Student Login

LeaderQuest Course Details

Course Pricing


Call for course pricing.

Upcoming Course Starts


No dates are scheduled for this course.

SNAF Securing Networks with ASA Fundamentals 1.0 Live Learning


a
This critical Cisco security course focuses on securing networks with Cisco security appliances and is a core element in the Cisco Certified Security Professional track. At the completion of this course students will be able to perform basic tasks with the Cisco ASA such as configuring the security appliance, using ACLs and content filtering, and configuring threat detection. Students will learn to enable such features as advanced protocol handling, AAA for cut-through proxy and transparent firewall mode.

Securing Networks with ASA Fundamentals (SNAF) 1.0

 

Overview/Description

 

This critical Cisco security course focuses on securing networks with Cisco security appliances and is a core element in the Cisco Certified Security Professional track. At the completion of this course students will be able to perform basic tasks with the Cisco ASA such as configuring the security appliance, using ACLs and content filtering, and configuring threat detection. Students will learn to enable such features as advanced protocol handling, AAA for cut-through proxy and transparent firewall mode.

 

Target Audience

 

This course is a necessity for any student that desires to learn more about securing networks using the latest in Cisco technologies. This course is also recommended for any student interested in professional level Cisco certifications or beyond.

 

Prerequisites

 

The SNAF course focuses on the technology required for securing complex networks. To fully benefit from this course, the student must be familiar with general networking concepts and have Cisco router operation and configuration experience. The student should also be familiar with the Windows Operating System. Successful completion of Interconnecting Cisco Networking Devices Part 1 is strongly recommended.

 

Certification

 

CCSP

 

Exams

 

642-524 SNAF

 

Included Labs

 

  • Initializing the Security Appliance
  • Configuring ACLs using ASDM
  • Preparing for AAA Services
  • Configuring a Site-to-Site VPN
  • Configuring a Secure SSL VPN
  • Command Authorization with Privileged Mode Passwords

 

Skills

 

This course covers the following hardware and software/operating system versions:

  • Latest IOS versions
  • Cisco ASA 5500 Series Adaptive Security Appliance and PIX 500 Series Security Appliance

 

Outline

 

Module 1: Introducing Cisco Security Appliance Technology and Features

 

  • Firewalls
  • Security Appliance Essentials

 

Module 2: Introducing the Cisco ASA and PIX Security Appliance Families

 

  • Models and Features of Cisco Security Appliances
  • Cisco ASA Security Appliance Licensing

 

Module 3: Getting Started with Cisco Security Appliances

 

  • User Interface
  • File Management
  • Security Appliance Security Levels
  • Cisco ASDM Essentials and Operating Requirements
  • Preparing to Use Cisco ASDM
  • Navigating Cisco ASDM Windows

 

Module 4: Configuring a Security Appliance

 

  • Basic Security Appliance Configuration
  • Examining Security Appliance Status
  • Time Setting and NTP Support
  • Syslog Configuration

 

Module 5: Configuring Translations and Connection Limits

 

  • Transport Protocols
  • Understanding NAT
  • Understanding PAT
  • Static Translations
  • Connections and Translations

 

Module 6: Using ACLs and Content Filtering

 

  • ACL Configuration
  • Malicious Active Code Filtering
  • URL Filtering
  • Packet Tracer

 

Module 7: Configuring Object Grouping

 

  • Essentials of Object Grouping
  • Configuring and Using Object Groups

 

Module 8: Switching and Routing on Cisco Security Appliances

 

  • VLAN Capabilities
  • Static Routing
  • Dynamic Routing

 

Module 9: Configuring AAA for Cut-Through Proxy

 

  • Introduction to AAA
  • Authentication
  • Authorization
  • Accounting
  • Configuring the Local User Database
  • Installation of Cisco Secure ACS for Windows 2000
  • Cut-Through Proxy Authentication Configuration
  • Authentication for Access to Resources Example
  • Authentication Prompts and Timeouts
  • Authorization Configuration
  • Accounting Configuration

 

Module 10: Configuring the Cisco Modular Policy Framework

 

  • Modular Policy Framework Overview
  • Class Map Overview
  • Policy Map Overview
  • Configuring Modular Policies with Cisco ASDM
  • Configuring a Policy for Management Traffic
  • Displaying Modular Policy Framework Components

 

Module 11: Configuring Advanced Protocol Handling

 

  • Advanced Protocol Handling
  • Protocol Application Inspection
  • Multimedia Support

 

Module 12: Configuring Threat Detection

 

  • Threat Detection Overview
  • Basic Threat Detection
  • Scanning Threat Detection
  • Configuring and Viewing Threat Detection Statistics

 

Module 13: Configuring Site-to-Site VPNs Using Pre-Shared Keys

 

  • Secure VPNs
  • How IPSec Works
  • Preparing to Configure an IPSec VPN
  • Create IKE Policies for a Purpose
  • Define IKE Policy Parameters
  • Configure a Site-to-Site VPN Using Pre-Shared Keys
  • Modify the Site-to-Site VPN configuration
  • Test and Verify VPN Configuration

