi-bin/content.cgi?category=542

Course Overview

CED Solutions' CISSP training is an advanced course designed to meet the high demands of the information security industry by preparing students for the Certified Information Systems Security Professional (CISSP) exam. This certification is managed by the internationally recognized and highly prestigious International Information Systems Security Certifications Consortium ISC.

The exam covers ISC's ten domains from the Common Body of Knowledge (CBK), encompassing the whole of information security. The exam consists of 250 multiple-choice questions. Candidates have up to 6 hours to complete the examination.

Course materials reflect the latest information system security issues, concerns, and countermeasures.

Discusses all ten domains of Common Body of Knowledge (CBK), helping to prepare for the CISSP exam.
The CBK is the compilation and distillation of all information systems security material collected internationally of relevance to information system security professionals.
Ensures information system security professionals have an opportunity to review the CBK in-depth, in preparation for the certification examination and to stay current on the ever-evolving domains within the information system security field.
Presents a high-level review of the main topics
Identifies specific areas students should study for exam preparation
Provides an overview of the scope of the field

Course Outline

Security Management Practices

Security management concepts
Policies, standards, guidelines, and procedures
Security awareness concepts
Risk management practices
Basic information on classification levels
Security management entails the identification of an organization's information assets and the development, documentation, and implementation of policies, standards, procedures, and guidelines.
Management tools such as data classification and risk assessment and analysis are used to identify threats, classify assets, and to rate system vulnerabilities so that effective controls can be implemented.

Access Control Systems

Access controls are a collection of administrative, physical, and technical mechanisms that work together within a security architecture to protect the assets of an information system. Coverage of the threats, vulnerabilities, and risks associated with an information system's infrastructure, and the available preventive and detective measures to counter them.

Telecommunications, Network, and Internet Security

Network Structures
Transmission methods
Transport formats
Security measures providing availability, integrity, and confidentiality
Authentication for transmissions over public and private communications networks

Cryptography

Addresses the principles, means, and methods of disguising information to ensure its integrity, confidentiality and authenticity.
Definitions
History
Cryptology Fundamentals
Symmetric Key Cryptosystem Fundamentals
Asymmetric Key Cryptosystem Fundamentals
Key Distribution and Management Issues
Public Key Infrastructure Definitions and Concepts

Security Architecture and Models

Concepts, principles, structures, and standards used to design, monitor, and secure operating systems, equipment, networks, applications and those controls used to enforce various levels of confidentiality, availability, and integrity.
Computer organization
Hardware components
Software/firmware components
Open systems
Distributed systems
Protection mechanisms
Evaluation criteria
Certification and accreditation
Formal security models
Confidentiality models
Integrity models
Information flow models

Operations Security

Identifies the controls over hardware and media, and the operators and administrators with access privileges to any of these resources. Auditing and monitoring provide the mechanisms, tools, and facilities that permit the identification of security events. Subsequent actions identify key elements and report pertinent information to the appropriate individual, group, or process.

Applications and Systems Development Security

Addresses the important security concepts that apply to application software development. Outlines the environment where software is designed and developed and explains the critical role software plays in providing information system security.
The software development life cycle
Object-oriented systems
Artificial intelligence systems
Database security issues
Data warehousing
Data mining
Application controls

Business Continuity Planning and Disaster Recovery Planning

Addresses the preservation and recovery of business operations in the event of outages. Differences between business continuity planning and disaster recovery.
Project scope and planning, business impact analysis
Recovery strategies
Recovery plan development
Implementation
Recovery plan development, implementation and restoration

Law, Investigations, and Ethics

Computer crime laws and regulations
The measures and technologies used to investigate computer crime incidents
Laws applying to computer crimes
How to determine if a crime has occurred
Preserving evidence
The basic of conducting an investigation
Liabilities under the law

Physical Security

Provides protection techniques for the entire facility, from the outside perimeter to inside office space, including all information system resources.
Elements involved in choosing a secure site, its design and configuration
Methods for securing a facility against unauthorized access
Methods for securing the equipment against theft of the equipment or its contained information
Environmental and safety measures needed to protect personnel, the facility and its resources

[ back to top ]

Ethical Hacking

This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive class they will have hands on understanding and experience in Ethical Hacking.

This course prepares you for EC-Council Certified Ethical Hacker exam 312-50

Who Should Attend

This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Certification

The Certified Ethical Hacker certification exam 312-50 will be conducted on the last day of training. Students need to pass the online Prometric exam to receive CEH certification.

