Oversikt over relevante kurs innen Cisco i Samnanger

ENCOR: Implementing and Operating Cisco Enterprise Network Core Technologies [-]

COURSE OVERVIEW You’ll learn how to implement and secure a wireless network infrastructure and use Cisco Identity Service Engine (ISE), Cisco Prime Infrastructure (PI), and Cisco Connect Mobile Experience to monitor and troubleshoot network issues.   The course provides hands-on labs to reinforce concepts including deploying Cisco Prime Infrastructure Release 3.5, Cisco Catalyst 9800 Wireless Controller Release IOS XE Gibraltar 16.10, Cisco Digital Network Architecture (DNA) Center Release 1.2.8, Cisco CMX Release 10.5, Cisco MSE Release 8.0 features and Cisco Identity Services Engine (ISE) Release 2.4.   This course also helps you prepare to take the Implementing Cisco Enterprise Wireless Networks (300-430 ENWLSI) exam, which is part of the new CCNP Enterprise certification. Passing the exam will also provide you with the Cisco Certified Specialist - Enterprise Wireless Implementation certification.   TARGET AUDIENCE Individuals needing to understand how to implement, secure and troubleshoot a Cisco Enterprise Wireless Network.   COURSE OBJECTIVES After completing this course you should be able to: Implement network settings to provide a secure wireless network infrastructure Troubleshoot security issues as it relates to the wireless network infrastructure Implement a secure wireless client and troubleshoot wireless client connectivity issues Implement and troubleshoot QoS in wireless networks Implement and troubleshoot advanced capabilities in wireless network services   COURSE CONTENT Securing and Troubleshooting the Wireless Network Infrastructure Implement Secure Access to the WLCs and Access Points Configure the Network for Access Point 802.1X Authentication Use Cisco DNA Center for Controller and AP Auto Install Implement Cisco Prime Infrastructure Define Network Troubleshooting Techniques Troubleshoot Access Point Join Issues Monitor the Wireless Network Implementing and Troubleshooting Secure Client Connectivity Configure the Cisco WLC for Wireless Client 802.1x Authentication Configure the Wireless Client for 802.1X Authentication Configure a Wireless LAN for FlexConnect Implement Guest Services in the Wireless Network Configure the Cisco WLC for Centralized Web Authentication Configure Central Web Authentication on Cisco ISE Implement BYOD Implement Location-Aware Guest Services Troubleshoot Client Connectivity Describe Issues that Affect Client Performance Monitor Wireless Clients Implementing and Troubleshooting QoS in Wireless Networks Implement QoS in the Wireless Network Configure the Cisco WLC to Support Voice Traffic Optimize Wireless Utilization on the Cisco WLC Implement Cisco AVC in the Wireless Network Implement Multicast Services Implement mDNS Service Implement Cisco Media Stream Troubleshoot QoS Issues in the Wireless Network Troublehoot mDNS Issues Troubleshoot Media Stream Issues Implementing and Troubleshooting Advanced Wireless Network Services Implement Base Location Services on Cisco Prime Infrastructure Implement Hyperlocation in the Wireless Network Implement Detect and Locate Services on Cisco CMX Implement Analytics on Cisco CMX Implement Presence Services on Cisco CMX Monitor and Locate Rogue Devices with Cisco Prime Infrastructure and Cisco CMX Monitor and Detect Wireless Clients with Cisco CMX and Cisco DNA Center Run Analytics on Wireless Clients Troubleshoot Location Accuracy with Cisco Hyperlocation Monitor and Manage RF Interferers on the Cisco WLC Monitor and Manager RF Interferers on Cisco Prime Infrastructure and Cisco CMX Labs Lab Familiarization (Base Learning Lab) Configure Secure Management Access for WLCs and APs Add Network Devices and External Resources to Cisco Prime Infrastructure Capture a Successful AP Authentication Implement AAA Services for Central Mode WLANs Implement AAA Services for FlexConnect Mode WLANs Configure Guest Services in the Wireless Network Configure BYOD in the Wireless Network Capture a Successful Client Authentications Configure QoS in the Wireless Network for Voice and Video Services Configure Cisco AVC in the Wireless Network Capture Successful QoS Traffic Marking in the Wireless Network Configure Detect and Locate Services on the Cisco CMX Identify Wireless Clients and Security Threats [-]

CCNA: Implementing and Administering Cisco Solutions [-]

Elæring Cisco U. All ACCESS [-]

CCNA: Implementing and Administering Cisco Solutions [-]

SFWIPF: Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention [-]

