Share on Pinterest
Share with your friends

Image Image Image Image Image Image Image Image Image

CCNA Security

Exam 640-554 IINS

CCNA Security: 5 days

The need for competent security specialists is ever-increasing, and this is the first step in learning about how to best develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.

Inquiries & Bookings

Course Overview


This course covers all of the requirements needed to pass the Cisco CCNA Security 640-554 exam. Utilizing our hands-on labs, students will be able to build a solid foundation with Cisco security devices and configuration. ACLs, AAA, VLANs, NAT, PAT, CCP, ASA,VPN, IPS, and more: all the modules and technologies (and acronyms!) needed for exam preparation are covered during this five-day boot-camp. Labs provide students with access to Cisco Adaptive Security Devices (ASAs), 2600 series routers, Catalyst switches, and IPS Sensors. GNS3 will also be available to students on their personal computers, which allows them to continue their configurations and studies after the course is completed.

Prerequisites: Completion of a CCNA Routing and Switching course or prior experience with routers and other network devices is recommended.


Course Outline

Day 1: Common Security Threats with Cisco Routers

  • Describe common security threats.
  • Implement security on Cisco routers.
  • How to secure the control, data, and management planes.
  • Cisco Security Manager
  • Transitioning from IPv4 to IPv6.

Day 2: AAA (Authentication, Authorization, and Accounting) on Cisco Devices

  • What is AAA and why is it useful?
  • Describe AAA and verify functionality.

Day 2: IOS ACLs (Access Control Lists)

  • Describe standard, extended, and named IP IOS ACLs.
  • Considerations when building ACLs and best practices.
  • Implement IP ACLs to mitigate threats in a network.

Day 3: Secure Network Management and Reporting

  • Describe and implement secure network management.
  • Common Layer 2 Attacks.
  • Describe Layer 2 security using Cisco switches.
  • Describe VLAN security.
  • Implement VLANs and trunking.
  • Implement spanning tree.

Day 4: Cisco Firewall Technologies

  • Describe operational strengths and weaknesses of the different firewall technologies.
  • Describe stateful firewalls.
  • Describe the types of NAT used in firewall technologies.
  • Implement zone-based policy firewall using CCP.
  • Implement the Cisco Adaptive Security Appliance (ASA).
  • Implement Network Address Translation (NAT) and Port Address Translation (PAT).

Day 4: Cisco IPS

  • Describe Cisco Intrusion Prevention System (IPS) deployment considerations.
  • Describe IPS technologies.
  • Configure Cisco IOS IPS using CCP.

Day 5: Virtual Private Network (VPN) Technologies

  • Describe the different methods used in cryptography.
  • Describe VPN technologies.
  • Describe the building blocks of IPSec.
  • Implement an IOS IPSec site-to-site VPN with pre-shared key authentication.
  • Verify VPN operations.
  • Implement Secure Sockets Layer (SSL) VPN using ASA device manager.