Course Outline

Ethics and Legality

What is an Exploit?
The security functionality triangle
The attacker's process
Passive reconnaissance
Active reconnaissance
Types of attacks
Categories of exploits
Goals attackers try to achieve
Ethical hackers and crackers - who are they
Self proclaimed ethical hacking
Hacking for a cause (Hacktivism)
Skills required for ethical hacking
Categories of Ethical Hackers
What do Ethical Hackers do?
Security evaluation plan
Types of Ethical Hacks
Testing Types
Ethical Hacking Report
Cyber Security Enhancement Act of 2002
Computer Crimes
Overview of US Federal Laws
Section 1029
Section 1030
Hacking Punishment

Footprinting

What is Footprinting
Steps for gathering information
Whois
http://tucows.com
Hacking Tool: Sam Spade
Analyzing Whois output
NSLookup
Finding the address range of the network
ARIN
Traceroute
Hacking Tool: NeoTrace
Visual Route
Visual Lookout
Hacking Tool: Smart Whois
Hacking Tool: eMailTracking Pro
Hacking Tool: MailTracking.com

Scanning

Determining if the system is alive?
Active stack fingerprinting
Passive stack fingerprinting
Hacking Tool: Pinger
Hacking Tool: Friendly Pinger
Hacking Tool: WS_Ping_Pro
Hacking Tool: Netscan Tools Pro 2000
Hacking Tool: Hping2
Hacking Tool: KingPing
Hacking Tool: icmpenum
Hacking Tool: SNMP Scanner
Detecting Ping sweeps
ICMP Queries
Hacking Tool: netcraft.com
Port Scanning
TCPs 3-way handshake
TCP Scan types
Hacking Tool: IPEye
Hacking Tool: IPSECSCAN
Hacking Tool: nmap
Port Scan countermeasures
Hacking Tool: HTTrack Web Copier
Network Management Tools
SolarWinds Toolset
NeoWatch
War Dialing
Hacking Tool: THC-Scan
Hacking Tool: PhoneSweep War Dialer
Hacking Tool: Telesweep
Hacking Tool: Queso
Hacking Tool: Cheops
Proxy Servers
Hacking Tool: SocksChain
Surf the web anonymously
TCP/IP through HTTP Tunneling
Hacking Tool: HTTPort
Hacking Tool: Tunneld
Hacking Tool: BackStealth

Enumeration

What is Enumeration
NetBios Null Sessions
Null Session Countermeasures
NetBIOS Enumeration
Hacking Tool: DumpSec
Hacking Tool: Hyena
Hacking Tool: NAT
SNMP Enumertion
SNMPUtil
Hacking Tool: IP Network Browser
SNMP Enumeration Countermeasures
Windows 2000 DNS Zone transfer
Identifying Win2000 Accounts
Hacking Tool: User2SID
Hacking Tool: SID2User
Hacking Tool: Enum
Hacking Tool: UserInfo
Hacking Tool: GetAcct
Hacking Tool: smbbf
SMB Auditing Tools
Active Directory Enumeration
W2K Active Directory attack

System Hacking

Administrator Password Guessing
Performing Automated Password Guessing
Legion
NTInfoScan
Defending Against Password Guessing
Monitoring Event Viewer Logs
VisualLast
Eavesdroppin on Network Password Exchange
Hacking Tool: L0phtCrack
Hacking Tool: KerbCrack
Privilege Escalation
Hacking Tool: GetAdmin
Hacking Tool: hk
Manual Password Cracking Algorithm
Automatic Password Cracking Algorithm
Password Types
Types of Password Attacks
Dictionary Attack
Brute Force Attack
Distributed Brute Force Attack
Password Change Interval
Hybrid Attack
Cracking Windows 2000 Passwords
Retrieving the SAM file
Redirecting SMB Logon to the Attacker
SMB Redirection
Hacking Tool: SMBRelay
Hacking Tool: SMBRelay2
Hacking Tool: pwdump2
Hacking Tool: SAMdump
Hacking Tool: C2MYAZZ
Win32 Create Local Admin User
Offline NT Password Resetter
Hacking Tool: psexec
Hacking Tool: remoxec
SMBRelay Man-in-the-Middle (MITM)
SMBRelay MITM Countermeasures
Hacking Tool: SMBGrinder
Hacking Tool: SMBDie
Hacking Tool: NBTDeputy
NetBIOS DoS Attack
Hacking Tool: nbname
Hacking Tool: John the Ripper
LanManager Hash
Password Cracking Countermeasures
Keystroke Logger
Hacking Tool: Spector
AntiSpector
Hacking Tool: eBlaster
Hacking Tool: SpyAnywhere
Hacking Tool: IKS Software Logger
Hacking Tool: Fearless Key Logger
Hacking Tool: E-mail Keylogger
Hardware Tool: Hardware Key Logger
Hacking Tool: Rootkit
Planting Rootkit on Windows 2000 Machine
_rootkit_ embedded TCP/IP Stack
Rootkit Countermeasures
MD5 Checksum utility
Tripwire
Covering Tracks
Disabling Auditing
Auditpol
Clearing the Event Log
Hacking Tool: Elslave
Hacking Tool: Winzapper
Hacking Tool: Evidence Eliminator
Hidding Files
NTFS File Streaming
Hacking Tool: makestrm
NTFS Streams Countermeasures
LNS
Steganography
Hacking Tool: ImageHide
Hacking Tool: BlindSide
Hacking Tool: MP3Stego
Hacking Tool: Snow
Hacking Tool: Camera/Shy
Steganography Detection
StegDetect
Hacking Tool: Stealth Files
Encrypted File System
Hacking Tool: dskprobe
Hacking Tool: EFSView
Buffer Overflows
Creating Buffer Overflow Exploit
Outlook Buffer Overflow
Hacking Tool: Outoutlook