COURSE OVERVIEW  Through a combination of lecture and hands-on labs, you will learn how to install, operate, configure, and verify a basic IPv4 and IPv6 network. The course covers configuring network components such as switches, routers, and Wireless LAN Controllers; managing network devices; and identifying basic security threats. Network programmability, automation, and software-defined networking are also covered at a foundational level.   This course helps you prepare to take the 200-301 Cisco Certified Network Associate (CCNA) exam.   Please note that this course is a combination of Instructor-Led and Self-Paced Study - 5 days in the classroom and approx 3 days of self study. The self-study content will be provided as part of the digital courseware that you recieve at the beginning of the course and should be part of your preparation for the exam. Lab access is provided for both the class and the self- study sections, lab access is valid for 60 hours or 90 days whichever is the shorter, so please ensure you exit the lab exercises when not in use. TARGET AUDIENCE Anyone looking to start a career in networking or wishing to achieve the Cisco CCNA Certification. COURSE OBJECTIVES After completing this course you should be able to: Identify the components of a computer network and describe their basic characteristics Understand the model of host-to-host communication Describe the features and functions of the Cisco IOS Software Describe LANs and the role of switches within LANs Describe Ethernet as the network access layer of TCP/IP and describe the operation of switches Install a switch and perform the initial configuration Describe the TCP/IP internet Layer, IPv4, its addressing scheme, and subnetting Describe the TCP/IP Transport layer and Application layer Explore functions of routing Implement basic configuration on a Cisco router Explain host-to-host communications across switches and routers Identify and resolve common switched network issues and common problems associated with IPv4 addressing Describe IPv6 main features, addresses and configure and verify basic IPv6 connectivity Describe the operation, benefits, and limitations of static routing Describe, implement and verify VLANs and trunks Describe the application and configuration of inter-VLAN routing Explain the basics of dynamic routing protocols and describe components and terms of OSPF Explain how STP and RSTP work Configure link aggregation using EtherChannel Describe the purpose of Layer 3 redundancy protocols Describe basic WAN and VPN concepts Describe the operation of ACLs and their applications in the network Configure internet access using DHCP clients and explain and configure NAT on Cisco routers Describe the basic QoS concepts Describe the concepts of wireless networks, which types of wireless networks can be built and how to use WLC Describe network and device architectures and introduce virtualization Introduce the concept of network programmability and SDN and describe the smart network management solutions like Cisco DNA Center, SD-Access and SD-WAN Configure basic IOS system monitoring tools Describe the management of Cisco devices Describe the current security threat landscape Describe threat defense technologies Implement a basic security configuration of the device management plane Implement basic steps to harden network devices COURSE CONTENT Exploring the Functions of Networking Introducing the Host-To-Host Communications Model Operating Cisco IOS Software Introducing LANs Exploring the TCP/IP Link Layer Starting a Switch Introducing the TCP/IP Internet Layer, IPv4 Addressing, and Subnets Explaining the TCP/IP Transport Layer and Application Layer Exploring the Functions of Routing Configuring a Cisco Router Exploring the Packet Delivery Process Troubleshooting a Simple Network Introducing Basic IPv6 Configuring Static Routing Implementing VLANs and Trunks Routing Between VLANs Introducing OSPF Building Redundant Switched Topologies (Self-Study) Improving Redundant Switched Topologies with EtherChannel Exploring Layer 3 Redundancy (Self-Study) Introducing WAN Technologies (Self-Study) Explaining Basics of ACL Enabling Internet Connectivity Introducing QoS (Self-Study) Explaining Wireless Fundamentals (Self-Study) Introducing Architectures and Virtualization (Self-Study) Explaining the Evolution of Intelligent Networks Introducing System Monitoring Managing Cisco Devices Examining the Security Threat Landscape (Self-Study) Implementing Threat Defense Technologies (Self-Study) Securing Administrative Access Implementing Device Hardening Labs: Get Started with Cisco CLI Observe How a Switch Operates Perform Basic Switch Configuration Inspect TCP/IP Applications Configure an Interface on a Cisco Router Configure and Verify Layer 2 Discovery Protocols Configure Default Gateway Explore Packet Forwarding Troubleshoot Switch Media and Port Issues Troubleshoot Port Duplex Issues Configure Basic IPv6 Connectivity Configure and Verify IPv4 Static Routes Configure IPv6 Static Routes Configure VLAN and Trunk Configure a Router on a Stick Configure and Verify Single-Area OSPF Configure and Verify EtherChannel Configure and Verify IPv4 ACLs Configure a Provider-Assigned IPv4 Address Configure Static NAT Configure Dynamic NAT and PAT Log into the WLC Monitor the WLC Configure a Dynamic (VLAN) Interface Configure a DHCP Scope Configure a WLAN Define a RADIUS Server Explore Management Options Explore the Cisco DNA Center Configure and Verify NTP Create the Cisco IOS Image Backup Upgrade Cisco IOS Image Configure WLAN Using WPA2 PSK Using the GUI Secure Console and Remote Access Enable and Limit Remote Access Connectivity Secure Device Administrative Access Configure and Verify Port Security Implement Device Hardening TEST CERTIFICATION Recommended as preparation for the following exams:  200-301 -  Cisco Certified Network Associate Exam (CCNA) [-]

