• Main Menu
  Move through hours of in-depth content - quickly and easily due to the efficient and organized structure.
• PowerPoint
  Utilizing PowerPoint presentations enhances the delivery by displaying a variety of visual information to the user. This type of representation allows the user to better interpret the material through charts, definitions, graphs, and more...
• Exclusive Learning Zone
  Train around the clock, around the world. Our certified online instructors are located at global support centers in the U.S., U.K., Australia, and Singapore to provide real-time answers to technology- and soft-skill-related questions 24x7. This means access to a live subject matter expert no matter where you are - day or night. This level of student/instructor interaction provides real-time training specific support and extends training beyond content and instructor-led solutions by providing flexibility to accommodate individual needs and schedules.
• Controls
  Move forward, back, and repeat entire topics or just a section. A progress bar illuminates as you advance through exercises.
  
  
• Full Motion Video
  All courses feature full-motion videos of instructors teaching the information as if they are speaking directly to you. Our unique delivery simulates a one-on-one classroom environment creating a more personal lesson and learning experience.
• Study Guides
  Printable study guides for the entire course are available. This allows all material to be viewed, reviewed, and printed for viewing at a later date.
• Review Exercises
  Each section has a review quiz to aid in the learning process by validating the comprehension of the material covered before moving on to a new section.
• Resume
  All courses are resumed to where you left off last session allowing you to learn when it is convenient for you without the hassle of remembering where you where.
• Hands-on Lab Live Demonstrations
  Demonstrations are a way for the instructor to show and tell the user how to perform a task by actually doing it on screen in front of them. In this format it gives the user the power to see things done by a professional in the intended environment as many times as they would like.
• Certificate of Completion
  Career Academy is recognized worldwide for its technology-based IT training curriculums. Upon successful completion of our program, you will be receiving a Career Academy Distance Education Certificate of Completion.

Chapter 1 - The Cisco Security Appliance
The Cisco Security Appliance
What is a Firewall?
Firewall Technologies
Packet Filtering
Proxy Server
Stateful Packet Filtering
Security Appliances: What Are They?
Proprietary Operating System
Stateful Packet Inspection
Cut-Through Proxy Operation
Application-Aware Inspection
Modular Policy
Virtual Private Network
Security Context (Virtual Firewall)
Failover Capabilities: Active/Standby, Active/Active, and Stateful Failover
Transparent Firewall
Web-Based Management Solutions
Chapter 1 Review

Chapter 2 - Cisco PIX Security Appliance and ASA Adaptive
Security Appliance Families
Cisco PIX Security Appliance and ASA Adaptive Security Appliance Families
PIX Firewall Security Appliance Family
ASA Adaptive Security Appliance Family
Cisco ASA 5510 Adaptive Security Appliance
Cisco ASA 5520 Adaptive Security Appliance
Cisco ASA 5540 Adaptive Security Appliance
ASA 5500 Series: Front and Back Panels
ASA 5500 Series: Connectors
Security Services Module
PIX Firewall Security Appliance Licensing
PIX License Types
VPN Encryption License
PIX Firewall Security Context Licenses
PIX 515E, 525, and 535 Licensing
ASA Adaptive Security Appliance Licensing
ASA Security Context Licenses
ASA 5510, 5520, and 5540 Licensing
Cisco Firewall Services Module
FWSM
FWSM in Catalyst 6500 Switch and Cisco 7600 Internet Router
Chapter 2 Review

Chapter 3 - Getting Started with Cisco Security Appliances
Getting Started with Cisco Security Appliances
User Interface
Security Appliance Access Modes
Access Privilege Mode
Access Configuration Mode: Configure Terminal Command
Help Command
File Management
Viewing and Saving Your Configuration
Clearing Running Configuration
Clearing Startup Configuration
Reload the Configuration: reload Command
File System
Displaying Stored Files: System and Configuration
Selecting Boot System File
Verifying the Startup System Image
Security Appliance Security Levels
Functions of the Security Appliance: Security Algorithm
Security Level Example
Basic Security Appliance Configuration
Hostname and CLI Prompt Configuration
Basic CLI Commands
interface Configuration
Naming the Interface
Assign Interface IP Address
DHCP-Assigned Address
Assign a Security Level
Speed and Duplex Commands
ASA Management Interface
NAT
Enable NAT Control
nat Command
global Command
Demo - Basic CLI Commands
Configuring a Static Route
Static Host Command
Configuration Example
Examining Security Appliance Status
show Commands
show memory Command
show cpu usage Command
show version Command
show ip address Command
show interface Command
show nameif Command
show run nat Command
show run global Command
show xlate Command
ping Command
show route Command
Setting Time and Using NTP Support
clock Command
Setting DST
ntp Command
Syslog Configuration
Using a Syslog Server
Logging Options
Logging Levels
Configure Message Output to a Syslog Server
Syslog Output Example
Customize Syslog Output
show logging Command
Demo - More Commands
Chapter 3 Review

