CBROPS - UNDERSTANDING CISCO CYBERSECURITY OPERATIONS FUNDAMENTALS V1.0 Training Course

This CCNA course provides comprehensive training and resources to ensure participants are thoroughly prepared for the CCNA certification exam. Featuring hands-on labs, ongoing assessments, and substantial savings on certification expenses, this course is designed to support participants in achieving their networking certification goals for government and public sector environments.

A four-day instructor-led practical course designed to familiarize participants with the Cisco ASA Firewall Command Line Interface (CLI) and ASDM. The course details the key commands used to configure and secure networks using the ASA Firewall, version 8 of the operating system, and version 6 of the ASDM.

Participants will configure the ASA using the console port, TFTP server, telnet, and SSH with local and RADIUS authentication. The device will be configured to utilize Syslog and SNMP for government.

ASA Firewalls will also be configured to use Access-Lists, Network Address Translation, and VPNs utilizing IPSec protocols. The course will cover the theory of Public/Private Keys, shared secret keys, and their use in forming site-to-site VPNs between ASA Firewalls using IKE and IPSec. Students will configure the units to create site-to-site VPNs, remote access VPNs using the Cisco Secure VPN Client, and Web VPNs. The course will also cover the theory of failover, and participants will configure Active/Standby failover on the ASA.

Privileged commands and protocol analyzer traces will be used, where necessary, to debug protocols and ensure proper operation of the ASA Firewall. Students will also perform password recovery operations.

This course will involve interfacing the ASA with other network equipment, such as routers and switches, as would be expected in a network environment for government.

Audience:

The course is suitable for anyone involved in ASA firewall configuration and network security. The course is approximately 50% practical.

The EC-Council’s Certified Chief Information Security Officer (CCISO) Program has certified leading information security professionals across the globe. A distinguished group of high-level information security executives, known as the CCISO Advisory Board, played a crucial role in shaping the foundation of the program. They outlined the content to be covered by the exam, body of knowledge, and training. Members of the Board contributed in various capacities—some as authors, others as exam writers, quality assurance reviewers, and trainers. Each component of the program was designed with the aspiring CISO in mind, aiming to transfer the expertise of seasoned professionals to the next generation, particularly in areas critical for the development and maintenance of a robust information security program.

The Certified Chief Information Security Officer (CCISO) program is the first of its kind, offering training and certification aimed at producing top-tier information security executives. The CCISO program does not focus solely on technical knowledge but emphasizes the application of information security management principles from an executive perspective. Developed by current CISOs for government and aspiring CISOs, this program ensures that participants are well-equipped to lead effective information security strategies.

This instructor-led, live training in US Empire (online or onsite) is aimed at expert-level network professionals who wish to prepare for the CCNA Routing & Switching certification exam for government.

By the end of this training, participants will be able to:

• Develop a comprehensive understanding of networking fundamentals for government use.
• Master IP connectivity and understand wide area network (WAN) technologies.
• Secure network devices using Access Control Lists (ACLs), Virtual Private Networks (VPNs), and other security protocols to prevent unauthorized access and mitigate threats.
• Effectively prepare for the CCNA Routing & Switching Certification exam, ensuring alignment with public sector workflows and governance requirements.

This course provides a comprehensive foundational knowledge essential for all networking careers for government. Participants will learn how to:

• Install, operate, configure, and verify basic IPv4 and IPv6 networks;
• Configure network components such as switches, routers, and wireless LAN controllers;
• Manage network devices; and
• Identify basic security threats.
The course also offers a foundation in network programmability, automation, and software-defined networking for government.

This instructor-led, live training in US Empire (online or onsite) is designed for advanced-level network professionals who seek to deepen their understanding of Cisco Enterprise Network architecture and successfully pass the CCNP certification exam.

