Securing Wireless Networks 406 ILC

Securing Wireless Networks

Course Code : 003

Workshop : Training

Duration :

COURSE OUTLINE

Wireless networks are expanding at a dramatic rate. As organizations provide greater mobility to their users, the risk of threats to information assurance grows and the need for secure networks becomes of vital concern. After completing this course, you will be able to learn the following: After completing this course, you will be able to learn the following:

· Secure wireless networks against threats and attacks

· Analyze and react to wireless denial-of-service (DoS) attacks

· Encrypt your traffic for privacy and authenticity

· Implement WPA and the 802.11i security standards to protect your Wi-Fi network

· Leverage 802.1X and EAP authentication within an enterprise WLAN

· Create a secure roaming infrastructure

· Employ wireless intrusion detection systems (WIDS)

COURSE OBJECTIVES

In this course, you gain the skills to defend against attacks and maintain security within your wireless network. You learn to detect weakness in your existing network, and design and configure a cost-effective security solution.

TARGET AUDIENCE

This course is valuable for the professionals who manage, operate, audit or implement secure networks.

 

COURSE CONTENTS

1. WIRELESS SECURITY TECHNOLOGIES

Security requirements

· Availability

· Confidentiality

· Data integrity

· Authenticity

WLAN operation and standards

· 802.11 (Wi-Fi) standards: .11a, .11b, .11g, .11i, .11e, .11n

· Discovering WLANs using NetStumbler and AirMagnet

· Intercepting Wi-Fi traffic

· Infrastructure models and roaming

Surveying other wireless technologies

· Bluetooth WPANs (802.15)

· WiMAX WWANs (802.16)

·

2. RESPONDING TO DOS ATTACKS

Jamming and RF interference

· Identifying interference sources

· Malicious and inadvertent interference

802.11 protocol attacks

· Exploiting the Collision Avoidance (CA) mechanism

· Forcing client de-authentication

3. ENCRYPTING FOR PRIVACY AND AUTHENTICITY

Contrasting encryption techniques

· Public and secret key cryptography

· Symmetric vs. asymmetric algorithms

· RC4

· AES

· RSA

Guaranteeing message integrity

· Hashing with MD5 and SHA

· Protecting data with digital signatures

Authenticating with digital certificates

· Verifying key ownership

· Chains of authority

4. SECURING WI-FI WITH WPA

WEP authentication and encryption

· Comparing Open and Shared-Key authentication

· Calculating & checking integrity with ICV

· Encrypting with RC4's pseudorandom number generator (PRNG)

Exposing WEP flaws

· Weak initialization vectors (IVs)

· Dictionary attacks

· Static keys

Providing security with WPA

· Retaining existing hardware

· Correcting WEP deficiencies

· Deploying pre-shared key (PSK) authentication

Ensuring privacy with WPA

· 802.11i key hierarchies

· Rolling keys dynamically with TKIP

· Verifying message integrity with MIC

·

5. 802.1X AUTHENTICATION AND CCMP

Leveraging the 802.1X standard

· Incorporating EAP messaging techniques

· Transporting EAP messages with RADIUS and EAPOL

Choosing EAP implementations

· EAP-TLS

· EAP-TTLS

· PEAP

Extending WPA to create a robust secure network (RSN)

· Encrypting traffic with AES-CCMP

· Counter mode and CBC-MAC integrity protection in a single operation

·

6. CREATING SECURE WLAN TOPOLOGIES

Designing the wireless security landscape

· Defining the trusted boundary

· Centralized vs. distributed control

· Enforcing access controls

· Establishing user credentials

Configuring security for roaming

· Maintaining security contexts

· 802.11i pre-authentication

· Roaming in a VPN environment

MONITORING AND AUDITING WLANS

· Wireless intrusion detection systems (WIDS)

· Creating wireless signatures

· Detecting rogue access points

· Monitoring access attempts

· Generating audit trails

Cisco Secure PIX Firewall

Cisco Secure PIX Firewall

Course Code : 005

Workshop : Training

Duration :

COURSE OUTLINE

The CSPFA course is designed for delivery by Cisco Training Partners. After completing this course, you will be able to learn the following:

