CCNP Security – SCOR + SVPN

Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701)

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über die Implementierung und den Betrieb von zentralen Sicherheitstechnologien, einschließlich Netzwerksicherheit, Cloud-Sicherheit, Inhaltssicherheit, Endpunktschutz und -erkennung, sicherem Netzwerkzugriff, Sichtbarkeit und Durchsetzung. Der Kurs Implementierung und Betrieb von Cisco Security Core Technologies hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Security Concepts
• Explaining common threats against on-premises and cloud environments
- On-premises: viruses, trojans, DoS/DDoS attacks, phishing, rootkits, man-in-the-middle attacks, SQL injection, cross-site scripting, malware
- Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials
• Comparing common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery
• Describing functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorization
• Comparing site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect
• Describing security intelligence authoring, sharing, and consumption
• Explaining the role of the endpoint in protecting humans from phishing and social engineering attacks
• Explaining North Bound and South Bound APIs in the SDN architecture
• Explaining DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting
• Interpreting basic Python scripts used to call Cisco Security appliances APIs

Network Security
• Comparing network security solutions that provide intrusion prevention and firewall capabilities
• Describing deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities
• Describing the components, capabilities, and benefits of NetFlow and Flexible NetFlow records
• Configuring and verifying network infrastructure security methods (router, switch, wireless)
- Layer 2 methods (Network segmentation using VLANs and VRF-lite; Layer 2 and port security; DHCP snooping; Dynamic ARP inspection; storm control; PVLANs to segregate network traffic; and defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
- Device hardening of network infrastructure security devices (control plane, data plane, management plane, and routing protocol security)
• Implementing segmentation, access control policies, AVC, URL filtering, and malware protection
• Implementing management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multidevice manager, in-band vs. out-of-band, CDP, DNS, SCP, SFTP, and DHCP security and risks)
• Configuring AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)
• Configuring secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)
• Configuring and verify site-to-site VPN and remote access VPN
- Site-to-site VPN utilizing Cisco routers and IOS
- Remote access VPN using Cisco AnyConnect Secure Mobility client
- Debug commands to view IPsec tunnel establishment and troubleshooting

Securing the Cloud
• Identifying security solutions for cloud environments
- Public, private, hybrid, and community clouds
- Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)
• Comparing the customer vs. provider security responsibility for the different cloud service models
- Patch management in the cloud
- Security assessment in the cloud
- Cloud-delivered security solutions such as firewall, management, proxy, security intelligence, and CASB
• Describing the concept of DevSecOps (CI/CD pipeline, container orchestration, and security
• Implementing application and data security in cloud environments
• Identifying security capabilities, deployment models, and policy management to secure the cloud
• Configuring cloud logging and monitoring methodologies
• Describing application and workload security concepts

Content Security
• Implementing traffic redirection and capture methods
• Describing web proxy identity and authentication including transparent user identification
• Comparing the components, capabilities, and benefits of local and cloud-based email and web solutions (ESA, CES, WSA)
• Configuring and verifying web and email security deployment methods to protect on-premises and remote users (inbound and outbound controls and policy management)
• Configuring and verifying email security features such as SPAM filtering, antimalware filtering, DLP, blacklisting, and email encryption
• Configuring and verifying secure internet gateway and web security features such as blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, and TLS decryption
• Describing the components, capabilities, and benefits of Cisco Umbrella
• Configuring and verifying web security controls on Cisco Umbrella (identities, URL content settings, destination lists, and reporting)

Endpoint Protection and Detection
• Comparing Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions
• Explaining antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry
• Configuring and verifying outbreak control and quarantines to limit infection
• Describing justifications for endpoint-based security
• Describing the value of endpoint device management and asset inventory such as MDM
• Describing the uses and importance of a multifactor authentication (MFA) strategy
• Describing endpoint posture assessment solutions to ensure endpoint security
• Explaining the importance of an endpoint patching strategy

Secure Network Access, Visibility, and Enforcement
• Describing identity management and secure network access concepts such as guest services, profiling, posture assessment and BYOD
• Configuring and verifying network access device functionality such as 802.1X, MAB, WebAuth
• Describing network access with CoA
• Describing the benefits of device compliance and application control
• Explaining exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP)
• Describing the benefits of network telemetry
• Describing the components, capabilities, and benefits of these security products and solutions
- Cisco Stealthwatch
- Cisco Stealthwatch Cloud
- Cisco pxGrid
- Cisco Umbrella Investigate
- Cisco Cognitive Threat Analytics
- Cisco Encrypted Traffic Analytics
- Cisco AnyConnect Network Visibility Module (NVM



Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730)


Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über Site-to-site Virtual Private Networks on Routers and Firewalls, Remote access VPNs , Troubleshooting using ASDM and CLI, Secure Communications Architectures. Dieser Kurs, Implementing Secure Solutions with Virtual Private Networks.

Kursinhalt

Site-to-site Virtual Private Networks on Routers and Firewalls

• Describing GETVPN
• Implementing DMVPN (hub-and-spoke and spoke-to-spoke on both IPv4 & IPv6)
• Implementing FlexVPN (hub-and-spoke on both IPv4 & IPv6) using local AAA

Remote access VPNs

• Implementing AnyConnect IKEv2 VPNs on ASA and routers
• Implementing AnyConnect SSLVPN on ASA and routers
• Implementing Clientless SSLVPN on ASA and routers
• Implementing Flex VPN on routers

Troubleshooting using ASDM and CLI

• Troubleshooting IPsec
• Troubleshooting DMVPN
• Troubleshooting FlexVPN
• Troubleshooting AnyConnect IKEv2 and SSL VPNs on ASA and routers
• Troubleshooting Clientless SSLVPN on ASA and routers

Secure Communications Architectures

• Identifying functional components of GETVPN, FlexVPN, DMVPN, and IPsec for site-to-site VPN solutions
• Identifying functional components of FlexVPN, IPsec, and Clientless SSL for remote access VPN solutions
• Identifying VPN technology based on configuration output for site-to-site VPN solutions
• Identifying VPN technology based on configuration output for remote access VPN solutions
• Identifying split tunneling requirements for remote access VPN solutions
• Designing site-to-site VPN solutions
a. VPN technology considerations based on functional requirements
b. High availability considerations
• Design remote access VPN solutions
a. VPN technology considerations based on functional requirements
b. High availability considerations
c. Clientless SSL browser and client considerations and requirements
• Identifying Elliptic Curve Cryptography (ECC) algorithms