Trojans and Backdoors

What is a Trojan Horse?
Overt and Covert
Hacking Tool: QAZ
Hacking Tool: Tini
Hacking Tool: Netcat
Hacking Tool: Donald Dick
Hacking Tool: SubSeven
Hacking Tool: BackOrifice 2000
Back Oriffice Plug-ins
BoSniffer
Hacking Tool: NetBus
ComputerSpy Key Logger
Hacking Tool: Beast Trojan
Hacking Tool: CyberSpy Telnet Trojan
Hacking Tool: SubRoot Telnet Trojan
Hacking Tool: LetMeRule
Wrappers
Hacking Tool: Graffiti
Hacking Tool: Silk Rope 2000
Hacking Tool: EliteWrap
Hacking Tool: IconPlus
Packaging Tool: Microsoft WordPad
Hacking Tool: Whack a Mole
Trojan Construction Kit
Writing Trojans in Java
Hacking Tool: FireKiller 2000
Covert Channels
ICMP Tunneling
Hacking Tool: Loki
Reverse WWW Shell
Backdoor Countermeasures
BO Startup and Registry Entries
NetBus Startup and Registry Keys
Port Monitoring Tools
fPort
TCPView
Process Viewer
Inzider - Tracks Processes and Ports
Trojan Maker
Hacking Tool: Hard Disk Killer
Man-in-the-Middle Attack
Hacking Tool: dsniff
System File Verification
TripWire

Sniffers

What is a Sniffer?
Hacking Tool: Ethereal
Hacking Tool: Snort
Hacking Tool: WinDump
Hacking Tool: EtherPeek
Passive Sniffing
Active Sniffing
Hacking Tool: EtherFlood
How ARP Works?
Hacking Tool: ArpSpoof
Hacking Tool: DSniff
Hacking Tool: Macof
Hacking Tool: mailsnarf
Hacking Tool: URLsnarf
Hacking Tool: Webspy
Hacking Tool: Ettercap
Hacking Tool: WebMiTM
IP Restrictions Scanner
Hacking Tool: sTerm
Hacking Tool: Cain and Abel
Hacking Tool: Packet Crafter
Hacking Tool: SMAC
MAC Changer
ARP Spoofing Countermeasures
Hacking Tool: WinDNSSpoof
Hacking Tool: Distributed DNS Flooder
Hacking Tool: WinSniffer
Network Tool: IRIS
Network Tool: NetInterceptor
SniffDet
Hacking Tool: WinTCPKill

Denial of Service

What is Denial of Service Attack?
Types of DoS Attacks
How DoS Work?
What is DDoS?
Hacking Tool: Ping of Death
Hacking Tool: SSPing
Hacking Tool: Land
Hacking Tool: Smurf
Hacking Tool: SYN Flood
Hacking Tool: CPU Hog
Hacking Tool: Win Nuke
Hacking Tool: RPC Locator
Hacking Tool: Jolt2
Hacking Tool: Bubonic
Hacking Tool: Targa
Tools for Running DDoS Attacks
Hacking Tool: Trinoo
Hacking Tool: WinTrinoo
Hacking Tool: TFN
Hacking Tool: TFN2K
Hacking Tool: Stacheldraht
Hacking Tool: Shaft
Hacking Tool: mstream
DDoS Attack Sequence
Preventing DoS Attack
DoS Scanning Tools
Find_ddos
SARA
DDoSPing
RID
Zombie Zapper

Social Engineering

What is Social Engineering?
Art of Manipulation
Human Weakness
Common Types of Social Engineering
Human Based Impersonation
Important User
Tech Support
Third Party Authorization
In Person
Dumpster Diving
Shoulder Surfing
Computer Impersonation
Mail Attachments
Popup Windows
Website Faking
Reverse Social Engineering
Policies and Procedures
Social Engineering Security Policies
The Importance of Employee Education

Session Hijacking

What is Session Hijacking?
Session Hijacking Steps
Spoofing Vs Hijacking
Active Session Hijacking
Passive Session Hijacking
TCP Concepts - 3 way Handshake
Sequence Numbers
Sequence Number Example
Guessing the Sequence Numbers
Hacking Tool: Juggernaut
Hacking Tool: Hunt
Hacking Tool: TTYWatcher
Hacking Tool: IP Watcher
Hacking Tool: T-Sight
Remote TCP Session Reset Utility
Dangers Posed by Session Hijacking
Protection against Session Hijacking

