1358 Network courses delivered Live Online

Duration 5 Days 30 CPD hours This course is intended for This course benefits individuals responsible for implementing, monitoring, and troubleshooting Layer 3 components of a service provider's network. Overview Describe the various OSPF link-state advertisement (LSA) types. Explain the flooding of LSAs in an OSPF network. Describe the shortest-path-first (SPF) algorithm. List key differences between OSPFv2 and OSPFv3. Describe OSPF area types and operations. Configure various OSPF area types. Summarize and restrict routes. Identify some scenarios in a service provider network that can be solved using routing policy or specific configuration options. Use routing policy and specific configuration options to implement solutions for various scenarios. Describe how to troubleshoot OSPF. Explain the concepts and operation of IS-IS. Describe various IS-IS link-state protocol data unit (LSP) types. List IS-IS adjacency rules and troubleshoot common adjacency issues. Configure and monitor IS-IS. Display and interpret the link-state database (LSDB). Perform advanced IS-IS configuration options. Implement IS-IS routing policy. Explain the default operation in multiarea IS-IS. Describe IS-IS address summarization methods. Configure and monitor a multiarea IS-IS network. Describe how to troubleshoot IS-IS. Describe basic BGP operation. List common BGP attributes. Explain the route selection process for BGP. Describe how to alter the route selection process. Configure some advanced options for BGP peers. Describe various BGP attributes in detail and explain the operation of those attributes. Manipulate BGP attributes using routing policy. Explain the causes for route instability. Describe the effect of damping on BGP routing. Explain the default behavior of damping on links. Control damping using routing policy. View damped routes using command-line interface (CLI) commands. Describe the operation of BGP route reflection. Configure a route reflector. Describe the operation of a BGP confederation. Configure confederations. Describe peering relationships in a confederation. Describe how to troubleshoot BGP. Describe how to troubleshoot routing policy. This five-day course is designed to provide students with detailed coverage of OSPF, IS-IS, BGP, and routing policy. Course Outline Course Introduction OSPF OSPFv2 Review Link-State Advertisements Protocol Operations OSPF Authentication OSPF Areas Review of OSPF Areas Stub Area Operation Stub Area Configuration NSSA Operation NSSA Configuration Route Summarization OSPF Case Studies and Solutions Virtual Links OSPF Multiarea Adjacencies External Reachability Troubleshooting OSPF Troubleshooting OSPF IS-IS Overview of IS-IS IS-IS PDUs Neighbors and Adjacencies Configuring and Monitoring IS-IS Advanced IS-IS Operations and Configuration Options IS-IS Operations IS-IS Configuration Options IS-IS Routing Policy Multilevel IS-IS Networks Level 1 and Level 2 Operations Multilevel Configuration Troubleshooting IS-IS Troubleshooting IS-IS BGP Review of BGP BGP Operations BGP Path Selection Options Configuration Options BGP Attributes and Policy?Part 1 BGP Policy Next Hop Origin and MED AS Path BGP Attributes and Policy?Part 2 Local Preference Communities Route Reflection and Confederations Route Reflection Operation Configuration and Routing Knowledge BGP Confederations BGP Route Damping Route Flap and Damping Overview Route Damping Parameters Configuring and Monitoring Route Damping Troubleshooting BGP Troubleshooting BGP Troubleshooting Policy Troubleshooting Policy

