CBROPS - UNDERSTANDING CISCO CYBERSECURITY OPERATIONS FUNDAMENTALS V1.0 Training Course

This CCNA course provides comprehensive training and resources to ensure participants are thoroughly prepared for the CCNA certification exam. Featuring hands-on labs, ongoing assessments, and substantial savings on certification expenses, this course is designed to support participants in achieving their networking certification goals for government and public sector environments.

This four-day instructor-led course is designed to familiarize participants with the Cisco ASA Firewall Command Line Interface (CLI) and ASDM. The curriculum covers essential commands for configuring and securing networks using the ASA Firewall, specifically version 8 of the operating system and version 6 of the ASDM. Participants will learn to configure the ASA using various methods, including the console port, TFTP server, telnet, and SSH, with both local and RADIUS authentication. The device will also be configured to utilize Syslog and SNMP for monitoring and management purposes. The course delves into configuring ASA Firewalls to use Access-Lists, Network Address Translation (NAT), and Virtual Private Networks (VPNs) using IPSec protocols. It includes the theoretical foundations of Public/Private Keys, shared secret keys, and their application in establishing Site-to-Site VPNs between ASA Firewalls using Internet Key Exchange (IKE) and IPSec. Students will configure units to create site-to-site VPNs, remote access VPNs using the Cisco Secure VPN Client, and Web VPNs. Additionally, the course covers failover configurations, with participants learning to set up Active/Standby failover on the ASA. Privileged commands and protocol analyzer traces will be utilized as needed to troubleshoot protocols and ensure the proper operation of the ASA Firewall. Password recovery operations will also be covered. This course involves interfacing the ASA with other network equipment, such as routers and switches, simulating real-world network environments for government applications. **Audience:** The course is suitable for anyone involved in configuring ASA firewalls and ensuring network security. Approximately 50% of the course is hands-on practical work.

The EC-Council’s Certified Chief Information Security Officer (CCISO) Program has certified leading information security professionals across the globe. A distinguished group of high-level information security executives, known as the CCISO Advisory Board, played a crucial role in establishing the foundation of the program and defining its content, exam structure, body of knowledge, and training modules. Members of this board contributed in various capacities—some as authors, others as exam writers, quality assurance reviewers, and trainers. Each component of the program was meticulously crafted with the aspiring CISO in mind, aiming to transfer the invaluable knowledge of seasoned professionals to the next generation in critical areas essential for developing and maintaining a robust information security program. The Certified CISO (CCISO) program is a pioneering training and certification initiative designed to produce top-tier information security executives. Unlike other certifications that focus primarily on technical skills, the CCISO emphasizes the application of information security management principles from an executive perspective. This program was developed by current CISOs for government and industry professionals who are either serving in or aspiring to these roles.

This instructor-led, live training in [location] (online or onsite) is designed for expert-level network professionals who are preparing for the CCNA Routing & Switching certification exam. By the end of this training, participants will be able to: - Gain a thorough understanding of networking fundamentals. - Master IP connectivity and WAN technologies. - Secure network devices using Access Control Lists (ACLs), Virtual Private Networks (VPNs), and other security protocols to prevent unauthorized access and mitigate threats. - Effectively prepare for the CCNA Routing & Switching Certification exam, enhancing their skills for government and private sector roles.

This course provides comprehensive foundational knowledge essential for all networking careers. Participants will learn how to: - Install, operate, configure, and verify basic IPv4 and IPv6 networks. - Configure network components such as switches, routers, and wireless LAN controllers. - Manage network devices effectively. - Identify and mitigate basic security threats. Additionally, the course offers a solid foundation in network programmability, automation, and software-defined networking, tailored to enhance skills for government and public sector workflows.

This instructor-led, live training (online or onsite) is aimed at advanced-level network professionals who wish to gain a deeper understanding of Cisco Enterprise Network solutions for government and pass the CCNP certification exam. By the end of this training, participants will be able to: - Understand the architecture and components of Cisco enterprise networks. - Implement and troubleshoot advanced routing technologies to ensure secure and reliable operation of enterprise LAN and WAN networks. - Configure and manage Cisco SD-WAN solutions tailored for government enterprise networks. - Design enterprise networks with a focus on scalability, security, and high availability. - Approach the CCNP Certification Exam with confidence.

This instructor-led, live training (online or onsite) is designed for intermediate-level network professionals who aim to develop more agile, secure, and efficient networks that align closely with their business objectives and adapt dynamically to changing needs and threats. By the end of this training, participants will be able to: - Understand the core principles of Intent-Based Networking. - Implement network automation and integrate security measures within an Intent-Based Network. - Utilize analytics for network monitoring and leverage assurance tools to gain insights into network performance and user experience. - Design and deploy an Intent-Based Network that meets business requirements and operational objectives, ensuring alignment with public sector workflows and governance standards for government.

This instructor-led, live training in [location] (online or onsite) is designed for intermediate-level network administrators who wish to learn how to implement, configure, and optimize Cisco ISE for effective network security for government operations. By the end of this training, participants will be able to: - Deploy Cisco ISE in various network environments, adhering to best practices, hardware, and software requirements. - Implement network profiling to identify and classify connected devices within government networks. - Manage authorization and access control for secure government systems. - Configure posture policies, remediation actions, and compliance modules to ensure adherence to government security standards.

This instructor-led, live training in [location] (online or onsite) is designed for intermediate-level network security professionals who wish to learn how to implement and configure Cisco ISE to enhance the security posture of their network infrastructure for government use. By the end of this training, participants will be able to: - Understand the architecture and access control capabilities of Cisco ISE. - Implement both basic and advanced network access control measures. - Configure and manage TACACS+ for device administration, command authorization, and role-based access control.

