The following is a condensed list of the topics that will be covered during the Bootcamp. The class goes over the theoretical as well as practical aspects of the below mentioned technologies. Notice that the list is just a guideline, and does not exhaust all technologies discussed during the class.

Covered Topics

• ASA Firewall
• Interfaces and VLANs
• Routed and Transparent
• Multiple and Single Context
• Access-List Filtering
• Network Address Translation
• MPF and Advanced Inspection
• Failover
• Routing Protocols: OSPF, EIGRP and RIP
• High Availability Features
• Other Advanced Features
  
  
• IOS Firewall
• Access-Lists
• CBAC Feature Set
• Zone-Based Firewall
• IOS NAT Features
• Firewall Tuning
• Advanced Filtering Techniques
  
  
• VPN
• IPsec LAN-to-LAN
• IPsec ezVPN Server
• SSL VPN (Anyconnect VPN)
• DMVPN
• GET VPN
• WebVPN (Clientless SSL VPN)
• IOS PKI for Authentication
• L2TPv2 and PPTP
• VPN QoS
• Advanced VPN Features
  
  
• Intrusion Prevention System (IPS)
• Initializing IPS 4200
• Inline and Promisc Monitoring
• Virtual Sensors, Subinterfaces, VLAN Groups
• Signature Tuning
• Custom Signatures
• Blocking/Rate Limiting/TCP Resets
• Tuning Signature Engines
• Event Monitoring and Processing
• Configuring SPAN/RSPAN/RITE
• IDM and IPS Manager Express
• Other Advanced Features
  
  
• Identity Management
• AAA List Configuration
• RADIUS, TACACS+ Protocols and Attrbutes
• LDAP server VPN Authorization and Authentication
• Configuring CS ACS Server
• X.509 Certificate-Based Authentication for VPNs
• IOS Authentication Proxy
• 802.1x Authentication and Authorization
• IOS/ASA Command Authorization
• ASA Cut-Through Authentication Proxy
• Other Advanced Features
  
  
• Advanced Security
• Routing Protocol Security
• Control Plane Protection Features
• Flexible Packet Matching
• Storm Control and STP Security Features
• VLAN Access-Lists
• Router Hardening
• Router Management: Telnet, SSH, SNMP, HTTP
• QoS for Attack Mitigation: Classification, Marking, Queueing and Policing
• DHCP Security Features
• Traffic Capturing
• Other Advanced Features
  
  
• Network Attacks
• Layer 2 Attacks: MAC Flooding, Spoofing, VLAN Hopping
• Layer 3 Attacks: Fragmentation, IP Spoofing, ARP Spoofing, IP Options, Smurf
• Layer 4 Attacks: SYN Flooding, TCP Hijacking, Port Redirection, MitM
• Application Level Attacks: MitM, DNS poisoning, Vulnerability Exploitation
• Network Reconnaissance
• DoS and DDoS Attacks: Using RTBH for Mitigation
• Other mitigation techniques
  
  

Intended Audience

CCIE Security candidates with a firm understanding of the technologies covered on the CCIE Security lab exam blueprint. Candidates must have already completed the CCIE Security Advanced Technologies Bootcamp-on-Demand and be comfortable performing at least the first 5 labs in the CCIE Security Volume 2 Workbook.

Introductory CCIE Security material is not covered in the 5 Day Bootcamp.


^back to top