Arbeitssuchende IT Interessierte die lernbereit sind und für neue Perspektiven Ihre Zukunft vorbereiten möchten

CCNP Security – SCOR + SVPN

Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701)

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über die Implementierung und den Betrieb von zentralen Sicherheitstechnologien, einschließlich Netzwerksicherheit, Cloud-Sicherheit, Inhaltssicherheit, Endpunktschutz und -erkennung, sicherem Netzwerkzugriff, Sichtbarkeit und Durchsetzung. Der Kurs Implementierung und Betrieb von Cisco Security Core Technologies hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Security Concepts
• Explaining common threats against on-premises and cloud environments
- On-premises: viruses, trojans, DoS/DDoS attacks, phishing, rootkits, man-in-the-middle attacks, SQL injection, cross-site scripting, malware
- Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials
• Comparing common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery
• Describing functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorization
• Comparing site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect
• Describing security intelligence authoring, sharing, and consumption
• Explaining the role of the endpoint in protecting humans from phishing and social engineering attacks
• Explaining North Bound and South Bound APIs in the SDN architecture
• Explaining DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting
• Interpreting basic Python scripts used to call Cisco Security appliances APIs

Network Security
• Comparing network security solutions that provide intrusion prevention and firewall capabilities
• Describing deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities
• Describing the components, capabilities, and benefits of NetFlow and Flexible NetFlow records
• Configuring and verifying network infrastructure security methods (router, switch, wireless)
- Layer 2 methods (Network segmentation using VLANs and VRF-lite; Layer 2 and port security; DHCP snooping; Dynamic ARP inspection; storm control; PVLANs to segregate network traffic; and defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
- Device hardening of network infrastructure security devices (control plane, data plane, management plane, and routing protocol security)
• Implementing segmentation, access control policies, AVC, URL filtering, and malware protection
• Implementing management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multidevice manager, in-band vs. out-of-band, CDP, DNS, SCP, SFTP, and DHCP security and risks)
• Configuring AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)
• Configuring secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)
• Configuring and verify site-to-site VPN and remote access VPN
- Site-to-site VPN utilizing Cisco routers and IOS
- Remote access VPN using Cisco AnyConnect Secure Mobility client
- Debug commands to view IPsec tunnel establishment and troubleshooting

Securing the Cloud
• Identifying security solutions for cloud environments
- Public, private, hybrid, and community clouds
- Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)
• Comparing the customer vs. provider security responsibility for the different cloud service models
- Patch management in the cloud
- Security assessment in the cloud
- Cloud-delivered security solutions such as firewall, management, proxy, security intelligence, and CASB
• Describing the concept of DevSecOps (CI/CD pipeline, container orchestration, and security
• Implementing application and data security in cloud environments
• Identifying security capabilities, deployment models, and policy management to secure the cloud
• Configuring cloud logging and monitoring methodologies
• Describing application and workload security concepts

Content Security
• Implementing traffic redirection and capture methods
• Describing web proxy identity and authentication including transparent user identification
• Comparing the components, capabilities, and benefits of local and cloud-based email and web solutions (ESA, CES, WSA)
• Configuring and verifying web and email security deployment methods to protect on-premises and remote users (inbound and outbound controls and policy management)
• Configuring and verifying email security features such as SPAM filtering, antimalware filtering, DLP, blacklisting, and email encryption
• Configuring and verifying secure internet gateway and web security features such as blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, and TLS decryption
• Describing the components, capabilities, and benefits of Cisco Umbrella
• Configuring and verifying web security controls on Cisco Umbrella (identities, URL content settings, destination lists, and reporting)

Endpoint Protection and Detection
• Comparing Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions
• Explaining antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry
• Configuring and verifying outbreak control and quarantines to limit infection
• Describing justifications for endpoint-based security
• Describing the value of endpoint device management and asset inventory such as MDM
• Describing the uses and importance of a multifactor authentication (MFA) strategy
• Describing endpoint posture assessment solutions to ensure endpoint security
• Explaining the importance of an endpoint patching strategy

Secure Network Access, Visibility, and Enforcement
• Describing identity management and secure network access concepts such as guest services, profiling, posture assessment and BYOD
• Configuring and verifying network access device functionality such as 802.1X, MAB, WebAuth
• Describing network access with CoA
• Describing the benefits of device compliance and application control
• Explaining exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP)
• Describing the benefits of network telemetry
• Describing the components, capabilities, and benefits of these security products and solutions
- Cisco Stealthwatch
- Cisco Stealthwatch Cloud
- Cisco pxGrid
- Cisco Umbrella Investigate
- Cisco Cognitive Threat Analytics
- Cisco Encrypted Traffic Analytics
- Cisco AnyConnect Network Visibility Module (NVM



Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730)


Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über Site-to-site Virtual Private Networks on Routers and Firewalls, Remote access VPNs , Troubleshooting using ASDM and CLI, Secure Communications Architectures. Dieser Kurs, Implementing Secure Solutions with Virtual Private Networks.

Kursinhalt

Site-to-site Virtual Private Networks on Routers and Firewalls

• Describing GETVPN
• Implementing DMVPN (hub-and-spoke and spoke-to-spoke on both IPv4 & IPv6)
• Implementing FlexVPN (hub-and-spoke on both IPv4 & IPv6) using local AAA

Remote access VPNs

• Implementing AnyConnect IKEv2 VPNs on ASA and routers
• Implementing AnyConnect SSLVPN on ASA and routers
• Implementing Clientless SSLVPN on ASA and routers
• Implementing Flex VPN on routers

Troubleshooting using ASDM and CLI

• Troubleshooting IPsec
• Troubleshooting DMVPN
• Troubleshooting FlexVPN
• Troubleshooting AnyConnect IKEv2 and SSL VPNs on ASA and routers
• Troubleshooting Clientless SSLVPN on ASA and routers

Secure Communications Architectures

• Identifying functional components of GETVPN, FlexVPN, DMVPN, and IPsec for site-to-site VPN solutions
• Identifying functional components of FlexVPN, IPsec, and Clientless SSL for remote access VPN solutions
• Identifying VPN technology based on configuration output for site-to-site VPN solutions
• Identifying VPN technology based on configuration output for remote access VPN solutions
• Identifying split tunneling requirements for remote access VPN solutions
• Designing site-to-site VPN solutions
a. VPN technology considerations based on functional requirements
b. High availability considerations
• Design remote access VPN solutions
a. VPN technology considerations based on functional requirements
b. High availability considerations
c. Clientless SSL browser and client considerations and requirements
• Identifying Elliptic Curve Cryptography (ECC) algorithms

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing Secure Solutions with Virtual Private Networks (SVPN 300-730)

Dauer: 5 Tage

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über Site-to-site Virtual Private Networks on Routers and Firewalls, Remote access VPNs , Troubleshooting using ASDM and CLI, Secure Communications Architectures. Dieser Kurs, Implementing Secure Solutions with Virtual Private Networks.

