Choose your language:

Hong Kong
New Zealand
United Kingdom
United States

CCNA Security: Implementing Network Security (Exam 640-554 IINS) with Dynamips

Course Code



5 Days

Due to the pace and duration of this course, ideal candidates for this course operate in medium to very large computing environment:

  • They have a minimum of one-year experience working in a LAN/WAN environment
  • They have passed the CCNA course and certification exam and/or possess this knowledge
  • Participants in this accelerated course should already know the basic commands for Cisco routers and switches
This course provides the knowledge and skills to install and configure Cisco equipment for security purposes. The CCNA Security Certification meets the needs of IT professionals who are responsible for network security. It confirms an individual's skills for job roles such as Network Security Specialists, Security Administrators, and Network Security Support Engineers. This certification validates skills including installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security structure.

Participants completing the recommended Cisco training will gain an introduction to core security technologies as well as how to develop security policies and mitigate risks. IT organizations that employ CCNA Security-holders will have IT staff that can develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA in Security is considered to be the most universally rewarding certification produced in the IT industry. Individuals who possess a CCNA in Security usually carry job titles such as Network Engineer or Network Architect.

Course Materials consist of a CCNA Security Welcome kit and the following materials:
The CCNA Security textbook and Virtual Lab e-trainer
Student manual containing all of the PowerPoint slides used in this class

Exam Preparation
Completion, review and discussion of examination question examples.

The 640-554 IINS Implementing Cisco IOS Network Security exam is associated with the CCNA Security certification. This exam tests a candidate's knowledge of securing Cisco routers and switches and their associated networks. It leads to validated skills for installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security infrastructure. Candidates can prepare for this exam by taking the Implementing Cisco IOS Network Security (IINS) course.

Criteria for Certification
Cisco does not publish the pass score for this exam, but the community commonly accepts that the passing score is 825 out of 1000. The exam contains between 52 and 65 questions that include multiple choice, drag and drop, and simulation style questions in varying numbers.

A solid credential that can be utilized in any industry
Validation of achievement in an industry-valued skill
Viable career path, leading to higher level positions
This course is designed for individuals who hold a valid CCNA certification.

Upon completion of this course, participants will be able to:

  • Describe the security threats facing modern network infrastructures
  • Secure Cisco routers
  • Implement AAA on Cisco routers using local router database and external ACS
  • Mitigate threats to Cisco routers and networks using ACLs
  • Implement secure network management and reporting
  • Mitigate common Layer 2 attacks
  • Implement the Cisco IOS firewall feature set using SDM
  • Implement the Cisco IOS IPS feature set using SDM
  • Implement site-to-site VPNs on Cisco Routers using SDM
Module 1: Networking Security Concepts
Understanding Network and Information Security Basics
Recognizing Current Network Threats
Applying Fundamental Security Principles to Network Design

Module 2: Understanding Security Policies Using a Lifecycle Approach
Risk Analysis and Management
Security Policies

Module 3: Building a Security Strategy
Securing Borderless Networks
Controlling and Containing Data Loss

Module 4: Network Foundation Protection
Using Network foundation Protection to Secure Networks
Setting Up New Devices
CCP Building Blocks
CCP Audit Features

Module 5: Using Cisco Configuration Professional to Protect the Network Infrastructure
Introducing Cisco Configuration Professional
Understanding CCP Features and the GUI

Module 6: Securing the Management Plane on Cisco IOS Devices
Securing Management Traffic
Implement Security Measures to Protect the Management Plane

Module 7: Implementing AAA Using IOS and the ACS Server
Cisco Secure ACS, RADIUS, and TACACS
Configuring Routers to Interoperate with an ACS Server
Configuring the ACS Server to Interoperate with a Router
Verifying and Troubleshooting Router-to-ACS Server Interactions

Module 8: Securing Layer 2 Technologies
VLAN and Trunking Fundamentals
Spanning-Tree Fundamentals
Common Layer 2 Threats and How to Mitigate Them

Module 9: Securing the Data Plane in IPv6
Understanding and Configuring IPv6
Configuring IPv6 Routing
Developing a Security Plan for IPv6

Module 10: Planning a Threat Control Strategy
Designing Threat Mitigation and Containment
Securing a Network via Hardware/Software/Services

Module 11: Using Access Control Lists for Threat Mitigation
Access Control List Fundamentals and Benefits
Implementing IPv4 ACLs as Packet Filters
Implementing IPv6 ACLs as Packet Filters

Module 12: Understanding Firewall Fundamentals
Firewall Concepts and Technologies
Using Network Address Translation
Creating and Deploying Firewalls

Module 13: Implementing Cisco IOS Zone-Based Firewalls
Cisco IOS Zone-Based Firewall
Configuring and Verifying Cisco IOS Zone-Based Firewall

Module 14: Configuring Basic Firewall Policies on Cisco ASA
The ASA Appliance Family and Features
ASA Firewall Fundamentals
Configuring the ASA

Module 15: Cisco IPS/IDS Fundamentals
IPS Versus IDS
Identifying Malicious Traffic on the Network and Managing Signatures
Monitoring and Managing Alarms and Alerts

Module 16: Implementing IOS-Based IPS
Understanding and Installing an IOS-Based IPS
Working with Signatures in an IOS-Based IPS
Managing and Monitoring IPS Alarms

Module 17: Fundamentals of VPN Technology
Understanding VPNs and Why We Use Them
Cryptographic Basic Components

Module 18: Fundamentals of the Public Key Infrastructure
Public Key Infrastructure

Module 19: Fundamentals of IP Security
IPsec Concepts, Components, and Operations
Configuring and Verifying IPsec

Module 20: Implementing IPsec Site-to-Site VPNs
Planning and Preparing an IPsec Site-to-Site VPN
Implementing and Verifying an IPsec Site-to-Site VPN

Module 21: Implementing SSL VPNs Using Cisco ASA
Functions and Use of SSL for VPNs
Configure SSL Clientless VPNs on ASA
Configuring SSL AnyConnect VPN on the ASA
Send Us a Message
Choose one