Re: CCIE Sec v4

Samarth,

You don't think it's enough?

On Mon, Nov 26, 2012 at 6:18 PM, Samarth Chidanand
<samarth_04_at_hotmail.com>wrote:

> http://www.netmetric-solutions.com/about_us/ccie_security.html
>
>
> Best Wishes.
> C SAMARTH
> CCIE #18535 (R&S , Security)
>
>
> Date: Mon, 26 Nov 2012 15:56:53 -0600
> Subject: Re: CCIE Sec v4
> From: tenge911_at_gmail.com
> To: samarth_04_at_hotmail.com
> CC: ccielab_at_groupstudy.com
>
> Hi there, this looks great. Can you please send me the link again, in all
> of
> this email MADNESS about what you are allowed and not allowed to do, I have
> lost the actul link. Please share the link for this new security course as
> none of the other vendors have anything yet.
> I for one, appreciate you small plug. Its easy to ignore one email, much
> harder to ignore 50. Christian
>
> On Sun, Nov 25, 2012 at 3:32 AM, Samarth Chidanand <samarth_04_at_hotmail.com
> >
> wrote:
>
> 10 Day Advance Technology Bootcamp for CCIEv4 - Bootcamp contents and Vol 1
>
>
> workbooknetmetric-solutions.com
>
> Module 1: ASA FirewallASA Initialization (Include redundant interface &
> ether
>
> channeling)Static and Default Routing With Route TrackingRouting on ASA
>
> (Unicast & Multicast)Management Access & Setup (SSH, Telnet, ASDM)DHCP
>
> Configuration & Relay ConfigurationTraffic Filtering on ASANetwork Address
>
> Translation (8.2)Network Address Translation (8.4/8.6)Single-Mode
> Transparent
>
> FirewallAdvance Features in Transparent FirewallNAT in Transparent
>
> FirewallApplication Inspection using MPFTCP Normalization using MPFContent
>
> FilteringHigh Availability b Active/Standby (Routed & Transparent
>
> Mode)Multi-Context Routed ModeMulti-Context Transparent ModeHigh
> Availability
>
> b Active/Active (Routed Mode)High Availability b Active/Active
>
> (Transparent Mode)Resource Allocation for ContextsThreat DetectionQoS on
>
> ASAIdentity Based FirewallContext Aware FirewallSystem Management (e.g.,
> SNMP
>
> v3, Logging)Module 2: IOS FirewallBasic ZBF ConfigurationAdvance ZBF
>
> Configuration (Connection Limits)ZBF Application InspectionZBF Rate
>
> LimitingZBF (Transparent Mode)Basic CBACAdvance CBACIOS Content
>
> FilteringPAMAccess Control ListsFlexible Packet MatchingIOS Transparent
>
> Firewall (Basic & Advanced)Module 3: Intrusion Prevention System (IPS)IPS
>
> basic InitializationSwitch Settings for SPAN, RSPAN, TrunkPromiscuous Mode
>
> Settings (Basic & Advance)Inline Mode Settings (Basic & Advance)Configuring
>
> Multiple Virtual SensorsTraffic Analysis Settings for different IPS
>
> ModesTweaking IPS Signatures & ResponsesCreating Custom
> SignaturesConfiguring
>
> Advance Signature ActionsThreat & Risk ManagementConfiguring Event Action
>
> OverridesGlobal correlation and reputation based filteringAnomaly Based
>
> DetectionIPS System ManagementBasic IPS features on ASAEnabling IPS
> software
>
> module ASA 5515-xIOS IPSModule 4: Identity Services Engine (ISE)ISE
>
> InitializationCertificate ManagementActive Directory IntegrationCreating
> NDGs
>
> & Configuring AAA Clients (WLC & Switches)Creating User Identity Groups &
>
> Local Network Access UsersCreating Identity Store SequenceConfiguring the
>
> Switch for 802.1xConfiguring WLC for 802.1xConfiguring Authentication
> Policies
>
> for 802.1xConfiguring Authorization Policies for 802.1x b BasicConfiguring
>
> Authorization Policies for 802.1x b Advanced (With Machine authentication
>
> and Machine Access Restrictions)Configuring switch for 802.1x - Flex Auth
>
> (Order & Priority) + (Different host modes)Configuring & understanding
> 802.1x
>
> Open mode, Low Impact Mode and High Secure modeConfiguring end point
> identity
>
> groups and adding hostsConfiguring authentication & authorization policies
> for
>
> MAB on ISEConfiguring profiler services on ISEConfiguring probes on
>
> NADsConfiguring profiler policies and appropriate authentication &
>
> authorization policiesUnderstanding and configuring Central Web
>
> AuthenticationConfiguring MAB fallback authentication & authorization
> policies
>
> for CWA on ISEConfiguring Guest Services for external guest users on
>
> ISEConfiguring and Tweaking Sponsor & Guess PortalConfiguring ISE for
> Client
>
> Provisioning Services & PoliciesConfiguring ISE for Posture Services &
>
> Policies using NAC and Web Agents.Configuring Switch and ISE with MAC SEC
>
> option for 802.1xUnderstanding and Configuring ISE for Security Group Tags
> -
>
> SGT (Config Only)Configuring inline ISE for VPN Services (iPEP /
>
> iPEN)Configuring ISE for Distributed ArchitectureCut-Through Proxy /
>
> Authentication Proxy using ISE as AAA ServerSystem Management / Monitoring
> and
>
> TroubleshootingModule 5: Access Control Server (ACS)ACS
>
> InitializationConfiguring NAD s for AAA Device Access Administration
>
> (Routers/Switches/ASA) (Telnet, HTTP, SSH, Privilege levels