Kursinhalt

Site-to-site Virtual Private Networks on Routers and Firewalls

• Describing GETVPN
• Implementing DMVPN (hub-and-spoke and spoke-to-spoke on both IPv4 & IPv6)
• Implementing FlexVPN (hub-and-spoke on both IPv4 & IPv6) using local AAA

Remote access VPNs

• Implementing AnyConnect IKEv2 VPNs on ASA and routers
• Implementing AnyConnect SSLVPN on ASA and routers
• Implementing Clientless SSLVPN on ASA and routers
• Implementing Flex VPN on routers

Troubleshooting using ASDM and CLI

• Troubleshooting IPsec
• Troubleshooting DMVPN
• Troubleshooting FlexVPN
• Troubleshooting AnyConnect IKEv2 and SSL VPNs on ASA and routers
• Troubleshooting Clientless SSLVPN on ASA and routers

Secure Communications Architectures

• Identifying functional components of GETVPN, FlexVPN, DMVPN, and IPsec for site-to-site VPN solutions
• Identifying functional components of FlexVPN, IPsec, and Clientless SSL for remote access VPN solutions
• Identifying VPN technology based on configuration output for site-to-site VPN solutions
• Identifying VPN technology based on configuration output for remote access VPN solutions
• Identifying split tunneling requirements for remote access VPN solutions
• Designing site-to-site VPN solutions
a. VPN technology considerations based on functional requirements
b. High availability considerations
• Design remote access VPN solutions
a. VPN technology considerations based on functional requirements
b. High availability considerations
c. Clientless SSL browser and client considerations and requirements
• Identifying Elliptic Curve Cryptography (ECC) algorithms

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing Cisco Enterprise Advanced Routing and Services (ENARSI 300-410)

Dauer: 5 Tage

Teilnehmer lernen Kenntnisse zur Implementierung und Fehlerbehebung fortschrittlicher Routing-Technologien und -Dienste, einschließlich Layer 3, VPN-Dienste, Infrastruktursicherheit, Infrastrukturservices und Infrastrukturautomatisierung. Der Kurs „Implementieren von Cisco Enterprise Advanced Routing und Services“ hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Layer 3 Technologies

• Troubleshooting administrative distance (all routing protocols)
• Troubleshooting route map for any routing protocol (attributes, tagging, filtering)
• Troubleshooting loop prevention mechanisms (filtering, tagging, split horizon, route poisoning)
• Troubleshooting redistribution between any routing protocols or routing sources
• Troubleshooting manual and auto-summarization with any routing protocol
• Configuring and verifying policy-based routing
• Configuring and verifying VRF-Lite
• Describing Bidirectional Forwarding Detection
• Troubleshooting EIGRP (classic and named mode)
- Address families (IPv4, IPv6)
- Neighbor relationship and authentication
- Loop-free path selections (RD, FD, FC, successor, feasible successor, stuck in active)
- Stubs
- Load balancing (equal and unequal cost)
- Metrics
• Troubleshooting OSPF (v2/v3)
- Address families (IPv4, IPv6)
- Neighbor relationship and authentication
- Network types, area types, and router types
(i) Point-to-point, multipoint, broadcast, nonbroadcast
(ii) Area type: backbone, normal, transit, stub, NSSA, totally stub
(iii) Internal router, backbone router, ABR, ASBR
(iv) Virtual link
- Path preference
• Troubleshooting BGP (Internal and External)
- Address families (IPv4, IPv6)
- Neighbor relationship and authentication (next-hop, mulithop, 4-byte AS, private AS, route refresh, synchronization, operation, peer group, states and timers)
- Path preference (attributes and best-path)
- Route reflector (excluding multiple route reflectors, confederations, dynamic peer)
- Policies (inbound/outbound filtering, path manipulation)


VPN Technologies

• Describing MPLS operations (LSR, LDP, label switching, LSP)
• Describing MPLS Layer 3 VPN
• Configuring and verifying DMVPN (single hub)
- GRE/mGRE
- NHRP
- IPsec
- Dynamic neighbor
- Spoke-to-spoke


Infrastructure Security

• Troubleshooting device security using IOS AAA (TACACS+, RADIUS, local database)
• Troubleshooting router security features
- IPv4 access control lists (standard, extended, time-based)
- IPv6 traffic filter
- Unicast reverse path forwarding (uRPF)
• Troubleshooting control plane policing (CoPP) (Telnet, SSH, HTTP(S), SNMP, EIGRP, OSPF, BGP)
• Describing IPv6 First Hop security features (RA guard, DHCP guard, binding table, ND inspection/snooping, source guard)


Infrastructure Services

• Troubleshooting device management
- Console and VTY
- Telnet, HTTP, HTTPS, SSH, SCP
- (T)FTP
• Troubleshooting SNMP (v2c, v3)
• Troubleshooting network problems using logging (local, syslog, debugs, conditional debugs, timestamps)
• Troubleshooting IPv4 and IPv6 DHCP (DHCP client, IOS DHCP server, DHCP relay, DHCP options)
• Troubleshooting network performance issues using IP SLA (jitter, tracking objects, delay, connectivity)
• Troubleshooting NetFlow (v5, v9, flexible NetFlow)
• Troubleshooting network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701)

Dauer: 5 Tage

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über die Implementierung und den Betrieb von zentralen Sicherheitstechnologien, einschließlich Netzwerksicherheit, Cloud-Sicherheit, Inhaltssicherheit, Endpunktschutz und -erkennung, sicherem Netzwerkzugriff, Sichtbarkeit und Durchsetzung. Der Kurs Implementierung und Betrieb von Cisco Security Core Technologies hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.
Abschluss: Cisco Certified Specialist - Security Core


