Re: CCIE Sec v4

Hi there, this looks great. Can you please send me the link again, in all
of this email MADNESS about what you are allowed and not allowed to do, I
have lost the actul link.

Please share the link for this new security course as none of the other
vendors have anything yet.

I for one, appreciate you small plug.

Its easy to ignore one email, much harder to ignore 50.

Christian

On Sun, Nov 25, 2012 at 3:32 AM, Samarth Chidanand
<samarth_04_at_hotmail.com>wrote:

> 10 Day Advance Technology Bootcamp for CCIEv4 - Bootcamp contents and Vol 1
> workbooknetmetric-solutions.com
> Module 1: ASA FirewallASA Initialization (Include redundant interface &
> ether
> channeling)Static and Default Routing With Route TrackingRouting on ASA
> (Unicast & Multicast)Management Access & Setup (SSH, Telnet, ASDM)DHCP
> Configuration & Relay ConfigurationTraffic Filtering on ASANetwork Address
> Translation (8.2)Network Address Translation (8.4/8.6)Single-Mode
> Transparent
> FirewallAdvance Features in Transparent FirewallNAT in Transparent
> FirewallApplication Inspection using MPFTCP Normalization using MPFContent
> FilteringHigh Availability b Active/Standby (Routed & Transparent
> Mode)Multi-Context Routed ModeMulti-Context Transparent ModeHigh
> Availability
> b Active/Active (Routed Mode)High Availability b Active/Active
> (Transparent Mode)Resource Allocation for ContextsThreat DetectionQoS on
> ASAIdentity Based FirewallContext Aware FirewallSystem Management (e.g.,
> SNMP
> v3, Logging)Module 2: IOS FirewallBasic ZBF ConfigurationAdvance ZBF
> Configuration (Connection Limits)ZBF Application InspectionZBF Rate
> LimitingZBF (Transparent Mode)Basic CBACAdvance CBACIOS Content
> FilteringPAMAccess Control ListsFlexible Packet MatchingIOS Transparent
> Firewall (Basic & Advanced)Module 3: Intrusion Prevention System (IPS)IPS
> basic InitializationSwitch Settings for SPAN, RSPAN, TrunkPromiscuous Mode
> Settings (Basic & Advance)Inline Mode Settings (Basic & Advance)Configuring
> Multiple Virtual SensorsTraffic Analysis Settings for different IPS
> ModesTweaking IPS Signatures & ResponsesCreating Custom
> SignaturesConfiguring
> Advance Signature ActionsThreat & Risk ManagementConfiguring Event Action
> OverridesGlobal correlation and reputation based filteringAnomaly Based
> DetectionIPS System ManagementBasic IPS features on ASAEnabling IPS
> software
> module ASA 5515-xIOS IPSModule 4: Identity Services Engine (ISE)ISE
> InitializationCertificate ManagementActive Directory IntegrationCreating
> NDGs
> & Configuring AAA Clients (WLC & Switches)Creating User Identity Groups &
> Local Network Access UsersCreating Identity Store SequenceConfiguring the
> Switch for 802.1xConfiguring WLC for 802.1xConfiguring Authentication
> Policies
> for 802.1xConfiguring Authorization Policies for 802.1x b BasicConfiguring
> Authorization Policies for 802.1x b Advanced (With Machine authentication
> and Machine Access Restrictions)Configuring switch for 802.1x - Flex Auth
> (Order & Priority) + (Different host modes)Configuring & understanding
> 802.1x
> Open mode, Low Impact Mode and High Secure modeConfiguring end point
> identity
> groups and adding hostsConfiguring authentication & authorization policies
> for
> MAB on ISEConfiguring profiler services on ISEConfiguring probes on
> NADsConfiguring profiler policies and appropriate authentication &
> authorization policiesUnderstanding and configuring Central Web
> AuthenticationConfiguring MAB fallback authentication & authorization
> policies
> for CWA on ISEConfiguring Guest Services for external guest users on
> ISEConfiguring and Tweaking Sponsor & Guess PortalConfiguring ISE for
> Client
> Provisioning Services & PoliciesConfiguring ISE for Posture Services &
> Policies using NAC and Web Agents.Configuring Switch and ISE with MAC SEC
> option for 802.1xUnderstanding and Configuring ISE for Security Group Tags
> -
> SGT (Config Only)Configuring inline ISE for VPN Services (iPEP /
> iPEN)Configuring ISE for Distributed ArchitectureCut-Through Proxy /
> Authentication Proxy using ISE as AAA ServerSystem Management / Monitoring
> and
> TroubleshootingModule 5: Access Control Server (ACS)ACS
> InitializationConfiguring NAD s for AAA Device Access Administration
> (Routers/Switches/ASA) (Telnet, HTTP, SSH, Privilege levels