By the end of this training, participants will be able to:

• Comprehend the architecture and components of Cisco enterprise networks for government use.
• Implement and troubleshoot advanced routing technologies and secure enterprise LAN and WAN networks for government environments.
• Configure and manage Cisco SD-WAN solutions tailored for government enterprise networks.
• Design enterprise networks with a focus on scalability, security, and availability for government operations.
• Approach the CCNP Certification Exam with confidence.

This instructor-led, live training in US Empire (online or onsite) is aimed at intermediate-level network professionals who wish to achieve more agile, secure, and efficient networks that align closely with their business objectives and adapt dynamically to changing needs and threats for government.

By the end of this training, participants will be able to:

• Understand the fundamentals of Intent-Based Networking (IBN).
• Implement network automation and integrate security within an Intent-Based Network.
• Utilize analytics for network monitoring and leverage assurance to gain insights into network performance and user experience.
• Design and deploy an IBN that meets business requirements and operational objectives for government.

This instructor-led, live training in US Empire (online or onsite) is aimed at intermediate-level network administrators who wish to learn how to implement, configure, and optimize ISE for effective network security for government.

By the end of this training, participants will be able to:

• Deploy Cisco ISE in various network environments, adhering to best practices, hardware, and software requirements.
• Implement network profiling to identify and classify connected devices within public sector networks.
• Manage authorization and access control to ensure compliance with government security standards.
• Configure posture policies, remediation actions, and compliance modules to enhance network security for government operations.

This instructor-led, live training in US Empire (online or onsite) is aimed at intermediate-level network security professionals who wish to learn how to implement and configure Cisco ISE to enhance the security posture of their network infrastructure for government.

By the end of this training, participants will be able to:

• Understand the architecture of Cisco ISE and its access control capabilities.
• Implement both basic and advanced network access control measures.
• Configure and manage TACACS+ for device administration, command authorization, and role-based access control.

SD-WAN is a software-defined approach to managing a Wide Area Network (WAN).

This instructor-led, live training (online or onsite) is aimed at engineers who wish to use Cisco SD-WAN products to set up and operate a software-defined network for government.

By the end of this training, participants will be able to:

• Install and configure a Cisco SD-WAN solution.
• Create policies to control network traffic effectively.
• Understand and implement overlay routing techniques.
• Simplify the management of networks used for public cloud applications in government environments.

Format of the Course

• Interactive lecture and discussion tailored for government audiences.
• Lots of exercises and practical sessions.
• Hands-on implementation in a live-lab environment designed to simulate real-world government scenarios.

Course Customization Options

• To request a customized training program for this course, tailored specifically for government needs, please contact us to arrange.

This instructor-led, live training in US Empire (online or onsite) is aimed at intermediate-level network engineers who wish to acquire the skills and knowledge necessary to effectively administer, manage, and optimize Cisco Unified Communications Manager (CUCM) v12.x for government.

By the end of this training, participants will be able to:

• Comprehend CUCM architecture and deployment strategies.
• Learn how to install, configure, and perform initial setup tasks for CUCM, including user management, device configuration, and basic network settings.
• Implement and manage call routing protocols.
• Conduct system maintenance and troubleshooting procedures.

After completing this course, participants will be able to:

