מסלול CCNA טריפל בהתמחות Cyber & DevNet

מידע וסילבוס

מבדיקה של חברת Cisco, התגלה הצורך בשטח לאנשי תקשורת אשר לא רק בעלי הבנה מעמיקה בעקרונות התקשורת וה-IP אלא גם בעלי ידע באבטחת הרשת, תכנות הרשת ואוטומציה שלה.


הקורס יתמקד בשלוש הסמכות של Cisco ברמת Associate: CCNA אשר יקנה לתלמידים ידע מעמיק בתקשורת, Cyberops אשר יקנה לתלמידים ידע בנושא חשוב שבו יש ביקוש רב בנושא הסייבר ו-devnet אשר יקנה לתלמידים הבנה בתכנות הרשת ואוטומציה שלה. אלו הן שלוש ההסמכות הראשוניות של cisco נכון לעכשיו. Cisco בחרו לשלב את נושא ה-DEVNET לאחר סקר שביצעו בתעשייה ובו גילו שאיש התקשורת של היום חייב שיהיה לו ידע מעמיק גם בתקשורת וגם בתכנות שנכנס לשימוש יותר ויותר בנושא התקשורת על מנת לאפשר אוטומציה של הרשת וקלות בתפעול שלה. cyberops היא גם הסמכה חדשה יחסית של Cisco שהבינו שכדי לעמוד בקצב של התפתחות הטנכולוגיה, יש להיכנס גם לנושא הסייבר ההולך ומתפתח.

70 מפגשים, פעמיים בשבוע, בשעות הערב, סה”כ: 350 שעות אקדמיות

ידע בסיסי באנגלית

  • נוכחות ב 80% מהמפגשים לפחות
  • הגשת תרגילי בית
  • מעבר בחינות פנימיות בציון 85

• תעודת גמר של המרכז הישראלי לטכנולוגיה ותקשורת (IITC)
• תעודת הסמכה בינלאומית של חברת Cisco העולמית:(200-301) CCNA
• תעודת הסמכה בינלאומית של חברת Cisco העולמית: CyberOps (210-250, 210-255)
• תעודת הסמכה בינלאומית של חברת Cisco העולמית: DevNet Associate (200-901)

נושאים שילמדו בקורס CCNA :

 Network Fundamentals

  •  Explain the role and function of network components
  •  Describe characteristics of network topology architectures
  •  Compare physical interface and cabling types
  •  Identify interface and cable issues (collisions, errors, mismatch duplex, and/or speed)
  • Compare TCP to UDP
  •  Configure and verify IPv4 addressing and subnetting
  •  Describe the need for private IPv4 addressing
  •  Configure and verify IPv6 addressing and prefix
  •  Compare IPv6 address types
  •  Verify IP parameters for Client OS (Windows, Mac OS, Linux)
  •  Describe wireless principles
  •  Explain virtualization fundamentals (virtual machines)
  •  Describe switching concepts

 Network Access

  • Configure and verify VLANs (normal range) spanning multiple switches
  •  Configure and verify interswitch connectivity
  •  Configure and verify Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP)
  •  Configure and verify (Layer 2/Layer 3) EtherChannel (LACP)
  •  Describe the need for and basic operations of Rapid PVST+ Spanning Tree Protocol and identify basic operations
  •  Compare Cisco Wireless Architectures and AP modes
  •  Describe physical infrastructure connections of WLAN components (AP,WLC, access/trunk ports, and LAG)
  •  Describe AP and WLC management access connections (Telnet, SSH, HTTP,HTTPS, console, and TACACS+/RADIUS)
  •  Configure the components of a wireless LAN access for client connectivity using GUI only such as WLAN creation, security settings, QoS profiles, and advanced WLAN settings

IP Connectivity

  •  Interpret the components of routing table
  •  Determine how a router makes a forwarding decision by default
  •  Configure and verify IPv4 and IPv6 static routing
  •  Configure and verify single area OSPFv2
  •  Describe the purpose of first hop redundancy protocol

 IP Services

  •  Configure and verify inside source NAT using static and pools
  •  Configure and verify NTP operating in a client and server mode
  •  Explain the role of DHCP and DNS within the network
  •  Explain the function of SNMP in network operations
  •  Describe the use of syslog features including facilities and levels
  •  Configure and verify DHCP client and relay
  •  Explain the forwarding per-hop behavior (PHB) for QoS such as classification, marking, queuing, congestion, policing, shaping
  •  Configure network devices for remote access using SSH
  •  Describe the capabilities and function of TFTP/FTP in the network