Kursinhalt

Security Concepts
• Explaining common threats against on-premises and cloud environments
- On-premises: viruses, trojans, DoS/DDoS attacks, phishing, rootkits, man-in-the-middle attacks, SQL injection, cross-site scripting, malware
- Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials
• Comparing common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery
• Describing functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorization
• Comparing site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect
• Describing security intelligence authoring, sharing, and consumption
• Explaining the role of the endpoint in protecting humans from phishing and social engineering attacks
• Explaining North Bound and South Bound APIs in the SDN architecture
• Explaining DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting
• Interpreting basic Python scripts used to call Cisco Security appliances APIs

Network Security
• Comparing network security solutions that provide intrusion prevention and firewall capabilities
• Describing deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities
• Describing the components, capabilities, and benefits of NetFlow and Flexible NetFlow records
• Configuring and verifying network infrastructure security methods (router, switch, wireless)
- Layer 2 methods (Network segmentation using VLANs and VRF-lite; Layer 2 and port security; DHCP snooping; Dynamic ARP inspection; storm control; PVLANs to segregate network traffic; and defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
- Device hardening of network infrastructure security devices (control plane, data plane, management plane, and routing protocol security)
• Implementing segmentation, access control policies, AVC, URL filtering, and malware protection
• Implementing management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multidevice manager, in-band vs. out-of-band, CDP, DNS, SCP, SFTP, and DHCP security and risks)
• Configuring AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)
• Configuring secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)
• Configuring and verify site-to-site VPN and remote access VPN
- Site-to-site VPN utilizing Cisco routers and IOS
- Remote access VPN using Cisco AnyConnect Secure Mobility client
- Debug commands to view IPsec tunnel establishment and troubleshooting

Securing the Cloud
• Identifying security solutions for cloud environments
- Public, private, hybrid, and community clouds
- Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)
• Comparing the customer vs. provider security responsibility for the different cloud service models
- Patch management in the cloud
- Security assessment in the cloud
- Cloud-delivered security solutions such as firewall, management, proxy, security intelligence, and CASB
• Describing the concept of DevSecOps (CI/CD pipeline, container orchestration, and security
• Implementing application and data security in cloud environments
• Identifying security capabilities, deployment models, and policy management to secure the cloud
• Configuring cloud logging and monitoring methodologies
• Describing application and workload security concepts

Content Security
• Implementing traffic redirection and capture methods
• Describing web proxy identity and authentication including transparent user identification
• Comparing the components, capabilities, and benefits of local and cloud-based email and web solutions (ESA, CES, WSA)
• Configuring and verifying web and email security deployment methods to protect on-premises and remote users (inbound and outbound controls and policy management)
• Configuring and verifying email security features such as SPAM filtering, antimalware filtering, DLP, blacklisting, and email encryption
• Configuring and verifying secure internet gateway and web security features such as blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, and TLS decryption
• Describing the components, capabilities, and benefits of Cisco Umbrella
• Configuring and verifying web security controls on Cisco Umbrella (identities, URL content settings, destination lists, and reporting)

Endpoint Protection and Detection
• Comparing Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions
• Explaining antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry
• Configuring and verifying outbreak control and quarantines to limit infection
• Describing justifications for endpoint-based security
• Describing the value of endpoint device management and asset inventory such as MDM
• Describing the uses and importance of a multifactor authentication (MFA) strategy
• Describing endpoint posture assessment solutions to ensure endpoint security
• Explaining the importance of an endpoint patching strategy

Secure Network Access, Visibility, and Enforcement
• Describing identity management and secure network access concepts such as guest services, profiling, posture assessment and BYOD
• Configuring and verifying network access device functionality such as 802.1X, MAB, WebAuth
• Describing network access with CoA
• Describing the benefits of device compliance and application control
• Explaining exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP)
• Describing the benefits of network telemetry
• Describing the components, capabilities, and benefits of these security products and solutions
- Cisco Stealthwatch
- Cisco Stealthwatch Cloud
- Cisco pxGrid
- Cisco Umbrella Investigate
- Cisco Cognitive Threat Analytics
- Cisco Encrypted Traffic Analytics
- Cisco AnyConnect Network Visibility Module (NVM)

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401

Dauer: 5 Tage

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer in Bezug auf die Implementierung zentraler Unternehmensnetzwerktechnologien, einschließlich Dual-Stack-Architektur (IPv4 und IPv6), Virtualisierung, Infrastruktur, Netzwerksicherung, Sicherheit und Automatisierung. Der Kurs „Implementieren von Cisco Enterprise Network Core-Technologien“ hilft Kandidaten, sich auf diese Prüfung vorzubereiten.
Abschluss: Cisco Certified Specialist - Enterprise Core

Kursinhalt

Architecture
• Explaining the different design principles used in an enterprise network
- Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
- High availability techniques such as redundancy, FHRP, and SSO
• Analyzing design principles of a WLAN deployment
- Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
- Location services in a WLAN design
• Differentiating between on-premises and cloud infrastructure deployments
• Explaining the working principles of the Cisco SD-WAN solution
- SD-WAN control and data planes elements
- Traditional WAN and SD-WAN solutions
• Explaining the working principles of the Cisco SD-Access solution
- SD-Access control and data planes elements
- Traditional campus interoperating with SD-Access
• Describing concepts of wired and wireless QoS
- QoS components
- QoS policy
• Differentiating hardware and software switching mechanisms
- Process and CEF
- MAC address table and TCAM
- FIB vs. RIB

Virtualization
• Describing device virtualization technologies
- Hypervisor type 1 and 2
- Virtual machine
- Virtual switching
• Configuring and verifying data path virtualization technologies
- VRF
- GRE and IPsec tunneling
• Describing network virtualization concepts
- LISP
- VXLAN

Infrastructure
• Layer 2
- Troubleshooting static and dynamic 802.1q trunking protocols
- Troubleshooting static and dynamic EtherChannels
- Configuring and verifying common Spanning Tree Protocols (RSTP and MST)
• Layer 3
- Comparing routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
- Configuring and verifying simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
- Configuring and verifying eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
• Wireless
- Describing Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
- Describing AP modes and antenna types
- Describing access point discovery and join process (discovery algorithms, WLC selection process)
- Describing the main principles and use cases for Layer 2 and Layer 3 roaming
- Troubleshooting WLAN configuration and wireless client connectivity issues
• IP Services
- Describing Network Time Protocol (NTP)
- Configuring and verifying NAT/PAT
- Configuring first hop redundancy protocols, such as HSRP and VRRP
- Describing multicast protocols, such as PIM and IGMP v2/v3

