Cisco Certified Internetwork Expert 被視為是全球Internetworking領(lǐng)域中的頂級(jí)CCIE認(rèn)證證書。這個(gè)認(rèn)證主要提供工程師在今日快速變動(dòng)的網(wǎng)絡(luò)環(huán)境中駕馭Cisco設(shè)備所需的專業(yè)知識(shí)。 成為CCIE除了整個(gè)產(chǎn)業(yè)的認(rèn)同之外,Security CCIE也是你不斷持有最新網(wǎng)絡(luò)知識(shí)的指標(biāo);你將會(huì)在你的專業(yè)領(lǐng)域中成為一位最具競(jìng)爭(zhēng)力的人。 入學(xué)條件
已經(jīng)通過CCSP或者具備相應(yīng)水平者。
Security CCIE課程介紹
Firewall PIX and ASA Firewall Basic Initialization Access Management Address Translation ACLs IP Routing Object Groups VLANs AAA VPNs Filtering Failover Layer 2 Transparent Firewall Security Contexts (Virtual Firewall) Modular Policy Framework Application-Aware Inspection High Availability Scenarios QoS Policies Other Advanced Features? IOS Firewall CBAC Audit Auth Proxy PAM Access Control Performance Tuning Advanced Features VPN IPSec LAN-to-LAN SSL VPN DMVPN CA (PKI) Remote Access VPN VPN3000 Concentrator VPN3000 IP Routing Unity Client WebVPN EzVPN Hardware Client XAuth, Split-tunnel, RRI, NAT-T High Availability QoS for VPN GRE, mGRE L2TP PPTP Advanced VPN Features Intrusion Prevention System (IPS) IPS 4200 Series Sensor Appliance Basic Initialization Sensor Configuration Sensor Management Promiscuous and Inline Monitoring Signature Tuning Custom Signatures Blocking TCP Resets Rate Limiting Signature Engines IDM Event Action Event Monitoring IOS IPS PIX IDS SPAN, RSPAN Advanced Features Identity Management Security Protocols (RADIUS and TACACS+) Cisco Secure ACS Configuration Access Management (Telnet, SSH, Pwds, Priv Levels) Proxy Authentication Service Authentication (FTP, Telnet, HTTP, other) Network Admission Control (NAC Framework solution) Advanced Features Advanced Security Mitigation Techniques Packet Marking Techniques Security RFCs (RFC1918, RFC2827, RFC2401) Service Provider Security Black Holes, Sink Holes RTBH Filtering (Remote Triggered Black Hole) Traffic Filtering using Access-lists NAT TCP Intercept uRPF CAR NBAR NetFlow Flooding Spoofing Policing Fragmentation Sniffer Traces Catalyst Management and Security Traffic Control and Congestion Management Catalyst Features and Advanced Configuration Network Attacks Network Reconnaissance IP Spoofing Attacks MAC Spoofing Attacks ARP Spoofing Attacks Denial of Service (DoS) Distributed Denial of Service (DDoS) Man-in-the-Middle (MiM) Attacks Port Redirection Attacks DHCP Attacks DNS Attacks Fragment Attacks Smurf Attacks SYN Attacks MAC Attacks VLAN Hopping Attacks Other Layer2 and Layer3 Attacks Security CCIE認(rèn)證培訓(xùn)目標(biāo)
現(xiàn)在市場(chǎng)上主流的3大防火墻產(chǎn)品, netscreen,cisco 公司的ASA .作為三家業(yè)界龍頭的防火墻產(chǎn)品,在市場(chǎng)上具有很高的市場(chǎng)占有率。 讓學(xué)員真正學(xué)會(huì)使用所有的防火墻產(chǎn)品,成為名副其實(shí)網(wǎng)絡(luò)安全專家。 |