I. General Information
1. Course Title:
Implementing Cisco IOS Network Security
2. Course Prefix & Number:
COMP 2132
3. Course Credits and Contact Hours:
Credits: 3
Lecture Hours: 3
Lab Hours: 0
4. Course Description:
CCNA Security helps students prepare for entry-level security specialist careers by developing an in-depth understanding of network security principles and the tools and configurations needed to secure a network. The curriculum provides an introduction to the core security concepts and skills needed for the installation, troubleshooting, and monitoring of network devices to maintain the integrity, confidentiality, and availability of data and devices. CCNA Security offers the following: provides an in-depth, theoretical overview of network security principles as well as the tools and configurations available; emphasizes the practical application of skills needed to design, implement, and support network security; supports the development of critical thinking and complex problem-solving skills through hands-on labs. Career Preparation: The studies in this course will help students prepare for careers in Networking such as CCNA, CCNP, Network Administrator, Network Engineer, Systems Analyst, LAN Administrator, WAN Administrator, and Systems Engineer. Certification Preparation: Optional. Cisco CCNA Security.
5. Placement Tests Required:
| Accuplacer (specify test): |
No placement tests required |
Score: |
|
6. Prerequisite Courses:
COMP 2132 - Implementing Cisco IOS Network Security
All Course(s) from the following...
| Course Code | Course Title | Credits |
| COMP 1124 | Routing and Switching Essentials (CCNA-II) | 3 cr. |
9. Co-requisite Courses:
COMP 2132 - Implementing Cisco IOS Network Security
There are no corequisites for this course.
II. Transfer and Articulation
1. Course Equivalency - similar course from other regional institutions:
Inver Hills Community College, ITC 2831, 3 cr
3. Prior Learning - the following prior learning methods are acceptable for this course:
- Military Experience
- Written
- Oral
- Demonstration
- Portfolio
III. Course Purpose
Program-Applicable Courses – This course is required for the following program(s):
Computer Network Administration - Cisco, A.A.S. Degree
IV. Learning Outcomes
1. College-Wide Outcomes
| College-Wide Outcomes/Competencies |
Students will be able to: |
| Assess alternative solutions to a problem |
Apply network troubleshooting theory and an iterative approach to identify a problem, determine the cause, apply a solution, and then implement preventative measures. |
| Analyze and follow a sequence of operations |
Follow simulation instructions to perform the necessary tasks to complete a network setup. |
| Utilize appropriate technology |
Use computers, current OSs and networking utilities and hardware to configure, diagnose, troubleshoot, and install network components using current microcomputer hardware and OSs. |
2. Course Specific Outcomes - Students will be able to achieve the following measurable goals upon completion of
the course:
- Describe the security threats facing modern network infrastructures;
- Secure Cisco routers;
- Implement AAA on Cisco routers using a local router database and external ACS;
- Mitigate threats to Cisco routers and networks using ACLs;
- Implement secure network design, management and reporting;
- Mitigate common Layer 2 attacks;
- Implement the Cisco IOS firewall feature set;
- Implement the Cisco IOS IPS feature set;
- Implement a site-to-site VPN; and
- Implement a remote access VPN.
V. Topical Outline
Listed below are major areas of content typically covered in this course.
1. Lecture Sessions
- Chapter 1. Modern Network Security Threats
- 1.1 Fundamental Principles of a Secure Network
- 1.2 Viruses, Worms, and Trojan Horses
- 1.3 Attack Methodologies
- 1.4 Cisco Network Foundation Protection Framework
- Chapter 2. Securing Network Devices
- 2.1 Securing Device Access
- 2.2 Assigning Administrative Roles
- 2.3 Monitoring and Managing Devices
- 2.4 Using Automated Security Features
- Chapter 3. Authentication, Authorization, and Accounting
- 3.1 Purpose of AAA
- 3.2 Local AAA Authentication
- 3.3 Server-Based AAA
- 3.4 Server-Based AAA Authentication
- 3.5 Server-Based AAA Authorization and Accounting
- Chapter 4. Implementing Firewall Technologies
- 4.1 Access Control Lists
- 4.2 Firewall Technologies
- 4.3 Zone-Based Policy Firewall
- Chapter 5. Implementing Intrusion Prevention
- 5.1 IPS Technologies
- 5.2 IPS Signatures
- 5.3 Implementing IPS
- 5.4 Verify and Monitor IPS
- Chapter 6. Securing the Local-Area Network
- 6.1 Endpoint Security
- 6.2 Layer 2 Security Considerations
- 6.3 Configuring Layer 2 Security
- 6.4 Wireless, VoIP, and SAN Security
- Chapter 7. Cryptographic Systems
- 7.1 Cryptographic Services
- 7.2 Basic Integrity and Authenticity
- 7.3 Confidentiality
- 7.4 Public Key Cryptography
- Chapter 8. Implementing Virtual Private Networks
- 8.1 VPNs
- 8.2 GRE VPNs
- 8.3 IPSec VPN Components and Operation
- 8.4 Implementing Site-to-Site IPSec VPNs with CLI
- 8.5 Implementing Site-to-Site IPSec VPNs with CCP
- 8.6 Implementing Remote-Access VPNs
- Chapter 9. Implementing the Cisco Adaptive Security Appliance (ASA)
- 9.1 Introduction to the ASA
- 9.2 ASA Firewall Configuration
- 9.3 ASA VPN Configuration
- Chapter 10. Managing a Secure Network
- 10.1 Principles of Secure Network Design
- 10.2 Security Architecture
- 10.3 Operations Security
- 10.4 Network Security Testing
- 10.5 Business Continuity Planning and Disaster Recovery
- 10.6 System Development Life Cycle
- 10.7 Developing a Comprehensive Security Policy
I. General Information
1. Course Title:
Implementing Cisco IOS Network Security
2. Course Prefix & Number:
COMP 2132
3. Course Credits and Contact Hours:
Credits: 3
Lecture Hours: 3
Lab Hours: 0
4. Course Description:
CCNA Security helps students prepare for entry-level security specialist careers by developing an in-depth understanding of network security principles and the tools and configurations needed to secure a network. The curriculum provides an introduction to the core security concepts and skills needed for the installation, troubleshooting, and monitoring of network devices to maintain the integrity, confidentiality, and availability of data and devices. CCNA Security offers the following: provides an in-depth, theoretical overview of network security principles as well as the tools and configurations available; emphasizes the practical application of skills needed to design, implement, and support network security; supports the development of critical thinking and complex problem-solving skills through hands-on labs. Career Preparation: The studies in this course will help students prepare for careers in Networking such as CCNA, CCNP, Network Administrator, Network Engineer, Systems Analyst, LAN Administrator, WAN Administrator, and Systems Engineer. Certification Preparation: Optional. Cisco CCNA Security.