Network Assurance
• Diagnosing network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
• Configuring and verifying device monitoring using syslog for remote logging
• Configuring and verifying NetFlow and Flexible NetFlow
• Configuring and verifying SPAN/RSPAN/ERSPAN
• Configuring and verifying IPSLA
• Describing Cisco DNA Center workflows to apply network configuration, monitoring, and management
• Configuring and verifying NETCONF and RESTCONF

Security
• Configuring and verifying device access control
- Lines and password protection
- Authentication and authorization using AAA
• Configuring and verifying infrastructure security features
- ACLs
- CoPP
• Describing REST API security
• Configuring and verifying wireless security features
- EAP
- WebAuth
- PSK
• Describing the components of network security design
- Threat defense
- Endpoint security
- Next-generation firewall
- TrustSec, MACsec
- Network access control with 802.1X, MAB, and WebAuth

Automation
• Interpreting basic Python components and scripts
• Constructing valid JSON encoded file
• Describing the high-level principles and benefits of a data modeling language, such as YANG
• Describing APIs for Cisco DNA Center and vManage
• Interpreting REST API response codes and results in payload using Cisco DNA Center and RESTCONF
• Constructing EEM applet to automate configuration, troubleshooting, or data collection
• Comparing agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

ENCOR + ENARSI

Dauer: 10 Tage


Implementing and Operating Cisco Enterprise Network Core Technologies (ENCOR) 350-401


Dieser Kurs vermittelt Kenntnisse an die Teilnehmer in Bezug auf die Implementierung zentraler Unternehmensnetzwerktechnologien, einschließlich Dual-Stack-Architektur (IPv4 und IPv6), Virtualisierung, Infrastruktur, Netzwerksicherung, Sicherheit und Automatisierung. Der Kurs „Implementieren von Cisco Enterprise Network Core-Technologien“ hilft Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Architecture
• Explaining the different design principles used in an enterprise network
- Enterprise network design such as Tier 2, Tier 3, and Fabric Capacity planning
- High availability techniques such as redundancy, FHRP, and SSO
• Analyzing design principles of a WLAN deployment
- Wireless deployment models (centralized, distributed, controller-less, controller based, cloud, remote branch)
- Location services in a WLAN design
• Differentiating between on-premises and cloud infrastructure deployments
• Explaining the working principles of the Cisco SD-WAN solution
- SD-WAN control and data planes elements
- Traditional WAN and SD-WAN solutions
• Explaining the working principles of the Cisco SD-Access solution
- SD-Access control and data planes elements
- Traditional campus interoperating with SD-Access
• Describing concepts of wired and wireless QoS
- QoS components
- QoS policy
• Differentiating hardware and software switching mechanisms
- Process and CEF
- MAC address table and TCAM
- FIB vs. RIB

Virtualization
• Describing device virtualization technologies
- Hypervisor type 1 and 2
- Virtual machine
- Virtual switching
• Configuring and verifying data path virtualization technologies
- VRF
- GRE and IPsec tunneling
• Describing network virtualization concepts
- LISP
- VXLAN

Infrastructure
• Layer 2
- Troubleshooting static and dynamic 802.1q trunking protocols
- Troubleshooting static and dynamic EtherChannels
- Configuring and verifying common Spanning Tree Protocols (RSTP and MST)
• Layer 3
- Comparing routing concepts of EIGRP and OSPF (advanced distance vector vs. linked state, load balancing, path selection, path operations, metrics)
- Configuring and verifying simple OSPF environments, including multiple normal areas, summarization, and filtering (neighbor adjacency, point-to-point and broadcast network types, and passive interface)
- Configuring and verifying eBGP between directly connected neighbors (best path selection algorithm and neighbor relationships)
• Wireless
- Describing Layer 1 concepts, such as RF power, RSSI, SNR, interference noise, band and channels, and wireless client devices capabilities
- Describing AP modes and antenna types
- Describing access point discovery and join process (discovery algorithms, WLC selection process)
- Describing the main principles and use cases for Layer 2 and Layer 3 roaming
- Troubleshooting WLAN configuration and wireless client connectivity issues
• IP Services
- Describing Network Time Protocol (NTP)
- Configuring and verifying NAT/PAT
- Configuring first hop redundancy protocols, such as HSRP and VRRP
- Describing multicast protocols, such as PIM and IGMP v2/v3

Network Assurance
• Diagnosing network problems using tools such as debugs, conditional debugs, trace route, ping, SNMP, and syslog
• Configuring and verifying device monitoring using syslog for remote logging
• Configuring and verifying NetFlow and Flexible NetFlow
• Configuring and verifying SPAN/RSPAN/ERSPAN
• Configuring and verifying IPSLA
• Describing Cisco DNA Center workflows to apply network configuration, monitoring, and management
• Configuring and verifying NETCONF and RESTCONF

Security
• Configuring and verifying device access control
- Lines and password protection
- Authentication and authorization using AAA
• Configuring and verifying infrastructure security features
- ACLs
- CoPP
• Describing REST API security
• Configuring and verifying wireless security features
- EAP
- WebAuth
- PSK
• Describing the components of network security design
- Threat defense
- Endpoint security
- Next-generation firewall
- TrustSec, MACsec
- Network access control with 802.1X, MAB, and WebAuth

Automation
• Interpreting basic Python components and scripts
• Constructing valid JSON encoded file
• Describing the high-level principles and benefits of a data modeling language, such as YANG
• Describing APIs for Cisco DNA Center and vManage
• Interpreting REST API response codes and results in payload using Cisco DNA Center and RESTCONF
• Constructing EEM applet to automate configuration, troubleshooting, or data collection
• Comparing agent vs. agentless orchestration tools, such as Chef, Puppet, Ansible, and SaltStack



Implementing Cisco Enterprise Advanced Routing and Services (ENARSI 300-410)

Teilnehmer lernen Kenntnisse zur Implementierung und Fehlerbehebung fortschrittlicher Routing-Technologien und -Dienste, einschließlich Layer 3, VPN-Dienste, Infrastruktursicherheit, Infrastrukturservices und Infrastrukturautomatisierung. Der Kurs „Implementieren von Cisco Enterprise Advanced Routing und Services“ hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Layer 3 Technologies