SISE: Implementing and Configuring Cisco Identity Services Engine [-]

Elæring Cisco U. Essentials [-]

COURSE OVERVIEW  Learn how to implement security principles within an enterprise network and how to overlay network design by using solutions such as SD-Access and SD-WAN. The automation and programmability of Enterprise networks is also incorporated in this course. This course will help you: Configure, troubleshoot, and manage enterprise wired and wireless networks Implement security principles within an enterprise network Earn 64 CE credits toward recertification   Please note that this course is a combination of Instructor-Led and Self-Paced Study - 5 days in the classroom and approx. 3 days of self study. The self-study content will be provided as part of the digital courseware that you receive at the beginning of the course and should be part of your preparation for the exam. Additional lab access will be provided at the end of the class, this will be valid for 60 hours or 90 days whichever is the shorter. It will be possible to complete all but 7 of the labs after the class. TARGET AUDIENCE Network engineers involved in the installation, support and troubleshooting of enterprise networks. COURSE OBJECTIVES After completing this course you should be able to: Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts Troubleshoot Layer 2 connectivity using VLANs and trunking Implementation of redundant switched networks using Spanning Tree Protocol Troubleshooting link aggregation using EtherChannel Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP) Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6 Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP) Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT) Describe the virtualization technology of servers, switches, and the various network devices and components Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP) Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture Describe wireless roaming and location services Describe how APs communicate with WLCs to obtain software, configurations, and centralized management Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-shared Key (PSK) wireless client authentication on a WLC Troubleshoot wireless client connectivity issues using various available tools Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features Explain the purpose, function, features, and workflow of Cisco DNA Centre™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network Explain basic Python components and conditionals with script writing and analysis Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF Describe APIs in Cisco DNA Centre and vManage COURSE CONTENT Examining Cisco Enterprise Network Architecture Cisco Enterprise Architecture Model Campus LAN Design Fundamentals Traditional Multilayer Campus Layer Design Campus Distribution Layer Design   Understanding Cisco Switching Paths Layer 2 Switch Operation Control and Data Plane Cisco Switching Mechanisms Implementing Campus LAN Connectivity Revisiting VLANs Trunking with 802.1Q Inter-VLAN Routing Building Redundant Switched Topology Spanning-Tree Protocol Overview Spanning-Tree Protocol Operation Spanning-Tree Protocols Types and Features Multiple Spanning Tree Protocol PortFast and BPDU Implementing Layer 2 Port Aggregation (Self-Study) Need for EtherChannel EtherChannel Mode Interactions Layer 2 EtherChannel Configuration Guidelines EtherChannel Load-Balancing Options Troubleshoot EtherChannel Issues Understanding EIGRP EIGRP Features EIGRP Reliable Transport Establishing EIGRP Neighbour Adjacency EIGRP Metrics EIGRP Path Selection Explore EIGRP Path Selection Explore EIGRP Load Balancing and Sharing EIGRP for IPv6 Compare EIGRP and OSPF Routing Protocols Implementing OSPF Describe OSPF The OSPF Process OSPF Neighbour Adjacencies Building a Link-State Database OSPF LSA Types Compare Single-Area and Multi-Area OSPF OSPF Area Structure OSPF Network Types Optimizing OSPF OSPF Cost OSPF Route Summarization Benefits OSPF Route Filtering Tools Compare OSPFv2 and OSPFv3 Exploring EBGP Interdomain Routing with BGP BGP Operations Types of BGP Neighbour Relationships BGP Path Selection BGP Path Attributes Implementing Network Redundancy Need for Default Gateway Redundancy Define FHRP HSRP Advanced Features Cisco Switch High Availability Features Implementing NAT Define Network Address Translation NAT Address Types Explore NAT Implementations NAT Virtual Interface Introducing Virtualisation Protocols and Techniques Server Virtualisation Need for Network Virtualisation Path Isolation Overview Introducing VRF Introducing Generic Routing Encapsulation Introducing Virtualisation Protocols and Techniques Server Virualization Need for Network Virtualisation Path Isolation Overview Introducing VRF Introducing Generic Routing Encapsulation Understanding Virtual Private Networks and Interfaces Site-to-Site VPN Technologies IPSec VPN Overview IPSec: IKE IPsec Modes IPsec VPN Types Cisco IOS VTI Understanding Wireless Principles Explain RF Principles Describe Watts and Decibels Describe Antenna Characteristics Describe IEEE Wireless Standards Identify Wireless Component Roles Examining Wireless Deployment Options Wireless Deployment Overview Describe Autonomous AP Deployment Describe Centralized Cisco WLC Deployment Describe FlexConnect Deployment Cloud Deployment and Its Effect on Enterprise Networks Describe the Cloud-Managed Meraki Solution Cisco Catalyst 9800 Series Controller Deployment Options Describe Cisco Mobility Express Understanding Wireless Roaming and Location Services Wireless Roaming Overview Mobility Groups and Domains Wireless Roaming Types Describe Location Services Examining Wireless AP Operation Universal AP Priming Explore the Controller Discovery Process Describe AP Failover Explain High Availability Explore AP Modes Understanding Wireless Client Authentication Authentication Methods Pre-Shared Key (PSK) Authentication 802.1X User Authentication Overview PKI and 802.1X Certificate Based Authentication Introduction to