5. Placement Tests Required:
| Accuplacer (specify test): |
No placement tests required |
Score: |
|
6. Prerequisite Courses:
COMP 2132 - Implementing Cisco IOS Network Security
All Course(s) from the following...
| Course Code | Course Title | Credits |
| COMP 1124 | Routing and Switching Essentials (CCNA-II) | 3 cr. |
9. Co-requisite Courses:
COMP 2132 - Implementing Cisco IOS Network Security
There are no corequisites for this course.
II. Transfer and Articulation
1. Course Equivalency - similar course from other regional institutions:
Inver Hills Community College, ITC 2831, 3 cr
3. Prior Learning - the following prior learning methods are acceptable for this course:
- Military Experience
- Written
- Oral
- Demonstration
- Portfolio
III. Course Purpose
1. Program-Applicable Courses – This course is required for the following program(s):
Computer Network Administration - Cisco, A.A.S. Degree
IV. Learning Outcomes
1. College-Wide Outcomes
| College-Wide Outcomes/Competencies |
Students will be able to: |
| Analyze and follow a sequence of operations |
Follow simulation instructions to perform the necessary tasks to complete a network setup. |
| Utilize appropriate technology |
Use computers, current OSs and networking utilities and hardware to configure, diagnose, troubleshoot, and install network components using current microcomputer hardware and OSs. |
2. Course Specific Outcomes - Students will be able to achieve the following measurable goals upon completion of
the course:
- Describe the security threats facing modern network infrastructures;
- Secure Cisco routers;
- Implement AAA on Cisco routers using a local router database and external ACS;
- Mitigate threats to Cisco routers and networks using ACLs;
- Implement secure network design, management and reporting;
- Mitigate common Layer 2 attacks;
- Implement the Cisco IOS firewall feature set;
- Implement the Cisco IOS IPS feature set;
- Implement a site-to-site VPN; and
- Implement a remote access VPN.
V. Topical Outline
Listed below are major areas of content typically covered in this course.
1. Lecture Sessions
- Chapter 1. Modern Network Security Threats
- 1.1 Fundamental Principles of a Secure Network
- 1.2 Viruses, Worms, and Trojan Horses
- 1.3 Attack Methodologies
- 1.4 Cisco Network Foundation Protection Framework
- Chapter 2. Securing Network Devices
- 2.1 Securing Device Access
- 2.2 Assigning Administrative Roles
- 2.3 Monitoring and Managing Devices
- 2.4 Using Automated Security Features
- Chapter 3. Authentication, Authorization, and Accounting
- 3.1 Purpose of AAA
- 3.2 Local AAA Authentication
- 3.3 Server-Based AAA
- 3.4 Server-Based AAA Authentication
- 3.5 Server-Based AAA Authorization and Accounting
- Chapter 4. Implementing Firewall Technologies
- 4.1 Access Control Lists
- 4.2 Firewall Technologies
- 4.3 Zone-Based Policy Firewall
- Chapter 5. Implementing Intrusion Prevention
- 5.1 IPS Technologies
- 5.2 IPS Signatures
- 5.3 Implementing IPS
- 5.4 Verify and Monitor IPS
- Chapter 6. Securing the Local-Area Network
- 6.1 Endpoint Security
- 6.2 Layer 2 Security Considerations
- 6.3 Configuring Layer 2 Security
- 6.4 Wireless, VoIP, and SAN Security
- Chapter 7. Cryptographic Systems
- 7.1 Cryptographic Services
- 7.2 Basic Integrity and Authenticity
- 7.3 Confidentiality
- 7.4 Public Key Cryptography
- Chapter 8. Implementing Virtual Private Networks
- 8.1 VPNs
- 8.2 GRE VPNs
- 8.3 IPSec VPN Components and Operation
- 8.4 Implementing Site-to-Site IPSec VPNs with CLI
- 8.5 Implementing Site-to-Site IPSec VPNs with CCP
- 8.6 Implementing Remote-Access VPNs
- Chapter 9. Implementing the Cisco Adaptive Security Appliance (ASA)
- 9.1 Introduction to the ASA
- 9.2 ASA Firewall Configuration
- 9.3 ASA VPN Configuration
- Chapter 10. Managing a Secure Network
- 10.1 Principles of Secure Network Design
- 10.2 Security Architecture
- 10.3 Operations Security
- 10.4 Network Security Testing
- 10.5 Business Continuity Planning and Disaster Recovery
- 10.6 System Development Life Cycle
- 10.7 Developing a Comprehensive Security Policy