> etc.)Configuring
> NDG and Adding AAA Clients on ACSConfiguring Internal Identity Groups &
> Local
> Users, HostsIntegrating with Active DirectoryCertificate Management &
> Certificate Authentication Profiles with attribute retrievalCreating
> Identity
> Store SequenceConfiguring Policy Elements Parameters for AAA Device
> Administration (Shell Profile, Command Authorization Sets, Date and Time,
> DACL, Radius Attributes)Configuring Service Selection Policy (SSP) & Access
> ServicesConfiguring identity and authorization policies for AAA device
> administration (Authentication, Exec and Command authorization)Configuring
> policy elements parameters for Network Access AAA (cut-through proxy,
> authentication proxy and 802.1x)Configuring identity and authorization
> policies for cut through proxyConfiguring identity and authorization
> policies
> for 802.1x & MABIOS role based CLI using Local Database and ACSMonitoring,
> Reports and System AdministrationModule 6: Web Security Appliance
> (WSA)Configure WCCP (Needed for transparent mode of WSA)WSA Initialization
> using setup wizardUnderstanding explicit proxy deployment and transparent
> proxy deploymentEnable proxy services with basic URL filteringConfiguring
> proxy server information in web browsersConfigure acknowledgment and custom
> end-user notificationsConfiguring native FTP proxyConfiguring NTLM and LDAP
> based authenticationConfiguring authentication based access
> policiesConfiguring access policiesConfiguring identitiesConfiguring
> authentication exemptionsConfiguring acceptable use policiesConfiguring URL
> filtersConfiguring custom URL categoriesConfiguring media bandwidth
> limitsConfiguring application visibility and controlConfiguring proxy
> bypass
> list for WSA in transparent deploymentEnabling Web Reputation Scores
> (WBRS)Configuring anti-malware scanning (DVS, Access Policies, Outbound
> Malware Scanning)Configuring HTTPS proxy, HTTP decryption policies and
> inspectionConfiguring Iron Port data securityConfiguring Data Loss
> Prevention
> (DLP)Understanding and interpreting ACL tags/logsSystem
> ManagementUnderstanding L4TM (Brief)Module 7: Virtual Private Network
> (VPN)IPSec LAN-to-LAN Tunnel on IOS (Classical & VTI method)IPSec
> LAN-to-LAN
> Tunnel between IOS and ASA (WithB and Without NAT-T)IPSec hub and spoke on
> ASAIPSec redundancy features (link failure, node failure and SSO)Remote
> access
> IPSec VPN on IOS (Classical and DVTI)Remote access IPSec VPN on ASAIPSec
> Tunnels using ISAKMP profilesGRE over IPSec using ISAKMP profilesVRF Aware
> IPSec (LAN-LAN + Remote Access)CA Certificate Authority and IOS Sub CA
> ServerIOS certificate map & IOS DN based crypto mapsTunnel group mapping on
> ASAIPSec VPN Tunnels using IOS CADMVPN Phase-2 & Phase-3VRF Aware
> DMVPNDMVPN
> Phase-3 with hierarchical hubsGET VPN & Advance GET VPNFlexVPN (IKE v2)Misc
> IPSec Features and Options on IOS and ASAClientless SSL VPN on IOS and
> ASAAnyConnect BasicAnyConnect AdvancedRemote Access VPN authentication
> using
> AAA serverModule 8: System Hardening and AvailabilityRouting protocol
> security
> featuresControl Plane Protection and Management Plane ProtectionBroadcast
> control and switchport securityAdditional CPU protection mechanisms
> (options
> drop, logging interval)Disable unnecessary servicesDevice system services
> (SNMP, Syslog, NTP)Transit Traffic Control and Congestion ManagementModule
> 9:
> Threat Identification and MitigationMitigate or prevent fragmentation
> attacksMitigate or prevent against malicious IP option usageMitigate or
> prevent network reconnaissance attacksMitigate or prevent IP spoofing
> attacksMitigate or prevent MAC spoofing attacksMitigate or prevent ARP
> spoofing attacksMitigate or prevent DoS and DDoS attacksMitigate or prevent
> Man-in-the-Middle (MiM) attacksIdentify and protect port redirection
> attacksMitigate or prevent DHCP attacksMitigate or prevent DNS
> attacksMitigate
> or prevent MAC Flooding attacksMitigate or prevent VLAN hopping
> attacksMitigate or prevent various common Layer2 and Layer3 attacksUsing
> NBAR
> to mitigate network attacks on IOSNetFlow as attack mitigation tool on IOS
> and
> ASA
>
> Best Wishes.
> C SAMARTH
> CCIE #18535 (R&S , Security)
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Mon Nov 26 2012 - 15:56:53 ART