  • Describe PIX Firewall features, models, components, and benefits.
  • Configure the PIX Firewall to statically and dynamically translate IP addresses.
  • Configure the PIX Firewall to control inbound and outbound traffic.
  • Configure object groups to simplify ACL configuration.
  • Configure the PIX Firewall to send messages to a Syslog server.
  • Explain the routing functionality of the PIX Firewall.
  • Configure content filtering on the PIX Firewall.
  • Configure the PIX Firewall as a DHCP client.
  • Configure special protocol handling on the PIX Firewall.
  • Configure AAA on the PIX Firewall.
  • Configure failover on the PIX Firewall.
  • Configure the PIX Firewall’s IDS feature set.
  • Configure a site-to-site VPN using the PIX Firewall.
  • Configure a VPN Client-to-PIX Firewall VPN.
  • Perform password recovery on the PIX Firewall.
  • Upgrade PIX Firewall software images.
  • Perform a PIX Firewall activation key upgrade.
  • Configure command authorization.
  • Configure the PIX Firewall to send traps to a SNMP Network Management Station.
  • Configure the PIX Firewall to permit SNMP traffic.
  • Configure a secure connection to the PIX Firewall using SSH.
  • Install the PIX Device Manager and use it to configure the PIX Firewall.


COURSE OBJECTIVES

This task-oriented course teaches the knowledge and skills needed to describe, configure, verify and manage the PIX Firewall product family.

TARGET AUDIENCE

This course is beneficial basically for the students who meet the following prerequisites:

  • Possess Cisco Certified Network Associate (CCNA) certification or the equivalent knowledge.
  • Working knowledge of basic network security and a solid grasp of TCP/IP and fundamental networking concepts.
  • Be familiar with encryption technologies: DES, 3DES, RSA, hashing algorithms (MD5/SHA), and IPSec.
  • Have a basic knowledge of the Windows operating system.

COURSE CONTENTS

  • Introduction
  • Network Security and Cisco
  • Cisco PIX Firewall Technology and Features
  • Cisco PIX Firewall Family
  • Getting Started with the Cisco PIX Firewall
  • OutboundTranslations and Connections
  • InboundTranslations and Connections
  • Object Grouping
  • Protocol Handling
  • Attack Guards, Intrusion Detection, and Shunning
  • Authentication, Authorization, and Accounting
  • Failover
  • Site-to-Site Virtual Private Network

Introduction to Cisco Routers 404 ILC

Introduction to Cisco Routers

Course Code : 002

Workshop : Training

Duration :

COURSE OUTLINE

Cisco routers are used to provide reliable and efficient corporate wide internetworks solutions. In order to successfully deploy Cisco routers, networking professionals require a thorough understanding of their features and functions. After completing this course, you will be able to learn the following:

· Successfully install and configure Cisco routers to build multi protocol internetworks

· Create Cisco router configuration files from scratch

· Configure IP and IPX routing protocols

· Troubleshoot IP/IPX routing problems using Cisco's debug commands

· Perform software and hardware upgrades

· Effectively manage and maintain Cisco routers with SNMP

COURSE OBJECTIVES

This course provides a comprehensive introduction to deploying Cisco routers in an internetworked environment. Through extensive hands-on exercises, you gain the fundamental knowledge and skills you need to install, configure and troubleshoot Cisco routers.

TARGET AUDIENCE

This course is valuable for network managers, technicians, consultants and designers who are involved in designing and implementing internetworks with Cisco routers.

 

 

 

 

COURSE CONTENTS

1. INTRODUCTION AND OVERVIEW

Internetworking fundamentals

· Internetworking terminology

· Protocol layering

· Routing vs. bridging

Cisco hardware/software architecture

· Distribution and core routers

· Cisco Internetwork Operating System

· (IOS) versions and licensing

· Addressing Cisco security vulnerabilities

·

2. SETTING UP THE ROUTER

Accessing and controlling routers

· Console and AUX ports

· Remote and TFTP configuration

The Cisco bootstrap sequence

· Setting the configuration register

· Using the start-up configuration dialog

Creating configuration files

· Selecting a configuration mode: global, interface, router or line

· Using the IOS editing and help features

·

3. IP ROUTING PROTOCOLS

Review of routing concepts

· Distance Vector and Link State routing

· Evaluating routing metrics

· Cisco Interior Gateway Routing Protocol (IGRP) and Routing Information Protocol (RIP)