Extensible Authentication Protocol EAP-Transport Layer Security (EAP-TLS) Protected Extensible Authentication Protocol EAP-FAST Guest Access with Web Auth Troubleshooting Wireless Client Connectivity Wireless Troubleshooting Tools Overview Spectrum Analysis Wi-Fi Scanning Packet Analysis Cisco AireOS GUI and CLI Tools Cisco Wireless Config Analyzer Express Common Wireless Client Connectivity Issues Overview Client to AP Connectivity WLAN Configuration Infrastructure Configuration Introducing Multicast Protocols (Self-study) Multicast Overview Internet Group Management Protocol Multicast Distribution Trees IP Multicasting Routing Rendezvous Point Introducing QoS (Self-study) Understand the Impact of User Applications on the Network Need for Quality of Service (QoS) Describe QoS Mechanisms Define and Interpret a QoS Policy Implementing Network Services Understanding Network Time Protocol Logging Services Simple Network Management Protocol Introducing NetFlow Flexible NetFlow Understanding Cisco IOS Embedded Event Manager Using Network Analysis Tools Troubleshooting Concepts Network Troubleshooting Procedures: Overview Network Troubleshooting Procedures: Case Study Basic Hardware Diagnostics Filtered Show Commands Cisco IOS IP SLAs Switched Port Analyzer(SPAN) Overview Remote SPAN (RSPAN) Encapsulated Remote Switched Port Analyzer(ERSAPN) Cisco Packet Capture Tools Overview Implementing Infrastructure Security ACL Overview ACL Wildcard Masking Types of ACLs Configure Numbered Access Lists Use ACLs to Filter Network Traffic Apply ACLs to Interfaces Configured Named Access Lists Control Plane Overview Control Plane Policing Implementing Secure Access Control Securing Device Access AAA Framework Overview Benefits of AAA Usage Authentication Options RADIUS and TACACS+ Enabling AAA and Configuring a Local User for Fallback Configuring RADIUS for Console and VTY Access Configuring TACACS+ for Console and VTY Access Configure Authorization and Accounting Understanding Enterprise Network Security Architecture (Self-study) Explore Threatscape Cisco Intrusion Prevention Systems Virtual Private Networks Content Security Logging Endpoint Security Personal Firewalls Antivirus and Antispyware Centralized Endpoint Policy Enforcement Cisco AMP for Endpoints Firewall Concepts TrustSec MACsec Identity Management 802.1X for Wired and Wireless Endpoint Authentication MAC Authentication Bypass Web Authentication Exploring Automation and Assurance Using Cisco DNA Centre (Self-study) Need for Digital Transformation Cisco Digital Network Architecture Cisco Intent-Based Networking Cisco DNA Centre Automation Overview Cisco DNA Centre Platform Overview Cisco DNA Centre Design Cisco DNA Centre Inventory Overview Cisco DNA Centre Configuration and Management Overview Onboarding of Network Devices Using Cisco DNA Centre Cisco DNA Centre Software Image Management Overview Cisco DNA Assurance Key Features and Use Cases Cisco DNA Centre Assurance Implementation Workflow Examining the Cisco SD-Access Solution (Self-study) Need for Cisco SD-Access Cisco SD Access Overview Cisco SD-Access Fabric Components Cisco SD-Access Fabric Control Plane Based on LISP Cisco SD-Access Fabric Control Plane Based on VXLAN Cisco SD-Access Fabric Control Plane Based on Cisco TrustSec Role of Cisco ISE and Cisco DNA Centre in SD-Access Cisco SD-Access Wireless Integration Traditional Campus Interoperating with Cisco SD-Access Understanding the Working Principles of the Cisco SD-WAN Solution (Self-study) Need for Software Defined Networking for WAN Cisco SD-WAN Components and Functions Cisco SD-WAN Orchestration Plane Cisco SD-WAN Management Plane- vManage Cisco SD-WAN Control Plane - vSmart Cisco SD-WAN Data Plane - WAN Edge Cisco SD-WAN Programmatic APIs Cisco SD-WAN Automation and Analytics Cisco SD-WAN Terminology Cisco IOS XE and IOS XE SD-WAN Software Flexible Controller Deployment Options Cisco SD-WAN Security Understanding the Basics of Python Programming Describe Python Concepts String Data Types Numbers Data Types Boolean Data Types Script Writing and Execution Analyse Code Introducing Network Programmability Protocols Configuration Management Evolution of Device Management and Programmability Data Encoding Formats Understanding JSON Model Driven Programmability Stack Introduction to YANG Types of YANG Models Understanding NETCONF Explain NETCONF and YANG REST Understanding RESTCONF Protocol Introducing APIs in Cisco DNA Centre and vManage (Self-study) Application Programming Interfaces REST API Response Codes and Results REST API Security Cisco DNA Centre APIs Cisco SD-WAN REST API Overview Labs Lab 1: Investigate the CAM Lab 2: Analyse Cisco Express Forwarding Lab 3: Troubleshoot VLAN and Trunk Issues Lab 4: Tuning STP and Configuring RSTP Lab 5: Configure Multiple Spanning Tree Protocol Lab 6: Troubleshoot EtherChannel Lab 7: Implementing Multiarea OSPF Lab 8: Implement OSPF Tuning Lab 9: Apply OSPF Optimization Lab 10: Implement OSPFv3 Lab 11: Configure and Verify Single-Homed EBGP Lab 12: Implementing HSRP Lab 13: Configure VRRP Lab 14: Implement NAT Lab 15: Configure and Verify VRF Lab 16: Configure and Verify a GRE Tunnel Lab 17: Configure Static VTI Point-to-Point Tunnels Lab 18: Configure Wireless Client Authentication in a Centralized Deployment (No Extended Access) Lab 19: Troubleshoot Wireless Client Connectivity Issues (No Extended Access) Lab 20: Configure Syslog Lab 21: Configure and Verify Flexible NetFlow Lab 22: Configuring Cisco IOS Embedded Event Manager (EEM) Lab 23: Troubleshoot Connectivity and Analyse Traffic with Ping, Traceroute and Debug Lab 24: Configure and Verify Cisco IP SLA's Lab 25: Configure Standard and Extended ACLs Lab 26: Configure Control Plane Policing Lab 27: Implement Local and Server-Based AAA (No Extended Access) Lab 28: Writing and Troubleshooting Python Scripts (No Extended Access) Lab 29: Explore JSON Objects and Scripts in Python (No Extended Access) Lab 30: Use NETCONF via SSH (No Extended Access) Lab 31: Use RESTCONF with Cisco IOS XE Software (No Extended Access) [-]

