Cisco Certified Network Associate Security (CCNA Security) validates associate-level knowledge and skills required
to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required
to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.
The CCNA Security curriculum emphasizes core security technologies, the installation, troubleshooting and monitoring of
network devices to maintain integrity, confidentiality and availability of data and devices, and competency in the
technologies that Cisco uses in its security structure.
Candidate who has completed any Cisco course or 1 Yrs of experience as networking Administrator.
About the training
The course focuses on security principles and technologies, using Cisco security products to provide hands-on examples.
Using instructor-led discussions, extensive hands-on lab exercises, and supplemental materials, this course allows
learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular
security appliances within a “real-life” network infrastructure .CCNA Security certified professional is able to create
a security infrastructure using Cisco network devices - acquire skills to install and supervise network devices;
recognize and control threats to the security structure.
At course completion
Upon completion of the course, students will have the knowledge and skills to:
Describe common network security concepts.
Secure routing and switching infrastructure.
Deploy basic authentication, authorization and accounting services.
Deploy basic firewalling services.
Deploy basic site-to-site and remote access VPN services.
Describe the use of more advanced security services such as intrusion protection,
content security and identity management.
Common Security principles
Describe confidentiality, integrity, availability (CIA), Describe SIEM technology,
Identify common security terms, Identify common network security zones.
Common security threats
Identify common network attacks, Describe social engineering, Identify malware,
Classify the vectors of data loss/exfiltration.
Describe key exchange, Describe hash algorithm, Compare and contrast symmetric
and asymmetric encryption, Describe digital signatures, certificates, and PKI.
Describe network topologies
Campus area network (CAN), Cloud, wide area network (WAN), Data center, Small office/home office (SOHO),
Network security for a virtual environment.
Compare in-band and out-of band, Configure secure network management, Configure and verify secure access through
SNMP v3 using an ACL, Configure and verify security for NTP, Use SCP for file transfer.
Describe RADIUS and TACACS+ technologies, Configure administrative access on a Cisco router using TACACS+,
Verify connectivity on a Cisco router to a TACACS+ server, Explain the integration of Active Directory with AAA,
Describe authentication and authorization using ACS and ISE.
Identify the functions 802.1X components.
Describe the BYOD architecture framework, Describe the function of mobile device management.
Describe IPsec protocols and delivery modes (IKE, ESP, AH, tunnel mode, transport mode), Describe hairpinning,
split tunneling, always-on, NAT traversal.
Network-based IPS vs. host-based IPS, Modes of deployment (inline, promiscuous - SPAN, tap), Placement
(positioning f the IPS within the network), False positives, false negatives, true positives, true negatives.