Duration 4 Days 24 CPD hours This course is intended for This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components. Overview After successfully completing this course, you should be able to: Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses. Describe the various forms of security supported by the Junos OS. Describe the Juniper Connected Security model. Describe Junos security handling at Layer 2 versus Layer 3. Implement next generation Layer 2 security features. Demonstrate understanding of Logical Systems (LSYS). Demonstrate understanding of Tenant Systems (TSYS). Implement virtual routing instances in a security setting. Describe and configure route sharing between routing instances using logical tunnel interfaces. Describe and discuss Juniper ATP and its function in the network. Describe and implement Juniper Connected Security with Policy Enforcer in a network. Describe firewall filters use on a security device. Implement firewall filters to route traffic. Explain how to troubleshoot zone problems. Describe the tools available to troubleshoot SRX Series devices. Describe and implement IPsec VPN in a hub-and-spoke model. Describe the PKI infrastructure. Implement certificates to build an ADVPN network. Describe using NAT, CoS and routing protocols over IPsec VPNs. Implement NAT and routing protocols over an IPsec VPN. Describe the logs and troubleshooting methodologies to fix IPsec VPNs. Implement working IPsec VPNs when given configuration that are broken. Describe Incident Reporting with Juniper ATP On-Prem device. Configure mitigation response to prevent spread of malware. Explain SecIntel uses and when to use them. Describe the systems that work with SecIntel. Describe and implement advanced NAT options on the SRX Series devices. Explain DNS doctoring and when to use it. Describe NAT troubleshooting logs and techniques. This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Chapter 1: Course Introduction Course Introduction Chapter 2: Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Secure Wire Layer 2 Next Generation Ethernet Switching MACsec Lab 1: Implementing Layer 2 Security Chapter 3: Firewall Filters Using Firewall Filters to Troubleshoot Routing Instances Filter-Based Forwarding Lab 2: Implementing Firewall Filters Chapter 4: Troubleshooting Zones and Policies General Troubleshooting for Junos Devices Troubleshooting Tools Troubleshooting Zones and Policies Zone and Policy Case Studies Lab 3: Troubleshooting Zones and Policies Chapter 5: Hub-and-Spoke VPN Overview Configuration and Monitoring Lab 4: Implementing Hub-and-Spoke VPNs Chapter 6: Advanced NAT Configuring Persistent NAT Demonstrate DNS doctoring Configure IPv6 NAT operations Troubleshooting NAT Lab 5: Implementing Advanced NAT Features Chapter 7: Logical and Tenant Systems Overview Administrative Roles Differences Between LSYS and TSYS Configuring LSYS Configuring TSYS Lab 6: Implementing TSYS Chapter 8: PKI and ADVPNs PKI Overview PKI Configuration ADVPN Overview ADVPN Configuration and Monitoring Lab 7: Implementing ADVPNs Chapter 9: Advanced IPsec NAT with IPsec Class of Service with IPsec Best Practices Routing OSPF over VPNs Lab 8: Implementing Advanced IPsec Solutions Chapter 10: Troubleshooting IPsec IPsec Troubleshooting Overview Troubleshooting IKE Phase 1 and 2 IPsec Logging IPsec Case Studies Lab 9: Troubleshooting IPsec Chapter 11: Juniper Connected Security Security Models Enforcement on Every Network Device Chapter 12: SecIntel Security Feed Encrypted Traffic Analysis Use Cases for SecIntel Lab 10: Implementing SecIntel Chapter 13:Advanced Juniper ATP On-Prem Collectors Private Mode Incident Response Deployment Models Lab 11: Implementing Advanced ATP On-Prem Chapter 14: Automated Threat Mitigation Identify and Mitigate Malware Threats Automate Security Mitigation Lab 12: Identifying and Mitigation of Threats Additional course details: Nexus Humans AJSEC - Advanced Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AJSEC - Advanced Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is designed for technical professionals who need to know how to deploy a Cisco Integrated Threat Defense solution in their network environment. The primary audience for this course includes: Systems and network engineersTechnical architectsTechnical support personnelChannel partners and resellers Overview After completing this course, you should be able to: Describe the current network security landscape and the Cisco Integrated Threat Defense (ITD) solutionDescribe the key components of the ITD solution and their use in the networkConfigure the ISE for a