CCNA - Security

Cisco Certified Network Associate Security (CCNA Security) validates associate-level knowledge and skills required to secure Cisco networks. With a CCNA Security certification, a network professional demonstrates the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.

The CCNA Security Certification is the next step after the CCNA R&S to enhance your associate level skill set in network security. It prepares you for entry-level security career opportunities to meet the growing demand of network for network security professionals.

Implementing Cisco Network Security (210-260 IINS)

Common Security Threats    

• Describe Common Security Threats

Security on Cisco Routers     

• Implement security on Cisco routers
• Describe securing the control, data, and management plane
• Describe Cisco Security Manager
• Describe IPv4 to IPv6 transition

IP Addressing (IPv4/IPv6)    

• Describe the operation and necessity of using private and public IP addresses for IPv4 addressing
• Identify the appropriate IPv6 addressing scheme to satisfy addressing requirements in a LAN/WAN environment
• Identify the appropriate IPv4 addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment
• Describe the technological requirements for running IPv6 in conjunction with IPv4
• Describe IPv6 addresses

AAA on Cisco Devices    

• Implement AAA (authentication, authorization, and accounting)
• Describe TACACS+
• Describe RADIUS
• Describe AAA
• Verify AAA functionality

IOS ACL'S    

• Describe standard, extended, and named IP IOS access control lists (ACLs) to filter packets
• Describe considerations when building ACLs
• Implement IP ACLs to mitigate threats in a network

Secure Network Management & Reporting 

• Describe secure network management
• Implement secure network management

Common Layer 2 Attacks    

• Describe Layer 2 security using Cisco switches
• Describe VLAN security
• Implement VLANs and trunking
• Implement spanning tree

Implement Firewall Technologies    

• Describe operational strengths and weaknesses of the different firewall technologies
• Describe stateful firewalls
• Describe the types of NAT used in firewall technologies
• Implement zone-based policy firewall using CCP
• Implement the Cisco Adaptive Security Appliance (ASA)
• Implement Network Address Translation (NAT) and Port Address Translation (PAT)

Cisco IPS

• Describe Cisco Intrusion Prevention System (IPS) deployment considerations
• Describe IPS technologies
• Configure Cisco IOS IPS using CCP

VPN Technologies    

• Describe the different methods used in cryptography
• Describe VPN technologies
• Describe the building blocks of IPSec
• Implement an IOS IPSec site-to-site VPN with pre-shared key authentication
• Verify VPN operations
• Implement Secure Sockets Layer (SSL) VPN using ASA device manager

Eligibility / Requirements

Prerequisites for candidates that wish to take the CCNA Security exam include the Cisco Certified Network Associate - Routing & Switching Certification (CCNA).