• Troubleshooting administrative distance (all routing protocols)
• Troubleshooting route map for any routing protocol (attributes, tagging, filtering)
• Troubleshooting loop prevention mechanisms (filtering, tagging, split horizon, route poisoning)
• Troubleshooting redistribution between any routing protocols or routing sources
• Troubleshooting manual and auto-summarization with any routing protocol
• Configuring and verifying policy-based routing
• Configuring and verifying VRF-Lite
• Describing Bidirectional Forwarding Detection
• Troubleshooting EIGRP (classic and named mode)
- Address families (IPv4, IPv6)
- Neighbor relationship and authentication
- Loop-free path selections (RD, FD, FC, successor, feasible successor, stuck in active)
- Stubs
- Load balancing (equal and unequal cost)
- Metrics
• Troubleshooting OSPF (v2/v3)
- Address families (IPv4, IPv6)
- Neighbor relationship and authentication
- Network types, area types, and router types
(i) Point-to-point, multipoint, broadcast, nonbroadcast
(ii) Area type: backbone, normal, transit, stub, NSSA, totally stub
(iii) Internal router, backbone router, ABR, ASBR
(iv) Virtual link
- Path preference
• Troubleshooting BGP (Internal and External)
- Address families (IPv4, IPv6)
- Neighbor relationship and authentication (next-hop, mulithop, 4-byte AS, private AS, route refresh, synchronization, operation, peer group, states and timers)
- Path preference (attributes and best-path)
- Route reflector (excluding multiple route reflectors, confederations, dynamic peer)
- Policies (inbound/outbound filtering, path manipulation)


VPN Technologies

• Describing MPLS operations (LSR, LDP, label switching, LSP)
• Describing MPLS Layer 3 VPN
• Configuring and verifying DMVPN (single hub)
- GRE/mGRE
- NHRP
- IPsec
- Dynamic neighbor
- Spoke-to-spoke


Infrastructure Security

• Troubleshooting device security using IOS AAA (TACACS+, RADIUS, local database)
• Troubleshooting router security features
- IPv4 access control lists (standard, extended, time-based)
- IPv6 traffic filter
- Unicast reverse path forwarding (uRPF)
• Troubleshooting control plane policing (CoPP) (Telnet, SSH, HTTP(S), SNMP, EIGRP, OSPF, BGP)
• Describing IPv6 First Hop security features (RA guard, DHCP guard, binding table, ND inspection/snooping, source guard)


Infrastructure Services

• Troubleshooting device management
- Console and VTY
- Telnet, HTTP, HTTPS, SSH, SCP
- (T)FTP
• Troubleshooting SNMP (v2c, v3)
• Troubleshooting network problems using logging (local, syslog, debugs, conditional debugs, timestamps)
• Troubleshooting IPv4 and IPv6 DHCP (DHCP client, IOS DHCP server, DHCP relay, DHCP options)
• Troubleshooting network performance issues using IP SLA (jitter, tracking objects, delay, connectivity)
• Troubleshooting NetFlow (v5, v9, flexible NetFlow)
• Troubleshooting network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

CCNP Collaboration - CLCOR + CLICA

Dauer: 10 Tage


Implementing Cisco Collaboration Core Technologies (CLCOR 350-801)

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über die Implementierung zentraler Technologien für die Zusammenarbeit, einschließlich Infrastruktur und Design, Protokollen, Codecs und Endpunkten, Cisco IOS XE-Gateway und Medienressourcen, Anrufsteuerung, QoS und Anwendungen für die Zusammenarbeit. Der Kurs Implementing Cisco Collaboration Core Technologies (Implementierung von Cisco Collaboration-Kerntechnologien) hilft Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Infrastructure and Design
• Describing the key design elements of the following, pertaining to the Cisco Collaboration architecture as described in the SRND/PA
- Licensing (Smart, Flex)
- Sizing
- Bandwidth
- High availability
- Disaster recovery
- Dial plan
- Security (certificates, SRTP, TLS)
- QoS
• Describing the purpose of Edge devices in the Cisco Collaboration architecture such as Expressway and Cisco Unified Border Element
• Configuring these network components to support Cisco Collaboration solutions
- DHCP
- NTP
- CDP
- LLDP
- LDAP
- TFTP
- Certificates
• Troubleshooting these network components in a Cisco Collaboration solution
- DNS (A/AAA, SRV, Reverse Pointer Record (PTR))
- NTP
- LDAP integration on Cisco Unified Communications Manager
• Explaining these components to support Cisco Collaboration solutions
- SNMP
- DNS

Protocols, Codecs, and Endpoints
• Troubleshooting these elements of a SIP conversation
- Call set up and tear down
- SDP
- DTMF
• Identifying the appropriate collaboration codecs for a given scenario
• Configuring codec negotiations
• Deploying SIP endpoints
- Manual
- Self provisioning
- Bulk Administration Tool (BAT)
• Troubleshooting collaboration endpoints

Cisco IOS XE Gateway and Media Resources
• Configuring these voice gateway elements
- DTMF
- Voice translation rules and profiles
- Codec preference list
- Dial peers
• Configuring ISDN PRI/BRI
• Troubleshooting ISDN PRI/BRI
• Configuring and verifying the MGCP
• Identifying the appropriate media resources for a given scenario (hardware and software)

Call Control
• Describing the Cisco Unified Communications Manager digit analysis process
• Implementing toll fraud prevention on Cisco Unified CM
• Configuring globalized call routing in Cisco Unified CM
- Route patterns (traditional and +E.164 format)
- Translation patterns
- Standard local route group
- Transforms
- SIP route patterns
• Describing Mobile and Remote Access (MRA)

QoS
• Describing problems that can lead to poor voice and video quality
- Latency
- Jitter
- Packet loss
- Bandwidth
• Describing the QoS requirements for these application types (voice and video)
• Describing the class models for providing QoS on a network
- Class model
- Class model
- QoS Baseline model (11 Class)
• Describing the purpose and function of these DiffServ values as it pertains to collaboration
- EF
- AF41
- AF42
- CS3
- CS4
• Describing QoS trust boundaries and their significance in LAN-based classification and marking
• Describing and determining location-based CAC bandwidth requirements
• Configuring and verifying LLQ (class map, policy map, service policy)

Collaboration Applications
• Configuring Cisco Unity Connection mailbox and MWI
• Configuring Cisco Unity Connection SIP integration options to call control
• Describing Cisco Unity Connection call handlers
• Describing Cisco Unified IM&P protocols and deployment
- XMPP
- High availability
• Deploying Cisco Jabber on premises


Implementing Cisco Collaboration Application v1.0 (CLICA 300-810)

Dieser Kurs vermittelt den Teilnehmern die Kenntnisse über Collaboration-Anwendungen, einschließlich Single Sign-On, Cisco Unified IM und Presence, Cisco Unity Connection, Cisco Unity Express und Anwendungsclients. Dieser Kurs hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.