 

Module 14: Configuring Security Appliance Remote-Access VPNs

 

  • Introduction to Cisco Easy VPN
  • Overview of Cisco VPN Client
  • Transparent Tunneling
  • Allowing Local LAN Access
  • Adjusting the Peer Response Timeout Value
  • Configuring Remote-Access VPNs
  • Configuring Users and Groups

 

Module 15: Configuring the Cisco ASA for SSL VPN

 

  • SSL VPN Overview
  • Using the SSL VPN Wizard to Configure Clientless SSL VPN
  • Verifying Clientless SSL VPN Operations

 

Module 16: Configuring Transparent Firewall Mode

 

  • Transparent Firewall Mode Overview
  • How Data Traverses a Security Appliance in Transparent Mode
  • Configuring Transparent Firewall Mode
  • Monitoring and Maintaining Transparent Firewall Mode

 

Module 17: Configuring Security Contexts

 

  • Security Context Overview
  • Enabling Multiple Context Mode
  • Configuring Security Contexts
  • Managing Security Contexts

 

Module 18: Configuring Failover

 

  • Understanding Failover
  • Configuring Redundant Interfaces
  • Active/Standby LAN-Based Failover Configuration
  • Active/Active Failover Configuration
  • Remote Command Execution

 

Module 19: Managing the Security Appliance

 

  • Managing System Access
  • Configuring Command Authorization
  • Managing Configurations
  • Managing Images and Activation Keys

 

Objectives

 

  • Discuss the technology and features of Cisco security appliances
  • Identify the Cisco ASA and PIX security appliance models
  • Describe the security appliance file management system
  • Describe security appliance security levels
  • Describe Cisco ASDM requirements and capabilities
  • Configure a security appliance for basic network connectivity
  • Configure and explain the functions of ACLs
  • Configure object groups and use them in ACLs
  • Configure logical interfaces and VLANs
  • Install and configure Cisco Secure ACS
  • Explain the Cisco Modular Policy Framework feature for security appliances
  • Describe how the security appliance implements inspection of common network applications
  • Describe threat detection and threat statistics
  • Explain how IPsec works
  • Configure an IPsec Remote-Access VPN
  • Use the SSL VPN Wizard to configure a basic Clientless SSL VPN connection
  • Explain how data traverses a security appliance in transparent mode
  • Configure a security context and allocate resources to a security context
  • Enable the stateful failover option for maximum availability
  • Recover security appliance passwords using general password recovery procedures

 





Securing Networks with ASA Fundamentals (SNAF) 1.0

 

Overview/Description

 

This critical Cisco security course focuses on securing networks with Cisco security appliances and is a core element in the Cisco Certified Security Professional track. At the completion of this course students will be able to perform basic tasks with the Cisco ASA such as configuring the security appliance, using ACLs and content filtering, and configuring threat detection. Students will learn to enable such features as advanced protocol handling, AAA for cut-through proxy and transparent firewall mode.

 

Target Audience

 

This course is a necessity for any student that desires to learn more about securing networks using the latest in Cisco technologies. This course is also recommended for any student interested in professional level Cisco certifications or beyond.

 

Prerequisites

 

The SNAF course focuses on the technology required for securing complex networks. To fully benefit from this course, the student must be familiar with general networking concepts and have Cisco router operation and configuration experience. The student should also be familiar with the Windows Operating System. Successful completion of Interconnecting Cisco Networking Devices Part 1 is strongly recommended.

 

Certification

 

CCSP

 

Exams

 

642-524 SNAF

 

Included Labs

 

  • Initializing the Security Appliance
  • Configuring ACLs using ASDM
  • Preparing for AAA Services
  • Configuring a Site-to-Site VPN
  • Configuring a Secure SSL VPN
  • Command Authorization with Privileged Mode Passwords

 

Skills

 

This course covers the following hardware and software/operating system versions:

  • Latest IOS versions
  • Cisco ASA 5500 Series Adaptive Security Appliance and PIX 500 Series Security Appliance

 

Outline

 

Module 1: Introducing Cisco Security Appliance Technology and Features

 

  • Firewalls
  • Security Appliance Essentials

 

Module 2: Introducing the Cisco ASA and PIX Security Appliance Families

 

  • Models and Features of Cisco Security Appliances
  • Cisco ASA Security Appliance Licensing

 

Module 3: Getting Started with Cisco Security Appliances

 

  • User Interface
  • File Management
  • Security Appliance Security Levels
  • Cisco ASDM Essentials and Operating Requirements
  • Preparing to Use Cisco ASDM
  • Navigating Cisco ASDM Windows

 

Module 4: Configuring a Security Appliance

 

  • Basic Security Appliance Configuration
  • Examining Security Appliance Status
  • Time Setting and NTP Support
  • Syslog Configuration

 

Module 5: Configuring Translations and Connection Limits

 

  • Transport Protocols
  • Understanding NAT
  • Understanding PAT
  • Static Translations
  • Connections and Translations

 

Module 6: Using ACLs and Content Filtering

 

