CBROPS - UNDERSTANDING CISCO CYBERSECURITY OPERATIONS FUNDAMENTALS V1.0 Training Course

A 5 day practical networking course designed to familiarise students with Cisco IOS (version 12). The course details the key commands used to configure and secure Cisco routers and switches, and covers the CCNA syllabus - including wired and wireless LAN access.

Students will inter-connect networks by implementing static routes, distance-vector and link-state based dynamic routing protocols.

The devices will be configured to route traffic across LAN/VLAN//WAN boundaries, by encapsulating datagrams across serial data links using various WAN protocols, such as HDLC, Frame Relay, ISDN and PPP (with CHAP authentication). VLAN encapsulation/tagging will be via IEEE802.1Q/P.

Standard and Extended Access Control Lists will be configured and applied to router interfaces to filter traffic based on IP address and/or traffic type.

Students will configure static and dynamic NAT to route between private and public networks and cover the theory of Virtual Private Networks (VPN's)

Students will copy router configurations and IOS images to/from a TFTP Server. Privileged commands will be used to debug TCP/IP protocols to ensure proper operation of the routers. Students will also perform password recovery operations.

The course is primarily aimed at IP v4 but does give an overview of IP v6 addressing and covers migration from an IP v4 to an IP v6 network. Other protocols and technologies (VPN's / Wireless) may be demonstrated if time permits.

Course can be customised to precise requirements of customer.

Audience:

This course is suitable for anyone looking for a basic understanding of internetworking with Cisco devices and covers the CCNA syllabus.

Course is approximately 50% practical

A 4 day instructor-led practical course designed to familiarise delegates with the Cisco ASA Firewall CLI and ASDM. The course details the key commands used to configure and secure networks using the ASA Firewall with v8 of the operating system and version 6 of the ASDM.

Delegates will configure the ASA using the console port, TFTP server, telnet and SSH using local and RADIUS authentication. The device will be configured to utilise Syslog and SNMP.

ASA Firewalls will also be configured to use Access-Lists, Network Address Translation and VPN's utilising IPSec protocols. The course will cover the theory of Public/Private Keys, shared secret keys and their use in forming Site to site VPN's between ASA Firewalls using IKE and IPSec. Students will configure the units to create site to site VPN's, remote access VPN's using the Cisco Secure VPN Client and Web VPN's. The course will cover the theory of failover and delegates will configure Active/Standby failover on the ASA.

Privileged commands and protocol analyser traces will be used, where necessary, to debug protocols and ensure proper operation of the ASA Firewall. Students will also perform password recovery operations.

This course will involve interfacing the ASA with other network equipment, such as routers and switches, as would be expected in a network environment.

Audience:

Course is suitable for anyone involved in ASA firewall configuration and network security

Course is approximately 50% practical

The course consists of two complementary parts – a theoretical and a practical one. The first is a one day introduction covering motivation, philosophy, fundamentals and rules of operation of the SIP protocol and ways it is used to implement telecom services with focus on IP telephony and VoIP. The second two-day part enables participants to learn practical aspects of service operation within a framework of hand-on laboratory exercises giving detailed insight into configuration of components of SIP telephony architecture, SIP signalling at both message sequence chart and internal message structure levels, and assists in understanding of typical problems and troubleshooting including security and telecom fraud aspects. The trainers will share their experience in launching, operation and management of SIP telephony covering also virtualization and cloud based solutions. Practical part is presented using both SIP hardphones and softphones and IP telephony servers (Asterisk and Freeswitch). Participants can take advantage of the fact trainers have got rich technical and business experience in IP telephony and submit their own problems and questions. They will be included in the agenda at wrap-up as a supplement to the training to meet current urgent needs of clients. Training is addressed to participants with basic knowledge and experience in telecom services – specifically in VoIP and IP networking.

SD-WAN is a software-defined approach to managing a WAN (Wide Area Network).

This instructor-led, live training (online or onsite) is aimed at engineers who wish to use Cisco SD-WAN products to set up and operate a software defined network.

By the end of this training, participants will be able to:

• Install and configure a Cisco SD-WAN.
• Create policies to control network traffic.
• Understand and implement overlay routing.
• Simplify the management of the network used for public cloud applications.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

EC-Council’s CCISO Program has certified leading information security professionals around the world. A core group of high-level information security executives, the CCISO Advisory Board, contributed by forming the foundation of the program and outlining the content that would be covered by the exam, body of knowledge, and training. Some members of the Board contributed as authors, others as exam writers, others as quality assurance checks, and still others as trainers. Each segment of the program was developed with the aspiring CISO in mind and looks to transfer the knowledge of seasoned professionals to the next generation in the areas that are most critical in the development and maintenance of a successful information security program.

The Certified CISO (CCISO) program is the first of its kind training and certification program aimed at producing top-level information security executives. The CCISO does not focus solely on technical knowledge but on the application of information security management principles from an executive management point of view. The program was developed by sitting CISOs for current and aspiring CISOs.

