מסלול CCNA טריפל בהתמחות Cyber & DevNet

מידע וסילבוס

נושאים שילמדו בקורס CCNA :

 Network Fundamentals

  •  Explain the role and function of network components
  •  Describe characteristics of network topology architectures
  •  Compare physical interface and cabling types
  •  Identify interface and cable issues (collisions, errors, mismatch duplex, and/or speed)
  • Compare TCP to UDP
  •  Configure and verify IPv4 addressing and subnetting
  •  Describe the need for private IPv4 addressing
  •  Configure and verify IPv6 addressing and prefix
  •  Compare IPv6 address types
  •  Verify IP parameters for Client OS (Windows, Mac OS, Linux)
  •  Describe wireless principles
  •  Explain virtualization fundamentals (virtual machines)
  •  Describe switching concepts

 Network Access

  • Configure and verify VLANs (normal range) spanning multiple switches
  •  Configure and verify interswitch connectivity
  •  Configure and verify Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP)
  •  Configure and verify (Layer 2/Layer 3) EtherChannel (LACP)
  •  Describe the need for and basic operations of Rapid PVST+ Spanning Tree Protocol and identify basic operations
  •  Compare Cisco Wireless Architectures and AP modes
  •  Describe physical infrastructure connections of WLAN components (AP,WLC, access/trunk ports, and LAG)
  •  Describe AP and WLC management access connections (Telnet, SSH, HTTP,HTTPS, console, and TACACS+/RADIUS)
  •  Configure the components of a wireless LAN access for client connectivity using GUI only such as WLAN creation, security settings, QoS profiles, and advanced WLAN settings

IP Connectivity

  •  Interpret the components of routing table
  •  Determine how a router makes a forwarding decision by default
  •  Configure and verify IPv4 and IPv6 static routing
  •  Configure and verify single area OSPFv2
  •  Describe the purpose of first hop redundancy protocol

 IP Services

  •  Configure and verify inside source NAT using static and pools
  •  Configure and verify NTP operating in a client and server mode
  •  Explain the role of DHCP and DNS within the network
  •  Explain the function of SNMP in network operations
  •  Describe the use of syslog features including facilities and levels
  •  Configure and verify DHCP client and relay
  •  Explain the forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing, shaping
  •  Configure network devices for remote access using SSH
  •  Describe the capabilities and function of TFTP/FTP in the network

Security Fundamentals

  •  Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques)
  •  Describe security program elements (user awareness, training, and physical access control)
  •  Configure device access control using local passwords
  •  Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics)
  •  Describe remote access and site-to-site VPNs
  •  Configure and verify access control lists
  •  Configure Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security)
  •  Differentiate authentication, authorization, and accounting concepts
  •  Describe wireless security protocols (WPA, WPA2, and WPA3)
  •  Configure WLAN using WPA2 PSK using the GUI

Automation and Programmability

  •  Explain how automation impacts network management
  •  Compare traditional networks with controller-based networking
  •  Describe controller-based and software defined architectures (overlay, underlay, and fabric)
  •  Compare traditional campus device management with Cisco DNA Center enabled device management
  •  Describe characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding)
  • Recognize the capabilities of configuration management mechanisms Puppet, Chef, and Ansible
  •  Interpret JSON encoded data

 הכנה למבחן הסמכה

Security Concepts

  • Describe the principles of the defense in depth strategy
  •  Compare and contrast these concepts
  •  Describe these terms
  •  Describe these security terms
  •  Compare and contrast these access control models
  •  Compare and contrast these terms
  •  Describe these concepts

Cryptography

  • Describe the uses of a hash algorithm
  •  Describe the uses of encryption algorithms
  •  Compare and contrast symmetric and asymmetric encryption algorithms
  •  Describe the processes of digital signature creation and verification
  •  Describe the operation of a PKI
  •  Describe the security impact of these commonly used hash algorithms
  •  Describe the security impact of these commonly used encryption algorithms and secure communications protocols
  •  Describe how the success or failure of a cryptographic exchange impacts security investigation
  •  Describe these items in regards to SSL/TLS

 Host-Based Analysis

  • Define these terms as they pertain to Microsoft Windows
  •  Define these terms as they pertain to Linux
  •  Describe the functionality of these endpoint technologies in regards to security monitoring
  •  Interpret these operating system log data to identify an event

 Security Monitoring

  •  Identify the types of data provided by these technologies
  •  Describe these types of data used in security monitoring
  •  Describe these concepts as they relate to security monitoring
  •  Describe these NextGen IPS event types
  •  Describe the function of these protocols in the context of security monitoring

 Attack Methods

  •  Compare and contrast an attack surface and vulnerability
  •  Describe these network attacks
  •  Describe these web application attacks
  •  Describe these attacks
  •  Describe these endpoint-based attacks
  •  Describe these evasion methods
  •  Define privilege escalation
  •  Compare and contrast remote exploit and a local exploit

 הכנה למבחן הסמכה

SECOPS:

  •  Endpoint Threat Analysis and Computer Forensics
  •  Interpret the output report of a malware analysis tool such as AMP Threat Grid and Cuckoo Sandbox
  •  Describe these terms as they are defined in the CVSS 3.0:
  •  Describe these terms as they are defined in the CVSS 3.0
  •  Define these items as they pertain to the Microsoft Windows file system
  •  Define these terms as they pertain to the Linux file system
  •  Compare and contrast three types of evidence
  •  Compare and contrast two types of image
  •  Describe the role of attribution in an investigation

