Agora, quem pretende se preparar para o Exame de Lab do CCIE Security versão 5 pode contar com o primeiro Servidor EVE da linha Premium do NETFINDERSBRASIL.
Beneficios:
- Memória RAM e CPU atualizados para suprir as necessidades do Lab de CCIE SEC
- Uso restrito - máximo de 10 Assinantes para garantir performance na execução dos Labs
- Todas as imagens dos elementos cobrados no Exame CCIE SEC pré-instaladas
- Workbook completo com dezenas de Labs - todos voltados para o conteúdo exigido pelo Exame
Investimento: R$ 200,00 mensais
Maiores informações pelo e-mail: adilson.aflorentino@gmail.com
Table of Contents
Virtual Private Networks [VPN]
Module 1 - Basic VPNs
- LAN-To-LAN Tunnel without NAT-T
- LAN-To-LAN Tunnel with NAT-T
- Point-to-Point GRE
- Encrypting GRE Tunnels using IPSec
- Configuring a Native IPSec Tunnel Interface using Static-Virtual Tunnel Interface (S-VTI)
Module 2 – Advanced VPNs
- Multipoint GRE (mGRE) Tunnel
- Configuring DMVPN – Phase I
- Configuring DMVPN – Phase II
- Configuring DMVPN – Phase III
- Configuring DMVPN Phase III with Dual Hub
- Encrypting DMVPN Traffic using IPSec
- Configuring GETVPN
- Configuring GETVPN with Redundancy
- Configuring VRF aware VPN
- Configuring a Router as a CA Server
- EZVPN – Client Mode
- EZVPN – Network Extension Mode
Module 3 – Configuring VPNs using IKEv2
- Site-To-Site IPSec VPN using IKEv2 – Crypto Maps
- Site-To-Site IPSec VPN using IKEv2 – S-VTI
Module 4 – Configuring Flex VPNs
- Site-To-Site IPSec VPN using Flex VPN
- Spoke-To-Spoke IPSec VPN using Flex VPN
- Server – Client IPSec Flex VPN
Configuring Router & Switch Security Features
Module 1 – Control Plane Management
- Configuring Control Plane Policing
- Configuring Control Plane Protection for Port Filtering
Module 2 – Configuring Router Security Features
- Configuring Anti-Spoofing ACLs & the RPF Feature
- Configuring NTP with Authentication
- Configuring the Router for SNMP
- Blocking Unwanted Services on the Router
- Configuring Syslog Settings
Module 3 – Configuring Switch Security Features
- Configuring the Port-Security Feature on the Switch
- Preventing the Rogue DHCP Server Attack using the DHCP Snooping Feature
- Configuring Static ARP Inspection Using an ARP ACL
- Configuring Dynamic ARP Inspection (DAI)
- Configuring the Source Guard Feature Configuring VLAN ACL’s
Module 4 – Configuring IPv6
- Configuring IPv6 with RIPng
- Configuring IPv6 with EIGRP
- Configuring IPv6 with OSPFv3
- Configuring IPv6 in IPv4 Tunnel
- Configuring a IPSec S-VTI Tunnel – IPv6
Configuring Firewalls, Intrusion Prevention & AMP
Module 1 – Basic ASA Configurations on 9.X
- Initializing the FW
- Static and Default Routes
- Running RIP v2
- Running OSPF
- Running EIGRP
- Configuring Management Protocols
Module 2 – NAT & ACLs on 9.X
- Configuring Basic NAT Operations
- Configuring Static NAT, Static Identity NAT & Static PAT
- Configuring Destination NAT
- Configuring Twice-NAT
- Access Control
Module 3 – Configuring High Availability Features
- Interface Redundancy
- Route Tracking using SLA Monitor
- Active/Standby Failover
- Stateful Failover
- Security Contexts on the ASA using Shared Interface
- Active/Active Failover
- Port Channels
- Clustering – Interface Interface Mode
- Clustering – Spanning Interface Mode
Module 4 – Deep Packet Inspection
- Configuring System L7 Deep Packet Inspection
- Configuring User Defined L7 Deep Packet Inspection
- Configuring TCP Normalization
Module 5 – Transparent Firewalls on 9.X
- Configuring a Transparent Firewall
- Configuring Management on a Transparent FW
- ACL’s in Transparent Mode
- Configuring NAT on a Transparent Firewall
Module 6 – Configuring the Firewall Component of FTD
- Initial Configuration of FTD & FMC from CLI
- Registering & Initializing the FTD device on FMC
- FTD Interface Configuration
- Routing Protocol Configuration - Static & Default Routes
- Routing Protocol Configuration – RIP
- Routing Protocol Configuration – OSPF
- Routing Protocol Configuration – BGP
- Configuring Access Control Policies – Basic
- Configuring Access Control Policies - Advanced
- Configuring Dynamic NAT
- Configuring Static NAT
- Configuring Dynamic PAT
- Configuring Static PAT
- Configuring Twice-NAT
Module 7 – Configuring Intrusion Prevention
- Configuring a Balanced Intrusion Prevention Policies
- Tuning an Existing Signature on the Intrusion Policy
- Configuring an Event Filter
- Configuring a Custom Signature
- Configuring Network Discovery Policy
