Network Security

OBJETIVOS
Seguridad de redes ayuda a los estudiantes a desarrollar las habilidades necesarias para acceder a las
oportunidades profesionales de seguridad de redes. Proporciona una introducción teóricamente rica, práctica
a la seguridad de la red, en una secuencia lógica impulsada por las tecnologías.
Los objetivos del curso de Seguridad de Redes son los siguientes:
= Proporcionar una comprensión profunda y teórica de la seguridad de las redes.
= Proporcionar a los estudiantes los conocimientos y habilidades necesarios para diseñar y apoyar la
seguridad de la red.
= Proporcionar un curso orientado a la experiencia que emplee enfoques de instrucción relevantes para la
industria con el fin de preparar a los estudiantes para puestos de trabajo de nivel inicial en la industria.
= Permitir a los estudiantes tener una interacción práctica significativa con el equipo de TI para prepararlos
para los exámenes y las oportunidades de carrera.
= Al finalizar el curso de Seguridad de Redes, los estudiantes serán capaces de realizar las siguientes tareas:
= Explicar los distintos tipos de amenazas y ataques.
= Explicar las herramientas y procedimientos para mitigar los efectos del malware y los ataques comunes a la
red.
= Configurar la autorización de comandos utilizando niveles de privilegio y CLI basada en roles.
= Implementar la gestión y monitorización seguras de dispositivos de red.
= Configurar AAA para asegurar una red.
= Implementar ACLs para filtrar tráfico y mitigar ataques de red en una red.
= Implementar el Firewall de Políticas Basado en Zonas utilizando la CLI.
= Explicar cómo se utilizan los Sistemas de Prevención de Intrusos basados en red para ayudar a asegurar
una red.
= Explicar vulnerabilidades de endpoint y métodos de protección.
= Implementar medidas de seguridad para mitigar ataques de Capa 2.
= Explicar cómo los tipos de cifrado, hashes y firmas digitales trabajan juntos para proporcionar
confidencialidad, integridad y autenticación.
= Explicar cómo se utiliza una infraestructura de clave pública para garantizar la confidencialidad de los datos y
proporcionar autenticación.
= Configurar una VPN IPsec sitio-a-sitio, con autenticación de clave pre-compartida, utilizando la CLI.
= Explicar como el ASA opera como un firewall stateful avanzado.
= Implementar una configuración de firewall ASA.
= Implementar una configuración de firewall ASA utilizando ASDM (opcional).
= Probar la seguridad de la red.

www.netacad.com
Network Security Outline
Module/Topics Goals/Objectives

Module 1. Securing Networks Explain Network Security.

1.0 Introduction A brief introduction to the course and the first module.

1.1 Current State of Affairs Describe the current network security landscape.

1.2 Network Topology Overview Describe how all types of networks need to be protected.

1.3 Securing Networks Summary A brief summary and the module quiz.

Module 2. Network Threats Explain the various types of threats and attacks

2.0 Introduction An introduction to the module.

2.1 Who is Attacking Our Network? Explain how network threats have evolved.

2.2 Threat Actor Tools Describe the various types of attack tools used by Threat Actors.

2.3 Malware Describe types of malware.

2.4 Common Network Attacks - Reconnaissance, Explain reconnaissance, access, and social engineering network attacks.
Access, and Social Engineering

2.5 Network Attacks - Denial of Service, Buffer Explain Denial of Service, buffer overflow, and evasion attacks.
Overflows, and Evasion

2.6 Network Threats Summary A brief summary and the module quiz.

Module 3. Mitigating Threats Explain tools and procedures to mitigate the effects of malware and
common network attacks.

3.0 Introduction An introduction to the module.

3.1 Defending the Network Describe methods and resources to protect the network.

3.2 Network Security Policies Explain several types of network security policies

3.3 Security Tools, Platforms, and Services Explain the purpose of security platforms.

3.4 Mitigating Common Network Attacks Describe the techniques used to mitigate common network attacks.

3.5 Cisco Network Foundation Protection Explain how to secure the three functional areas of Cisco routers and
Framework switches.

3.6 Mitigating Threats Summary A brief summary and the module quiz.

Module 4. Secure Device Access Configure secure administrative access.

4.0 Introduction An introduction to the module.

4.1 Secure the Edge Router Explain how to secure a network perimeter.

4.2 Configure Secure Administrative Access Use the correct commands to configure passwords on a Cisco IOS device.

4.3 Configure Enhanced Security for Virtual Logins Use the correct commands to configure enhanced security for virtual logins.

4.4 Configure SSH Configure an SSH daemon for secure remote management.

www.netacad.com
 Module/Topics Goals/Objectives

4.5 Secure Device Access Summary A brief summary and the module quiz.

Module 5. Assign Administrative Roles Configure command authorization using privilege levels and role-based
CLI.

5.0 Introduction An introduction to the module.

5.1 Configure Privilege Levels Use the correct commands to configure administrative privilege levels to
control command availability.

5.2 Configure Role-Based CLI Use the correct commands to configure role-based CLI access to control
command availability.