Kursinhalt

Single Sign-On (SSO) for Collaboration Applications

• Describing these types of SSO as they relate to Collaboration
- Smart card
- Integrated Windows AD
• Describing the SAML SSO login process flow in the context of Cisco Collaboration solutions
• Describing these components of SAML 2.0 and later
- Assertion
- Protocol
- Binding
- Profiles

Cisco Unified IM and Presence
• Configuring Cisco Unified Instant Message and Presence on premises
- High availability
- Calendar integration
- Apple Push Notification Service
- Persistent chat
- Federation configuration (XMPP and SIP)
- Centralized Cisco Unified IM&P
• Troubleshooting Cisco Unified IM&P on premises
- XMPP
- High availability
- Calendar integration
- Apple Push Notification Service
- Persistent chat
- Federation configuration (XMPP and SIP)

Cisco Unity Connection and Cisco Unity Express
• Configuring these in Cisco Unity Connection
- Call handlers
- Voicemail transfers and greetings
- Routing rules
- Distribution lists
- LDAP integration
• Troubleshooting these in Cisco Unity Connection
- Call handlers
- Voicemail transfers and greetings
- Auto-Attendant
- Routing rules
- MWI
• Implementing toll fraud prevention
• Troubleshooting Cisco Unity Connection integration options with Cisco Unified Communications Manager
• Describing digital networking in multicluster deployments in Cisco Unity Connection
• Configure Cisco Unity Express integration to Cisco Unified Communications Manager Express
- Basic call handler scripting (Auto-Attendant)
- Voicemail management
- MWI
- User management

• Troubleshooting Cisco Unity Express integration to Cisco Unified CME
- Basic call handler scripting (Auto-Attendant)
- Voicemail management
- MWI
- User management

Application Clients
• Configuring DNS for service discovery
• Troubleshooting service discovery
• Configuring Jabber client installation switches
• Troubleshooting Cisco Jabber Instant Messaging and Presence
• Troubleshooting Cisco Jabber phone control
• Troubleshooting Cisco Jabber voicemail integration
• Troubleshooting certificate validation for Jabber clients
• Describing the Cisco Unified Attendant Console Advanced integration

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing Cisco Collaboration Application v1.0 (CLICA 300-810)

Dieser Kurs vermittelt den Teilnehmern die Kenntnisse über Collaboration-Anwendungen, einschließlich Single Sign-On, Cisco Unified IM und Presence, Cisco Unity Connection, Cisco Unity Express und Anwendungsclients. Dieser Kurs hilft den Kandidaten, sich auf diese Prüfung vorzubereiten.
Abschluss: Cisco Certified Specialist - Collaboration Applications Implementation

Dauer: 5 Tage


Kursinhalt

Single Sign-On (SSO) for Collaboration Applications

• Describing these types of SSO as they relate to Collaboration
- Smart card
- Integrated Windows AD
• Describing the SAML SSO login process flow in the context of Cisco Collaboration solutions
• Describing these components of SAML 2.0 and later
- Assertion
- Protocol
- Binding
- Profiles

Cisco Unified IM and Presence
• Configuring Cisco Unified Instant Message and Presence on premises
- High availability
- Calendar integration
- Apple Push Notification Service
- Persistent chat
- Federation configuration (XMPP and SIP)
- Centralized Cisco Unified IM&P
• Troubleshooting Cisco Unified IM&P on premises
- XMPP
- High availability
- Calendar integration
- Apple Push Notification Service
- Persistent chat
- Federation configuration (XMPP and SIP)

Cisco Unity Connection and Cisco Unity Express
• Configuring these in Cisco Unity Connection
- Call handlers
- Voicemail transfers and greetings
- Routing rules
- Distribution lists
- LDAP integration
• Troubleshooting these in Cisco Unity Connection
- Call handlers
- Voicemail transfers and greetings
- Auto-Attendant
- Routing rules
- MWI
• Implementing toll fraud prevention
• Troubleshooting Cisco Unity Connection integration options with Cisco Unified Communications Manager
• Describing digital networking in multicluster deployments in Cisco Unity Connection
• Configure Cisco Unity Express integration to Cisco Unified Communications Manager Express
- Basic call handler scripting (Auto-Attendant)
- Voicemail management
- MWI
- User management

• Troubleshooting Cisco Unity Express integration to Cisco Unified CME
- Basic call handler scripting (Auto-Attendant)
- Voicemail management
- MWI
- User management

Application Clients
• Configuring DNS for service discovery
• Troubleshooting service discovery
• Configuring Jabber client installation switches
• Troubleshooting Cisco Jabber Instant Messaging and Presence
• Troubleshooting Cisco Jabber phone control
• Troubleshooting Cisco Jabber voicemail integration
• Troubleshooting certificate validation for Jabber clients
• Describing the Cisco Unified Attendant Console Advanced integration

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing and Administering Cisco Solutions -CCNA (200-301)

Dauer: 5 Tage

Dieser Kurs vermittelt den Teilnehmern die Kenntnisse und Fähigkeiten in Bezug auf Netzwerkgrundlagen, Netzwerkzugriff, IP-Konnektivität, IP-Dienste, Sicherheitsgrundlagen sowie Automatisierung und Programmierbarkeit. Der Kurs Implementieren und Verwalten von Cisco-Lösungen


Kursinhalt

Network Fundamentals
• Explaining the role and function of network components
• Describing characteristics of network topology architectures
• Comparing physical interface and cabling types
• Identifying interface and cable issues (collisions, errors, mismatch duplex, and/or speed)
• Comparing TCP to UDP
• Configuring and verifying IPv4 addressing and subnetting
• Describing the need for private IPv4 addressing
• Configuring and verifying IPv6 addressing and prefix
• Comparing IPv6 address types
• Verifying IP parameters for Client OS (Windows, Mac OS, Linux)
• Describing wireless principles
• Explaining virtualization fundamentals (virtual machines)
• Describing switching concepts

