KB CCIE Security
Cybersecurity is one of the most critical fields in the IT industry, with a constantly growing need for security professionals. These weekend Live Classes conducted by Khawar Butt will give you the knowledge and skills to master the technologies detailed in the CCIE Security v6.1 curriculum. The course covers Security Technologies from scratch. Technologies covered include VPNs, Firewalls (ASA,FTD & Zone-based), ISE, ESA, WSA, & SDA. The course also comes with a Comprehensive CCIE Security v6.1 Workbook. The Workbook contains Technology labs and a Full Mock Lab. All technology labs will be demonstrated and performed during the class including a special 8 hour long Super Lab.
What’s included
THE ONLY COMPLETE CCIE SECURITY v6.1 COURSE ONLINE!
Classes start on Jul 13, 2024 at 1700 UTC / 1:00pm New York / 9:00pm Dubai time
CCIE Security Super Lab including the Super Lab workbook included in the purchase
40 hours of KCloud 2.0, 20 hours of SDA lab and 24 hours of Super Lab practice hours included in the purchase (Sole class on the internet with this feature!)
The detailed online LIVE classes will last 4 hours each
The Workbook contains 100+ Technology Labs & Super Lab
Each Lab will be demonstrated
One-year access to class recordings and future CCIE Security Live classes included in the purchase
Subscribers sign-in for $750
Outcome
Upon course completion, students will be able to:
- Design, Initialize & Configure the ASA Firewall 9.X
- Design, Initialize & Configure the Firepower Threat Defence (FTD) Firewall
- Design, Initialize & Configure Zone-based Firewalls
- Configure VPNs using IPSec, mGRE & DMVPN
- Configure IKEv2 based VPNs
- Configure Advanced VPNs like GET VPN, Flex VPNs & SSL VPNs
- Design, Initialize & Configure the E-Mail Security Appliance (ESA)
- Design, Initialize & Configure the Web Security Appliance (WSA)
- Design, Initialize & Configure a Controller-based Wireless LAN
- Design, Initialize & Configure Endpoint Security using ISE
- Configure Device Administration using TACACS+ & ISE
- Implementing SDA
- Design & Configure Umbrella
- Configure Router & Switch Security
- Automation using Python Scripting
Prerequisites
Before attending this course students should have some prior knowledge of Routing and Switching Concepts. Security Technologies will be taught from scratch.
Class Outline
Modules
Configuring Virtual Private Networks [VPN]
- IPSec Overview
- LAN-to-LAN IPSec VPNS [with NAT-T & without NAT-T]
- GRE, GRE/IPSEC
- Static-Virtual Tunnel interface [S-VTI]
- Advanced VPNs
- DMVPN
- GET VPN
- VRF-Aware VPNs
- VPNs using Certificates with Router as a CA Server
- IKEv2 VPNs
- D-VTI /S-VTI based Site-To-Site VPN
- D-VTI /S-VTI based Spoke-to-Spoke using NHRP
Firewalls – ASA (Basic Configuration)
- Interface Configuration
- Security Levels
- Management [Telnet / SSH]
- Routing [RIPv2, EIGRP, EIGRP, BGP]
Firewalls – ASA (NAT)
- Dynamic NAT
- Static NAT
- Dynamic PAT
- Static PAT
- Destination NAT
- Manual NAT/Twice-NAT
- Access Policies
Firewalls – ASA (Transparent Firewall)
- Initialization
- Access policies/Routing Protocol Access
- Ethertype ACLs
Firewalls – ASA (Redundancy)
- Redundant Interfaces
- Port-channels
- Security Contexts [Virtual Firewalls]
- Failover
- Active/Standby
- Active/Active
- Clustering
- Spanned Mode
- Individual Interface Mode
Firewalls – ASA (VPNs)
- Site-to-Site IPSec
- Remote access
- SSL
Firewalls – Firepower Threat Defence [FTD] (Basic Configuration)
- FMC & FTD Integration
- Interface configuration
- Routing [Static Routing, RIPv2, OSPF, BGP]
- NAT [Dynamic/Static NAT, Dynamic/Static PAT, Destination -NAT, Manual NAT]
Firewalls – FTD (Advanced Features)
- Geolocation Filtering
- URL Filtering
- Application Visibility Controls (AVC)
- Intrusion Policies
- Loggin Alerting
- File Policies / Network AMP
Firewalls – FTD (Redundancy)
- Active - Standby Failover - High Availability
- Multi-Instance Overview
Firewalls – FTD (Transparent Firewalls)
- Initialization
- Access Policies
Content Filtering using WSA & ESA (WSA)
- Initialization
- Integration with Routers/Switches/Firewall using WCCP
- Configuring traffic policies
- Configuring custom categories
Content Filtering using WSA & ESA (ESA)
- Initialization
- Integration with E-mail servers and DNS
- Configuring Mail flow policies
- Configuring outgoing mail filters
- Configuring incoming mail filters
Basic Wireless LAN Configuration
- Configuring the base network
- Configure the switches for the base network
- Configure DHCP server
- WLC Configuration
- Initialization of the WLC
- Configuring VLAN interfaces
- Configuring WLANs
Identity Management using ISE (Wired ISE)
- Configuring the relationship between Switch & ISE
- Configuring Identity groups and users
- Configuring Dot1x authentication with VLAN assignment and DACL
- Configuring MAB for IP Phone
Identity Management using ISE (Wireless ISE)
- Configuring the relationship between WLC & ISE
- Configuring Dot1x authentication with VLAN assignment
- Configuring SXP between ISE, WLC & Firewall to implement filtering using SGT
Identity Management using ISE (Device Administration)
- Router/Switch Authentication
- Router/Switch Exec & Command authorization
- Router/Switch Accounting
Software Defined Access (SDA)
- Overview of SDA and its components
- Fabric Setup using Manual method
- Fabric Setup using LAN Automation
- Configuring the Fabric (Host Onboarding & L3 Handoff)
- Configuring the Fusion Router to support Macro Segmentation
- Configuring Micro Segmentation using SGTs using ISE
Router / Switch Security (Router Security)
- NTP
- uRPF
- DHCP server / DHCP Relay Agent
- Syslog
Router / Switch Security (Switch Security)
- Port-security
- DHCP snooping
- ARP Inspection
- Source guard
- VLAN ACL