9 de set. de 2019

CCIE SEC LAB VERSION 5 - Completo (Servidor + Material)


Agora, quem pretende se preparar para o Exame de Lab do CCIE Security versão 5 pode contar com o primeiro Servidor EVE da linha Premium do NETFINDERSBRASIL.

Beneficios:
- Memória RAM e CPU atualizados para suprir as necessidades do Lab de CCIE SEC
- Uso restrito - máximo de 10 Assinantes para garantir performance na execução dos Labs
- Todas as imagens dos elementos cobrados no Exame CCIE SEC pré-instaladas
- Workbook completo com dezenas de Labs - todos voltados para o conteúdo exigido pelo Exame

Investimento: R$ 200,00 mensais

Maiores informações pelo e-mail: adilson.aflorentino@gmail.com

Table of Contents


Virtual Private Networks [VPN]

Module 1 - Basic VPNs
- LAN-To-LAN Tunnel without NAT-T
- LAN-To-LAN Tunnel with NAT-T
- Point-to-Point GRE
- Encrypting GRE Tunnels using IPSec
- Configuring a Native IPSec Tunnel Interface using Static-Virtual Tunnel Interface (S-VTI)

Module 2 – Advanced VPNs
- Multipoint GRE (mGRE) Tunnel
- Configuring DMVPN – Phase I
- Configuring DMVPN – Phase II
- Configuring DMVPN – Phase III
- Configuring DMVPN Phase III with Dual Hub
- Encrypting DMVPN Traffic using IPSec
- Configuring GETVPN
- Configuring GETVPN with Redundancy
- Configuring VRF aware VPN
- Configuring a Router as a CA Server
- EZVPN – Client Mode
- EZVPN – Network Extension Mode

Module 3 – Configuring VPNs using IKEv2
- Site-To-Site IPSec VPN using IKEv2 – Crypto Maps
- Site-To-Site IPSec VPN using IKEv2 – S-VTI

Module 4 – Configuring Flex VPNs
- Site-To-Site IPSec VPN using Flex VPN
- Spoke-To-Spoke IPSec VPN using Flex VPN
- Server – Client IPSec Flex VPN

Configuring Router & Switch Security Features


Module 1 – Control Plane Management
- Configuring Control Plane Policing
- Configuring Control Plane Protection for Port Filtering

Module 2 – Configuring Router Security Features
- Configuring Anti-Spoofing ACLs & the RPF Feature
- Configuring NTP with Authentication
- Configuring the Router for SNMP
- Blocking Unwanted Services on the Router
- Configuring Syslog Settings

Module 3 – Configuring Switch Security Features
- Configuring the Port-Security Feature on the Switch
- Preventing the Rogue DHCP Server Attack using the DHCP Snooping Feature
- Configuring Static ARP Inspection Using an ARP ACL
- Configuring Dynamic ARP Inspection (DAI)
- Configuring the Source Guard Feature Configuring VLAN ACL’s

Module 4 – Configuring IPv6
- Configuring IPv6 with RIPng
- Configuring IPv6 with EIGRP
- Configuring IPv6 with OSPFv3
- Configuring IPv6 in IPv4 Tunnel
- Configuring a IPSec S-VTI Tunnel – IPv6

Configuring Firewalls, Intrusion Prevention & AMP

Module 1 – Basic ASA Configurations on 9.X
- Initializing the FW
- Static and Default Routes
- Running RIP v2
- Running OSPF
- Running EIGRP
- Configuring Management Protocols

Module 2 – NAT & ACLs on 9.X
- Configuring Basic NAT Operations
- Configuring Static NAT, Static Identity NAT & Static PAT
- Configuring Destination NAT
- Configuring Twice-NAT
- Access Control

Module 3 – Configuring High Availability Features
- Interface Redundancy
- Route Tracking using SLA Monitor
- Active/Standby Failover
- Stateful Failover
- Security Contexts on the ASA using Shared Interface
- Active/Active Failover
- Port Channels
- Clustering – Interface Interface Mode
- Clustering – Spanning Interface Mode

Module 4 – Deep Packet Inspection
- Configuring System L7 Deep Packet Inspection
- Configuring User Defined L7 Deep Packet Inspection
- Configuring TCP Normalization

Module 5 – Transparent Firewalls on 9.X
- Configuring a Transparent Firewall
- Configuring Management on a Transparent FW
- ACL’s in Transparent Mode
- Configuring NAT on a Transparent Firewall

Module 6 – Configuring the Firewall Component of FTD
- Initial Configuration of FTD & FMC from CLI
- Registering & Initializing the FTD device on FMC
- FTD Interface Configuration
- Routing Protocol Configuration - Static & Default Routes
- Routing Protocol Configuration – RIP
- Routing Protocol Configuration – OSPF
- Routing Protocol Configuration – BGP
- Configuring Access Control Policies – Basic
- Configuring Access Control Policies - Advanced
- Configuring Dynamic NAT
- Configuring Static NAT
- Configuring Dynamic PAT
- Configuring Static PAT
- Configuring Twice-NAT