 Network Intrusion Analysis

  •  Interpret basic regular expressions
  •  Describe the fields in these protocol headers as they relate to intrusion analysis:
  •  Identify the elements from a NetFlow v5 record from a security event
  •  Identify these key elements in an intrusion from a given PCAP file
  •  Extract files from a TCP stream when given a PCAP file and Wireshark
  • Interpret common artifact elements from an event to identify an alert
  •  Map the provided events to these source technologies
  •  Compare and contrast impact and no impact for these items
  •  Interpret a provided intrusion event and host profile to calculate the impact flag generated by Firepower Management Center (FMC)

 Incident Response

  •  Describe the elements that should be included in an incident response plan as stated in NIST.SP800-61 r2
  •  Map elements to these steps of analysis based on the NIST.SP800-61 r2
  •  Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP800-61 r2)
  •  Describe the goals of the given CSIRT
  •  Identify these elements used for network profiling
  •  Identify these elements used for server profiling
  •  Map data types to these compliance frameworks
  •  Identify data elements that must be protected with regards to a specific standard (PCI-DSS)

 Data and Event Analysis

  •  Describe the process of data normalization
  •  Interpret common data values into a universal format
  •  Describe 5-tuple correlation
  •  Describe the 5-tuple approach to isolate a compromised host in a grouped set of logs
  •  Describe the retrospective analysis method to find a malicious file, provided file analysis report
  •  Identify potentially compromised hosts within the network based on a threat analysis report containing malicious IP address or domains
  •  Map DNS logs and HTTP logs together to find a threat actor
  •  Map DNS, HTTP, and threat intelligence data together
  •  Identify a correlation rule to distinguish the most significant alert from a given set of events from multiple data sources using the firepower management console
  •  Compare and contrast deterministic and probabilistic analysis

 הכנה למבחן הסמכה

 

  •  Compare data formats (XML, JSON, and YAML)
  •  Describe parsing of common data format (XML, JSON, and YAML) to Python data structures
  •  Describe the concepts of test-driven development
  •  Compare software development methods (agile, lean, and waterfall)
  •  Explain the benefits of organizing code into methods / functions, classes, and modules
  •  Identify the advantages of common design patterns (MVC and Observer)
  •  Explain the advantages of version control
  • Utilize common version control operations with Git

 Understanding and Using APIs

  •  Construct a REST API request to accomplish a task given API documentation
  •  Describe common usage patterns related to webhooks
  •  Identify the constraints when consuming APIs
  •  Explain common HTTP response codes associated with REST APIs
  •  Troubleshoot a problem given the HTTP response code, request and API documentation
  •  Identify the parts of an HTTP response (response code, headers, body)
  •  Utilize common API authentication mechanisms: basic, custom token, and API keys
  •  Compare common API styles (REST, RPC, synchronous, and asynchronous)
  •  Construct a Python script that calls a REST API using the requests library

Cisco Platforms and Development

  •  Construct a Python script that uses a Cisco SDK given SDK documentation
  •  Describe the capabilities of Cisco network management platforms and APIs (Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, and NSO)
  •  Describe the capabilities of Cisco compute management platforms and APIs (UCS Manager, UCS Director, and Intersight)
  •  Describe the capabilities of Cisco collaboration platforms and APIs (Webex Teams, Webex devices, Cisco Unified Communication Manager including AXL and UDS interfaces, and Finesse)
  •  Describe the capabilities of Cisco security platforms and APIs (Firepower, Umbrella, AMP, ISE, and ThreatGrid)
  •  Describe the device level APIs and dynamic interfaces for IOS XE and NX-OS
  •  Identify the appropriate DevNet resource for a given scenario (Sandbox, Code Exchange, support, forums, Learning Labs, and API documentation)
  •  Apply concepts of model driven programmability (YANG, RESTCONF, and NETCONF) in a Cisco environment
  •  Construct code to perform a specific operation based on a set of requirements and given API reference documentation

 Application Deployment and Security

  • Describe benefits of edge computing
  •  Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)
  •  Identify the attributes of these application deployment types
  •  Describe components for a CI/CD pipeline in application deployments
  •  Construct a Python unit test
  •  Interpret contents of a Dockerfile
  • Utilize Docker images in local developer environment
  •  Identify application security issues related to secret protection, encryption (storage and transport), and data handling
  •  Explain how firewall, DNS, load balancers, and reverse proxy in application deployment
  •  Describe top OWASP threats (such as XSS, SQL injections, and CSRF)
  •  Utilize Bash commands (file management, directory navigation, and environmental variables)
  •  Identify the principles of DevOps practices

 Infrastructure and Automation

  •  Describe the value of model driven programmability for infrastructure automation
  •  Compare controller-level to device-level management
  •  Describe the use and roles of network simulation and test tools (such as VIRL and pyATS)
  • Describe the components and benefits of CI/CD pipeline in infrastructure automation
  •  Describe principles of infrastructure as code
  •  Describe the capabilities of automation tools such as Ansible, Puppet, Chef, and Cisco NSO
  •  Identify the workflow being automated by a Python script that uses Cisco APIs including ACI, Meraki, Cisco DNA Center, or RESTCONF
  •  Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)
  •  Identify the workflow being automated by a bash script (such as file management, app install, user management, directory navigation)
  •  Interpret the results of a RESTCONF or NETCONF query
  •  Interpret basic YANG models
  •  Interpret a unified diff
  •  Describe the principles and benefits of a code review process
  •  Interpret sequence diagram that includes API calls

 הכנה למבחן הסמכה

לשיחה / תאום פגישה עם יועץ לימודים: