CCIE Security Lab Training

CCIE Security Lab Training

Course Information

Technology : Cisco Security

Duration : 5 Days Course

Review : 1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 5.00 out of 5)
Loading...
  • CCIE Security Lab Training

    Upcoming Dates

    Course Details

    Overview

    The CCIE Security Instructor Led Workshop is designed for CCIE Security candidates preparing for CCIE Security Lab Exam.This event is 5-days instructor led training program that helps students to learn and practice lab topics from CCIE blueprint.

    Outline

    Day 1 Section 1 Firewalls, ASA and IOS

    • Lab 1.1 Basic ASA Setup
    • Lab 1.2 Static and Default Routing
    • Lab 1.3 Dynamic Routing
    • Lab 1.4 Object Groups
    • Lab 1.5 ACL
    • Lab 1.6 NAT and PAT
    • Lab 1.7 Connection limits and timeouts.
    • Lab 1.8 Management
    • Lab 1.9 Configuring Java, ActiveX and URL Filtering

    Day 1 Section 2 Advanced ASA Setup

    • Lab 2.1 Protocol inspection
    • Lab 2.2 Modular policy framework
    • Lab 2.3 TCP Normalization
    • Lab 2.4 Advanced HTTP inspection
    • Lab 2.5 Advanced FTP inspection
    • Lab 2.6 URPF and fragments
    • Lab 2.7 Qos on the ASA

    Day 1 Section 3 Failover, Contexts and Transparent mode

    • Lab 3.1 Multimode
    • Lab 3.2 Failover
    • Lab 3.3 Multicontext Transparent mode

    Day 1 Section 4 Basic IOS Firewall Setup

    • Lab 4.1 Basic IOS FW setup
    • Lab 4.2 Tuning
    • Lab 4.3 Filtering of Java and URLs
    • Lab 4.4 Port application mapping (PAM)

    Day 1 Section 5 Zone Based Firewall Setup

    • Lab 5.1 Creating a ZBF
    • Lab 5.2 ZBF advanced

    Day 2 Section 1 VPN using ASA and IOS

    • Lab 1.1 Basic ASA setup
    • Lab 1.2 ASA to ASA VPN
    • Lab 1.3 IOS to ASA VPN
    • Lab 1.4 Router to Router VPN using GRE
    • Lab 1.5 Router to Router VPN using VTI
    • Lab 1.6 DMVPN
    • Lab 1.7 GET VPN
    • Lab 1.8 IOS CA

    Day 2 Section 3 Remote access VPN

    • Lab 3.1 VPN Client to ASA
    • Lab 3.2 IOS to IOS with Dynamic VTI
    • Lab 3.3 ASA SSL VPN basic
    • Lab 3.4 ASA SSL VPN advanced

    Day 3 Section 1 IPS

    • Lab 1.1 Basic IPS Setup
    • Lab 1.2 Configuring Inline Mode
    • Lab 1.3 Signature Tuning
    • Lab 1.4 Event Action Overrides
    • Lab 1.6 Event reduction
    • Lab 1.7 Virtual sensors
    • Lab 1.8 Configuring SNMP
    • Lab 1.9 Creating a custom signature
    • Lab 1.10 Summarisation
    • Lab 1.11 IPS Authentication Attempt Limit

    Day 3 Section 2 Catalyst Switch Security

    • Lab 2.1 Securing Spanning tree
    • Lab 2.2 Port Security
    • Lab 2.3 DHCP snooping
    • Lab 2.4 ARP inspection
    • Lab 2.5 VLAN Maps
    • Lab 2.6 Advanced features
    • Lab 2.7 802.1x
    • Lab 2.8 Strom control
    • Lab 2.9 Private VLAN edge

    DAY 3 Section 3 Access Control Server (ACS)

    • Lab 3.1 AAA Clients
    • Lab 3.2 AAA Users and Groups
    • Lab 3.3 AAA on Routers
    • Lab 3.4 AAA on the ASA
    • Lab 3.6 Command authorization on IOS
    • Lab 3.7 Proxy Authentication on the ASA
    • Lab 3.8 Proxy Authentication on IOS

    Day 3 Section 4 Advanced IOS Security Features

    • Lab 4.1 NTP
    • Lab 4.2 Time based ACL
    • Lab 4.3 TCP intercept
    • Lab 4.4 QOS
    • Lab 4.5 URPF
    • Lab 4.6 FPM
    • Lab 4.7 PBR and ICMP unreachable
    • Lab 4.8 Control plane security
    • Lab 4.9 Session Management
    • Lab 4.10 Management Processes Survival
    • Lab 4.11 Logging Class Maps
    • Lab 4.12 ACL IP Options Selective Drop
    • Lab 4.13 Router protection and notifications
    • Lab 4.14 IKE protection on router
    • Lab 4.15 Management protection
    • Lab 4.16 Advanced access lists
    • Lab 4.17 IKE pre shared key protection

    Day 4 Section 1 Putting it all together and troubleshooting VPN

    • Lab 1.1 DMVPN through the ASA
    • Lab 1.2 IOS EZVPN with DVTI not working

    Day 4 Section 2 Putting it all together and troubleshooting FW

    • Lab 2.1 BGP through the ASA
    • Lab 2.2 AAA through IOS ZBF and ASA

    Day 4 Section 3 Putting it all together and troubleshooting Other

    • Lab 3.1 Routing Authentication
    • Lab 3.2 Cannot SSH to a device

    Day 5 Full Lab

    • Section 1Core Configuration (20 points)
    • Section 2Firewalls (10 Points)
    • Section 3: Cisco VPN (14 Points)
    • Section 4: Cisco IPS (8 Points)
    • Section 5: Identity Authentication (8 Points)
    • Section 6: Control and Management Plane Security (18 Points)
    • Section 7: Advanced Security (10 Points)
    • Section 8: Network Attacks (12 Points)

    Target Audience

    • CCIE Security Lab Exam Candidates

    Pre-Requisites

    • Candidates must have passed the CCIE written exam
    • CCIE Security Written Exam Power Workshop CCIESW
    • 3 – 5 years hands-on experience
    • CCSP or CCNP Security Certified (Recommended)

    Course Schedule