baseline of operation in the ITD solutionConfigure the integration between the Stealthwatch and ISE platformsConfigure the integration between the Cisco Firepower and ISE platformsConfigure the integration between Cisco Firepower and AMP for Endpoints This course begins with an analysis of the current cybersecurity landscape and includes details on why networks today need an integrated threat defense architecture. You will integrate and verify proper operation of the key Cisco Integrated Threat Defense products, including Cisco Identity Services Engine (ISE), Cisco Stealthwatch©, Cisco Firepower© NGFW, and Cisco AMP for Endpoints. Verification includes the introduction of malware into the network to ensure proper identification, analysis, and quarantine. Course Outline Integrated Threat Defense Introduction Itd Products Identity Services Engine Setup Integration Of Stealthwatch With Identity Services Engine Integration Of Firepower With Identity Services Engine Integration Of Firepower With Amp For Endpoints

STP alternatives training course description The Spanning Tree Protocol (STP) dates from 1985. This course explores the technologies that can be used as an alternative to STP, including FabricPath, SPB and TRILL. What will you learn Explain how STP and RSTP work. Explain how TRILL works. Explain how SPB works. Explain how FabricPath works. STP alternatives training course details Who will benefit: Technical network staff. Prerequisites: Definitive Ethernet switching for engineers Duration 1 day STP alternatives training course contents Introduction Layer 2 versus Layer 3, STP problems: One path, convergence, MAC explosion, STP alternatives. STP 802.1D, how STP works, root bridge, convergence times, single path. RSTP 802.1w, Improvements, convergence times. Link aggregation 802.3ad, Multi system Link aggregation. IS-IS Concepts, Discovery, topology exchange, flooding. Changes for TRILL, FabricPath and SPB. FabricPath Overview, architecture, control plane protocols, DRAP, STP interactions, packet forwarding, configuration. TRILL Concepts, RBridge, TRILL frames, control plane, data plane, learning MAC addresses. SPB 802.1aq, Node ID, Backbone Edge Bridges, Backbone MAC address, customer MACs, I-SID, forwarding database.

Duration 5 Days 30 CPD hours This course is intended for Students who need to know how to implement and manage Cisco ASA 5500-X. Overview Upon successful completion of this course, students should be able to do the following:? Technology and features of the Cisco ASA? Cisco ASA product family? How ASAs protect network devices from attacks? Bootstrap the security appliance? Prepare the security appliance for configuration via the Cisco Adaptive Security Device Manager (ASDM)? Launch and navigate ASDM? Essential security appliance configuration using ASDM and the command-line interface (CLI)? Configure dynamic and static address translations? Configure access policy based on ACLs? Use object groups to simplify ACL complexity and maintenance? Use the Modular Policy Framework to provide unique policies to specific data flows? Handle advanced protocols with application inspection? Troubleshoot with syslog and tcp ping? Configure the ASA to work with Cisco Secure ACS 5.2 for RADIUS-based AAA of VPNs? Implement site-to-site IPsec VPN? Implement remote access IPsec and SSL VPNs using the Cisco AnyConnect 3.0 Secure Mobility Client? Work with the 5.x Legacy Cisco IPsec VPN client and Anyconnect VPN client? Deploy clientless SSL VPN access, including smart tunnels, plug-ins, and web-type ACLs? Configure access control policies to implement your security policy across all classes of VPN? Configure Active/Standby failover for both firewall and VPN high availability Student will gain the essential skills required to configure, maintain, and operate Cisco ASA 5500-X Series Adaptive Security Appliances based on ASA Software v9.x. Cisco ASA Essentials ? Lesson 1: Evaluating Cisco ASA Technologies ? Lesson 2: Identifying Cisco ASA Families Basic Connectivity and Device Management ? Lesson 1: Preparing the Cisco ASA for Network Integration ? Lesson 2: Managing Basic Cisco ASA Network Settings ? Lesson 3: Configuring Cisco ASA Device Management Features Network Integration ? Lesson 1: Configuring Cisco ASA NAT Features ? Lesson 2: Configuring Cisco ASA Basic Access Control Features Cisco ASA Policy Control ? Lesson 1: Cisco ASA Modular Policy Framework ? Lesson 2: Configuring Cisco ASA Connection Policy Cisco ASA VPN Architecture and Common Components ? Lesson 1: Implementing Profiles, Group Policies, and User Policies ? Lesson 2: Implementing PKI Services Cisco ASA Clientless Remote Access SSL VPN Solutions ? Lesson 1: Deploying Basic Clientless VPN Solutions ? Lesson 2: Deploying Advanced Application Access for Clientless SSL VPNs Cisco AnyConnect Remote Access SSL Solutions ? Lesson 1: Deploying a Basic Cisco AnyConnect Full-Tunnel SSL VPN Solution Cisco ASA Remote Access IPsec VPNs ? Lesson 1: Deploying Cisco Remote Access VPN Clients ? Lesson 2: Deploying Basic Cisco Remote Access IPsec VPN Solutions Cisco ASA Site-to-Site IPsec VPN Solutions ? Lesson 1: Deploying Basic Site-to-Site IPsec VPNs ? Lesson 2: Deploying Advanced Site-to-Site IPsec VPNs Cisco ASA High Availability and Virtualization ? Lesson 1: Configuring Cisco ASA Active/Standby High Availability Labs Lab 1: Prepare the ASA for Administration Lab 2: Fundamental ASA Configuration Lab 3: Network Address Translation (NAT) Lab 4: Basic Access Control Lab 5: Basic Protocol Inspection Lab 6: Licensing, ACS, and Public CA Lab 7: Basic Clientless SSL VPN Lab 8: Clientless SSL VPN - Thin Apps Lab 9: Basic AnyConnect Full Tunnel SSL VPN Lab 10: Remote Access IPSec VPN Lab 11: IPSec Site-to-Site VPN Lab 12: Active/Standby Failover

Wireshark 101 training course description Wireshark is a free network protocol analyser. This hands-on course focuses on troubleshooting networks using the Wireshark protocol analyser. The course concentrates on the product and students will gain from the most from this course only if they already have a sound knowledge of the TCP/IP protocols What will you learn Download and install Wireshark. Capture and analyse packets with Wireshark. Configure capture and display filters. Customise Wireshark. Troubleshoot networks using Wireshark. Wireshark 101 training course details Who will benefit: Technical staff looking after networks. Prerequisites: TCP/IP Foundation for engineers Duration 2 days Wireshark 101 training course contents What is Wireshark? Protocol analysers, Wireshark features, versions, troubleshooting techniques with Wireshark. Installing Wireshark Downloading Wireshark, UNIX issues, Microsoft issues, the role of winpcap, promiscuous mode, installing Wireshark. Wireshark documentation and help. Hands on Downloading and installing Wireshark. Capturing traffic Starting and stopping basic packet captures, the packet list pane, packet details pane, packet bytes pane, interfaces, using Wireshark in a switched architecture. Hands on Capturing packets with Wireshark. Troubleshooting networks with Wireshark Common packet flows. Hands on Analysing a variety of problems with Wireshark. Capture filters Capture filter expressions, capture filter examples (host, port, network, protocol), primitives, combining primitives, payload matching. Hands on Configuring capture filters. Working with captured packets Live packet capture, saving to a file, capture file formats, reading capture files from other analysers, merging capture files, finding packets, going to a specific packet, display filters, display filter expressions. Hands on Saving captured data, configuring display filters. Analysis and statistics with Wireshark Enabling/disabling protocols, user specified decodes, following TCP streams, protocol statistics, conversation lists, endpoint lists, I/O graphs, protocol specific statistics. Hands on Using the analysis and statistics menus. Command line tools Tshark, capinfos, editcap, mergecap, text2pcap, idl2eth. Hands on Using tshark. Advanced issues 802.11 issues, management frames, monitor mode, packet reassembling, name resolution, customising Wireshark. Hands on Customising name resolution.