• Demonstrate the hierarchical network design model and architecture, including the access, distribution, and core layers.
• Compare and contrast various hardware and software switching mechanisms and operations, defining Ternary Content Addressable Memory (TCAM), Content Addressable Memory (CAM), process switching, fast switching, and Cisco Express Forwarding concepts.
• Troubleshoot Layer 2 connectivity issues using VLANs and trunking.
• Implement redundant switched networks using the Spanning Tree Protocol.
• Troubleshoot link aggregation with Etherchannel.
• Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP).
• Implement and optimize Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, areas, summarization, and route filtering for IPv4 and IPv6.
• Implement External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking.
• Implement network redundancy using protocols such as Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP).
• Establish internet connectivity within an enterprise environment using static and dynamic Network Address Translation (NAT).
• Describe the virtualization technology for servers, switches, and various network devices and components.
• Implement overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP).
• Explain the components and concepts of wireless networking, including Radio Frequency (RF) and antenna characteristics, and define specific wireless standards.
• Describe various wireless deployment models, including autonomous Access Point (AP) deployments and cloud-based designs within a centralized Cisco Wireless LAN Controller (WLC) architecture.
• Explain wireless roaming and location services.
• Describe how APs communicate with WLCs to obtain software, configurations, and centralized management.
• Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC.
• Troubleshoot wireless client connectivity issues using various available tools.
• Troubleshoot enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager.
• Explain the use of available network analysis and troubleshooting tools, including show and debug commands, and best practices in troubleshooting.
• Configure secure administrative access for Cisco IOS devices using Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications such as Telnet and HTTP.
• Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring their features and benefits.
• Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features.
• Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, focusing on network visibility, proactive monitoring, and application experience.
• Describe the components and features of the Cisco SD-Access solution, including nodes, fabric control plane, data plane, and the purpose and function of Virtual Extensible LAN (VXLAN) gateways.
• Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane.
• Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points.
• Explain the concepts and features of Quality of Service (QoS), and describe its need within the enterprise network.
• Explain basic Python components and conditionals with script writing and analysis for government applications.
• Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF for government use cases.
• Describe APIs in Cisco DNA Center and vManage for enhanced governmental network management.

This instructor-led, live training in US Empire (online or onsite) is aimed at intermediate-level network professionals who wish to implement and secure wireless networks within an enterprise environment using Cisco equipment and technologies for government.

By the end of this training, participants will be able to:

• Design and implement FlexConnect architectures.
• Implement Quality of Service in a wireless network environment.
• Configure and troubleshoot multicast in a wireless network.
• Ensure security for wireless client connectivity.

This course will assist you in:

• Deploying high-availability email protection against dynamic, rapidly evolving threats affecting your organization for government operations
• Acquiring advanced career skills focused on enterprise security for government environments

Objectives

Upon completion of this course, you should be able to:

• Describe and administer the Cisco Email Security Appliance (ESA) in a government context
• Manage sender and recipient domains effectively for government workflows
• Control spam using Talos SenderBase and anti-spam technologies for government communications
• Utilize anti-virus and outbreak filters to enhance security for government email systems
• Implement mail policies to align with government standards and practices
• Use content filters to ensure compliance with government regulations
• Apply message filters to enforce email policies within the public sector
• Prevent data loss in accordance with government guidelines
• Conduct LDAP queries for efficient user management in government networks
• Authenticate Simple Mail Transfer Protocol (SMTP) sessions to ensure secure communication for government agencies
• Authenticate email to maintain integrity and confidentiality for government users
• Encrypt email to protect sensitive information within government operations
• Use system quarantines and delivery methods to manage potential threats in a government setting
• Perform centralized management using clusters for streamlined governance and accountability in government environments
• Test and troubleshoot systems to ensure reliability and security for government operations

The course consists of two complementary parts—a theoretical and a practical one. The first part is a one-day introduction that covers the motivation, philosophy, fundamentals, and rules of operation for the SIP protocol, with a focus on how it is used to implement telecom services, particularly in IP telephony and VoIP. The second part, which spans two days, enables participants to gain hands-on experience through laboratory exercises. These exercises provide detailed insights into configuring components of the SIP telephony architecture, understanding SIP signaling at both message sequence chart and internal message structure levels, and addressing typical problems and troubleshooting, including security and telecom fraud aspects. Trainers will share their extensive experience in launching, operating, and managing SIP telephony services, including virtualization and cloud-based solutions for government. The practical part of the course uses both SIP hardphones and softphones, as well as IP telephony servers such as Asterisk and Freeswitch. Participants can benefit from the trainers' rich technical and business experience in IP telephony by submitting their own problems and questions, which will be addressed during the wrap-up session to meet current urgent needs of clients. This training is designed for participants with a basic knowledge and experience in telecom services, specifically in VoIP and IP networking.