Routing interaction issues

· Implementing static routes

· Route redistribution

Bridging

· Bridge operation and configuration

· Using spanning tree to prevent loops

·

4. IMPLEMENTING IP AND IPX ROUTING

Setting up the basic IP configuration

· Assigning IP addresses and subnet masks

· Implementing access lists for enhanced security

The IP routing process

· Selecting a routing protocol

· Monitoring and maintaining routing tables

· Configuring RIP and IGRP

Setting up the basic IPX configuration

· Assigning IPX networks

· Filtering IPX SAP updates

· Monitoring IPX on a router

·

5. CONFIGURING INTERFACE PARAMETERS

Local area networks

· Ethernet

· Token Ring

Wide area networks

· Leased lines

· ISDN

· Frame relay

·

6. TROUBLESHOOTING CISCO ROUTERS

Troubleshooting router operations

· Analyzing interface problems

· Finding and resolving IP routing errors with extended ping and trace

· Fixing misconfigurations

· Debugging with IP, IPX and standard debug commands

Cisco Information Online

· Using the Cisco CD

· Contacting the Technical Assistance Center (TAC)

7. MAINTAINING AND UPGRADING CISCO ROUTERS

Planning software upgrades

· Selecting and testing the new IOS release

· Loading the new image

Installing hardware upgrades

· Planning a hardware maintenance strategy

· Replacing boot ROMs

· Adding RAM and flash memory

· Hot swapping network interface cards

Administering routers

· Recovering lost passwords

· Backing up config files and router images

Using SNMP and management tools

· Exploiting Cisco's proprietary MIB

· Analyzing router performance

·

Cisco Secure PIX Firewall Advanced

Cisco Secure PIX Firewall Advanced

Course Code : 008

Workshop : Training

Duration :

COURSE OUTLINE

After completing this course, you should be able to learn:

  • Network Security
  • Firewall Technologies and Cisco PIX Firewall
  • System Maintenance
  • Configuring Access
  • PIX Device Manager
  • Virtual Private Network

COURSE OBJECTIVES

This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the PIX Firewall product family.

TARGET AUDIENCE

This course is valuable for anyone involve in securing the Cisco Networks.

COURSE CONTENTS

1. Cisco PIX Firewall Technology and Features

• Firewalls

• PIX Firewall models

2. Cisco PIX Firewall Family

• PIX Firewall models

• PIX services module

• PIX Firewall licensing

3. Getting Started with the Cisco PIX Firewall

• User interface

• Examining the PIX Firewall status

• ASA security levels

• Basic PIX Firewall configuration

• Syslog configuration

• DHCP server configuration

• PPPoE and the PIX Firewall

Translations and Connections

• Transport Protocols

• Network Address Translation

• Configuring DNS Support

• Port Address Translations

4. Access Control Lists and Content Filtering

• ACLS

• Converting Conduits to ACLS

• Using ACLS

5. Object Grouping

• Overview of object grouping

• Getting started with object groups

• Configuring object groups

• Nested object groups

6. Advanced Protocol Handling

• Advanced protocols

• Multimedia support

7. Attack Guards, Intrusion Detection, and Shunning

• Attack guards

• Intrusion detection

8. Authentication, Authorization, and Accounting

• Introduction

• Installation of CSACS for Windows NT

• Authentication configuration

• Downloadable ACLS

9. Failover

• Understanding failover

• Serial failover configuration

• LAN-based failover configuration

10. Virtual Private Networks

• PIX Firewall enables a secure VPN

• Prepare to configure VPN support

• Configure IKE parameter

• Configure IPSec parameters

• Test and verify VPN configuration

• Cisco VPN Client

• Scale PIX Firewall VPNs

11. System Maintenance

•Remote access

•Command authorization

12. Cisco PIX Device Manager

•PDM overview

•Prepare for PDM

•Using PDM to configure the PIX Firewall

•Using PDM to create a site-to-site VPN

•Using PDM to create a remote access VPN

13. Enterprise PIX Firewall Management

•Configuring access and translation rules

•Reporting, tools, and administration

14. Enterprise PIX Firewall Maintenance

•Introduction to the auto update server

•PIX Firewall and AUS communication settings

•Devices, images, and assignments

•Reports and administration

15. Firewall Services Module

•FWSM overview

•Using PDM with the FWSM