The CCNA Security certification lays the foundation for job roles such as Network Security Specialist, Security Administrator and Network Security Support Engineer. It is the first step for individuals wishing to obtain their CCSP certification. CCNA Security certifications are valid for three years. The 640-553 Implementing Cisco IOS Network Security (IINS) exam is associated with the CCNA Security certification.
CCNA SECURITY CERTIFICATION EXAM
NORMAL & STEADY TRACK
FAST & FURIOUS TRACK
CCNA Routing and Switching / CCNA Wireless / CCNA Security
MODULE 1: INTRODUCTION TO NETWORK SECURITY PRINCIPLES
Describe and list mitigation methods for common network attacks.
Describe and list mitigation methods for Worm, Virus, and Trojan horse attacks.
Describe the Cisco Self Defending Network architecture.
MODULE 2: PERIMETER SECURITY
Secure Cisco routers using the SDM Security Audit Feature.
Secure Cisco routers by configuring multiple priviledge levels and role based CLI.
Implement AAA on Cisco routers using local router database and external ACS.
Mitigate threats to Cisco router and networks using ACLs.
MODULE 3: NETWORK SECURITY USING CISCO IOS FIREWALLS
Configure IP ACLs to prevent IP address spoofing using CLI.
Discuss the caveats to be considered when building ACLs.
Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server.
Mitigation common Layer 2 Attacks.
Describe the operational strengths and weaknesses of the different firewall technologies.
Explain stateful firewall operations and the function of the state table.
Implement Zone Based Firewall using SDM.
Define network based vs. host based intrusion detection and prevention.
MODULE 4: NETWORK SECURITY USING CISCO IOS IPS
Explain IPS technologies, attack response, and monitoring options.
Enable and verify Cisco IOS IPS operations using SDM.
MODULE 5: SITE-TO-SITE VPNS
Explain the different methods used in cryptography.
Explain IKE protocol functionality and phases.
Describe the building blocks of IPSec and the security functions it provides.
Configure and verify an IPSec site- to –site VPN with pre-shared key