This course gives you a broad fundamental knowledge for all networking careers. Learn how to 

• install, operate, configure, and verify basic IPv4 and IPv6 networks
• configure network components such as switches, routers, and wireless LAN controllers; 
• manage network devices; and
• Identify basic security threats. 
The course also gives a foundation in network programmability, automation, and software-defined 
networking.

After taking this course, you should be able to:

• Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
• Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts
• Troubleshoot Layer 2 connectivity using VLANs and trunking
• Implementation of redundant switched networks using Spanning Tree Protocol
• Troubleshooting link aggregation using Etherchannel
• Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP)
• Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6
• Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking
• Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP)
• Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT)
• Describe the virtualization technology of servers, switches, and the various network devices and components
• Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP)
• Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards
• Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture
• Describe wireless roaming and location services
• Describe how APs communicate with WLCs to obtain software, configurations, and centralized management
• Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC
• Troubleshoot wireless client connectivity issues using various available tools
• Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager
• Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting
• Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP
• Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits
• Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features
• Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience
• Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways
• Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane
• Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points
• Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network
• Explain basic Python components and conditionals with script writing and analysis
• Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF
• Describe APIs in Cisco DNA Center and vManage

This class will help you:

• Deploy high-availability email protection against the dynamic, rapidly changing threats affecting your organization
• Gain leading-edge career skills focused on enterprise security

Objectives

After taking this course, you should be able to:

• Describe and administer the Cisco Email Security Appliance (ESA)
• Control sender and recipient domains
• Control spam with Talos SenderBase and anti-spam
• Use anti-virus and outbreak filters
• Use mail policies
• Use content filters
• Use message filters to enforce email policies
• Prevent data loss
• Perform LDAP queries
• Authenticate Simple Mail Transfer Protocol (SMTP) sessions
• Authenticate email
• Encrypt email
• Use system quarantines and delivery methods
• Perform centralized management using clusters
• Test and troubleshoot

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at advanced-level network professionals who wish to gain a deeper understanding of Cisco Enterprise Network and pass the CCNP certification exam.

By the end of this training, participants will be able to:

• Understand the architecture and components of Cisco enterprise networks.
• Implement and troubleshoot advanced routing technologies and secure enterprise LAN and WAN networks.
• Configure and manage Cisco SD-WAN solutions for enterprise networks.
• Design enterprise networks with an emphasis on scalability, security, and availability.
• Take the CCNP Certification Exam with confidence.

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at intermediate-level network administrators who wish to learn how to implement, configure, and optimize ISE for effective network security.

By the end of this training, participants will be able to:

• Deploy Cisco ISE in various network environments, considering best practices, hardware, and software requirements.
• Implement network profiling to identify and classify connected devices.
• Manage authorization and access control.
• Configure posture policies, remediation actions, and compliance modules.

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at intermediate-level network engineers who wish to gain the skills and knowledge necessary to effectively administer, manage, and optimize Cisco Unified Communications Manager (CUCM) v12.x.

By the end of this training, participants will be able to:

• Understand CUCM architecture and deployment.
• Learn how to install, set up, and perform initial configurations of CUCM, including the setup of users, devices, and basic network settings.
• Implement and manage call routing.
• Perform system maintenance and troubleshooting.

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at intermediate-level network security professionals who wish to learn how to implement and configure Cisco ISE to enhance the security posture of their network infrastructure.

By the end of this training, participants will be able to:

• Understand Cisco ISE architecture and access control capabilities.
• Implement basic network access control and advanced network access control.
• Configure and manage TACACS+ for device administration, command authorization, and role-based access control.

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at intermediate-level network professionals who wish to implement and secure wireless networks within an enterprise environment using Cisco equipment and technologies.

By the end of this training, participants will be able to:

• Design and Implement FlexConnect Architectures.
• Implement Quality of Service in a wireless network environment.
• Configure and troubleshoot multicast in a wireless network.
• Implement security for wireless client connectivity.

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at intermediate-level network professionals who wish to achieve more agile, secure, and efficient networks that align closely with their business objectives and adapt to changing needs and threats dynamically.

By the end of this training, participants will be able to:

• Understand the fundamentals of Intent-Based Networking.
• Implement network automation and integrate security in the Intent-Based Network.
• Use analytics for network monitoring and how assurance can provide insights into network performance and user experience.
• Designing and deploying an IBN that meets business requirements and operational objectives.

This instructor-led, live training in Saudi Arabia (online or onsite) is aimed at expert-level network professionals who wish to prepare for the CCNA Routing & Switching certification exam.

By the end of this training, participants will be able to:

• Develop a comprehensive understanding of networking fundamentals.
• Master IP connectivity and understand WAN technologies.
• Secure network devices using Access Control Lists (ACLs), VPNs, and other security protocols to prevent unauthorized access and threats.
• Prepare for the CCNA Routing & Switching Certification exam.