5.3 Assign Administrative Roles Summary A brief summary and the module quiz.

Module 6. Device Monitoring and Management Implement the secure management and monitoring of network devices.

6.0 Introduction An introduction to the module.

6.1 Secure Cisco IOS Image and Configuration Explain how the Cisco IOS resilient configuration feature and Secure Copy
Files are used to secure the Cisco IOS image and configuration files.

6.2 Lock Down a Router Using AutoSecure Use the correct commands for AutoSecure to enable security on IOS-based
routers.

6.3 Routing Protocol Authentication Use the correct commands to configure routing protocol authentication.

6.4 Secure Management and Reporting Compare in-band and out-of-band management access.

6.5 Network Security Using Syslog Explain how to configure syslog to log system events.

6.6 NTP Configuration Configure NTP to enable accurate timestamping between all devices.

6.7 SNMP Configuration Configure SNMP to monitor system status.

6.8 Device Monitoring and Management Summary A brief summary and the module quiz.

Module 7. Authentication, Authorization and Configure AAA to secure a network.

7.0 Introduction An introduction to the module.

7.1 AAA Characteristics Describe AAA.

7.2 Configure Local AAA Authentication Configure AAA authentication to validate users against a local database.

7.3 Server-Based AAA Characteristics and Describe the server-based AAA protocols.
Protocols

7.4 Configure Server-Based Authentication Configure server-based AAA authentication on Cisco routers.

7.5 Configure Server-Based Authorization and Use the correct commands to configure server-based AAA authorization and
Accounting accounting.

7.6 Authentication, Authorization and Accounting A brief summary and the module quiz.
(AAA) Summary

Module 8. Access Control Lists Implement access control lists (ACLs) to filter traffic and mitigate
network attacks on a network.

8.0 Introduction An introduction to the module.

www.netacad.com
 Module/Topics Goals/Objectives

8.1 Introduction to Access Control Lists Describe standard and extended IPv4 ACLs.

8.2 Wildcard Masking Explain how ACLs use wildcard masks

8.3 Configure ACLs Explain how to configure ACLs.

8.4 Modify ACLs Use sequence numbers to edit existing standard IPv4 ACLs

8.5 Implement ACLs Implement ACLs.

8.6 Mitigate Attacks with ACLs Use ACLs to mitigate common network attacks.

8.7 IPv6 ACLs Configure IPv6 ACLs using CLI.

8.8 Access Control Lists Summary A brief summary and the module quiz.

Module 9: Firewall Technologies Explain how firewalls are implemented to provide network security.

9.0 Introduction An introduction to the module.

9.1 Secure Networks with Firewalls Explain how firewalls are used to help secure networks.

9.2 Firewalls in Network Design Explain design considerations for implementing firewall technologies

9.3 Firewall Technologies Summary A brief summary and the module quiz.

Module 10: Zone-Based Policy Firewalls Implement Zone-Based Policy Firewall using CLI.

10.0 Introduction An introduction to the module.

10.1 ZPF Overview Explain how Zone-Based Policy Firewalls are used to help secure a network.

10.2 ZPF Operation Explain the operation of a Zone-Based Policy Firewall.

10.3 Configure a ZPF Configure a Zone-Based Policy Firewall with CLI.

10.4 Zone-Based Policy Firewalls Summary A brief summary and the module quiz.

Module 11: IPS Technologies Explain how network-based Intrusion Prevention Systems are used to
help secure a network.

11.0 Introduction An introduction to the module.

11.1 IDS and IPS Characteristics Explain the functions and operations of IDS and IPS systems.

11.2 IPS Implementations Explain how network-based IPS are implemented.

11.3 IPS on Cisco ISRs Describe the IPS technologies that are available on Cisco ISR routers.

11.4 Cisco Switched Port Analyzer Configure Cisco SPAN.

11.5 IPS Technologies Summary A brief summary and the module quiz.

Module 12: IPS Operation and Implementation Explain how signatures are used to detect malicious network traffic.

12.0 Introduction An introduction to the module.

12.1 IPS Signatures Describe IPS signatures.

12.2 Cisco Snort IPS Explain how the Cisco Snort IPS provides network security services.

12.3 Configure Snort IPS Explain how to configure Snort IPS on a Cisco ISR G2.

www.netacad.com
 Module/Topics Goals/Objectives

12.4 IPS Operation and Implementation Summary A brief summary and the module quiz.

Module 13: Endpoint Security Explain endpoint vulnerabilities and protection methods.

13.0 Introduction An introduction to the module.

13.1 Endpoint Security Overview Describe endpoint security and the enabling technologies.

13.2 802.1X Authentication Explain the functions of 802.1x components.

13.3 Endpoint Security Summary A brief summary and the module quiz.

Module 14: Layer 2 Security Considerations Implement security measures to mitigate Layer 2 attacks.