- Configuring an Intrusion Policy based on the Firepower Recommendations
Module 8 – Configuring AMP
- Configure AMP Policies to Block Specific File types
- Configure AMP Policies to Block Files Infected with Malware
Module 9 – Configuring IOS-Based Firewall
- Configuring Zone-based Firewall on a Router
- Configuring Port-maps in Zone-based Firewalls
- Configuring Nested Classes in Zone-based Firewalls
Module 10 – Configuring VPNs on ASA & FTD
- Configuring LAN-TO-LAN IPSec VPN on ASA – IKEv1
- Configuring LAN-TO-LAN IPSec VPN on ASA – IKEv2
- Configuring Remote-Access IPSec VPN on ASA
- Configuring Remote-Access SSL-Based VPN on ASA
- Configuring Clientless SSL VPN on ASA
- Configuring IPSec LAN-TO-LAN VPN on FTD – IKEv1
- Configuring IPSec LAN-TO-LAN VPN on FTD – IKEv2
Configuring ACS 5.X
Module 1 – Configuring ACS for Management Authentication
- Configuring a Router to Authenticate using the ACS Server
- Configuring a Switch to Authenticate using the ACS Server
- Configuring a Firewall to Authenticate using the ACS Server
Module 2 – Configuring ACS for Management Authorization
- Configuring a Router for Exec Authorization Using the ACS
- Configuring a Router for Command Authorization Using the ACS
- Configuring ACS Authentication for HTTP Management on a Router
Module 3 – Configuring ACS for Management Accounting
- Configuring Exec and Command Accounting on a Router
- Configuring Exec Accounting on a Switch
- Configuring Telnet & SSH Connection Accounting
Configuring WLC
Module 1 – Initial Configuration of the WLC & WAP
- Basic Intialization of the Wireless LAN Controller (WLC)
- Basic Configuration of the Wireless Access Point (WAP) Using DHCP
Module 2 – Configuring a Basic Wireless LAN
- Creating VLAN Interface on the WLC
- Configuring WLANs, SSID’s and associating them with VLAN Interfaces – Open Authentication
- Configuring WLANs, SSIDs and associating them with VLAN Interfaces – Static WEP PSK (40-Bit)
- Configuring WLANs, SSIDs and associating them with VLAN Interfaces – Static WEP PSK (104-Bit)
Configuring SSID’s with Web Authentication
Configuring ISE
Module 1 – Configuring ISE to communicate to the Switch & WLC Network Devices
- Preparing the Network for ISE
- Basic Intialization of Identity Service Engine (ISE)
- Associating the Switch with the ISE Appliance
- Intializating & Associating the WLC with the ISE Appliance
Module 2 – Configuring 802.1x using ISE
- Configuring 802.1x Authentication for a Wired Client
- Configuring 802.1x Authentication for a Wired Client with VLAN Assignment
- Configuring 802.1x Authentication for a Wired Client With DACL Assignment
- Configuring 802.1x Authentication for a Wireless Client with VLAN Assignment
- Configuring Wired MAB Authentication with VLAN Assignment
- Configuring Wireless MAB Authentication with VLAN Assignment
- Configuring Wired MAB Authentication for IP Phone & Dot1X for PC behind it
Module 3 – Configuring Posture Validation Using ISE
- Configuring Client Provisioning Resources & Policies
- Configuring Posture Validation based on Operating System & Anti-Virus Requirements
- Configuring Posture Validation based on Operating System & Application Requirements
Module 4 – Configuring Cisco TrustSec with SGT Exchange Protocol [SXP] - Configuring CTS SXP Relationship between ISE & the WLC & ASA Firewall
- Configuring SGT Group Setup on ISE
Module 5 – Configuring ISE for Device Administration
- Configuring a TACACS+ relationship between ISE & Router/Switch
- Configuring ISE to support Device Administration
- Configure the Router & Switch to Use ISE for Authentication & authorization
Configuring Web Security Appliance [WSA]
Module 1 – Initial Configuration of the WSA (Ironport)
- Basic Intialization of the Web Security Appliance (WSA) - Ironport
- Configuring the ASA – WSA Relationship for WCCP
- Configuring the Router – WSA Relationship for WCCP
Module 2 – Configuring Web Filtering Using WSA
- Creating Identities Used for Web Filtering
- Category Based Blocking on the WSA
- Blocking Custom URLs
- Blocking/Premiting Specific Identities
- Time-Based Blocking
Configuring E-Mail Security Appliance [ESA]
Module 1 – Initial Configuration of the ESA (Ironport)
- Initial E-Mail Server and Client Setup in the Network
- Initializing the ESA Appliance from CLI
- Initializing the ESA Appliance from GUI Using the System Setup Wizard
- Configuring the ESA Appliance as a SMTP Relay Agent
Module 2 – Configuring E-Mail Filtering Using ESA
- Configuring Incoming Filters
- Configuring Outgoing Filters