Chapter 4 - Translations and Connections
Translations and Connections
Transport Protocols
Sessions in an IP World
TCP
TCP from Inside to Outside
UDP
Network Address Translation
Addressing Scenarios
Access Through the Security Appliance
Inside Address Translation
Dynamic Inside NAT
Two Interfaces with NAT
Three Interfaces with NAT
Port Address Translation
PAT Example
PAT Using Egress Address
Mapping Subnets to PAT Addresses
Backing Up PAT Addresses by Using Multiple PATs
Augmenting a Global Pool with PAT
Identity NAT
Identity NAT: nat 0 Command
Demo - Dynamic NAT
Static Command
Global NAT and Static NAT
static Command: Parameters
static Command: Web Server
static Command: FTP Server
Net Static
Static PAT: Port Redirection
static pat Command
TCP Intercept and Connection Limits
Connection Limits
TCP Three-Way Handshake
TCP Intercept
SYN Cookies
Embryonic Connection Limit
UDP Maximum Connection Limit
Connections and Translations
Connections Versus Translations
show conn Command
show conn detail Command
show local-host Command
show xlate Command
show xlate detail Command
Security Appliance NAT Philosophy
Matching Outbound Packet Addresses
Configuring Multiple Interfaces
Additional Interface Support
Configuring Three Interfaces
Configuring Four Interfaces
Demo - Static NAT
Chapter 4 Review

Chapter 5 - ACLs and Content Filtering
ACLs and Content Filtering
ACLs
Security Levels Revisited
ACL Configuration
ACL Usage Guidelines
Inbound Traffic to DMZ Web Server
Create a Static Translation for Web Server
access-list Command
access-group Command
show access-list Command
clear access-list counters Command
Time Range Configuration
Time-Range Submode
Time-based ACL
Time-based ACL Example
ACL Logging
access-list deny-flow-max & alert-interval Commands
ACL Line Number and Comments
Inbound HTTP Access Solution
Inbound HTTPS Access Solution
icmp Command
nat 0 Plus acl Command
Policy NAT: nat Plus acl Command
Other Commands Plus acl
Malicious Active Code Filtering
Java Applet Filtering
ActiveX Blocking
ActiveX filter Command
URL Filtering
HTTP URL Filtering
Designate the URL-filtering Server
Enable HTTP URL Filtering
HTTPS and FTP Filtering
URL-filtering Configuration Example
Demo - ACL Configuration
About the CSC SSM
Deploying the Security Appliance with CSC SSM
CSC SSM Traffic Flow
CSC SSM Deployment Scenario
Chapter 5 Review

Chapter 6 - Object Grouping
Object Grouping
Overview of Object Grouping
Using Object Groups in ACLs
Grouping Objects
Grouping Objects of Similar Types
Getting Started with Object Groups
Configuring and Using Object Groups
Configuring Network Object Groups
Configuring Service Object Groups
Adding Object Groups to an ACL
Configuring ICMP-Type Object Groups
Nested Object Groups
Configuring Nested Object Groups
Nested Object Group Example
group-object Command Example
Object Group Services Example
Apply Nested Object Group to ACL
Multiple Object Groups in ACLs
Displaying Configured Object Groups
Removing Configured Object Groups
Demo - Object Groups
Chapter 6 Review

Chapter 7 - Authentication, Authorization, and Accounting
Authentication, Authorization, and Accounting
Introduction
Types of Authentication
Types of Authorization
Types of Accounting
Installation of Cisco Secure ACS for Windows 2000
Installation Wizard
ACS Network Configuration
Security Appliance Access Authentication Configuration
Methods of Device Access
Configuring Authentication
Specify an AAA Server Group
AAA Server Group Subcommand
Designate an Authentication Server
Authentication of Console Access
How to Add Users to Cisco Secure ACS
How to Add Users to the LOCAL Database
Maximum Failed Attempts
Show Local Users
How to Change the Authentication Prompts
How to Change the Authentication Timeouts
Cut-Through Proxy Authentication Configuration
Cut-Through Proxy Operation
Configuring Cut-Through Authentication
Enable authentication match
aaa authentication match
Enable authentication include | exclude
Show Authentication
show aaa-server Command: TACACS+ Server
Authentication of Non-Telnet, -FTP, -HTTP, or -HTTPS Traffic
Virtual Telnet
Virtual HTTP
Configuration of Virtual HTTP Authentication
Tunnel Access Authentication Configuration
Tunnel User Authentication
VPN Tunnel Group Policy
Authorization Configuration
Security Appliance User Authorization
TACACS+ Authorization Configuration
Enable authorization match
Enable authorization include | exclude
Authorization Rules Allowing Specific Services
Allowing Specific Services to Specific Hosts
Authorization of Non-Telnet, -FTP, -HTTP, or -HTTPS Traffic
Downloadable ACLs
Downloadable ACL Authorization
Downloadable ACLs (Cont.)
Configuring Downloadable ACLs
Assigning the ACL to the User or Group
Show Downloaded ACLs
Show Authentication (Cont.)
RADIUS
Per-User Override
Example: Per-User Override
Accounting Configuration
AAA
Enable accounting match
Enable accounting include | exclude
How to View Accounting Information
Accounting of Non-Telnet, -FTP, or -HTTP Traffic
Admin Accounting
Viewing RADIUS Admin Access Accounting Information
Command Accounting
Viewing TACACS+ Admin Command Accounting
Demo - ACS Server
Chapter 7 Review

Chapter 8 - Switching and Routing
Switching and Routing
VLANs
Creating Logical and Physical Interfaces
Assigning VLAN Names and Security Levels
Assigning VLAN IP Addresses
VLAN Configuration
Maximum Number of Interfaces
Static and Dynamic Routing
Static Routes
Dynamic RIP Routes
OSPF
Configuring OSPF
Enabling OSPF Routing
Defining OSPF Networks
Two OSPF Processes
Configuring Two OSPF Areas
Multicasting