> etc.)Configuring
>
> NDG and Adding AAA Clients on ACSConfiguring Internal Identity Groups &
> Local
>
> Users, HostsIntegrating with Active DirectoryCertificate Management &
>
> Certificate Authentication Profiles with attribute retrievalCreating
> Identity
>
> Store SequenceConfiguring Policy Elements Parameters for AAA Device
>
> Administration (Shell Profile, Command Authorization Sets, Date and Time,
>
> DACL, Radius Attributes)Configuring Service Selection Policy (SSP) & Access
>
> ServicesConfiguring identity and authorization policies for AAA device
>
> administration (Authentication, Exec and Command authorization)Configuring
>
> policy elements parameters for Network Access AAA (cut-through proxy,
>
> authentication proxy and 802.1x)Configuring identity and authorization
>
> policies for cut through proxyConfiguring identity and authorization
> policies
>
> for 802.1x & MABIOS role based CLI using Local Database and ACSMonitoring,
>
> Reports and System AdministrationModule 6: Web Security Appliance
>
> (WSA)Configure WCCP (Needed for transparent mode of WSA)WSA Initialization
>
> using setup wizardUnderstanding explicit proxy deployment and transparent
>
> proxy deploymentEnable proxy services with basic URL filteringConfiguring
>
> proxy server information in web browsersConfigure acknowledgment and custom
>
> end-user notificationsConfiguring native FTP proxyConfiguring NTLM and LDAP
>
> based authenticationConfiguring authentication based access
>
> policiesConfiguring access policiesConfiguring identitiesConfiguring
>
> authentication exemptionsConfiguring acceptable use policiesConfiguring URL
>
> filtersConfiguring custom URL categoriesConfiguring media bandwidth
>
> limitsConfiguring application visibility and controlConfiguring proxy
> bypass
>
> list for WSA in transparent deploymentEnabling Web Reputation Scores
>
> (WBRS)Configuring anti-malware scanning (DVS, Access Policies, Outbound
>
> Malware Scanning)Configuring HTTPS proxy, HTTP decryption policies and
>
> inspectionConfiguring Iron Port data securityConfiguring Data Loss
> Prevention
>
> (DLP)Understanding and interpreting ACL tags/logsSystem
>
> ManagementUnderstanding L4TM (Brief)Module 7: Virtual Private Network
>
> (VPN)IPSec LAN-to-LAN Tunnel on IOS (Classical & VTI method)IPSec
> LAN-to-LAN
>
> Tunnel between IOS and ASA (WithB and Without NAT-T)IPSec hub and spoke on
>
> ASAIPSec redundancy features (link failure, node failure and SSO)Remote
> access
>
> IPSec VPN on IOS (Classical and DVTI)Remote access IPSec VPN on ASAIPSec
>
> Tunnels using ISAKMP profilesGRE over IPSec using ISAKMP profilesVRF Aware
>
> IPSec (LAN-LAN + Remote Access)CA Certificate Authority and IOS Sub CA
>
> ServerIOS certificate map & IOS DN based crypto mapsTunnel group mapping on
>
> ASAIPSec VPN Tunnels using IOS CADMVPN Phase-2 & Phase-3VRF Aware
> DMVPNDMVPN
>
> Phase-3 with hierarchical hubsGET VPN & Advance GET VPNFlexVPN (IKE v2)Misc
>
> IPSec Features and Options on IOS and ASAClientless SSL VPN on IOS and
>
> ASAAnyConnect BasicAnyConnect AdvancedRemote Access VPN authentication
> using
>
> AAA serverModule 8: System Hardening and AvailabilityRouting protocol
> security
>
> featuresControl Plane Protection and Management Plane ProtectionBroadcast
>
> control and switchport securityAdditional CPU protection mechanisms
> (options
>
> drop, logging interval)Disable unnecessary servicesDevice system services
>
> (SNMP, Syslog, NTP)Transit Traffic Control and Congestion ManagementModule
> 9:
>
> Threat Identification and MitigationMitigate or prevent fragmentation
>
> attacksMitigate or prevent against malicious IP option usageMitigate or
>
> prevent network reconnaissance attacksMitigate or prevent IP spoofing
>
> attacksMitigate or prevent MAC spoofing attacksMitigate or prevent ARP
>
> spoofing attacksMitigate or prevent DoS and DDoS attacksMitigate or prevent
>
> Man-in-the-Middle (MiM) attacksIdentify and protect port redirection
>
> attacksMitigate or prevent DHCP attacksMitigate or prevent DNS
> attacksMitigate
>
> or prevent MAC Flooding attacksMitigate or prevent VLAN hopping
>
> attacksMitigate or prevent various common Layer2 and Layer3 attacksUsing
> NBAR
>
> to mitigate network attacks on IOSNetFlow as attack mitigation tool on IOS
> and
>
> ASA
>
>
>
> Best Wishes.
>
> C SAMARTH
>
> CCIE #18535 (R&S , Security)
>
>
>
>
>
> Blogs and organic groups at http://www.ccie.net
>
>
>
> _______________________________________________________________________
>
> Subscription information may be found at:
>
> http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
>

-- 
*Narbik Kocharians
*CCSI#30832, CCIE# 12410 (R&S, SP, Security)
*www.MicronicsTraining.com* <http://www.micronicstraining.com/>
Sr. Technical Instructor
YES! We take Cisco Learning Credits!
A Cisco Learning Partner
Blogs and organic groups at http://www.ccie.net