COURSE OVERVIEW ou will learn how to configure and manage Cisco Nexus 9000 Series Switches in ACI mode, how to connect the Cisco ACI fabric to external networks and services, and fundamentals of Virtual Machine Manager (VMM) integration. You will gain hands-on practice implementing key capabilities such as fabric discovery, policies, connectivity, VMM integration, and more. This course is based on ACI Software v5.2 release.   This course helps you prepare to take the exam, Implementing Cisco Application Centric Infrastructure(300-620 DCACI), which leads to CCNP® Data Center and Cisco Certified Specialist – Data Center ACI Implementation certifications. TARGET AUDIENCE Individuals who need to understand how to configure and manage a data center network environment with the Cisco Nexus 9000 Switch operating in ACI Mode.   COURSE OBJECTIVES After completing this course, you should be able to: Describe Cisco ACI Fabric Infrastructure and basic Cisco ACI concepts Describe Cisco ACI policy model logical constructs Describe Cisco ACI basic packet forwarding Describe external network connectivity Describe VMM Integration Describe Layer 4 to Layer 7 integrations Explain Cisco ACI management features COURSE CONTENT Introducing Cisco ACI Fabric Infrastructure and Basic Concepts What Is Cisco ACI? Cisco ACI Topology and Hardware Cisco ACI Object Model Faults, Event Record, and Audit Log Cisco ACI Fabric Discovery Cisco ACI Access Policies Describing Cisco ACI Policy Model Logical Constructs Cisco ACI Logical Constructs Tenant Virtual Routing and Forwarding Bridge Domain Endpoint Group Application Profile Tenant Components Review Adding Bare-Metal Servers to Endpoint Groups Contracts Describing Cisco ACI Basic Packet Forwarding Endpoint Learning Basic Bridge Domain Configuration **** Introducing External Network Connectivity Cisco ACI External Connectivity Options External Layer 2 Network Connectivity External Layer 3 Network Connectivity Introducing VMM Integration VMware vCenter VDS Integration Resolution Immediacy in VMM Alternative VMM Integrations Describing Layer 4 to Layer 7 Integrations Service Appliance Insertion Without ACI L4-L7 Service Graph Service Appliance Insertion via ACI L4-L7 Service Graph Service Graph Configuration Workflow Service Graph PBR Introduction Explaining Cisco ACI Management Out-of-Band Management In-Band Management Syslog Simple Network Management Protocol Configuration Backup Authentication, Authorization, and Accounting Role-Based Access Control Cisco ACI Upgrade Collect Tech Support Labs Validate Fabric Discovery Configure Network Time Protocol (NTP) Create Access Policies and Virtual Port Channel (vPC) Enable Layer 2 Connectivity in the Same Endpoint Group (EPG) Enable Inter-EPG Layer 2 Connectivity Enable Inter-EPG Layer 3 Connectivity Compare Traffic Forwarding Methods in a Bridge Domain Configure External Layer 2 (L2Out) Connection Configure External Layer 3 (L3Out) Connection Integrate Application Policy Infrastructure Controller (APIC) With VMware vCenter Using VMware Distributed Virtual Switch (DVS) TEST CERTIFICATION Recommended as preparation for the following exams: 300-620 DCACI - Implementing Cisco Application Centric Infrastructure [-]