Duration 5 Days 30 CPD hours This course is intended for Ideal candidates include network professionals who are looking to build their foundational knowledge of the ClearPass product portfolio. Overview After you successfully complete this course, expect to be able to: Ability to setup ClearPass as a AAA server Demonstrate Configuration Guest, OnGurad, Onboard and Profiling features Integrate with External AD Server Understand Monitoring and Reporting Demonstrate Scaling and deployment of best practices Configure AAA services for both wired and wireless networks Demonstrate the configuration of Aruba Downloadable User Roles. Demonstrate the configuration of Dynamic Segmentation with Aruba switches. This course prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This 5-day classroom session includes both instructional modules and labs to teach participants about the major features of the ClearPass portfolio. Participants will learn how to setup ClearPass as an AAA server, and configure the Policy Manager, Guest, OnGuard and Onboard feature sets. In addition, this course covers integration with external Active Directory servers, Monitoring and Reporting, as well as deployment best practices. The student will gain insight into configuring authentication with ClearPass on both wired and wireless networks. Intro to ClearPass BYOD High Level Overview Posture and Profiling Guest and Onboard ClearPass for AAA Policy Service Rules Authentication Authorization and Roles Enforcement Policy and Profiles Authentication and Security Concepts Authentication Types Servers Radius COA Active Directory Certificates Intro to NAD NAD Devices Adding NAD to ClearPass Network Device Groups Network Device Attributes Aruba Controller as NAD Aruba Switch Aruba Instant Monitoring and Troubleshooting Monitoring Troubleshooting Logging Policy Simulation ClearPass Insight Insight Dashboard Insight Reports Insight Alerts Insight Search Insight Administration Insight Replication Active Directory Adding AD as Auth Source Joining AD domain Using AD services External Authentication Multiple AD domains LDAP Static Host Lists SQL Database External Radius Server Guest Guest Account creation Web Login pages Guest Service configuration Self-registration pages Configuring NADS for Guest Guest Manager Deep Dive Web Login Deep Dive Sponsor Approval MAC Caching Onboard Intro to Onboard Basic Onboard Setup Onboard Deepdive Single SSID Onboarding Dual SSID Onboarding Profiling Intro to Profiling Endpoint Analysis Deep Dive Posture Intro to Posture Posture Deployment Options OnGuard Agent Health Collection OnGuard workflow 802.1x with Posture using Persistent/dissolvable agent OnGuard web Login Monitoring and Updates Operation and Admin Users Operations Admin Users Clustering and Redundancy Clustering Redundancy LAB Licensing ClearPass Licensing Base License Applications ClearPass Exchange Intro Examples General HTTP Palo Alto Firewall Configuration Case Study Objectives Discussion Advanced Labs Overview Wired Port Authentication 802.1X for access layer switch ports Profiling on Wired Network Configuration of Dynamic Segmentation Aruba Downloadable User Roles Downloadable User Role Enforcement in ClearPass Aruba Controller/Gateway configuration Aruba Switch configuration Troubleshooting

Definitive 802.1X training course description A hands-on training course concentrating solely on 802.1X. Hands on sessions follow major chapters to reinforce the theory. What will you learn Describe 802.1X. Explain how 802.1X works Configure 802.1X Troubleshoot 802.1X. Definitive 802.1X training course details Who will benefit: Technical network staff. Technical security staff. Prerequisites: SIP for engineers Duration 2 days Definitive 802.1X training course contents Introduction What is 802.1X? Authentication access, 802.3, 802.11. IEEE, 802, 802.1X-2001, 802.1X-2010. Architecture Supplicant, Authenticator, Authentication server, EAP, EAPOL, RADIUS, Diameter. Port configuration 802.1X in a switch environment. Hands on Configuring 802.1X. How it works Controlled ports, uncontrolled ports. Authentication flow chart, Initialisation, initiation, negotiation, authentication. Hands on 802.1X packet analysis. 802.1X and 802.11 WiFi, WiFi security. Hands on 802.1X WiFi port access. EAP Extensible Authentication Protocol, RFC 3748, RFC 5247. EAP methods: Weak, MD5, LEAP, Strong: TTLS, TLS, FAST. Encapsulation: 802.1X, PEAP, RADIUS, Diameter, PPP. 802.1X accounting RADIUS, accounting messages, 802.1X accounting AV pairs. 8021.X and VLANS VLANs, Guest VLAN, restricted VLAN, voice VLAN. Hands on VLAN assignments with 802.1X.