14.0 Introduction An introduction to the module.

14.1 Layer 2 Security Threats Describe Layer 2 vulnerabilities.

14.2 MAC Table Attacks Describe MAC address spoofing attacks.

14.3 Mitigate MAC Table Attacks Configure port security.

14.4 Mitigate VLAN Attacks Explain how to mitigate VLAN attacks.

14.5 Mitigate DHCP Attacks Use the correct command to implement DHCP Snooping for attack mitigation.

14.6 Mitigate ARP Attacks Use the correct command to mitigate ARP attacks.

14.7 Mitigate Address Spoofing Attacks Use the correct command to mitigate address spoofing attacks.

14.8 Spanning Tree Protocol Explain the operation of Spanning Tree Protocol.

14.9 Mitigate STP Attacks Configure security measures to mitigate STP attacks.

14.10 Layer 2 Security Considerations Summary A brief summary and the module quiz.

15 Cryptographic Services Explain how the types of encryption, hashes, and digital signatures
work together to provide confidentiality, integrity, and authentication.

15.0 Introduction An introduction to the module.

15.1 Secure Communications Explain the requirements of secure communications including integrity,
authentication, and confidentiality.

15.2 Cryptography Describe cryptography.

15.3 Cryptanalysis Describe cryptanalysis.

15.4 Cryptology Describe cryptology.

15.5 Cryptographic Services Summary A brief summary and the module quiz.

Module 16: Basic Integrity and Authenticity Explain how cryptography is used to ensure data integrity and
authentication.

16.0 Introduction An introduction to the module.

16.1 Integrity and Authenticity Explain the role of cryptography in ensuring the integrity and authenticity of
data.

16.2 Key Management Describe the components of key management.

www.netacad.com
 Module/Topics Goals/Objectives

16.3 Confidentiality Explain how cryptographic approaches enhance data confidentiality.

16.4 Basic Integrity and Authenticity Summary A brief summary and the module quiz.

Module 17: Public Key Cryptography Explain how a public key infrastructure is used to ensure data
confidentiality and provide authentication.

17.0 Introduction An introduction to the module.

17.1 Public Key Cryptography with Digital Explain public key cryptography.
Signatures

17.2 Authorities and the PKI Trust System Explain how the public key infrastructure functions.

17.3 Applications and Impacts of Cryptography Explain how the use of cryptography affects cybersecurity operations.

17.4 Public Key Cryptography Summary A brief summary and the module quiz.

Module 18: VPNs Explain the purpose of VPNs.

18.0 Introduction An introduction to the module.

18.1 VPN Overview Describe VPNs and their benefits.

18.2 VPN Topologies Compare remote-access and site-to-site VPNs.

18.3 IPsec Overview Describe the IPsec protocol and its basic functions.

18.4 IPsec Protocols Compare AH and ESP protocols.

18.5 Internet Key Exchange Describe the IKE protocol.

18.6 VPNs Summary A brief summary and the module quiz.

Module 19: Implement Site-to-Site IPsec VPNs Configure a site-to-site IPsec VPN, with pre-shared key authentication,
with CLI using CLI.

19.0 Introduction An introduction to the module.

19.1 Configure a Site-to-Site IPsec VPN Describe IPsec negotiation and the five steps of IPsec configuration.

19.2 ISAKMP Policy Use the correct commands to configure an ISAKMP policy.

19.3 IPsec Policy Use the correct commands to configure the IPsec policy.

19.4 Crypto Map Use the correct command to configure and apply a Cryptomap.

19.5 IPsec VPN Configure the IPsec VPN.

19.6 Implement Site-to-Site IPsec VPNs with CLI A brief summary and the module quiz.
Summary

Module 20: Introduction to the ASA Explain how the ASA operates as an advanced stateful firewall.

20.0 Introduction An introduction to the module.

20.1 ASA Solutions Compare ASA solutions to other routing firewall technologies.

20.2 The ASA 5506-X with FirePOWER Services Describe three ASA deployment scenarios.

20.3 Introduction to the ASA Summary A brief summary and the module quiz.

www.netacad.com
 Module/Topics Goals/Objectives

Module 21: ASA Firewall Configuration Implement an ASA firewall configuration.

21.0 Introduction An introduction to the module.

21.1 Basic ASA Firewall Configuration Explain how to configure an ASA-5506-X with FirePOWER Services.

21.2 Configure Management Settings and Services Configure management settings and services on a ASA5506-X firewall.

21.3 Object Groups Explain how to configure object groups on an ASA.

21.4 ASA ACLs Use the correct commands to configure access lists with object groups on an
ASA.

21.5 NAT Services on an ASA Use the correct commands to configure an ASA to provide NAT services.

21.6 AAA Use correct command to configure access control using the local database
and AAA server.

21.7 Service Policies on an ASA Configure service policies on an ASA

21.8 ASA Firewall Configuration Summary A brief summary and the module quiz.

21.9 Introduction to ASDM (Optional)

Module 22: Network Security Testing Describe the various techniques and tools used for network security
testing.

22.0 Introduction An introduction to the module.

22.1 Network Security Testing Techniques Describe the techniques used in network security testing.

22.2 Network Security Testing Tools Describe the tools used in network security testing

22.3 Network Security Testing Summary A brief summary and a module quiz.

www.netacad.com