CCNA Security certification meets the needs of IT professionals who are responsible for network security. It confirms an individual’s skills for job roles such as Network Security Specialists, Security Administrators, and Network Security Support Engineers. CCNA Security is a new Associate Level certification designed to build upon the CCNA certification and as a prerequisite for the Cisco Certified Security Professional (CCSP). Of the three new CCNA certifications Security, Voice, and Wireless the CCNA Security certificate may well be the most valuable of all.
Knowledge:
While learning CCNA security it gives you a lot knowledge about defending against Worms, Viruses, Trojan Horses, and other network attacks, performing a security Using SDM to lock the router down. To protect data and unauthorized access encrypted passwords, privilege levels, the Supervisor role, and other CLI-based defenses and configuring RADIUS, TACACS+, AAA, named ACLs.
Skills:
The IINS course focuses on the necessity of a comprehensive security policy and how it affects the posture of the network. Delegates who attain this new certification will be able to perform basic tasks involved in securing a small branch office network using Cisco IOS security features available through web-based GUI’S on the Cisco routers and Switches.This certification validates skills including installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security structure.
Eligibility:
To take the 640-553 Implementing Cisco IOS Network Security (IINS) exam and become CCNA Security certified, you must first be a Cisco Certified Network Associate (CCNA). So if you’re not working on the valuable certification already, you need to get started so you can take advantage of the opportunities presented by these new certifications.
Validity:
The CCNA Security is valid for three years. To continue being a CCNA security professional there one test out of three options which is to be passed. One has to pass any current CCNA concentration exam (wireless, security, voice) or pass a current 642 professional exam or pass the current Cisco Certified Internetwork Expert (CCIE) written exam or the current Cisco Certified Design Expert (CCDE) written exam.
Exam:
After doing CCNA 640-553 test of IINS is required to pass to become a CCNA security professional. For this test the recommended training is Implementing Cisco IOS Network Security course.
Guaranteed Success:
Security administrators are in huge demand now, and according to a recent study performed by Forrester Consulting for Cisco that demand is literally going to almost double over the next five years. Presently, 46% of companies included in the survey have at least one dedicated security network admin, and over the next five years that percentage will reach 80%.
Employers who hire people with CCNA Security certifications can feel confident that their staff has the skills needed to develop a security infrastructure, to recognize vulnerabilities in networks, and to detect potential security threats.
For More About CCNA.
Related posts
Filed under study guides by on Feb 20th, 2010. 
The network three-tier architecture:
1. Access layer: provide network access points, the corresponding equipment, the port is relatively dense. Major equipment: switches, hubs.
2. Convergence layers: access layer of the convergence point, able to provide the routing decision-making. To achieve security filtering, flow control. Remote access. Major equipment: routers.
3. Core layer: provides faster transmission speed, not the operation of the packet to do anything
================================================== ===============
OSI seven layer network model: Protocol data unit
1. Physical Layer: speed, voltage, pin interface type Bit
2. Data Link Layer: The data error detection, physical address MAC Frame
3. Network layer: routing (path selection), the logical address (IP) Packet
4. Transport Layer: reliable and unreliable transport services, re-transmission mechanism. Segment
5. Session Layer: distinguish between different applications of data. Operating system work in this layer DATA
6. Said layers: data encoding, encryption. DATA
7. Application Layer: User Interface DATA
Bit, Frame, Packet, Segment are all unified as: PDU (Protocol Data Unit)
================================================== ===============
Physical Layer:
1. Media types: twisted-pair, coaxial cable, optical fiber
2. Connector Type: BNC port, AUI port, RJ45 port, SC / ST Interface
3. Twisted pair transmission distance is 100 meters.
4.HUB Hub: a broadcast domain, a collision domain. Flooding forward. Shared bandwidth.
Direct Line: the host and switch or HUB Connection
Cross Line: switches and switches, switch and HUB Connection
All-trans line (Rollback): used to manage the CISCO network equipment to use.
================================================== ===============
Data Link Layer:
1. Switches and bridges 2. Switches and bridges of the number of segment (port) there are that many of the collision domain.
3. Switches and bridges all of the segment (port) in the same broadcast domain
================================================== ===============
Network Layer:
1. Routers 2. Routing path selection (routing policy). Routing Table 3. Wide Area Network access. 4. Routers broadcast the domain partition (partition).
================================================== ===============
Transport Layer:
1.TCP (Transmission Control Protocol), connection-oriented, with re-transmission mechanism, reliable transmission
2.UDP (User Datagram Protocol), no connections, no retransmission mechanism is not reliable transmission
3. Port number: available to the session layer to differentiate without the application data. Identity services.
================================================== ===============
show hosts display the current configuration of the host name
show sessions show the current out-of-TELNET session
clear lines clear line XXX
<ctrl> + <z> a direct return to the privileged mode
<ctrl> + <shift> + <6> + x
================================================== ===============
enable access to privileged mode
disable from a privileged mode back to user mode
configure terminal to enter the global configuration mode
interface ethernet 0 / 1 into slot 0 of the number of 1 Ethernet port
Mode exit Back to Top
end the direct return to the privileged mode
================================================== ===============
1. When the CISCO CATALYST series of switches, in the initialization could not find the “User Configuration” file, it will automatically load Default Settings (default configuration) file to the switch to initialize. To ensure that the switch works .2. CISCO Router in the initialization could not find the “User Configuration” file, the system will be automatically entered into the “Initialization configuration mode” (the system configuration dialog mode, SETUP mode, STEP BY STEP CONFIG mode, standby mode), does not work !