Security Fundamentals

  •  Define key security concepts (threats, vulnerabilities, exploits, and mitigation techniques)
  •  Describe security program elements (user awareness, training, and physical access control)
  •  Configure device access control using local passwords
  •  Describe security password policies elements, such as management, complexity, and password alternatives (multifactor authentication, certificates, and biometrics)
  •  Describe remote access and site-to-site VPNs
  •  Configure and verify access control lists
  •  Configure Layer 2 security features (DHCP snooping, dynamic ARP inspection, and port security)
  •  Differentiate authentication, authorization, and accounting concepts
  •  Describe wireless security protocols (WPA, WPA2, and WPA3)
  •  Configure WLAN using WPA2 PSK using the GUI

Automation and Programmability

  •  Explain how automation impacts network management
  •  Compare traditional networks with controller-based networking
  •  Describe controller-based and software defined architectures (overlay, underlay, and fabric)
  •  Compare traditional campus device management with Cisco DNA Center enabled device management
  •  Describe characteristics of REST-based APIs (CRUD, HTTP verbs, and data encoding)
  • Recognize the capabilities of configuration management mechanisms Puppet, Chef, and Ansible
  •  Interpret JSON encoded data

 הכנה למבחן הסמכה

Security Concepts

  • Describe the principles of the defense in depth strategy
  •  Compare and contrast these concepts
  •  Describe these terms
  •  Describe these security terms
  •  Compare and contrast these access control models
  •  Compare and contrast these terms
  •  Describe these concepts

Cryptography

  • Describe the uses of a hash algorithm
  •  Describe the uses of encryption algorithms
  •  Compare and contrast symmetric and asymmetric encryption algorithms
  •  Describe the processes of digital signature creation and verification
  •  Describe the operation of a PKI
  •  Describe the security impact of these commonly used hash algorithms
  •  Describe the security impact of these commonly used encryption algorithms and secure communications protocols
  •  Describe how the success or failure of a cryptographic exchange impacts security investigation
  •  Describe these items in regards to SSL/TLS

 Host-Based Analysis

  • Define these terms as they pertain to Microsoft Windows
  •  Define these terms as they pertain to Linux
  •  Describe the functionality of these endpoint technologies in regards to security monitoring
  •  Interpret these operating system log data to identify an event

 Security Monitoring

  •  Identify the types of data provided by these technologies
  •  Describe these types of data used in security monitoring
  •  Describe these concepts as they relate to security monitoring
  •  Describe these NextGen IPS event types
  •  Describe the function of these protocols in the context of security monitoring

 Attack Methods

  •  Compare and contrast an attack surface and vulnerability
  •  Describe these network attacks
  •  Describe these web application attacks
  •  Describe these attacks
  •  Describe these endpoint-based attacks
  •  Describe these evasion methods
  •  Define privilege escalation
  •  Compare and contrast remote exploit and a local exploit

 הכנה למבחן הסמכה

SECOPS:

  •  Endpoint Threat Analysis and Computer Forensics
  •  Interpret the output report of a malware analysis tool such as AMP Threat Grid and Cuckoo Sandbox
  •  Describe these terms as they are defined in the CVSS 3.0:
  •  Describe these terms as they are defined in the CVSS 3.0
  •  Define these items as they pertain to the Microsoft Windows file system
  •  Define these terms as they pertain to the Linux file system
  •  Compare and contrast three types of evidence
  •  Compare and contrast two types of image
  •  Describe the role of attribution in an investigation

 Network Intrusion Analysis

  •  Interpret basic regular expressions
  •  Describe the fields in these protocol headers as they relate to intrusion analysis:
  •  Identify the elements from a NetFlow v5 record from a security event
  •  Identify these key elements in an intrusion from a given PCAP file
  •  Extract files from a TCP stream when given a PCAP file and Wireshark
  • Interpret common artifact elements from an event to identify an alert
  •  Map the provided events to these source technologies
  •  Compare and contrast impact and no impact for these items
  •  Interpret a provided intrusion event and host profile to calculate the impact flag generated by Firepower Management Center (FMC)

 Incident Response

  •  Describe the elements that should be included in an incident response plan as stated in NIST.SP800-61 r2
  •  Map elements to these steps of analysis based on the NIST.SP800-61 r2
  •  Map the organization stakeholders against the NIST IR categories (C2M2, NIST.SP800-61 r2)
  •  Describe the goals of the given CSIRT
  •  Identify these elements used for network profiling
  •  Identify these elements used for server profiling
  •  Map data types to these compliance frameworks
  •  Identify data elements that must be protected with regards to a specific standard (PCI-DSS)

