Cisco Certified Internetwork Expert Security Version 4

The Cisco Certified Internetwork Expert Security (CCIE Security), one of the best certification of the industry, It gives expert’s capability to configure complex end-to-end secure networks, troubleshoot integrated environments and develop strong Network Configuration and Security.Network Ace gives you large environment for LAB and Practical Work. The experts are deployed into the most technical challenging environment.

 CCIE Security V4 Course Outline

 

  System Hardening and Availability

  • Routing plane security features (e.g. protocol authentication, route filtering)
  • Control Plane Policing
  • Control Plane Protection and Management Plane Protection
  • Broadcast control and switchport security
  • Additional CPU protection mechanisms (e.g. options drop, logging interval)
  • Disable unnecessary services
  • Control device access (e.g. Telnet, HTTP, SSH, Privilege levels)
  • Device services (e.g. SNMP, Syslog, NTP)
  • Transit Traffic Control and Congestion Management

Threat Identification and Mitigation

  • Identify and protect against fragmentation attacks
  • Identify and protect against malicious IP option usage
  • Identify and protect against network reconnaissance attacks
  • Identify and protect against IP spoofing attacks
  • Identify and protect against MAC spoofing attacks
  • Identify and protect against ARP spoofing attacks
  • Identify and protect against Denial of Service (DoS) attacks
  • Identify and protect against Distributed Denial of Service (DDoS) attacks
  • Identify and protect against Man-in-the-Middle (MiM) attacks
  • Identify and protect against port redirection attacks
  • Identify and protect against DHCP attacks
  • Identify and protect against DNS attacks
  • Identify and protect against MAC Flooding attacks
  • Identify and protect against VLAN hopping attacks
  • Identify and protect against various Layer2 and Layer3 attacks
  • NBAR
  • NetFlow
  • Capture and utilize packet captures

Intrusion Prevention and Content Security
IPS 4200 Series Sensor Appliance

  • Initialize the Sensor Appliance
  • Sensor Appliance management
  • Virtual Sensors on the Sensor Appliance
  • Implementing security policies
  • Promiscuous and inline monitoring on the Sensor Appliance
  • Tune signatures on the Sensor Appliance
  • Custom signatures on the Sensor Appliance
  • Actions on the Sensor Appliance
  • Signature engines on the Sensor Appliance
  • Use IDM/IME to the Sensor Appliance
  • Event action overrides/filters on the Sensor Appliance
  • Event monitoring on the Sensor Appliance

VACL/SPAN & RSPAN on Cisco switches

WSA

  • Implementing WCCP
  • Active Dir Integration
  • Custom Categories
  • HTTPS Config
  • Services Configuration (Web Reputation)
  • Configuring Proxy By-pass Lists
  • Web proxy modes
  • App visibility and control

Identity Management
Identity Based Authentication/Authorization/Accounting

  •  Cisco Router/Appliance AAA
  •  RADIUS
  •  TACACS+

Device Admin (Cisco IOS Routers, ASA, ACS5.x)
Network Access (TrustSec Model)

  •  Authorization Results for Network Access (ISE)
  •  802.1X (ISE)
  •  VSAs (ASA / Cisco IOS / ISE)
  •  Proxy-Authentication (ISE/ASA/Cisco IOS)

Cisco Identity Services Engine (ISE)

  •  Profiling Configuration (Probes)
  •  Guest Services
  •  Posture Assessment
  •  Client Provisioning (CPP)
  •  Configuring AD Integration/Identity Sources

Perimeter Security and Services

  • Cisco ASA Firewall
  • Basic firewall Initialization
  • Device management
  • Address translation (nat, global, static)
  • Access Control Lists
  • IP routing/Route Tracking
  • Object groups
  • VLANs
  • Configuring Etherchannel
  • High Availability and Redundancy
  • Layer 2 Transparent Firewall
  • Security contexts (virtual firewall)
  • Modular Policy Framework
  • Identity Firewall Services
  • Configuring ASA with ASDM
  • Context-aware services
  • IPS capabilities
  • QoS capabilities

Cisco IOS Zone Based Firewall

  • Network, Secure Group and User Based Policy
  • Performance Tuning
  • Network, Protocol and Application Inspection

Perimeter Security Services

  • Cisco IOS QoS and Packet marking techniques
  • Traffic Filtering using Access-Lists
  • Cisco IOS NAT
  • uRPF
  • PAM - Port to Application Mapping
  • Policy Routing and Route Maps

Confidentiality and Secure Access

  • IKE (V1/V2)
  • IPsec LAN-to-LAN (Cisco IOS/ASA)
  • Dynamic Multipoint VPN (DMVPN)
  • FlexVPN
  • Group Encrypted Transport (GET) VPN

Remote Access VPN

  • Easy VPN Server (Cisco IOS/ASA)
  • VPN Client 5.X
  • Clientless WebVPN
  • AnyConnect VPN
  • EasyVPN Remote
  • SSL VPN Gateway

