Home > Articles > Cisco > CCNA Security

  • Print
  • + Share This
From the author of Exam topics

Exam topics

Cisco routers and switches

  • Understanding common threats, including blended threats, and how to mitigate them.
  • Describe the life cycle approach for a security policy.
  • Understand and implement network foundation protection for the control, data, and management planes
  • Understand, implement and verify AAA (authentication, authorization, and accounting) including the details of TACACS+ and RADIUS.
  • Understand and implement basic rules inside of Cisco Access Control Server (ACS) version 5.x, including configuration of both ACS and a router for communications with each other.
  • Standard, extended, and named access control lists used for packet filtering as well as for the classification of traffic
  • Understand and implement protection against layer 2 attacks including CAM table overflow attacks, and VLAN hopping

Cisco firewall technologies

  • Understand describe the various methods for filtering implemented by firewalls, including stateful filtering, including their strengths and weaknesses.
  • Understand the methods that a firewall may use to implement network address translation (NAT) and port address translation.
  • Understand, implement, and interpret a zone-based firewall policy through Cisco Configuration Professional (CCP)
  • Understand and describe the characteristics and defaults for interfaces, security levels and traffic flows on the Adaptive Security Appliance (ASA).
  • Implement, and interpret a firewall policy on an Adaptive Security Appliance (ASA), through the GUI tool named the ASA Security Device Manager (ASDM).

Intrusion Prevention System

  • Compare and contrast IPS versus IDS, including the pros and cons of each and the methods used by these systems for identifying malicious traffic.
  • Describe the concepts involved with IPS included True/False Positives/Negatives.
  • Configure and verify IOS-based IPS using Cisco configuration professional (CCP)

VPN technologies

  • Understand and describe the building blocks used for VPNs today, including the concepts of symmetrical, asymmetrical, encryption, hashing, IKE, PKI, authentication, Diffie-Hellman, certificate authorities, etc.
  • Implement and verify IPsec VPNs on IOS using CCP and the command line interface (CLI).
  • Implement and verify SSL VPNs on the ASA firewall, using ASDM
  • + Share This
  • 🔖 Save To Your Account