Hacking Web Servers

Apache Vulnerability
Attacks against IIS
IIS Components
ISAPI DLL Buffer Overflows
IPP Printer Overflow
msw3prt.dll
Oversized Print Requests
Hacking Tool: Jill32
Hacking Tool: IIS5-Koei
Hacking Tool: IIS5Hack
IPP Buffer Overflow Countermeasures
ISAPI DLL Source Disclosure
ISAPI.DLL Exploit
Defacing Web Pages
IIS Directory Traversal
Unicode
Directory Listing
Clearing IIS Logs
Network Tool: LogAnalyzer
Attack Signature
Creating Internet Explorer (IE) Trojan
Hacking Tool: IISExploit
Hacking Tool: UnicodeUploader.pl
Hacking Tool: cmdasp.asp
Escalating Privilages on IIS
Hacking Tool: IISCrack.dll
Hacking Tool: ispc.exe
IIS WebDav Vulnerability
Hacking Tool: WB
RPC Exploit-GUI
Hacking Tool: DComExpl_UnixWin32
Hacking Tool: Plonk
Unspecified Executable Path Vulnerability
Hacking Tool: CleanIISLog
File System Traversal Countermeasures
Microsoft HotFix Problems
UpdateExpert
Cacls utility
Network Tool: Whisker
N-Stealth Scanner
Hacking Tool: WebInspect
Network Tool: Shadow Security Scanner

Web Application Vulnerabilities

Documenting the Application Structure
Manually Inspecting Applications
Using Google to Inspect Applications
Directory Structure
Hacking Tool: Instant Source
Java Classes and Applets
Hacking Tool: Jad
HTML Comments and Contents
Hacking Tool: Lynx
Hacking Tool: Wget
Hacking Tool: Black Widow
Hacking Tool: WebSleuth
Cross Side Scripting
Session Hijacking using XSS
Cookie Stealing
Hacking Tool: IEEN
Hacking Tool: IEflaw
Exposing Sensitive Data with Google

Web Based Password Cracking Techniques

Basic Authentication
Message Digest Authentication
NTLM Authentication
Certificate based Authentication
Digital Certificates
Microsoft Passport Authentication
Forms based Authentication
Creating Fake Certificates
Hacking Tool: WinSSLMiM
Password Guessing
Dfault Account Database
Hacking Tool: WebCracker
Hacking Tool: Brutus
Hacking Tool: ObiWan
Hacking Tool: Munga Bunga
Password dictionary Files
Attack Time
Hacking Tool: Variant
Hacking Tool: PassList
Query Strings
Post data
Hacking Tool: cURL
Stealing Cookies
Hacking Tool: CookieSpy
Hacking Tool: ReadCookies
Hacking Tool: SnadBoy

SQL Injection

What is SQL Injection Vulnerability?
SQL Insertion Discovery
Blank sa Password
Simple Input Validation
SQL Injection
OLE DB Errors
1=1
blah' or 1=1
Preventing SQL Injection
Database Specific SQL Injection
Hacking Tool: SQLDict
Hacking Tool: SQLExec
Hacking Tool: SQLbf
Hacking Tool: SQLSmack
Hacking Tool: SQL2.exe
Hacking Tool: Oracle Password Buster

Hacking Wireless Networks

802.11 Standards
What is WEP?
Finding WLANs
Cracking WEP keys
Sniffing Trafic
Wireless DoS Attacks
WLAN Scanners
WLAN Sniffers
MAC Sniffing
Access Point Spoofing
Securing Wireless Networks
Hacking Tool: NetTumbler
Hacking Tool: AirSnort
Hacking Tool: AiroPeek
Hacking Tool: WEP Cracker
Hacking Tool: Kismet
Hacking Tool: AirSnarf
WIDZ- Wireless IDS

Virus and Worms

Cherobyl
ExploreZip
I Love You
Melissa
Pretty Park
Code Red Worm
W32/Klez
BugBear
W32/Opaserv Worm
Nimda
Code Red
SQL Slammer
Batch File Virus Creator
How to write your own Virus?
Worm Construction Kits

Novell Hacking

Common accounts and passwords
Accessing password files
Password crackers
Netware Hacking Tools
Chknull
NOVELBFH
NWPCRACK
Bindery
BinCrack
SETPWD.NLM
Kock
userdump
Burglar
Getit
Spooflog
Gobbler
Novelffs
Pandora

Linux Hacking

Why Linux ?
Linux Basics
Compiling Programs in Linux
Scanning Networks
Mapping Networks
Password Cracking in Linux
Linux Vulnerabilities
SARA
TARA
Sniffing
A Pinger in Disguise
Session Hijacking
Linux Rootkits
Linux Security Countermeasures
IPChains and IPTables

IDS, Firewalls and Honeypots

Intrusion Detection System
System Integrity Verifiers
How are Intrusions Detected?
Anomaly Detection
Signature Recognition
How does IDS match Signatures with Incoming Traffic?
Protocol Stack Verification
Application Protocol Verification
What Happens after an IDS Detects an Attack?
IDS Software Vendors
SNORT
Evading IDS (Techniques)
Complex IDS Evasion
Hacking Tool: fragrouter
Hacking Tool: TCPReplay
Hacking Tool: SideStep
Hacking Tool: NIDSbench
Hacking Tool: ADMutate
IDS Detection
Tools to Detect Packet Sniffers
Tools to inject strangely formatted packets onto the wire
Hacking Through Firewalls
Placing Backdoors through Firewalls
Hiding behind Covert Channels
Hacking Tool: Ncovert
What is a Honeypot?
Honeypots Evasion
Honeypots vendors
Hacking Tool: Honeyd

