CCNA Security Training Course | Cisco Certification| Exam Practices

Course Description

CCNA Security Training Course is  an associate level certification where it confirms entry level skills and Knowledge to develop security infrastructure, recognizes security threats  and vulnerabilities to networks and mitigating security attacks. The CCNA Security Certification Course training covers in-depth concepts of finding, listing  mitigation methods for common security attacks.

Cisco CCNA Security Certification lays the foundation for skills and knowledge required for a Network Security Specialist, Security Administrator, Network Security Support Engineers and security Analyst for Cisco devices. The CCNA Security verified your ability  to install, monitor, troubleshoot of network devices to maintain Confidentiality, integrity and availability of network data and devices that Cisco uses in its infrastructure.

Craw Cyber Security Conducts CCNA Security Training Course in Delhi India. CCNA Security Training Course teaches students installation, troubleshooting and monitoring of demand of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco user in its security infrastructure designed by the industry. After completing  CCNA Security Training Course for Craw Cyber Security,  Student can go further with CCNP Security Training Course to enhance their network security skills into Cisco Security. We are offer best CCNA Security Training Course in Delhi India on Real Routers and Switches, ISE, IPS WLC. We provide exam preparation Classes for CCNA Security Certification exam. Craw Cyber Security conduct CCNA Security training course in Delhi India as per exam. Craw Cyber Security also provide CCNA Security Industrial, CCNA Security Summer and Winter Training in Delhi India, on Live Projects. Craw Cyber Security do not use simulator software in our CCNA Security Training Course.

ccna security

Who should do a CCNA Security Training certification?

CCNA Security training and certification is beneficial for the following professionals:

  • Network Security Specialist.
  • Network Engineers.
  • Network Security Administrator.
  • Network Security Support Engineer.

CCNA Security Course Objectives

  • Upon completion of this course, you will get a good understanding of the network security principles, tools, and configurations.
  • Understanding security threats facing modern networks.
  • Securing access to network devices.
  • Implementing AAA on networks.
  • Using ACLs to thwart potential network threats.
  • Ensuring secure network management and reporting.
  • Managing Layer 2 network attacks.
  • Implementing Cisco IOS firewall and Intrusion Prevention.
  • Executing site-to-site IPSec VPNs.
  • Ensuring effective security policies.
  • Explain and learn about Content and Endpoint Security in CCNA security training.

Current Exam Information:

To earn Cisco CCNA Routing and Switching certification, you must pass the following exam(s):

  1.  Security Concept:

    • 1.1 Common security principles.
    • 1.1.a Describe confidentiality, integrity, availability (CIA).
    • 1.1.b Describe SIEM technology.
    • 1.1.c Identify common security terms.
    • 1.1.d Identify common network security zones.
    • 1.2 Common security threats.
    • 1.2.a Identify common network attacks.
    • 1.2.b Describe social engineering.
    • 1.2.c Identify malware.
    • 1.2.d Classify the vectors of data loss/exfiltration.
    • 1.3 Cryptography concepts.
    • 1.3.a Describe key exchange.
    • 1.3.b Describe hash algorithm.
    • 1.3.c Compare and contrast symmetric and asymmetric encryption.
    • 1.3.d Describe digital signatures, certificates, and PKI.
    • 1.4 Describe network topologies.
    • 1.4.a Campus area network (CAN).
    • 1.4.b Cloud, wide area network (WAN).
    • 1.4.c Data center.
    • 1.4.d Small office/home office (SOHO).
    • 1.4.e Network security for a virtual environment

2. Secure Access:

  • 2.1 Secure management.
  • 2.1.a Compare in-band and out-of band.
  • 2.1.b Configure secure network management.
  • 2.1.c Configure and verify secure access through SNMP v3 using an ACL.
  • 2.1.d Configure and verify security for NTP.
  • 2.1.e Use SCP for file transfer.
  • 2.2 AAA concepts.
  • 2.2.a Describe RADIUS and TACACS+ technologies.
  • 2.2.b Configure administrative access on a Cisco router using TACACS+.
  • 2.2.c Verify connectivity on a Cisco router to a TACACS+ server.
  • 2.2.d Explain the integration of Active Directory with AAA.
  • 2.2.e Describe authentication and authorization using ACS and ISE.
  • 2.3 802.1X authentication.
  • 2.3.a Identify the functions 802.1X components.
  • 2.4 BYOD.
  • 2.4.a Describe the BYOD architecture framework.
  • 2.4.b Describe the function of mobile device management (MDM).