Duration 5 Days 30 CPD hours Overview By the end of the course, you should be able to meet the following objectives: Describe the architecture and main components of NSX Explain the features and benefits of NSX Deploy the NSX Management cluster and VMware NSX Edge™ nodes Prepare VMware ESXi™ hosts to participate in NSX networking Create and configure segments for layer 2 forwarding Create and configure Tier-0 and Tier-1 gateways for logical routing Use distributed and gateway firewall policies to filter east-west and north-south traffic in NSX Configure Advanced Threat Prevention features Configure network services on NSX Edge nodes Use VMware Identity Manager™ and LDAP to manage users and access Explain the use cases, importance, and architecture of Federation This five-day, fast-paced course provides comprehensive training to install, configure, and manage a VMware NSX© environment. This course covers key features and functionality offered in the NSX 4.0.0.1 and NSX 4.0.1 releases, including the overall infrastructure, logical switching, logical routing, networking and security services, firewalls and advanced threat prevention, and more. Course Introduction Introductions and course logistics Course objectives VMware Virtual Cloud Network and VMware NSX Introduce the VMware Virtual Cloud Network vision Describe the NSX product portfolio Discuss NSX features, use cases, and benefits Explain NSX architecture and components Explain the management, control, data, and consumption planes and their functions. Preparing the NSX Infrastructure Deploy VMware NSX© ManagerTM nodes on ESXi hypervisors Navigate through the NSX UI Explain data plane components such as N-VDS/VDS, transport nodes, transport zones, profiles, and more Perform transport node preparation and configure the data plane infrastructure Verify transport node status and connectivity Explain DPU-based acceleration in NSX Install NSX using DPUs NSX Logical Switching Introduce key components and terminology in logical switching Describe the function and types of L2 segments Explain tunneling and the Geneve encapsulation Configure logical segments and attach hosts using NSX UI Describe the function and types of segment profiles Create segment profiles and apply them to segments and ports Explain the function of MAC, ARP, and TEP tables used in packet forwarding Demonstrate L2 unicast packet flow Explain ARP suppression and BUM traffic handling NSX Logical Routing Describe the logical routing function and use cases Introduce the two-tier routing architecture, topologies, and components Explain the Tier-0 and Tier-1 gateway functions Describe the logical router components: Service Router and Distributed Router Discuss the architecture and function of NSX Edge nodes Discuss deployment options of NSX Edge nodes Configure NSX Edge nodes and create NSX Edge clusters Configure Tier-0 and Tier-1 gateways Examine single-tier and multitier packet flows Configure static routing and dynamic routing, including BGP and OSPF Enable ECMP on a Tier-0 gateway Describe NSX Edge HA, failure detection, and failback modes Configure VRF Lite NSX Bridging Describe the function of logical bridging Discuss the logical bridging use cases Compare routing and bridging solutions Explain the components of logical bridging Create bridge clusters and bridge profiles NSX Firewalls Describe NSX segmentation Identify the steps to enforce Zero-Trust with NSX segmentation Describe the Distributed Firewall architecture, components, and function Configure Distributed Firewall sections and rules Configure the Distributed Firewall on VDS Describe the Gateway Firewall architecture, components, and function Configure Gateway Firewall sections and rules NSX Advanced Threat Prevention Explain NSX IDS/IPS and its use cases Configure NSX IDS/IPS Deploy NSX