Buffer Overflows

What is a Buffer Overflow?
Exploitation
Assembly Language Basics
How to Detect Buffer Overflows in a Program?
Skills Required
CPU/OS Dependency
Understanding Stacks
Stack Based Buffer Overflows
Buffer Overflow Technical Implementation
Writing your own Buffer Overflow Exploit in C
Defense against Buffer Overflows
Type Checking Tools for Compiling Programs
StackGuard
Immunix

Cryptography

What is PKI?
Digital Certificates
RSA
MD-5
RC-5
SHA
SSL
PGP
SSH
Encryption Cracking Techniques

Penetration Testing Methodologies

[ back to top ]

Cisco CCNA®

Interconnecting Cisco Networking Devices Part 1 (ICND1)

The 640-822 Interconnecting Cisco Networking Devices Part 1 (ICND1) is the exam associated with the Cisco Certified Entry Network Technician (CCENT) certification and a tangible first step in achieving the Cisco Certified Network Associate (CCNA) certification. Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 1 (ICND1) v1.0 course. This exam tests a candidate's knowledge and skills required to successfully install, operate, and troubleshoot a small branch office network. The exam includes topics on networking fundamentals; connecting to a WAN; basic security and wireless concepts; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; configuring RIPv2, static and default routing; implementing NAT and DHCP; and configuring simple networks.

Course Outline:

The following topics are general guidelines for the content likely to be included on the Interconnecting Cisco Networking Devices Part 1 exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Describe the operation of data networks.

Describe the purpose and functions of various network devices
Select the components required to meet a given network specification
Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network
Describe common networking applications including web applications
Describe the purpose and basic operation of the protocols in the OSI and TCP models
Describe the impact of applications (Voice Over IP and Video Over IP) on a network
Interpret network diagrams
Determine the path between two hosts across a network
Describe the components required for network and Internet communications
Identify and correct common network problems at layers 1, 2, 3 and 7 using a layered model approach
Differentiate between LAN/WAN operation and features

Implement a small switched network

Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts
Explain the technology and media access control method for Ethernet technologies
Explain network segmentation and basic traffic management concepts
Explain the operation of Cisco switches and basic switching concepts
Perform, save and verify initial switch configuration tasks including remote access management
Verify network status and switch operation using basic utilities (including: ping, traceroute,telnet,SSH,arp, ipconfig), SHOW & DEBUG commands
Implement and verify basic security for a switch (port security, deactivate ports)
Identify, prescribe, and resolve common switched network media issues, configuration issues, autonegotiation, and switch hardware failures

Implement an IP addressing scheme and IP services to meet network requirements for a small branch office

Describe the need and role of addressing in a network
Create and apply an addressing scheme to a network
Assign and verify valid IP addresses to hosts, servers, and networking devices in a LAN environment
Explain the basic uses and operation of NAT in a small network connecting to one ISP
Describe and verify DNS operation
Describe the operation and benefits of using private and public IP addressing
Enable NAT for a small network with a single ISP and connection using SDM and verify operation using CLI and ping
Configure, verify and troubleshoot DHCP and DNS operation on a router.(including: CLI/SDM)
Implement static and dynamic addressing services for hosts in a LAN environment
Identify and correct IP addressing issues

Implement a small routed network

Describe basic routing concepts (including: packet forwarding, router lookup process)
Describe the operation of Cisco routers (including: router bootup process, POST, router components)
Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts
Configure, verify, and troubleshoot RIPv2
Access and utilize the router CLI to set basic parameters
Connect, configure, and verify operation status of a device interface
Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities
Perform and verify routing configuration tasks for a static or default route given specific routing requirements
Manage IOS configuration files (including: save, edit, upgrade, restore)
Manage Cisco IOS
Implement password and physical security
Verify network status and router operation using basic utilities (including: ping, traceroute,telnet,SSH,arp, ipconfig), SHOW & DEBUG commands

Explain and select the appropriate administrative tasks required for a WLAN

Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)
Identify and describe the purpose of the components in a small wireless network. (including: SSID, BSS, ESS)
Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point
Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)
Identify common issues with implementing wireless networks

Identify security threats to a network and describe general methods to mitigate those threats

Explain today's increasing network security threats and the need to implement a comprehensive security policy to mitigate the threats
Explain general methods to mitigate common security threats to network devices, hosts, and applications
Describe the functions of common security appliances and applications
Describe security recommended practices including initial steps to secure network devices

Implement and verify WAN links

Describe different methods for connecting to a WAN
Configure and verify a basic WAN serial connection

[ back to top ]

Interconnecting Cisco Networking Devices Part 2 (ICND2)

The 640-816 Interconnecting Cisco Networking Devices Part 2 (ICND2) is the exam associated with the Cisco Certified Network Associate certification. Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 course. This exam tests a candidate's knowledge and skills required to successfully install, operate, and troubleshoot a small to medium size enterprise branch network. The exam covers topics on VLSM and IPv6 addressing; extending switched networks with VLANs; configuring, verifying and troubleshooting VLANs; the VTP, RSTP, OSPF and EIGRP protocols; determining IP routes; managing IP traffic with access lists; NAT and DHCP; establishing point-to- point connections; and establishing Frame Relay connections.