================================================== ===============
1.CONSOLE PORT (management console interface): distance restrictions, exclusive way.
2.AUX port (supporting management interface): can be articulated MODEM remote management, and exclusive way.
3.Telnet: more than a remote management (determined by the performance, VTY number of lines). Unsafe.
================================================== ===============
Immediate implementation, with immediate effect
================================================== ===============
hostname configuration Host Local Identity
r6 (config) # interface ethernet 0
r6 (config-if) # ip address 1.1.1.1 255.255.255.0
IOS version of the show version observe hours of work-related equipment, the list of interfaces
show running-config to view the current configuration of the entry into force of this configuration file is stored in the RAM
show interface ethernet 0 / 1 Ethernet interface see the status of working conditions and so on and so on …
================================================== ===============
reload Reload Router (restart)
setup manually enter the setup configuration mode
show history View history command (recently used order)
terminal history size <0-256> Set the command buffer size 0: on behalf of non-cache
copy running-config startup-config save the current configuration
Concept:
nvram: non-volatile memory, power-off information is not lost “- User Profiles <- startup-config
ram: random access memory, power off all this information is lost “- the current force configuration <- running-config
startup-config on each router or a switch to start time, will take the initiative loads
================================================== ===============
banner motd [char c] at the same time in order to [char c] Another line from the end of
description description interface annotations
(<ctrl> + <shift> + <6>) + x
For the console port to configure Password:
line conosle 0 into consolo 0
password cisco set a password for “cisco”
Set login password when you login
enable password <string> set up expressly to enable password
enable secret <string> to set the text of the enable secret password (priority to be used in the plaintext)
service password-encryption encryption system for all clear-text passwords (weak)
Set vtp line password (Telnet)
line vty 0?
password cisco
login
================================================== ===============
Configure the virtual loopback interface (loopback interface by default as the UP state)
inerface loopback? to create a loopback interface
ip address 1.1.1.1 255.0.0.0 interface IP address configuration
end withdraw from the interface
ping 1.1.1.1 test the effectiveness of the interface
no * to do to configure the reverse operation of
DCE / DTE only exists in the wide area network
show controllers serial 0 for viewing the properties of DCE and the DTE
DCE need to configure the clock frequency of the Router
clock rate? configured DCE interface clock frequency (system specified frequency)
Related posts
Filed under ccna certification, study guides by on Jan 16th, 2010.
Network, the company is currently doing a lot of Cisco certification exam As more and more people up. I started to go down this road, today we talk about my right Jiugen CCNA certification courses of study and pro forma little insight. Personal opinion, only reference
1. Market
Analysis:
Yang certification began in MCSE, then how hot MCSE in China has a number of “old people” can still clearly remember that. Today, many people describe the number of MCSE, is to use the “flood” the word to describe it can be imagined, MCSE lost its original aura. CCNA is no exception, I started to learn CCNA in 2002, before seen an article that is generally the author herself CCNA, was not involved in the rapid promotion of the construction of the Chengdu Great Wall Broadband . At that time a CCNA sure that I am really impressed on the technical side; and now does a lot of people would be extreme to say “CCNA is a garbage.”
“Junk” Who created it? Is the training center’s fault? Yes TK fault?, Or the fault of the Chinese population? Personally think that the biggest mistake makers, is your own. The number is absolutely not a problem, now engaged in IT – the company so many Gesanchawu the establishment of the new company alone, and even now at every turn is listed on Nasdaq. on the CCNA for a CCNA, the level of a misnomer, emboldened to speak out are not, either theoretical or practical examination is not compliance, those who feel that their former boss invited CCNA, salary open too high, too good for them, and the results of invited people, can do well, and too little. The second recruitment salary standards naturally declined.
In addition, some people say they are very rare. That was good, a small number of things in its time, its value is often a lot more than its actual value; and when the increase in the number, value, also to return to the original level, it should go up, the title a few years ago a CCIE can sell tens of thousands or even 10 million, this means that you have your CCIE’s number hanging in the other company name, and do nothing, the money himself into your bag of; now? nearly one will buy it, and the quality has declined, the numbers are more.
As for the salary standards, a lot of new people tend to like to ask “How much money do regarding current CCNA a month?” If I answered “one month 20000″ (Actually, I can only earn 800 a month is also more than ten thousand customers come Kengmengguaipian ), then you will actively participate not come in? If I answer “can only get 500 a month (but in fact I rely on an extra skill or do anything else pull a single private business be able to earn a little extra money, a 10000), you are not a Council are prohibitive? five fingers are not as long, that is, twins, there will be individual differences, and the crowd is a pyramid-type structure, the most top-notch, always a minority; another and that most people are still struggling on the edge.
Conclusion:
If you feel that rely on a certificate, will be able to get on, “leading to the well-paid first class”, then you will be throwing from the air and into a ravine crushing. To do beyond their salary survey, it is better do its homework, take a look down what to do?
2. On curriculum.
Analysis:
Many newcomers do not know the CCNA certification course in the end, what kind of involved. CCNA certification courses, the basis for a number of networks, can be divided into network model and architecture, routing, LAN switching technology, remote access technology. And all this is that these techniques in the basis of this foundation, CCNP certification programs categorized them to carry out deep-level explanations.
Conclusion:
CCNA certification course is the foundation.
Related posts
Filed under ccna certification by on Jan 15th, 2010.