Cisco ISCW: Implementing Secure Converged Wide Area Networks Exam 642-825 Curriculum Outline

Cisco ISCW 1.0: Network Connectivity

Target Audience


Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

Prerequisites


Completion of the course Interconnecting Cisco Network Devices (ICND)

Expected Duration


2.75 Hours

Objectives :

Cisco ISCW 1.0: Network Connectivity

  • Recognize the IIN and the SONA architectural framework.
  • Recognize the Cisco network models in the Cisco Enterprise Architecture and their mapping to a traditional three-layer hierarchical network model, and remote connection requirements in a converged network.
  • Recognize the typical remote connections that an enterprise network has to support, the challenges of connecting the teleworker, and the Business-Ready Teleworker solution.
  • Identify basic cable technology terms, standards organizations, and RF signaling terms.
  • Recognize how data services are delivered over an HFC architecture, the various cable components and their issues, and how a cable modem is provisioned to work in a SOHO of a subscriber using TCP/IP.
  • Identify the features, types, and distance limitations of DSL.
  • Recognize ADSL technology, how it coexists with traditional telephony service, and its encapsulation types.
  • Recognize how data is transmitted over ADSL using PPPoE and PPPoA.
  • Specify the Cisco Enterprise Architecture, how to provision a cable modem, and how to establish the discovery stage of a PPPoE session in a given scenario.

    • Back to List

    Cisco ISCW 1.0: Configuring the CPE and Verifying Broadband ADSL

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    2 Hours

    Objectives :

    Cisco ISCW 1.0: Configuring the CPE and Verifying Broadband ADSL

  • Recognize how to configure the PPPoE client and PAT.
  • Recognize how to configure and verify DHCP and static default routes.
  • Recognize how to verify a PPPoE configuration, and how to configure PPPoA and the DSL ATM Interface.
  • Configure a Cisco ADSL router as a PPPoE client in a given scenario.
  • Identify if Layer 1 is causing a failed ADSL service.
  • Identify if Layer 2 is causing a failed ADSL service.

    • Back to List

    Cisco ISCW 1.0: Frame Mode MPLS Implementation

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    3 Hours

    Objectives :

    Cisco ISCW 1.0: Frame Mode MPLS Implementation

  • Recognize the elements of the MPLS conceptual model and the router switch mechanisms.
  • Recognize the main components of the MPLS architecture, the structure and format of an MPLS label, and the function of LSRs.
  • Recognize how labels are allocated, distributed, and advertised in a frame mode MPLS network.
  • Recognize how routers populate the LFIB database, how IP packets cross an MPLS network, and how PHP enhances MPLS performance.
  • Recognize how to configure frame mode MPLS on a Cisco IOS router.
  • Configure frame mode MPLS on IOS routers to link a network into the ISPs network, given a scenario.
  • Recognize MPLS VPN architecture and how it improves on traditional methods of overlay and peer-to-peer VPN.
  • Recognize how routing information is propagated across the P-network.
  • Recognize the end-to-end flow of routing updates in an MPLS VPN.

    • Back to List

    Cisco ISCW 1.0: IPSec VPNs

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    2.50 Hours

    Objectives :

    Cisco ISCW 1.0: IPSec VPNs

  • recognize the basic functions and advantages of the IPSec protocol and the IKE protocols.
  • recognize the functionality available within IKE.
  • recognize the functions of the ESP and AH IPsec protocols, and message authentication and integrity check using hash.
  • recognize the operation of asymmetric and encryption algorithms.
  • recognize the elements and operation of the PKI environment.
  • recognize how a site-to-site IPSec VPN operates.
  • recognize how to configure a site-to-site IPSec VPN.
  • configure a site-to-site IPSec VPN with preshared keys authentication, using CLI in a given scenario.

    • Back to List

    Cisco ISCW 1.0: IPSec VPN Configuration

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    2.25 Hours

    Objectives :

    Cisco ISCW 1.0: IPSec VPN Configuration

  • Recognize how to navigate the site-to-site VPN wizard interface, the components configured by the SDM site-to-site VPN wizard, how to launch the wizard, and how to set the parameters of the site-to-site VPN tunnel.
  • Recognize how to define the traffic that the VPN protects and how to complete the configuration by viewing the settings in the Summary window.
  • Recognize the characteristics of GRE, the purpose of secure GRE tunnels and how to configure them, how to set the parameters of the site-to-site VPN tunnel, and how to configure IKE using SDM.
  • Recognize how to configure the IPSec transform set using the SDM wizard, how to configure routing, and how to view the settings in the Summary window.
  • Recognize how high availability for IPSec VPNs is achieved and the use of IPSec backup peers.
  • Recognize HSRP operation, IPSec stateful failover functionality, and how to back up a WAN connection using an IPSec VPN.
  • Remove an IPSec VPN after a successful back up of a WAN connection in a given scenario.