  • ACL Configuration
  • Malicious Active Code Filtering
  • URL Filtering
  • Packet Tracer

 

Module 7: Configuring Object Grouping

 

  • Essentials of Object Grouping
  • Configuring and Using Object Groups

 

Module 8: Switching and Routing on Cisco Security Appliances

 

  • VLAN Capabilities
  • Static Routing
  • Dynamic Routing

 

Module 9: Configuring AAA for Cut-Through Proxy

 

  • Introduction to AAA
  • Authentication
  • Authorization
  • Accounting
  • Configuring the Local User Database
  • Installation of Cisco Secure ACS for Windows 2000
  • Cut-Through Proxy Authentication Configuration
  • Authentication for Access to Resources Example
  • Authentication Prompts and Timeouts
  • Authorization Configuration
  • Accounting Configuration

 

Module 10: Configuring the Cisco Modular Policy Framework

 

  • Modular Policy Framework Overview
  • Class Map Overview
  • Policy Map Overview
  • Configuring Modular Policies with Cisco ASDM
  • Configuring a Policy for Management Traffic
  • Displaying Modular Policy Framework Components

 

Module 11: Configuring Advanced Protocol Handling

 

  • Advanced Protocol Handling
  • Protocol Application Inspection
  • Multimedia Support

 

Module 12: Configuring Threat Detection

 

  • Threat Detection Overview
  • Basic Threat Detection
  • Scanning Threat Detection
  • Configuring and Viewing Threat Detection Statistics

 

Module 13: Configuring Site-to-Site VPNs Using Pre-Shared Keys

 

  • Secure VPNs
  • How IPSec Works
  • Preparing to Configure an IPSec VPN
  • Create IKE Policies for a Purpose
  • Define IKE Policy Parameters
  • Configure a Site-to-Site VPN Using Pre-Shared Keys
  • Modify the Site-to-Site VPN configuration
  • Test and Verify VPN Configuration

 

Module 14: Configuring Security Appliance Remote-Access VPNs

 

  • Introduction to Cisco Easy VPN
  • Overview of Cisco VPN Client
  • Transparent Tunneling
  • Allowing Local LAN Access
  • Adjusting the Peer Response Timeout Value
  • Configuring Remote-Access VPNs
  • Configuring Users and Groups

 

Module 15: Configuring the Cisco ASA for SSL VPN

 

  • SSL VPN Overview
  • Using the SSL VPN Wizard to Configure Clientless SSL VPN
  • Verifying Clientless SSL VPN Operations

 

Module 16: Configuring Transparent Firewall Mode

 

  • Transparent Firewall Mode Overview
  • How Data Traverses a Security Appliance in Transparent Mode
  • Configuring Transparent Firewall Mode
  • Monitoring and Maintaining Transparent Firewall Mode

 

Module 17: Configuring Security Contexts

 

  • Security Context Overview
  • Enabling Multiple Context Mode
  • Configuring Security Contexts
  • Managing Security Contexts

 

Module 18: Configuring Failover

 

  • Understanding Failover
  • Configuring Redundant Interfaces
  • Active/Standby LAN-Based Failover Configuration
  • Active/Active Failover Configuration
  • Remote Command Execution

 

Module 19: Managing the Security Appliance

 

  • Managing System Access
  • Configuring Command Authorization
  • Managing Configurations
  • Managing Images and Activation Keys

 

Objectives

 

  • Discuss the technology and features of Cisco security appliances
  • Identify the Cisco ASA and PIX security appliance models
  • Describe the security appliance file management system
  • Describe security appliance security levels
  • Describe Cisco ASDM requirements and capabilities
  • Configure a security appliance for basic network connectivity
  • Configure and explain the functions of ACLs
  • Configure object groups and use them in ACLs
  • Configure logical interfaces and VLANs
  • Install and configure Cisco Secure ACS
  • Explain the Cisco Modular Policy Framework feature for security appliances
  • Describe how the security appliance implements inspection of common network applications
  • Describe threat detection and threat statistics
  • Explain how IPsec works
  • Configure an IPsec Remote-Access VPN
  • Use the SSL VPN Wizard to configure a basic Clientless SSL VPN connection
  • Explain how data traverses a security appliance in transparent mode
  • Configure a security context and allocate resources to a security context
  • Enable the stateful failover option for maximum availability
  • Recover security appliance passwords using general password recovery procedures

 





blog comments powered by Disqus

Contact Us

Corporate Offices

6825 S. Galena Street, Suite 100
Centennial, CO 80112

Call us at (303) 832-4665

For inquiries: ContactUS@leaderquest.net

Learning Resources

Learning Locations
Course Calendar
Job Placement
Books 24x7

Call Us!

If you are interested in discussing our staffing or training solutions for your company or yourself, feel free to contact a LeaderQuest representative directly at (866) 378-0761

IT Training Denver | Microsoft Training Denver | Computer Training Denver
All trademarks not owned by LeaderQuest are the property of their respective owners, who may
or may not be affiliated with, connected to, or sponsored by LeaderQuest.