3. VPN:

  • 3.1 VPN concepts.
  • 3.1.a Describe IPsec protocols and delivery modes (IKE, ESP, AH, tunnel mode, transport mode).
  • 3.1.b Describe hair pinning, split tunneling, always-on, NAT traversal.
  • 3.2 Remote access VPN.
  • 3.2.a Implement basic client less SSL VPN using ASDM.
  • 3.2.b Verify client less connection.
  • 3.2.c Implement basic Any Connect SSL VPN using ASDM.
  • 3.2.d Verify Any Connect connection.
  • 3.2.e Identify endpoint posture assessment.
  • 3.3 Site-to-site VPN.
  • 3.3.a Implement an IPsec site-to-site VPN with pre-shared key authentication on Cisco routers and ASA firewalls.
  • 3.3.b Verify an IPsec site-to-site VPN

4. Secure Routing and Switching:

  • 4.1 Security on Cisco routers.
  • 4.1.a Configure multiple privilege levels.
  • 4.1.b Configure Cisco IOS role-based CLI access.
  • 4.1.c Implement Cisco IOS resilient configuration.
  • 4.2 Securing routing protocols.
  • 4.2.a Implement routing update authentication on OSPF.
  • 4.3 Securing the control plane.
  • 4.3.a Explain the function of control plane policing.
  • 4.4 Common Layer 2 attacks.
  • 4.4.a Describe STP attacks.
  • 4.4.b Describe ARP spoofing.
  • 4.4.c Describe MAC spoofing.
  • 4.4.d Describe CAM table (MAC address table) overflows.
  • 4.4.e Describe CDP/LLDP reconnaissance.
  • 4.4.f Describe VLAN hopping.
  • 4.4.g Describe DHCP spoofing.
  • 4.5 Mitigation procedures.
  • 4.5.a Implement DHCP snooping.
  • 4.5.b Implement Dynamic ARP Inspection.
  • 4.5.c Implement port security.
  • 4.5.d Describe BPDU guard, root guard, loop guard.
  • 4.5.e Verify mitigation procedures.
  • 4.6 VLAN security.
  • 4.6.a Describe the security implications of a PVLAN.
  • 4.6.b Describe the security implications of a native VLAN.

5. Cisco Firewall Technologies:

  • 5.1 Describe operational strengths and weaknesses of the different firewall technologies.
  • 5.1.a Proxy firewalls.
  • 5.1.b Application firewall.
  • 5.1.c Personal firewall.
  • 5.2 Compare stateful vs. stateless firewalls.
  • 5.2.a Operations.
  • 5.2.b Function of the state table.
  • 5.3 Implement NAT on Cisco ASA 9.x.
  • 5.3.a Static.
  • 5.3.b Dynamic.
  • 5.3.c PAT.
  • 5.3.d Policy NAT.
  • 5.3 e Verify NAT operations.
  • 5.4 Implement zone-based firewall.
  • 5.4.a Zone to zone.
  • 5.4.b Self zone.
  • 5.5 Firewall features on the Cisco Adaptive Security Appliance (ASA) 9.x.
  • 5.5.a Configure ASA access management.
  • 5.5.b Configure security access policies.
  • 5.5.c Configure Cisco ASA interface security levels.
  • 5.5.d Configure default Cisco Modular Policy Framework (MPF).
  • 5.5.e Describe modes of deployment (routed firewall, transparent firewall).
  • 5.5.f Describe methods of implementing high availability.
  • 5.5.g Describe security contexts.
  • 5.5.h Describe firewall services.

6. IPS:

  • 6.1 Describe IPS deployment considerations.
  • 6.1.a Network-based IPS vs. host-based IPS.
  • 6.1.b Modes of deployment (inline, promiscuous – SPAN, tap).
  • 6.1.c Placement (positioning of the IPS within the network).
  • 6.1.d False positives, false negatives, true positives, true negatives.
  • 6.2 Describe IPS technologies.
  • 6.2.a Rules/signatures.
  • 6.2.b Detection/signature engines.
  • 6.2.c Trigger actions/responses (drop, reset, block, alert, monitor/log, shun).
  • 6.2.d Blacklist (static and dynamic).

7. Content and Endpoint Security:

  • 7.1 Describe mitigation technology for email-based threats
  • 7.1.a SPAM filtering, anti-malware filtering, DLP, blacklisting, email encryption.
  • 7.2 Describe mitigation technology for web-based threats.
  • 7.2.a Local and cloud-based web proxies.
  • 7.2.b Blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, TLS/SSL decryption.
  • 7.3 Describe mitigation technology for endpoint threats.
  • 7.3.a Anti-virus/anti-malware.
  • 7.3.b Personal firewall/HIPS.
  • 7.3.c Hardware/software encryption of local data.

Student Response


1st Floor, Plot no. 4, Lane no. 2, Kehar Singh Estate, Westend Marg, Behind Saket Metro Station, New Delhi – 110030
Call Us : 011-40394315 | +91-9650202445 | +91-9650677445
Mails Us :
Visit Us : |


Leave a Reply

Your email address will not be published. Required fields are marked *