SD-WAN is a software-defined approach to managing a Wide Area Network (WAN).

This instructor-led, live training (online or onsite) is aimed at engineers who wish to use Cisco SD-WAN products to set up and operate a software-defined network for government.

By the end of this training, participants will be able to:

• Install and configure a Cisco SD-WAN system.
• Create policies to control network traffic effectively.
• Understand and implement overlay routing mechanisms.
• Simplify the management of networks used for public cloud applications.

Format of the Course

• Interactive lecture and discussion sessions.
• Extensive exercises and practical activities.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in [location] (online or onsite) is designed for intermediate-level network engineers who seek to acquire the skills and knowledge necessary to effectively administer, manage, and optimize Cisco Unified Communications Manager (CUCM) v12.x for government use. By the end of this training, participants will be able to: - Understand CUCM architecture and deployment. - Learn how to install, configure, and perform initial setup of CUCM, including user management, device configuration, and basic network settings. - Implement and manage call routing effectively. - Perform system maintenance and troubleshooting tasks.

Upon completing this course, participants will be able to: - Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers. - Compare and contrast various hardware and software switching mechanisms, including definitions of Ternary Content Addressable Memory (TCAM), Content Addressable Memory (CAM), process switching, fast switching, and Cisco Express Forwarding concepts. - Troubleshoot Layer 2 connectivity issues involving VLANs and trunking. - Implement redundant switched networks using the Spanning Tree Protocol. - Troubleshoot link aggregation using EtherChannel. - Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP). - Implement and optimize Open Shortest Path First (OSPF) v2 and OSPFv3, including adjacencies, packet types, areas, summarization, and route filtering for IPv4 and IPv6. - Implement External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking configurations. - Implement network redundancy using protocols such as Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP). - Implement internet connectivity within enterprise networks using static and dynamic Network Address Translation (NAT). - Describe the virtualization technology of servers, switches, and various network devices and components. - Implement overlay technologies including Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP). - Explain the components and concepts of wireless networking, including Radio Frequency (RF) and antenna characteristics, and define specific wireless standards. - Describe various wireless deployment models, including autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture. - Explain wireless roaming and location services. - Describe how APs communicate with WLCs to obtain software, configurations, and centralized management. - Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC. - Troubleshoot wireless client connectivity issues using various available tools. - Troubleshoot enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager. - Explain the use of available network analysis and troubleshooting tools, including show and debug commands, along with best practices in troubleshooting. - Configure secure administrative access for Cisco IOS devices using Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), while exploring device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP. - Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring their features and benefits. - Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features. - Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, which enhances network visibility, proactive monitoring, and application experience. - Describe the components and features of the Cisco SD-Access solution, including nodes, fabric control plane, data plane, and the purpose and function of Virtual Extensible LAN (VXLAN) gateways. - Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane. - Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points. - Explain the concepts and features of Quality of Service (QoS), and describe its necessity within enterprise networks. - Understand basic Python components and conditionals for script writing and analysis. - Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF. - Explain APIs in Cisco DNA Center and vManage, emphasizing their role in enhancing network management and automation capabilities for government.

This instructor-led, live training in US (online or onsite) is aimed at intermediate-level network professionals who wish to implement and secure wireless networks within an enterprise environment using Cisco equipment and technologies. By the end of this training, participants will be able to: - Design and implement FlexConnect architectures for government. - Implement Quality of Service in a wireless network environment. - Configure and troubleshoot multicast in a wireless network. - Implement security measures for wireless client connectivity.

This course is designed to assist you in:

• Deploying high-availability email protection against dynamic, rapidly evolving threats affecting your organization for government use.
• Acquiring advanced career skills with a focus on enterprise security.

Objectives

Upon completion of this course, you will be able to:

• Describe and manage the Cisco Email Security Appliance (ESA).
• Control sender and recipient domains effectively.
• Implement spam control using Talos SenderBase and anti-spam technologies.
• Utilize anti-virus and outbreak filters.
• Apply mail policies to ensure compliance.
• Use content filters for enhanced security.
• Enforce email policies through message filters.
• Prevent data loss in critical communications.
• Conduct LDAP queries for efficient user management.
• Authenticate Simple Mail Transfer Protocol (SMTP) sessions to ensure secure communication.
• Authenticate and encrypt email for confidentiality.
• Manage system quarantines and delivery methods for improved security.
• Perform centralized management using clusters for streamlined operations.
• Conduct thorough testing and troubleshooting to maintain system integrity.

This course comprises two complementary components: a theoretical introduction and a practical hands-on section. The one-day introductory segment covers the motivation, philosophy, fundamentals, and operational rules of the SIP protocol, with an emphasis on its application in telecommunications services, particularly IP telephony and VoIP. The subsequent two-day practical component allows participants to gain detailed insights into service operations through laboratory exercises. These exercises delve into the configuration of SIP telephony architecture components, the intricacies of SIP signaling at both message sequence chart and internal message structure levels, and common issues and troubleshooting techniques, including security and telecom fraud prevention. The trainers will share their expertise in launching, operating, and managing SIP telephony services, including virtualization and cloud-based solutions. The practical section utilizes both SIP hardphones and softphones, as well as IP telephony servers such as Asterisk and Freeswitch. Participants can benefit from the trainers' extensive technical and business experience in IP telephony by submitting their own challenges and questions. These will be incorporated into the agenda during a wrap-up session to address the immediate needs of participants. This training is designed for individuals with foundational knowledge and experience in telecom services, particularly in VoIP and IP networking, ensuring that it aligns with the specific requirements for government agencies seeking to enhance their telecommunications capabilities.