This module introduces the core concepts and skills needed for the installation, troubleshooting and monitoring of network devices to maintain the integrity, confidentiality and availability of data and devices. It allows students to experiment with network behaviour and ask 'what-if' questions. Students will deploy, configure and administer firewall design strategies using both routers and ASAs based on real-world scenarios using Virtual Private Networks and the Public Key Infrastructure.
Modern Network Security Threats
Worms, Viruses and Trojan Horses; Attack Methodologies
Securing Network Devices
Securing Device Access and Files on Routers and Switches; Privilege Levels and Role-Based CLI; Configuring ACLs
Configuring a Security Appliance
Time Setting and NTP Support; Syslog Configuration; Network Address Translation; Port Address Translation; Connections and TranslationsStatic Translations
Authentication, Authorization and Accounting
Configuring 802.1x Port-Based Authentication; Configuring Local AAA on Routers; Configure Server-Based AAA on Routers; Configure ACS for Security Appliance support
Instrusion Prevention Systems
Describe IPS deployments and technologies; configure IOS IPS using CCP
Implementing Firewall Technologies
Firewall Technologies; Zone-Based Policy Firewall using CCP
Cryptography
Hashes, Digital Signatures and Authentication; Symmetric and Asymmetric Encryption; Public Key Infrastructure
Configuring Site-to-Site VPNs using Pre-shared Keys on Routers and ASA Appliances
Configuring a Site-to-Site VPN Using Pre-shared Keys; Modifying the Site-to-Site VPN Configuration
Configuring Advanced Protocol Handling
Advanced Protocol Handling; Protocol Application Inspection; Multimedia Support
| Module Content & Assessment | |
|---|---|
| Assessment Breakdown | % |
| Other Assessment(s) | 40 |
| Formal Examination | 60 |