COURSE OVERVIEW In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility and enforcements. You will get extensive hands-on experience deploying Cisco Firepower Next-Generation Firewall and Cisco ASA Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more.  You will get introductory practice on Cisco Stealthwatch Enterprise and Cisco Stealthwatch Cloud threat detection features. Please note that this course is a combination of Instructor-Led and Self-Paced Study - 5 days in the classroom and approx 3 days of self study. The self-study content will be provided as part of the digital courseware that you will recieve at the beginning of the course and should be part of your preparation for the exam. TARGET AUDIENCE Security individuals who need to be able to implement and operate core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. COURSE OBJECTIVES After completing this course you should be able to: Describe information security concepts and strategies within the network Describe common TCP/IP, network application, and endpoint attacks Describe how various network security technologies work together to guard against attacks Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance Describe and implement web content security features and functions provided by Cisco Web Security Appliance Describe Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console Introduce VPNs and describe cryptography solutions and algorithms Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco IOS VTI-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco FirePower NGFW Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and EAP authentication Provide basic understanding of endpoint security and describe AMP for Endpoints architecture and basic features Examine various defenses on Cisco devices that protect the control and management plane Configure and verify Cisco IOS Software Layer 2 and Layer 3 Data Plane Controls Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions Describe basics of cloud computing and common cloud attacks and how to secure cloud environment   COURSE CONTENT Describing Information Security Concepts (Self-Study) Information Security Overview Managing Risk Vulnerability Assessment Understanding CVSS Describing Common TCP/IP Attacks (Self-Study) Legacy TCP/IP Vulnerabilities IP Vulnerabilities ICMP Vulnerabilities TCP Vulnerabilities UDP Vulnerabilities Attack Surface and Attack Vectors Reconnaissance Attacks Access Attacks Man-In-The-Middle Attacks Denial of Service and Distributed Denial of Service Attacks Reflection and Amplification Attacks Spoofing Attacks DHCP Attacks Describing Common Network Application Attacks (Self-Study) Password Attacks DNS-Based Attacks DNS Tunneling Web-Based Attacks HTTP 302 Cushioning Command Injections SQL Injections Cross-Site Scripting and Request Forgery Email-Based Attacks Describing Common Endpoint Attacks (Self-Study) Buffer Overflow Malware Reconnaissance Attack Gaining Access and Control Gaining Access via Social Engineering Gaining Access via Web-Based Attacks Exploit Kits and Rootkits Privilege Escalation Post-Exploitation Phase Angler Exploit Kit Describing Network Security Technologies Defense-in-Depth Strategy Defending Across the Attack Continuum Network Segmentation and Virtualization Overview Stateful Firewall Overview Security Intelligence Overview Threat Information Standardization Network-Based Malware Protection Overview IPS Overview Next Generation Firewall Overview Email Content Security Overview Web Content Security Overview Threat Analytic Systems Overview DNS Security Overview Authentication, Authorization, and Accounting Overview Identity and Access Management Overview Virtual Private Network Technology Overview Network Security Device Form Factors Overview Deploying Cisco ASA Firewall Cisco ASA Deployment Types Cisco ASA Interface Security Levels Cisco ASA Objects and Object Groups Network Address Translation Cisco ASA Interface ACLs Cisco ASA Global ACLs Cisco ASA Advanced Access Policies Cisco ASA High Availability Overview Deploying Cisco Firepower Next-Generation Firewall Cisco Firepower NGFW Deployments Cisco Firepower NGFW Packet Processing and Policies Cisco Firepower NGFW Objects Cisco Firepower NGFW NAT Cisco Firepower NGFW Prefilter Policies Cisco Firepower NGFW Access Control Policies Cisco Firepower NGFW Security Intelligence Cisco Firepower NGFW Discovery Policies Cisco Firepower NGFW IPS Policies Cisco Firepower NGFW Malware and File Policies Deploying Email Content Security Cisco Email Content Security Overview SMTP Overview Email Pipeline Overview Public and Private Listeners Host Access Table Overview Recipient Access Table Overview Mail Policies Overview Protection Against Spam and Graymail Anti-virus and Anti-malware Protection Outbreak Filters Content Filters Data Loss