Network Access
• Configuring and verifying VLANs (normal range) spanning multiple switches
• Configuring and verifying interswitch connectivity
• Configuring and verifying Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP)
• Configuring and verifying (Layer 2/Layer 3) EtherChannel (LACP)
• Describing the need for and basic operations of Rapid PVST+ Spanning Tree Protocol and identify basic operations
• Comparing Cisco Wireless Architectures and AP modes
• Describing physical infrastructure connections of WLAN components (AP,WLC, access/trunk ports, and LAG)
• Describing AP and WLC management access connections (Telnet, SSH, HTTP,HTTPS, console, and TACACS+/RADIUS)
• Configuring the components of a wireless LAN access for client connectivity using GUI only such as WLAN creation, security settings, QoS profiles, and advanced WLAN settings

Connectivity
• Interpreting the components of routing table
• Determining how a router makes a forwarding decision by default
• Configuring and verifying IPv4 and IPv6 static routing
• Configuring and verifying single area OSPFv2
• Describing the purpose of first hop redundancy protocol

IP Services
• Configuring and verifying inside source NAT using static and pools
• Configuring and verifying NTP operating in a client and server mode
• Explaining the role of DHCP and DNS within the network
• Explaining the function of SNMP in network operations
• Describing the use of syslog features including facilities and levels
• Configuring and verifying DHCP client and relay
• Explaining the forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing, shaping
• Configuring network devices for remote access using SSH
• Describing the capabilities and function of TFTP/FTP in the network

Security Fundamentals
• Defining key security concepts (threats, vulnerabilities, exploits, and mitigation techniques)
• Describing security program elements (user awareness, training, and physical access control)
• Configuring device access control using local passwords
• Describing security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics)
• Describing remote access and site-to-site VPNs
• Configuring and verifying access control lists
• Configuring Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security)
• Differentiating, authenticating, authorization, and accounting concepts
• Describing wireless security protocols (WPA, WPA2, and WPA3)
• Configuring WLAN using WPA2 PSK using the GUI

Automation and Programmability
• Explaining how automation impacts network management
• Comparing traditional networks with controller-based networking
• Describing controller-based and software defined architectures (overlay, underlay, and fabric)
• Comparing traditional campus device management with Cisco DNA Center enabled device management
• Describing characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding)
• Recognizing the capabilities of configuration management mechanisms Puppet, Chef, and Ansible
• Interpreting JSON encoded data

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Implementing Cisco Collaboration Core Technologies (CLCOR 350-801)

Dauer: 5 Tage

Dieser Kurs vermittelt Kenntnisse an die Teilnehmer über die Implementierung zentraler Technologien für die Zusammenarbeit, einschließlich Infrastruktur und Design, Protokollen, Codecs und Endpunkten, Cisco IOS XE-Gateway und Medienressourcen, Anrufsteuerung, QoS und Anwendungen für die Zusammenarbeit. Der Kurs Implementing Cisco Collaboration Core Technologies (Implementierung von Cisco Collaboration-Kerntechnologien) hilft Kandidaten, sich auf diese Prüfung vorzubereiten.
Abschluss: Cisco Certified Specialist - Collaboration Core


Kursinhalt

Infrastructure and Design
• Describing the key design elements of the following, pertaining to the Cisco Collaboration architecture as described in the SRND/PA
- Licensing (Smart, Flex)
- Sizing
- Bandwidth
- High availability
- Disaster recovery
- Dial plan
- Security (certificates, SRTP, TLS)
- QoS
• Describing the purpose of Edge devices in the Cisco Collaboration architecture such as Expressway and Cisco Unified Border Element
• Configuring these network components to support Cisco Collaboration solutions
- DHCP
- NTP
- CDP
- LLDP
- LDAP
- TFTP
- Certificates
• Troubleshooting these network components in a Cisco Collaboration solution
- DNS (A/AAA, SRV, Reverse Pointer Record (PTR))
- NTP
- LDAP integration on Cisco Unified Communications Manager
• Explaining these components to support Cisco Collaboration solutions
- SNMP
- DNS

Protocols, Codecs, and Endpoints
• Troubleshooting these elements of a SIP conversation
- Call set up and tear down
- SDP
- DTMF
• Identifying the appropriate collaboration codecs for a given scenario
• Configuring codec negotiations
• Deploying SIP endpoints
- Manual
- Self provisioning
- Bulk Administration Tool (BAT)
• Troubleshooting collaboration endpoints

Cisco IOS XE Gateway and Media Resources
• Configuring these voice gateway elements
- DTMF
- Voice translation rules and profiles
- Codec preference list
- Dial peers
• Configuring ISDN PRI/BRI
• Troubleshooting ISDN PRI/BRI
• Configuring and verifying the MGCP
• Identifying the appropriate media resources for a given scenario (hardware and software)

Call Control
• Describing the Cisco Unified Communications Manager digit analysis process
• Implementing toll fraud prevention on Cisco Unified CM
• Configuring globalized call routing in Cisco Unified CM
- Route patterns (traditional and +E.164 format)
- Translation patterns
- Standard local route group
- Transforms
- SIP route patterns
• Describing Mobile and Remote Access (MRA)

QoS
• Describing problems that can lead to poor voice and video quality
- Latency
- Jitter
- Packet loss
- Bandwidth
• Describing the QoS requirements for these application types (voice and video)
• Describing the class models for providing QoS on a network
- Class model
- Class model
- QoS Baseline model (11 Class)
• Describing the purpose and function of these DiffServ values as it pertains to collaboration
- EF
- AF41
- AF42
- CS3
- CS4
• Describing QoS trust boundaries and their significance in LAN-based classification and marking
• Describing and determining location-based CAC bandwidth requirements
• Configuring and verifying LLQ (class map, policy map, service policy)

Collaboration Applications
• Configuring Cisco Unity Connection mailbox and MWI
• Configuring Cisco Unity Connection SIP integration options to call control
• Describing Cisco Unity Connection call handlers
• Describing Cisco Unified IM&P protocols and deployment
- XMPP
- High availability
• Deploying Cisco Jabber on premises

IT-Fachkräfte, Supporter, Datenverarbeitungsfachleute, Netzwerker und Administratoren, die eigenständig mittelgroße Cisco Netze installieren, konfigurieren und betreiben wollen

Die Weiterbildung wird in den nachfolgenden Städten angeboten. Aktuelle
Veranstaltungsinformationen zu Beginn, Teilnehmerzahl und Ort finden Sie auf der

Arbeitssuchende IT Interessierte die lernbereit sind und für neue Perspektiven Ihre Zukunft vorbereiten möchten