Application Platform Identify the components and architecture of NSX Malware Prevention Configure NSX Malware Prevention for east-west and north-south traffic Describe the use cases and architecture of VMware NSX© Intelligence? Identify the components and architecture of VMware NSX© Network Detection and Response? Use NSX Network Detection and Response to analyze network traffic events. NSX Services Explain and configure Network Address Translation (NAT) Explain and configure DNS and DHCP services Describe VMware NSX© Advanced Load Balancer? architecture, components, topologies, and use cases. Configure NSX Advanced Load Balancer Discuss the IPSec VPN and L2 VPN function and use cases Configure IPSec VPN and L2 VPN using the NSX UI NSX User and Role Management Describe the function and benefits of VMware Identity Manager? in NSX Integrate VMware Identity Manager with NSX Integrate LDAP with NSX Identify the various types of users, authentication policies, and permissions Use role-based access control to restrict user access Explain object-based access control in NSX NSX Federation Introduce the NSX Federation key concepts, terminology, and use cases. Explain the onboarding process of NSX Federation Describe the NSX Federation switching and routing functions. Describe the NSX Federation security concepts.

Duration 5 Days 30 CPD hours This course is intended for This course is targeted towards the information technology (IT) professional that has a minimum 1 year IT Security and Networking experience. This course would be ideal for Information System Owners, Security Officers, Ethical Hackers, Information Owners, Penetration Testers, System Owner and Managers as well as Cyber Security Engineers. Overview Upon completion, the Certified Professional Ethical Hacker candidate will be able to competently take the CPEH exam. The CPEH certification training enables students to understand the importance of vulnerability assessments and how to implement counter response along with preventative measures when it comes to a network hack. Security Fundamentals Overview The Growth of Environments and Security Our Motivation? The Goal: Protecting Information! CIA Triad in Detail Approach Security Holistically Security Definitions Definitions Relationships Method: Ping The TCP/IP Stack Which Services Use Which Ports? TCP 3-Way Handshake TCP Flags Malware Types of Malware Types of Malware Cont... Types of Viruses More Malware: Spyware Trojan Horses Back Doors DoS DDoS Packet Sniffers Passive Sniffing Active Sniffing Firewalls, IDS and IPS Firewall ? First Line of Defense IDS ? Second Line of Defense IPS ? Last Line of Defense? Firewalls Firewall Types: (1) Packet Filtering Firewall Types: (2) Proxy Firewalls Firewall Types ? Circuit-Level Proxy Firewall Type of Circuit- Level Proxy ? SOCKS Firewall Types ? Application-Layer Proxy Firewall Types: (3) Stateful Firewall Types: (4) Dynamic Packet-Filtering Firewall Types: (5) Kernel Proxies Firewall Placement Firewall Architecture Types ? Screened Host Multi- or Dual-Homed Screened Subnet Wi-Fi Network Types Wi-Fi Network Types Widely Deployed Standards Standards Comparison 802.11n - MIMO Overview of Database Server Review Access Controls Overview Role of Access Control Definitions More Definitions Categories of Access Controls Physical Controls Logical Controls ?Soft? Controls Security Roles Steps to Granting Access Access Criteria Physical Access Control Mechanisms Biometric System Types Synchronous Token Asynchronous Token Device Memory Cards Smart Card Cryptographic Keys Logical Access Controls OS Access Controls Linux Access Controls Accounts and Groups Password & Shadow File Formats Accounts and Groups Linux and UNIX Permissions Set UID Programs Trust Relationships Review Protocols Protocols Overview OSI ? Application Layer OSI ? Presentation Layer OSI ? Session Layer Transport Layer OSI ? Network Layer OSI ? Data Link OSI ? Physical Layer Protocols at Each OSI Model Layer TCP/IP Suite Port and Protocol Relationship Conceptual Use of Ports UDP versus TCP Protocols ? ARP Protocols ? ICMP Network Service ? DNS SSH Security Protocol SSH Protocols ? SNMP Protocols ? SMTP Packet Sniffers Example Packet Sniffers Review Cryptography Overview Introduction Encryption Cryptographic Definitions Encryption Algorithm Implementation Symmetric Encryption Symmetric Downfalls Symmetric Algorithms Crack Times Asymmetric Encryption Public Key Cryptography Advantages Asymmetric Algorithm Disadvantages Asymmetric Algorithm Examples Key Exchange Symmetric versus Asymmetric Using the Algorithm Types Together Instructor Demonstration Hashing Common Hash Algorithms Birthday Attack Example of a Birthday Attack Generic Hash Demo Instructor Demonstration Security Issues in Hashing Hash Collisions MD5 Collision Creates Rogue Certificate Authority Hybrid Encryption Digital Signatures SSL/TLS SSL Connection Setup SSL Hybrid Encryption SSH IPSec - Network Layer Protection IPSec IPSec Public Key Infrastructure Quantum Cryptography Attack Vectors Network Attacks More Attacks (Cryptanalysis) Review Why Vulnerability Assessments? Overview What is a Vulnerability Assessment? Vulnerability Assessment Benefits of a Vulnerability Assessment What are Vulnerabilities? Security Vulnerability Life Cycle Compliance and Project Scoping The Project Overview Statement Project Overview Statement Assessing Current Network Concerns Vulnerabilities in Networks More Concerns Network Vulnerability Assessment Methodology Network Vulnerability Assessment Methodology Phase I: Data Collection Phase II: Interviews, Information Reviews, and Hands-On Investigation Phase III: Analysis Analysis cont. Risk Management Why Is Risk Management Difficult? Risk Analysis Objectives Putting Together the Team and Components What Is the Value of an Asset? Examples of Some Vulnerabilities that Are Not Always Obvious Categorizing Risks Some Examples of Types of Losses Different Approaches to Analysis Who Uses What? Qualitative Analysis Steps Quantitative Analysis ALE Values Uses ALE Example ARO Values and Their Meaning ALE Calculation Can a Purely Quantitative Analysis Be Accomplished? Comparing Cost and Benefit Countermeasure Criteria Calculating Cost/Benefit Cost of a Countermeasure Can You Get Rid of All Risk? Management?s Response to Identified Risks Liability of Actions Policy Review (Top-Down) Methodology Definitions Policy Types Policies with Different Goals Industry Best Practice Standards Components that Support the Security Policy Policy Contents When Critiquing a Policy Technical (Bottom-Up) Methodology Review Vulnerability Tools of the Trade Vulnerability Scanners Nessus SAINT ? Sample Report Tool: Retina Qualys Guard http://www.qualys.com/products/overview/ Tool: LANguard Microsoft Baseline Analyzer MBSA Scan Report Dealing with Assessment Results Patch Management Options Review Output Analysis and Reports Overview Staying Abreast: Security Alerts Vulnerability Research Sites Nessus SAINT SAINT Reports GFI Languard GFI Reports MBSA MBSA Reports Review Reconnaissance, Enumeration & Scanning Reconnaissance Overview Step One in the Hacking ?Life-Cycle? What Information is Gathered by the Hacker? Passive vs. Active Reconnaissance Footprinting Defined Social Access Social Engineering Techniques Social Networking Sites People Search Engines Internet Archive: The WayBack Machine Footprinting Tools Overview Maltego GUI Johnny.Ihackstuff.com Google (cont.) Domain Name Registration WHOIS Output DNS Databases Using Nslookup Traceroute Operation Web Server Info Tool: Netcraft Introduction to Port Scanning Which Services use Which Ports? Port Scan Tips Port Scans Shou