Course Outline:

The following topics are general guidelines for the content likely to be included on the Interconnecting Cisco Networking Devices Part 2 exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Configure, verify and troubleshoot a switch with VLANs and interswitch communications

Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)
Describe how VLANs create logically separate networks and the need for routing between them
Configure, verify, and troubleshoot VLANs
Configure, verify, and troubleshoot trunking on Cisco switches
Configure, verify, and troubleshoot interVLAN routing
Configure, verify, and troubleshoot VTP
Configure, verify, and troubleshoot RSTP operation
Interpret the output of various show and debug commands to verify the operational status of a Cisco switched network
Implement basic switch security (including: port security, unassigned ports, trunk access, etc.)

Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network

Calculate and apply a VLSM IP addressing design to a network
Determine the appropriate classless addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment
Describe the technological requirements for running IPv6 (including: protocols, dual stack, tunneling, etc)
Describe IPv6 addresses
Identify and correct common problems associated with IP addressing and host configurations

Configure and troubleshoot basic operation and routing on Cisco devices

Compare and contrast methods of routing and routing protocols
Configure, verify and troubleshoot OSPF
Configure, verify and troubleshoot EIGRP
Verify configuration and connectivity using ping, traceroute, and telnet or SSH
Troubleshoot routing implementation issues
Verify router hardware and software operation using SHOW & DEBUG commands
Implement basic router security

Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network.

Describe the purpose and types of access control lists
Configure and apply access control lists based on network filtering requirements
Configure and apply an access control list to limit telnet and SSH access to the router
Verify and monitor ACL's in a network environment
Troubleshoot ACL implementation issues
Explain the basic operation of NAT
Configure Network Address Translation for given network requirements using CLI
Troubleshoot NAT implementation issues

Implement and verify WAN links

Configure and verify Frame Relay on Cisco routers
Troubleshoot WAN implementation issues
Describe VPN technology (including: importance, benefits, role, impact, components)
Configure and very PPP connection between Cisco routers

[ back to top ]

Cisco CCNA Security®

Implementing Cisco IOS Network Security (IINS)

The Implementing Cisco IOS Network Security exam is associated with the CCNA Security certification. This exam tests a candidate's knowledge of securing Cisco routers and switches and their associated networks. It leads to validated skills for installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security infrastructure.

Course Outline:

The following topics are general guidelines for the content likely to be included on the Implementing Cisco IOS Network Security exam.

Describe the security threats facing modern network infrastructures

Describe and list mitigation methods for common network attacks
Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks
Describe the Cisco Self Defending Network architecture

Secure Cisco routers

Secure Cisco routers using the SDM Security Audit feature
Use the One-Step Lockdown feature in SDM to secure a Cisco router
Secure administrative access to Cisco routers by setting strong encrypted passwords, exec timeout, login failure rate and using IOS login enhancements
Secure administrative access to Cisco routers by configuring multiple privilege levels
Secure administrative access to Cisco routers by configuring role based CLI
Secure the Cisco IOS image and configuration file

Implement AAA on Cisco routers using local router database and external ACS

Explain the functions and importance of AAA
Describe the features of TACACS+ and RADIUS AAA protocols
Configure AAA authentication
Configure AAA authorization
Configure AAA accounting

Mitigate threats to Cisco routers and networks using ACLs

Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets
Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
Configure IP ACLs to prevent IP address spoofing using CLI
Discuss the caveats to be considered when building ACLs

Implement secure network management and reporting

Use CLI and SDM to configure SSH on Cisco routers to enable secured management access
Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server

Mitigate common Layer 2 attacks

Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features

Implement the Cisco IOS firewall feature set using SDM

Describe the operational strengths and weaknesses of the different firewall technologies
Explain stateful firewall operations and the function of the state table
Implement Zone Based Firewall using SDM

Implement the Cisco IOS IPS feature set using SDM

Define network based vs. host based intrusion detection and prevention
Explain IPS technologies, attack responses, and monitoring options
Enable and verify Cisco IOS IPS operations using SDM

Implement site-to-site VPNs on Cisco Routers using SDM

Explain the different methods used in cryptography
Explain IKE protocol functionality and phases
Describe the building blocks of IPSec and the security functions it provides
Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM

[ back to top ]

Cisco CCSP®

Securing Networks with Cisco Routers and Switches (SNRS)

The Securing Networks with Cisco Routers and Switches exam (SNRS 642-504) is one of the exams associated with the Cisco Certified Security Professional certification. This exam includes simulations and tests a candidate's knowledge and ability to secure networks using Cisco routers and switches.