    • Back to List

    Cisco ISCW 1.0: Configuring Cisco Easy VPN

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    2 Hours

    Objectives :

    Cisco ISCW 1.0: Configuring Cisco Easy VPN

  • recognize the components, operation, and benefits of Cisco Easy VPN, and the functionality of Easy VPN Server and Easy VPN Remote.
  • recognize how to configure Easy VPN Server and IKE, and the storage locations for Easy VPN group policies.
  • recognize where to store user records for Xauth, how to configure local group policies, and how to view configuration settings in the Summary window.
  • configure a Cisco router to use Easy VPN Server in a given scenario.
  • recognize how to install the VPN client and create a new client connection entry when configuring the VPN client.
  • recognize how to configure mutual group authentication, transparent tunneling, and backup servers when configuring the VPN client.

    • Back to List

    Cisco ISCW 1.0: Mitigating Network Attacks and Disabling Unused Services

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    3.25 Hours

    Objectives :

    Cisco ISCW 1.0: Mitigating Network Attacks and Disabling Unused Services

  • Recognize the Cisco self-defense network strategy and the types of attacks that enterprise networks must defend against.
  • Recognize reconnaissance attacks and how to mitigate them.
  • Recognize access attacks and how to mitigate them.
  • Recognize DoS attacks and how to mitigate them.
  • Recognize malicious software and application layer attacks, and how to mitigate them.
  • Recognize vulnerabilities in configuration management protocols and how to mitigate them, and how to use open source tools to discover network vulnerabilities and threats.
  • Recognize router services and interfaces that are vulnerable to attack and how to secure routers with AutoSecure.
  • Recognize how to configure AutoSecure on a Cisco router.
  • Recognize how to lock down routers with SDM.
  • Recognize how to secure Cisco router administrative access by using the SDM Security Audit wizard in a given scenario.

    • Back to List

    Cisco ISCW 1.0: Securing Routers, Administrative Access, and Access Lists

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    2.25 Hours

    Objectives :

    Cisco ISCW 1.0: Securing Routers, Administrative Access, and Access Lists

  • recognize how to secure administrative access to Cisco routers by configuring passwords.
  • recognize how to secure administrative access to Cisco routers by setting login failure rates, timeouts, multiple privilege levels, and banner messages.
  • recognize the function of role-based CLI, how to configure it, and how to secure configuration files.
  • configure a Role-Based CLI view in a given scenario.
  • recognize ACL types, formats, and development guidelines, and how to apply ACLs to router interfaces.
  • recognize the use of traffic filtering with ACLs to mitigate network threats and how to implement ACLs.
  • recognize how to configure router ACLs to mitigate distributed DoS attacks, how to combine ACL functions, and caveats when building ACLs.

    • Back to List

    Cisco ISCW 1.0: IOS Firewalls and IOS IPS

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    3.50 Hours

    Objectives :

    Cisco ISCW 1.0: IOS Firewalls and IOS IPS

  • recognize the basic structure of a layered defense, and the strengths and weaknesses of the three firewall technologies.
  • recognize the operation of a stateful firewall and the key features of the Cisco IOS Firewall Feature Set.
  • recognize the functions and process of the Cisco IOS Firewall.
  • recognize how to configure Cisco IOS Firewall from the CLI.
  • distinguish between the Basic and Advanced Firewall Configuration wizards, and recognize how to configure a basic firewall using its wizard.
  • recognize how to configure an advanced firewall using the Advanced Firewall Configuration wizard.
  • configure a Cisco IOS Firewall in a given scenario.
  • distinguish between the functions and operations of IDS and IPS systems.
  • recognize the types of IDS and IPS signatures.
  • recognize how to configure IPS on Cisco IOS routers and SDF locations.
  • recognize how to view IPS policies, customize IPS policies and global settings, view SDEE messages, and tune IPS signatures using SDM.

    • Back to List

    Cisco ISCW 1.0: Securing Management Features and AAA

    Target Audience


    Network administrators; network engineers; network managers; systems managers; network designers who wish to validate their ability to install, configure and troubleshoot converged local and wide area networks with 100 to 500 nodes

    Prerequisites


    Completion of the course Interconnecting Cisco Network Devices (ICND)

    Expected Duration


    2.75 Hours

    Objectives :

    Cisco ISCW 1.0: Securing Management Features and AAA

  • Recognize the considerations when planning the secure management and reporting of network devices and the factors that affect their architecture.
  • Recognize how to configure an SSH server, the function of syslog, and how to configure it on Cisco routers.
  • Recognize the security features of SNMPv3 and how to configure SNMPv3 on a Cisco IOS router.
  • Recognize how to configure an NTP client and a Cisco router as an NTP server.
  • Secure Cisco router administrative access and configure authenticated NTP communications in a given scenario.
  • Recognize the concepts and implementation of AAA services, and its protocols, RADIUS and TACACS+.
  • Recognize how to configure the AAA server.
  • Recognize how to troubleshoot AAA on a Cisco perimeter router.
  • Configure AAA login authentication in a given scenario.

    • Back to List