IINS Certification Training

Understanding Security Fundamentals

• Goals of security
• Network topologies
• Common network security zones

Understanding Security Threats

• Common network attacks
• Social engineering
• Malware
• Data loss and exfiltration

Understanding Cryptography

• Symmetric and asymmetric encryption
• Hashing algorithims
• Key exchange
• Public Key Infrastructure (PKI)

Securing the Routing Process

• Securing router access
• Implementing OSPF routing update authentication
• Securing the control plane

Understanding Layer 2 Attacks

• Understanding STP attacks
• Understanding ARP attacks
• Understanding MAC attacks
• Understanding CAM overflows
• Understanding CDP/LLDP reconnaissance
• Understanding VLAN hopping
• Understanding DHCP spoofing

Preventing Layer 2 Attacks

• Configuring DHCP snooping
• Configuring dynamic ARP inspection
• Configuring port security
• Configuring STP security features
• Disabling DTP
• Verifying mitigations

VLAN Security

• Native VLANs
• PVLANs
• ACLs on switches

Securing Management Traffic

• In-band and out-of-band management
• Securing network management
• Securing access through SNMP v3
• Securing NTP
• Using SCP for file transfer

Understanding 802.1x and AAA

• 8021.x components
• RADIUS and TACACS+ technologies
• Configuring administrative access with TACACS+
• Understanding authentication and authorization using ACS and ISE
• Understanding the integration of active directory with AAA

Securing a BYOD Initiative

• The BYOD architecture framework
• The function of mobile device management

Understanding VPNs

• Understanding IPsec
• Understanding advanced VPN concepts

Configuring VPNs

• Configuring remote access VPNs
• Configuring site-to-site VPNs

Understanding Firewalls

• Understanding firewall technologies
• Stateful vs stateless firewalls

Configuring NAT and Zone-Based Firewalls

• Implementing NAT on ASA 9.x
• Configuring zone-based firewalls

Configuring the Firewall on an ASA

• Understanding firewall services
• Understanding modes of deployment
• Understanding methods of implementing high availability
• Understanding security contexts
• Configuring ASA management access
• Configuring Cisco ASA interface security levels
• Configuring security access policies
• Configuring default Cisco modular policy framework (MPF)

Intrusion Prevention

• IPS terminology
• Evasion techniques
• Introducing Cisco FireSIGHT
• Understanding modes of deployment
• Positioning of the IPS within the network
• Understanding false positives, false negatives, true positives and true negatives

Content and Endpoint Security

• Mitigating email threats
• Mitigating web-based threats
• Mitigating endpoint threats

210-260 IINS Certification Exam Details:

• Number of Questions: 60-70
• Test Duration: 90 minutes
• Test Format: Multiple Choice, Multiple Answer, Drag and drop, Testlets, Simlets and Router & Switch Simulations
• Test Delivery: Pearson VUE 

Exam focuses on these skill areas:

• Secure network infrastructure
• Understanding core security concepts
• Managing secure access
• VPN encryption
• Firewalls
• Intrusion prevention
• Web and email content security
• Endpoint security
• Installation, troubleshooting, and monitoring of a secure network to maintain integrity, confidentiality, and availability of data and devices