Course Outline:

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Implement Cisco Layer 2 security

Utilize Cisco IOS commands to mitigate Layer 2 attacks
Implement Cisco Identity-Based Networking Services on Cisco Catalyst Switches
Implement Identity Management using ACS as the Authentication Server

Configure Cisco IOS Firewalls to mitigate network threats

Identify and describe the advanced capabilities of the IOS firewall feature set
Configure Classic IOS Firewall (CBAC) and NAT to dynamically mitigate identified threats to the network
Verify Classic IOS Firewall (CBAC) configuration and operation
Configure IOS Zone-Based Firewalls including advanced application inspections and URL filtering
Verify Zone-Based Firewall operations

Configure Cisco IOS-IPS to identify and mitigate threats to network resources

Identify and describe the advanced capabilities of the Cisco IOS-IPS feature set including Signature Event Action Processing
Configure Cisco IOS-IPS features to identify threats and dynamically block them from entering the network
Verify Cisco IOS-IPS operations
Maintain, update and tune Cisco IOS-IPS signatures

Configure Cisco VPNs to provide secure connectivity for site-to-site and remote access communications

Describe IPsec features and functionality
Describe GRE/IPsec features and functionality
Configure secure connectivity for site-to-site VPN using certificate authorities
Describe DMVPN features and functionality
Configure secure connectivity for site-to-site VPN using DMVPN
Verify secure site-to-site VPN operations
Implement IOS SSL VPN
Configure Cisco IOS Easy VPN Server with Dynamic Virtual Tunnel Interface (DVTI)
Configure Cisco IOS Easy VPN remote using both router and VPN software clients
Verify Cisco IOS Easy VPN implementations
Implement IOS GET VPN operations
Describe High Availability IPsec VPNs

Implement Network Foundation Protection using the CLI

Describe NFP features and functionality
Secure the management plane using Cisco IOS security features
Secure the data plane using Cisco IOS security features
Secure the control plane using Cisco IOS security features

[ back to top ]

Securing Networks with ASA Foundation (SNAF)

The Securing Networks with ASA Foundation exam (SNAF 642-524) is one of the exams associated with the Cisco Certified Security Professional and the Cisco Firewall Specialist certifications. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco ASA Security Appliance product.

Course Outline:

The following topics are general guidelines for the content likely to be included. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Configure Security Appliances for secured network connectivity

Configure and verify network and interface settings using ASDM and CLI
Configure and verify NAT globals, statics, NAT exemption, and Identity NAT using ASDM
Configure and verify access-lists with or without object groups using ASDM

Configure and verify routing and switching on Security Appliances

Describe the routing capabilities of the Security Appliance
Use ASDM to configure VLANs on a Security Appliance interface
Use ASDM to configure the passive RIP routing functionality of the Security Appliance

Configure and verify Authentication, Authorization, & Accounting services for Security Appliances

Configure ACS for Security Appliance support
Use ASDM to configure the Security Appliance AAA features
Configure and verify Auth-Proxy (cut-through proxy) using ASDM

Configure and verify Layer 3 & 4 protocol inspection, Modular Policy Framework, and threat detection for Security Appliances

Configure and verify Layer 3 and Layer 4 protocol inspection using ASDM
Configure and verify Modular Policy Framework using ASDM
Use ASDM to configure and verify threat detection

Configure and verify secure connectivity using VPNs

Configure and verify remote access VPNs using ASDM
Configure and verify IPsec VPN clients with preshared keys using ASDM
Configure and verify site-to-site VPNs with preshared keys using ASDM
Verify IKE and IPsec using ASDM and CLI
Configure and verify clientless SSL VPN using ASDM

Configure and verify active/standby and active/active failover features on Security Appliances

Configure and verify active/standby failover using ASDM
Configure and verify active/active failover using ASDM
Configure and verify redundant Interface using ASDM

Configure transparent firewall and virtual firewall features on a Security Appliance

Explain the purpose of virtual & transparent firewalls
Configure and verify the transparent firewall feature of the Security Appliance using CLI
Configure and verify the virtual firewall feature of the Security Appliance using ASDM

Monitor and manage installed Security Appliances

Update, backup, and restore configurations and software images using ASDM and CLI
Install and verify Licensing using ASDM
Configure and verify Console and SSH/Telnet access
Configure and utilize Logging using ASDM

[ back to top ]

Securing Networks with ASA Advanced (SNAA)

The Securing Networks with ASA Advanced exam (SNAA 642-515) is one of the exams associated with the Cisco Certified Security Professional certification. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco ASA Security Appliance product.

Course Outline:

Configure and verify NAT, dynamic routing, and switching on Security Appliances

Configure and verify VLANS using ASDM
Configure and verify dynamic routing protocols and route redistribution using ASDM
Configure and verify policy NAT using ASDM

Configure and verify application layer protocol inspection and Modular Policy Framework for Security Appliances

Describe the Layer 7 advanced protocol handling capabilities of the Security Appliance
Configure and verify Layer 7 application layer protocol inspection using ASDM
Configure and verify Modular Policy Framework using ASDM

Configure and verify secure connectivity using IPsec VPNs

Describe the features and capabilities of digital certificates
Describe how to use digital certificate enrollment with the Security Appliance and Cisco VPN client
Configure and verify remote access VPNs with digital certificates using ASDM
Configure and verify IPsec VPN clients with digital certificates using ASDM
Configure and verify site-to-site VPNs with digital certificates using ASDM
Configure and verify advanced remote access features using ASDM
Configure and verify the ASA 5505 as a remote access client using ASDM
Configure and verify QoS for tunnel traffic using ASDM

