Home

Objectives

  • Deepen the knowledge to install, configure, and implement a small to medium sized network acquired during the CCNA exam.

  • Introduce the Self-Study course modules not covered in the CCNA.

  • Prepare and write the CCNA 200-301 exam, leading to CCNA certification.

Prerequisite

  • Knowledge of routed and switched networks (IPv4 and IPv6) and Cisco IOS

  • Experience in the implementation of LAN networks, Internet connectivity, network equipment security management

  • Have completed the CCNA course

Pedagogical Modalities

Classes are given in face-to-face mode with alternating theoretical and methodological contributions, and practical situations.

Target Audience

The target audience for this training is system and network engineers, network administrators, who are responsible for installation, operation and network support in the company, who have successfully completed the CCNA exam preparation and hope to obtain a CCNA certification by combining the CCNA exam with the following content. Requires a personal investment.

CCNA Exam Preparation

Review and synthesis of important and advanced CCNA exam topics

  • Simple network design

  • Establishing Internet connectivity v4 and v6

  • Static and dynamic routing

  • Scalability of Campus networks

  • Advanced WAN Features

  • Evolution towards smart grids

  • Securing network equipment

Presentation of the Self-Study parts of the CCNA

  • Explain how the Spanning Tree Protocol (STP) and the Rapid Spanning Tree Protocol (RSTP) work

  • Describe the purpose of Layer 3 redundancy protocols

  • Describe the concepts of Wi-Fi networks, what types of Wi-Fi networks can be built and how to use Wi-Fi network controllers (WLC)

  • Describe the basic concepts of the WAN and VPNs

  • Describe the fundamental concepts of Quality of Service (QoS)

  • Describe network and equipment architectures and introduce virtualization

  • Describe the current security threat landscape

  • Describe technologies for defense against threats

Preparation for the CCNA exam process

  • Provision of online review questionnaires

  • Accompaniment with additional explanations of difficult questions

Passing the CCNA 200-301 certification

CCNA Self Study Part 1 - Security in the LAN

This section invites to become aware of the extent of threats on the local network and to consider available countermeasures and best practices especially on Cisco Systems hardware. We will learn how to implement a Port-Security type security measure that aims to limit the number of MAC addresses that can connect to a switch port, but also Deep ARP Inspection (DAI) and DHCP Snooping security.

Security in the LAN

The local area network, LAN as it is commonly known, is mainly made up of switches and/or multi-layer switches (L2/L3), and if there is Wi-fi, there will be WLAN access point and antenna controllers that provide access to the network and its services for users. This part of the communication infrastructure is particularly neglected in terms of security and auditing in favor of the historical firewall, which, it will be recalled, filters the traffic flows that pass through it. It intervenes very little within the local network, except on terminal hosts. While the firewall at the edge of the network prevents any direct intrusion from outside the LAN, it also controls outgoing traffic, especially user traffic. Fine, but what about the confidentiality, authentication and integrity of user messages from the LAN?

First, we will try to become aware of the extent of threats on the LAN and consider the countermeasures available, particularly on Cisco Systems hardware. Then, we will consider illustrating these threats in a laboratory exercise designed solely for this purpose. Finally, the topic of authentication on wired and non-wired access ports such as IEEE 802.1X/EAP/Radius will be discussed.

We will also learn how to implement a "Port-Security" type security measure that aims to limit the number of MAC addresses that can connect to a switch port. This measure allows traffic to be controlled at the lowest level of connectivity, closest to user traffic. Performing filtering at the lowest level with limited management flexibility, the Port-Security" facility could cause undesirable false positive effects. It is therefore not deployed lightly even though this skill is strongly verified in the Cisco CCNA exam.

CCNA Self-Study Part 2 - VLAN Technologies

This section explains the fundamentals of VLANs and Cisco terminology. A second article explains the configuration commands for VLANs, Dynamic Trunking Protocol (DTP), Virtual Trunking Protocol (VTP), and best practice recommendations. Finally, the article ends with practical exercises that implement all these concepts.

CCNA Self-Study Part 3 - WLAN Technologies

This section focuses on Wireless LAN (WLAN) technologies for local wireless networks, including what is known as Wi-Fi. It includes a general presentation of the domain, information on normative aspects (IEEE 802.11), logical topologies and deployment models, physical aspects (frequency band, non-overlapping, antennas), client configuration aspects, WPA security aspects, and finally management aspects within a local network.

Last updated