Content

CCIE Security Challenge v3.0

This lab bundle contains three extensive lab exercises that require you to configure a complex large-scale internetwork resembling real-life scenarios as Cisco Certified Internetwork Experts (CCIEs) face daily. The lab exercises are focused on the knowledge and skills as required by the CCIE Security lab exam. The lab exercises cover topics that the students expect to be tested on in CCIE Security practice lab and even exceed the complexity of the testing lab.

Content

This set of lab exercises contains the following exercises:

Objectives

Upon finishing this set of exercises, you will be able to:

  • Configure management interface and secure management to the switch
  • Configure advanced port security on the switch
  • Configure basic ASA firewall configuration
  • Secure routing protocols
  • Configure AAA authentication and authorization
  • Configure NTP and NAT
  • Configure site-to-site IPsec VPN
  • Setup a remote access VPN
  • Setup a remote access VPN using IOS Easy VPN
  • Configure a DMVPN
  • Configure Cisco IOS firewall
  • Configure advanced security and attacks configuration
  • Configure basic IPS setup and customize signatures
  • Configure security and access control on Layer 2
  • Configure routing on ASA
  • Configure secure access through site-to-site VPN
  • Configure access Control on ASA
  • Configure VLAN transport over WAN
  • Configure protecting access through WAN
  • Configure client-partner EZVPN with DVTI
  • Configure NAC framework
  • Configure black-holing attacker traffic
  • Troubleshoot BGP session over ASA
  • Troubleshoot connectivity over ASA
  • Troubleshoot site-to-site IPsec
  • Deploy Layer 2 security controls
  • Deploy Cisco ASA security controls
  • Configure advanced security features on IOS routers
  • Implement secure networks using Cisco IOS firewall functions
  • Implement control plane and management plane security
  • Configure IPS
  • Implement secure networks using Cisco VPN solutions
  • Configure IOS IPS

Importance

The lab bundle is of the utmost importance for the CCIE Security candidates who would like to prepare for the CCIE lab exam and would like to gain an additional practical experience in deploying advanced enterprise and service provider security network solutions.

Target Audience

The lab bundle is targeted at the CCIE Security candidates as well as at all individuals seeking expert level skills in securing internetworks.

Prerequisite Knowledge

The learners must possess an expert level knowledge of security technologies and related skills in configuring Cisco ASA, IOS, and IPS features on a variety of Cisco devices, such as ASA, IPS, routers, and switches, equivalent to Cisco Certified Security Professional (CCSP) designation. This level of experience can be obtained by taking the courses from the Cisco CCSP curriculum (SNRS, SNAF, IPS, and SNAA), and by using the related remote labs to get the required skills. Taking some advanced courses (such as BSCI or BGP) and technology-related remote labs (for example, MARS and CSA) is an additional benefit.