Module 7 – Configuring Intrusion Prevention
- Configuring a Balanced Intrusion Prevention Policies
- Tuning an Existing Signature on the Intrusion Policy
- Configuring an Event Filter
- Configuring a Custom Signature
- Configuring Network Discovery Policy
- Configuring an Intrusion Policy based on the Firepower Recommendations

Module 8 – Configuring AMP
- Configure AMP Policies to Block Specific File types
- Configure AMP Policies to Block Files Infected with Malware

Module 9 – Configuring IOS-Based Firewall
- Configuring Zone-based Firewall on a Router
- Configuring Port-maps in Zone-based Firewalls
- Configuring Nested Classes in Zone-based Firewalls

Module 10 – Configuring VPNs on ASA & FTD
- Configuring LAN-TO-LAN IPSec VPN on ASA – IKEv1
- Configuring LAN-TO-LAN IPSec VPN on ASA – IKEv2
- Configuring Remote-Access IPSec VPN on ASA
- Configuring Remote-Access SSL-Based VPN on ASA
- Configuring Clientless SSL VPN on ASA
- Configuring IPSec LAN-TO-LAN VPN on FTD – IKEv1
- Configuring IPSec LAN-TO-LAN VPN on FTD – IKEv2

Configuring ACS 5.X

Module 1 – Configuring ACS for Management Authentication
- Configuring a Router to Authenticate using the ACS Server
- Configuring a Switch to Authenticate using the ACS Server
- Configuring a Firewall to Authenticate using the ACS Server

Module 2 – Configuring ACS for Management Authorization
- Configuring a Router for Exec Authorization Using the ACS
- Configuring a Router for Command Authorization Using the ACS
- Configuring ACS Authentication for HTTP Management on a Router

Module 3 – Configuring ACS for Management Accounting
- Configuring Exec and Command Accounting on a Router
- Configuring Exec Accounting on a Switch
- Configuring Telnet & SSH Connection Accounting

Configuring WLC


Module 1 – Initial Configuration of the WLC & WAP
- Basic Intialization of the Wireless LAN Controller (WLC)
- Basic Configuration of the Wireless Access Point (WAP) Using DHCP

Module 2 – Configuring a Basic Wireless LAN
- Creating VLAN Interface on the WLC
- Configuring WLANs, SSID’s and associating them with VLAN Interfaces – Open Authentication
- Configuring WLANs, SSIDs and associating them with VLAN Interfaces – Static WEP PSK (40-Bit)
- Configuring WLANs, SSIDs and associating them with VLAN Interfaces – Static WEP PSK (104-Bit)
Configuring SSID’s with Web Authentication

Configuring ISE

Module 1 – Configuring ISE to communicate to the Switch & WLC Network Devices
- Preparing the Network for ISE
- Basic Intialization of Identity Service Engine (ISE)
- Associating the Switch with the ISE Appliance
- Intializating & Associating the WLC with the ISE Appliance

Module 2 – Configuring 802.1x using ISE
- Configuring 802.1x Authentication for a Wired Client
- Configuring 802.1x Authentication for a Wired Client with VLAN Assignment
- Configuring 802.1x Authentication for a Wired Client With DACL Assignment
- Configuring 802.1x Authentication for a Wireless Client with VLAN Assignment
- Configuring Wired MAB Authentication with VLAN Assignment
- Configuring Wireless MAB Authentication with VLAN Assignment
- Configuring Wired MAB Authentication for IP Phone & Dot1X for PC behind it

Module 3 – Configuring Posture Validation Using ISE
- Configuring Client Provisioning Resources & Policies
- Configuring Posture Validation based on Operating System & Anti-Virus Requirements
- Configuring Posture Validation based on Operating System & Application Requirements

Module 4 – Configuring Cisco TrustSec with SGT Exchange Protocol [SXP] - Configuring CTS SXP Relationship between ISE & the WLC & ASA Firewall
- Configuring SGT Group Setup on ISE

Module 5 – Configuring ISE for Device Administration
- Configuring a TACACS+ relationship between ISE & Router/Switch
- Configuring ISE to support Device Administration
- Configure the Router & Switch to Use ISE for Authentication & authorization

Configuring Web Security Appliance [WSA]


Module 1 – Initial Configuration of the WSA (Ironport)
- Basic Intialization of the Web Security Appliance (WSA) - Ironport
- Configuring the ASA – WSA Relationship for WCCP
- Configuring the Router – WSA Relationship for WCCP

Module 2 – Configuring Web Filtering Using WSA
- Creating Identities Used for Web Filtering
- Category Based Blocking on the WSA
- Blocking Custom URLs
- Blocking/Premiting Specific Identities
- Time-Based Blocking

Configuring E-Mail Security Appliance [ESA]

Module 1 – Initial Configuration of the ESA (Ironport)
- Initial E-Mail Server and Client Setup in the Network
- Initializing the ESA Appliance from CLI
- Initializing the ESA Appliance from GUI Using the System Setup Wizard
- Configuring the ESA Appliance as a SMTP Relay Agent

Module 2 – Configuring E-Mail Filtering Using ESA
- Configuring Incoming Filters
- Configuring Outgoing Filters

LinkWithin

Related Posts with Thumbnails