VPN High Availability
QoS for VPN
VRF-aware VPN
MacSec
Digital Certificates (Enrollment and Policy Matching)

Wireless Access

  •  EAP methods
  •  WPA/WPA-2
  •  WIP

 

Prerequisites

  • The candidates must first pass a written qualification exam and then the corresponding hands-on lab exam
  • Candidates are expected to have an in-depth knowledge on the blueprint
  • Candidates are strongly encouraged to have three to five years of job experience before attempting CCIE Security certification

 Examination

  • Written Exam 350-018 :The written exam is a two-hour, multiple choice test with 100 questions covering areas such as security protocols, operating systems, application protocols, security technologies, and Cisco security applications.
  • Lab Exam:The CCIE Security lab exam is an eight-hour exam. Each question on the lab has specific criterion and tests your ability to get a secure network running in a timed test situation. The initial attempt of the CCIE lab exam should be made within 18 months of passing the CCIE written exam. The lab exam should be cleared within three years of passing the written exam failing which you must retake the written exam before being allowed to attempt the lab exam again.

CCIE Security V4 Training Fee and Duration

Track

Regular Track

(Mon-Fri)

Fast Track

(Mon-Fri)

Weekend

(Sat & Sun)

Duration

Hours

3 Months

2 Hrs

1.5 Months

4-5 Hrs

5 Months

4-5 Hrs

Training fee

80,000/-

80,000/-

80,000/-

 Facilities 

  • Biggest Cisco/Networking Labs in Central India.
  • 24x7 lab facility. As Labs are open for whole day and night for practice.
  • All Practicals will be done on Real Devices
  • Each student will get Separate Devices to practice.
  • CCIE Certified Trainers, with over 4 years of experience.
  • Live Projects available, for better industrial Exposure
  • Free Sessions on Spoken English/Personality development
  • Incomparable Infrastructure in Networking Training Industry
  • Technical Sessions on every Saturday to improve Technical and Interview skills
  • 24x7 approachablel CCIE Certified Trainer.
  • Study Material - Self Study Workbooks +Text books+ online Lab access + Live Lab practice + Audio Lectures + Lab Video on Demand + Audio Lecture.
  • Special Presentation and Interview Preparation sessions to improve Presentation skills.
  • Hostel Facilities also available at Rs2,000/month.
  • Payment options: Check, Cash Debit Card and  Net Banking

 Group Discount Available

Contact Us

latest news

  • New Location

    13/08/2016 18:15:49
    Network Ace

    Our New Address

    Network Ace, Indore
    34,Ratnalok Colony,Scheme No.53,
    Behind Vijay Nagar Power House,
    Vijay Nagar Square,Indore.
    Contact: 8889935005, 0731-4001805

     

  • CCNA New Batches

    16/09/2016 03:40:10
    Network Ace

    31st Aug'17 Morning 08:30 AM To 09:30 AM.

    01st Sep'17 Evening  07:00 PM To 08:00 PM. 

     

  • CCNP New Batch

    11/02/2017 10:54:14
    Network Ace

    05th Sep'17 Evening  05:00 PM To 07:00 PM. 

    For more information contact us.

  • Batch On Demand

    02/03/2017 16:26:06
    Network Ace

    Candidates can also chose batch timings according to their convenience. Visit us for more information.

Testimonials

  • Had a great time in CCNA with Network Ace,Now doing CCNP.Trainers are very friendly,helpful and hardworking.

    Ravjeet Khanjua | Working in USA
  • I have done CCNP from Network Ace, Best Institute I can find in Indore

    Mohit Bansal
  • I googled "CCIE in Indore" and Network Ace Popped up, I immidiately contacted and got prompt response, currently pursuins course with them

    Rajeev
  • I am preparing CCNP(R&S) from Network Ace, getting good knowledge in theory and practicals.

    Rajendra Bankhede (Velocis System Pvt. Ltd.)
  • Anybody can be a Network Engineer if get trained by Network Ace.Very helpful

    Ashish placed in HCL
  • Hi,Currently getting training in CCNA. My experience with Network Ace is great.Excellent faculty to train students

    Akash Jain (Patel College of Engineering)
  • Great learning experience in CCNA now doing CCNP, Excellent faculty

    Preetesh Patel(Globus Infocom)
  • Hello,I am doing CCNA.Trainers are working with original LABS,very helpful and knowledgeable. (Priyesh-Indus Towers Ltd)

    Congratulations for placement in Indus Towers
  • Congratulations to our latest Cisco Certified Students...!!! Neha - 840/1000 Shivani - 940/1000 Yogendra - 1000/1000 Swati Chouhan - 980/1000 Salim - 940/1000 Anupam Khare - 1000/1000 Khoj Madarwala - 960/1000 Mayank Singh - 856/1000 Rohit Patil - 920/1000 Shakir - 890/1000 Bhavesh - 910/1000 Ankit Gupta - 1000/1000

    CISCO Certified Students
Contact Us