Configure and verify secure connectivity using SSL VPNs

Describe the features and capabilities of SSL VPNs
Configure and verify the local certificate authority using ASDM
Configure and verify clientless access including smart tunnels, plug-ins and bookmarks using ASDM
Configure and verify port forwarding using ASDM
Configure the Security Appliance for SSL VPN client access using ASDM
Configure and verify the AnyConnect VPN client
Configure and verify CSD using ASDM
Configure and verify DAP using ASDM

Configure and verify AIP-SSM and CSC-SSM modules

Explain the function that AIP-SSM and CSC-SSM perform within a network
Configure and verify AIP-SSM
Configure and verify CSC-SSM

[ back to top ]

Implementing Cisco Intrusion Prevention Systems (IPS)

The IPS Implementing Cisco Intrusion Prevention Systems exam (IPS 642-533) is associated with the Cisco Certified Security Professional and the Cisco IPS Specialist certifications. This exam tests a candidate's knowledge of implementing the Cisco IPS product.

Course Outline:

Describe how Cisco IPS sensors are used to mitigate network security threats

List sensor requirements for inline operations
Explain the difference between inline and promiscuous mode sensor operations
Explain how Cisco IPS protects network devices from attacks (Describe signatures, alerts, and actions)
Explain the evasive techniques used by hackers and how Cisco IPS defeats those techniques
Describe the considerations necessary for selection, placement, and deployment of a network intrusion prevention system
Explain the Cisco IPS signature features

Install Cisco IPS sensors/modules and configure essential system parameters

Explain AIP-SSM functionalities
Use the CLI to initialize the sensor
Configure user accounts and explain the different user roles
Configure management access to the sensor appliance
Explain how allowed hosts are used and how they are configured
Describe sensor interfaces, interface pairs, VLAN-pairs, and VLAN-groups
Use the Cisco IDM to configure sensor interfaces (enable, create pairs, assign to virtual sensors)
Describe and configure software bypass
Describe sensor communications with external management and monitoring systems
Launch, navigate, and use the Cisco IDM to manage and monitor the sensor
Describe the various CLI configuration modes and sub modes and navigate between them
List the tasks for installing and configuring the IDSM-2 and AIP-SSM

Describe Cisco IPS sensor advanced system parameters

Plan the mitigation of specific network vulnerabilities and exploits
Describe sensor tuning
Explain IP fragment and TCP stream reassembly options
Explain how IP logging should be used and how it is configured
Explain the use of Event Variables
Describe signature engines and their functionality
Determine which response actions need to be configured for a given scenario
Describe the purpose of the Meta Event Generator
Explain Target Value Ratings and how they are used
Determine the need for Event Action Rules in a given scenario
Explain event Risk Ratings and how they are used

Tune Cisco IPS sensor advanced system parameters to optimize attack mitigation performance

Use the IDM to tune the sensor to work optimally in the network
Use the IDM to tune signatures to provide maximum protection for a network
Given a scenario, use the IDM to create custom signature to meet the requirements
Configure response actions for a signature
Configure the sensor to take response actions based on a risk rating
Use the Cisco IDM to create a Meta signature and disable alert production for the component signatures
Configure Event Action Filters
Configure Target Value Ratings
Configure general settings for Event Action Rules
Configure Event Variables
Use the sensor application policy enforcement feature
Configure passive OS fingerprinting (POSFP)
Explain the External Product Interface, its benefits, and specifications
Configure a virtual sensor
Configure anomaly detection
Use IDM/CLI to monitor advanced features such as POSFP and AD

Analyze Cisco IPS sensor events to determine the appropriate response to network attacks

Use the CLI and the Cisco IDM and IEV to monitor events

Upgrade and maintain Cisco IPS sensors

Move software images/upgrades and configuration files via HTTP, HTTPS, SCP, and FTP
Apply the appropriate system image to the sensor
Perform sensor password recovery
Explain sensor licensing and how to install a license
Describe service pack and signature update file names and how to install them

[ back to top ]

*Cisco Credits can not be used for travel or expense costs.

CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, Cisco, Cisco IOS, Cisco Systems, the Cisco Systems logo, and Networking Academy are registered trademarks or trademarks of Cisco Systems® and/or its affiliates in the U.S. and certain other countries. All other trademarks mentioned in this web site are the property of their respective owners.

CED Solutions is sponsored by Element K, a Cisco Learning (Solutions) Partner
Institute of Professional Learning is sponsored by Element K, a Cisco Learning (Solutions) Partner

MCSEClasses.com is your best choice for MCSA MCSE, MCSA MCSE training, MCSA MCSE certification, MCSA MCSE certification boot camp, MCSA MCSE boot camp, MCSA MCSE certification training, MCSA MCSE boot camp training, MCSA MCSE boot camp certification, MCSA MCSE certification course, MCSA MCSE course, training MCSA MCSE, certification MCSA MCSE, boot camp MCSA MCSE, certification MCSA MCSE boot camp, certification MCSA MCSE training, boot camp MCSA MCSE training, certification MCSA MCSE course.