 Data and Event Analysis

  •  Describe the process of data normalization
  •  Interpret common data values into a universal format
  •  Describe 5-tuple correlation
  •  Describe the 5-tuple approach to isolate a compromised host in a grouped set of logs
  •  Describe the retrospective analysis method to find a malicious file, provided file analysis report
  •  Identify potentially compromised hosts within the network based on a threat analysis report containing malicious IP address or domains
  •  Map DNS logs and HTTP logs together to find a threat actor
  •  Map DNS, HTTP, and threat intelligence data together
  •  Identify a correlation rule to distinguish the most significant alert from a given set of events from multiple data sources using the firepower management console
  •  Compare and contrast deterministic and probabilistic analysis

 הכנה למבחן הסמכה

 

  •  Compare data formats (XML, JSON, and YAML)
  •  Describe parsing of common data format (XML, JSON, and YAML) to Python data structures
  •  Describe the concepts of test-driven development
  •  Compare software development methods (agile, lean, and waterfall)
  •  Explain the benefits of organizing code into methods / functions, classes, and modules
  •  Identify the advantages of common design patterns (MVC and Observer)
  •  Explain the advantages of version control
  • Utilize common version control operations with Git

 Understanding and Using APIs

  •  Construct a REST API request to accomplish a task given API documentation
  •  Describe common usage patterns related to webhooks
  •  Identify the constraints when consuming APIs
  •  Explain common HTTP response codes associated with REST APIs
  •  Troubleshoot a problem given the HTTP response code, request and API documentation
  •  Identify the parts of an HTTP response (response code, headers, body)
  •  Utilize common API authentication mechanisms: basic, custom token, and API keys
  •  Compare common API styles (REST, RPC, synchronous, and asynchronous)
  •  Construct a Python script that calls a REST API using the requests library

Cisco Platforms and Development

  •  Construct a Python script that uses a Cisco SDK given SDK documentation
  •  Describe the capabilities of Cisco network management platforms and APIs (Meraki, Cisco DNA Center, ACI, Cisco SD-WAN, and NSO)
  •  Describe the capabilities of Cisco compute management platforms and APIs (UCS Manager, UCS Director, and Intersight)
  •  Describe the capabilities of Cisco collaboration platforms and APIs (Webex Teams, Webex devices, Cisco Unified Communication Manager including AXL and UDS interfaces, and Finesse)
  •  Describe the capabilities of Cisco security platforms and APIs (Firepower, Umbrella, AMP, ISE, and ThreatGrid)
  •  Describe the device level APIs and dynamic interfaces for IOS XE and NX-OS
  •  Identify the appropriate DevNet resource for a given scenario (Sandbox, Code Exchange, support, forums, Learning Labs, and API documentation)
  •  Apply concepts of model driven programmability (YANG, RESTCONF, and NETCONF) in a Cisco environment
  •  Construct code to perform a specific operation based on a set of requirements and given API reference documentation

 Application Deployment and Security

  • Describe benefits of edge computing
  •  Identify attributes of different application deployment models (private cloud, public cloud, hybrid cloud, and edge)
  •  Identify the attributes of these application deployment types
  •  Describe components for a CI/CD pipeline in application deployments
  •  Construct a Python unit test
  •  Interpret contents of a Dockerfile
  • Utilize Docker images in local developer environment
  •  Identify application security issues related to secret protection, encryption (storage and transport), and data handling
  •  Explain how firewall, DNS, load balancers, and reverse proxy in application deployment
  •  Describe top OWASP threats (such as XSS, SQL injections, and CSRF)
  •  Utilize Bash commands (file management, directory navigation, and environmental variables)
  •  Identify the principles of DevOps practices

 Infrastructure and Automation

  •  Describe the value of model driven programmability for infrastructure automation
  •  Compare controller-level to device-level management
  •  Describe the use and roles of network simulation and test tools (such as VIRL and pyATS)
  • Describe the components and benefits of CI/CD pipeline in infrastructure automation
  •  Describe principles of infrastructure as code
  •  Describe the capabilities of automation tools such as Ansible, Puppet, Chef, and Cisco NSO
  •  Identify the workflow being automated by a Python script that uses Cisco APIs including ACI, Meraki, Cisco DNA Center, or RESTCONF
  •  Identify the workflow being automated by an Ansible playbook (management packages, user management related to services, basic service configuration, and start/stop)
  •  Identify the workflow being automated by a bash script (such as file management, app install, user management, directory navigation)
  •  Interpret the results of a RESTCONF or NETCONF query
  •  Interpret basic YANG models
  •  Interpret a unified diff
  •  Describe the principles and benefits of a code review process
  •  Interpret sequence diagram that includes API calls

 הכנה למבחן הסמכה

לשיחה / תאום פגישה עם יועץ לימודים:

  • הנני מעוניין/ת שנציג של מכללת אינטרביט יצור עימי קשר וישלח לי מידע רלוונטי על קורסים והשתלמויות של המכללה