Prevention Email Encryption Deploying Web Content Security Cisco WSA Overview Deployment Options Network Users Authentication HTTPS Traffic Decryption Access Policies and Identification Profiles Acceptable Use Controls Settings Anti-Malware Protection Deploying Cisco Umbrella (Self-Study) Cisco Umbrella Architecture Deploying Cisco Umbrella Cisco Umbrella Roaming Client Managing Cisco Umbrella Cisco Umbrella Investigate Overview Explaining VPN Technologies and Cryptography VPN Definition VPN Types Secure Communication and Cryptographic Services Keys in Cryptography Public Key Infrastructure Introducing Cisco Secure Site-to-Site VPN Solutions Site-to-Site VPN Topologies IPsec VPN Overview IPsec Static Crypto Maps IPsec Static Virtual Tunnel Interface Dynamic Multipoint VPN Cisco IOS FlexVPN Deploying Cisco IOS VTI-Based Point-to-Point Cisco IOS VTIs Static VTI Point-to-Point IPsec IKEv2 VPN Configuration Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW Point-to-Point VPNs on the Cisco ASA and Cisco Firepower NGFW Cisco ASA Point-to-Point VPN Configuration Cisco Firepower NGFW Point-to-Point VPN Configuration Introducing Cisco Secure Remote Access VPN Solutions Remote Access VPN Components Remote Access VPN Technologies SSL Overview Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW Remote Access Configuration Concepts Connection Profiles Group Policies Cisco ASA Remote Access VPN Configuration Cisco Firepower NGFW Remote Access VPN Configuration Explaining Cisco Secure Network Access Solutions Cisco Secure Network Access Cisco Secure Network Access Components AAA Role in Cisco Secure Network Access Solution Cisco Identity Services Engine Cisco TrustSec Describing 802.1X Authentication 802.1X and EAP EAP Methods Role of RADIUS in 802.1X Communications RADIUS Change of Authorization Configuring 802.1X Authentication Cisco Catalyst Switch 802.1X Configuration Cisco WLC 802.1X Configuration Cisco ISE 802.1X Configuration Supplicant 802.1x Configuration Cisco Central Web Authentication Describing Endpoint Security Technologies (Self-Study) Host-Based Personal Firewall Host-Based Anti-Virus Host-Based Intrusion Prevention System Application Whitelists and Blacklists Host-Based Malware Protection Sandboxing Overview File Integrity Checking Deploying Cisco AMP for Endpoints (Self-study) Cisco AMP for Endpoints Architecture Cisco AMP for Endpoints Engines Retrospective Security with Cisco AMP Cisco AMP Device and File Trajectory Managing Cisco AMP for Endpoints Introducing Network Infrastructure Protection (Self-Study) Identifying Network Device Planes Control Plane Security Controls Management Plane Security Controls Network Telemetry Layer 2 Data Plane Security Controls Layer 3 Data Plane Security Controls Deploying Control Plane Security Controls (Self-Study) Infrastructure ACLs Control Plane Policing Control Plane Protection Routing Protocol Security Deploying Layer 2 Data Plane Security Controls (Self-Study) Overview of Layer 2 Data Plane Security Controls VLAN-Based Attacks Mitigation STP Attacks Mitigation Port Security Private VLANs DHCP Snooping ARP Inspection Storm Control MACsec Encryption Deploying Layer 3 Data Plane Security Controls (Self-Study) Infrastructure Antispoofing ACLs Unicast Reverse Path Forwarding IP Source Guard Labs Configure Network Settings And NAT On Cisco ASA Configure Cisco ASA Access Control Policies Configure Cisco Firepower NGFW NAT Configure Cisco Firepower NGFW Access Control Policy Configure Cisco Firepower NGFW Discovery and IPS Policy Configure Cisco NGFW Malware and File Policy Configure Listener, HAT, and RAT on Cisco ESA Configure Mail Policies Configure Proxy Services, Authentication, and HTTPS Decryption Enforce Acceptable Use Control and Malware Protection Examine the Umbrella Dashboard Examine Cisco Umbrella Investigate Explore DNS Ransomware Protection by Cisco Umbrella Configure Static VTI Point-to-Point IPsec IKEv2 Tunnel Configure Point-to-Point VPN between the Cisco ASA and Cisco Firepower NGFW Configure Remote Access VPN on the Cisco Firepower NGFW Explore Cisco AMP for Endpoints Perform Endpoint Analysis Using AMP for Endpoints Console Explore File Ransomware Protection by Cisco AMP for Endpoints Console Explore Cisco Stealthwatch Enterprise v6.9.3 Explore CTA in Stealthwatch Enterprise v7.0 Explore the Cisco Cloudlock Dashboard and User Security Explore Cisco Cloudlock Application and Data Security Explore Cisco Stealthwatch Cloud Explore Stealthwatch Cloud Alert Settings, Watchlists, and Sensors TEST CERTIFICATION Recommended as preparation for the following exams: 350-701 - Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)   This is the core exam for the Cisco CCNP Security certification, in order to gain the CCNP Security certification you will also need to pass one of the concentration exams. [-]

COURSE OVERVIEW The Implementing and Configuring Cisco Identity Services Engine course shows you how to deploy and use Cisco Identity Services Engine (ISE) v2.4, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless and VPN connections. This hands-on course provides you with the knowledge and skills required to implement and use Cisco ISE, including policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration. Through expert instruction and hands-on practice, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management and contribute to operational efficiency.   Delegates will be expected to work in groups and share lab equipment, If you are attending virtually you may also be required to work in virtual breakout rooms. Extended hours may also be required to cover all of the content included in this class.   TARGET AUDIENCE Individuals involved in the deployment and maintenance of the Cisco ISE platform. COURSE OBJECTIVES After completing this course you should be able to: Describe Cisco ISE deployments, including core deployment components and how they interact to create a cohesive security architecture. Describe the advantages of such a deployment and how each Cisco ISE capability contributes to these advantages. Describe concepts and configure components related to 802.1X and MAC Authentication Bypass (MAB) authentication, identity management, and certificate services. Describe how Cisco ISE policy sets are used to implement authentication and authorization, and how to leverage this capability to meet the needs of your organization. Describe third-party network access devices (NADs), Cisco TrustSec®, and Easy Connect. Describe and configure web authentication, processes, operation, and guest services, including guest access components and various guest access scenarios. Describe and configure Cisco ISE profiling services, and understand how to monitor these services to enhance your situational awareness about network-connected endpoints. Describe best practices for deploying this profiler service in your specific environment. Describe BYOD challenges, solutions, processes, and portals. Configure a BYOD solution, and describe the relationship between BYOD processes and their related configuration components. Describe and configure various certificates related to a BYOD solution. Describe the value of the My Devices portal and how to configure this portal. Describe endpoint compliance, compliance components, posture agents, posture deployment and licensing, and the posture service in Cisco ISE. Describe and configure TACACS+ device administration using Cisco ISE, including command sets, profiles, and policy sets. Understand the role of TACACS+ within the authentication, authentication, and accounting (AAA) framework and the differences between the RADIUS and TACACS+ protocols. Migrate TACACS+ functionality from Cisco Secure Access Control System (ACS) to Cisco ISE, using a migration tool. COURSE CONTENT Introducing Cisco ISE Architecture and Deployment Using Cisco ISE as a Network Access Policy Engine Cisco ISE Use Cases Describing Cisco ISE Fucntions Cisco ISE Deployment Models Context Visibility Cisco ISE Policy Enforcement Using 802.1X for Wired and Wireless Access Using MAC Authentication Bypass for Wired and Wireless Access Introducing Identity Management Configuring Certificate Services Introducing Cisco ISE Policy Implementing Third-Party Network Access Device Support Introducing Cisco TrustSec TrustSec Configuration Easy Connect Web Authentication and Guest Services Introducing Web Access with Cisco ISE Introducing Guest Access Components Configuring Guest Access Services Configure Sponsor and Guest Portals Cisco ISE Profiler Introducing Cisco ISE Profiler Profiling Deployment and Best Practices Cisco ISE BYOD Introducing the Cisco ISE BYOD Process Describing BYOD Flow Configuring the My Devices Portal Configuring Certificates in BYOD Scenarios Cisco ISE Endpoint Compliance Services Introducing Endpoint Compliance Services Configuring Client Posture Services and Provisioning Working with Network Access Devices Cisco ISE TACACS+ Device Administration Configure TACACS+ Device Administration Guidelines and Best Practices Migrating from Cisco ACS to Cisco ISE Labs Lab 1: Access the SISE Lab and Install ISE 2.4 Lab 2 : Configure Initial Cisco ISE Setup, Gui Familiarization and System Certificate Usage  Lab 3: Integrate Cisco ISE with Active Directory Lab 4: Configure Cisco ISE Policy Lab 5: Configure Access Policy for Easy Connect Lab 6: Configure Guest Access Lab 7: Configure Guest Access Operations Lab 8: Create Guest Reports Lab 9: Configure Profiling Lab 10: Customize the Cisco ISE Profiling Configuration Lab 11: Create Cisco ISE Profiling Reports Lab 12: Configure BYOD Lab 13: Blacklisting a Device Lab 14: Configure Cisco ISE Compliance Services Lab 15: Configure Client Provisioning Lab 16: Configure Posture Policies Lab 17: Test and Monitor Compliance Based Access Lab 18: Test Compliance Policy Lab 19: Configure Cisco ISE for Basic Device Administration Lab 20: Configure TACACS+ Command Authorization   [-]

SFWIPA: Securing Data Center Networks and VPNs with Cisco Secure Firewall Threat Defense [-]

ASR9KE: Cisco Aggregation Services Router 9000 Series Essentials [-]