CCNA Security 210-260 - IINS v 3.0 - PART 6/6

Name: CCNA Security 210-260 - IINS v 3.0 - PART 6/6
Rating: 4.4 (39 reviews)

Intrusion Prevention System - Web Security -Email Security

Created bySikandar Shaik

Last updated 12/2017

English

What you'll learn

Describe common network security concepts
Secure routing and switching infrastructure
Deploy basic authentication, authorization and accounting services (AAA)
Deploy basic firewalling services (ASA & IOS Based)
Deploy basic site-to-site and remote access VPN services (IPSec & SSL)
Describe the use of more advanced security services such as intrusion protection, content security and identity management

Course content

2 sections • 17 lectures • 1h 11m total length

What is Intrusion2:17
Explore intrusion prevention systems and how crafted packets masquerade as valid to gain unauthorized access, and how worms and trojans affect network performance.
Intrusion Prention System - IPS3:02
Identify, classify, and block unusual traffic with an intrusion prevention system (IPS), monitoring network flows, logging incidents, and alerting administrators when threats are detected.
IDS vs IPS2:23
IDS (intrusion detection system) detects attacks and alerts management, while IPS (intrusion prevention system) detects and prevents by blocking traffic and resetting connections through the firewall.
Host based IPS vs Network Based IPS5:58
Host-based ips install on end devices to monitor local changes, while network-based ips operate inline as transparent sensors that capture, analyze, and log suspicious traffic.
IPS depolyments - Inline vs Promiscious3:44
Explain inline versus promiscuous IDS deployments: inline blocks at the gateway on signature matches, while promiscuous copies traffic to sensors for analysis, trading latency for stealth.
Cisco IPS Solutions5:20
Explore Cisco ips solutions and deployment options across dedicated appliances, router and firewall integrations, and software models, highlighting next-generation features, platform variety, and advanced intrusion prediction.
IPS Threat Detection Methods7:04
The IPS uses signature-based detection to compare traffic with a signature database, deny matches, and generate alerts; it also relies on policy-based and reputation-based detection guided by behavior with updates.
IPS Signature Alarm Types3:41
Explore IPS signature alarm types, distinguishing when signatures match or do not match; understand true meaning malicious traffic is predicted, false meaning normal traffic, and when alarms are generated.
IPS Signature Actions3:52
Configure IPS signatures to trigger actions when traffic matches, generating alerts, logging activity, and resetting or blocking attacker packets.
IPS Evasion Methods - Countermeasures6:17
Explore attacker evasion techniques against intrusion detection, including encryption, timing attacks, fragmentation, and misinterpretation, and learn countermeasures such as traffic reassembly, TTL validation, and data normalization to harden IPS defenses.

Web Based Attacks -Threats5:04
Explore common web-based attack threats from the internet, including malware, malicious traffic in web pages, data leakage, and encrypted pages that hinder monitoring of traffic.
Web Based Security3:52
Block malicious web traffic with firewall configurations, guard against harmful downloads, and enforce rules to restrict risky sites and data leakage while using Cisco security solutions.
Cisco Web Security - WSA - CWS3:32
Cisco web security offers on-premise and cloud-based solutions that inspect traffic to block malicious sites. It caches and validates requests, enforces security policies, and protects remote and office users.
What is WSA - How it Works6:05
Explore how the WSA provides caching and proxy services, storing frequently requested pages locally to speed access. It also enforces security policies, blocks restricted sites, and monitors traffic.
WSA Deployment Modes2:49
Explore two deployment modes for the WSA: explicit proxy mode with a preconfigured browser, and scalable transparent proxy mode that redirects traffic through the security gateway.
Email Based Threats2:50
Explore common email threats, including spam, phishing, and malicious attachments, that compromise systems and steal credentials by deceiving users into clicking links or downloading malware.
Cisco Email Security - ESA - CES3:33
Discover Cisco Email Security (ESA) and CES as cloud and on-prem gateways. Learn how centralized filtering and policy configuration protect inbound and outbound emails from spam and malware.

Requirements

Skills and knowledge equivalent to those learned in CCNA Routing & Switching knowledge
Working knowledge of the Windows operating system
Working knowledge of Cisco IOS networking and concepts

Description

This Course is designed to prepare CCNA Security candidates for the exam topics covered by the 210-260 IINS exam.

This is Last of 6 parts of the Complete CCNA Security 210-260 Exam..

This course allows learners to understand common security concepts, and deploy basic security techniques utilizing a variety of popular security appliances within a "real-life" network infrastructure. It focuses on security principles and technologies, using Cisco security products to provide hands-on examples.

This Cisco self-paced course is designed to be as effective as classroom training.

Course content is presented in easily-consumable segments via both Instructor Video and text. Makes the learning experience hands-on, increasing course effectiveness

The revised CCNA Security (IINS v3.0) curriculum is designed to bring data, device, and administration together to have better network security, which is more relevant and valuable than ever. It is destined to meet the current business demand so that the network security professionals are able to acquire new knowledge, training and vital skills to be successful in evolving job roles.

1. Security Concepts – This section includes security principles, threats, cryptography, and network topologies. It constitutes 12% of the questions asked in the exam.

2. Secure Access – This section deals with secure management, AAA concepts, 802.1X authentication, and BYOD. It makes 14% of the exam.

3. VPN (Virtual Private Networks) – This focuses on VPN concepts, remote access VPNs, and site-to-site VPNs. It is 17% of the exam.

4. Secure Routing & Switching – This section concentrates on VLAN security, mitigation techniques, layer 2 attacks, routing protocols, and overall security of Cisco routers. That is 18% of the exam.

5. Cisco Firewall Technologies – This section is 18% of the exam and focuses on stateful and stateless firewalls, proxy firewalls, application, and personal firewalls. Additionally, it concentrates on Network Address Translation (NAT) and other features of Cisco ASA 9.x.

6. IPS – It is 9% of the exam and this portion focuses on network-based and host-based IPS, deployment, and IPS technologies.

7. Content and Endpoint Security –Constituting 12% of the exam, this section checks your understanding on the endpoint, web-based, and email-based threats. Later it leads to apt and effective mitigation technology and techniques to counter those threats.

Who this course is for:

Network Security Specialist
Security Administrator
Network Security Support Engineer
Principle System Engineers
Cisco Channel Partners
Security Technician

CCNA Security 210-260 - IINS v 3.0 - PART 6/6

What you'll learn

Explore related topics

Course content

IPS Concepts10 lectures • 44min

Web Security -Email Security - Endpoint Security7 lectures • 28min

Requirements

Description

Who this course is for: