Cisco Network Security: Secure Routing and Switching
1h 21mIntermediate2018-03-19
Authors

Lisa Bock
Security ambassador with a broad range of IT skills and knowledge
Course details
A malicious person that gains access to a switch or router can modify system integrity to steal information or disrupt communications. Qualified network administrators should know how to prevent attacks by securing networking devices. This course covers secure routing and switching, including mitigation procedures and VLAN switching. Lisa Bock, a security ambassador, explains the difference between the control, data, and management planes in networking, and provides to an overview of Layer 3 attacks and techniques for securing Cisco routers. Next, she addresses Layer 2 attacks and techniques to secure Cisco switches. She includes mitigation procedures such as dynamic ARP inspection and BPDU guard, and wraps up with a discussion of VLAN security.
Learning objectives
Router and switch security basics
Layer 3 and Layer 2 attacks
Assigning privilege levels
Configuring IOS role-based CLI access
Routing update authentication
ARP, MAC, and DHCP spoofing
Implementing DHCP snooping and port security
Securing a VLAN
Learning objectives
Router and switch security basics
Layer 3 and Layer 2 attacks
Assigning privilege levels
Configuring IOS role-based CLI access
Routing update authentication
ARP, MAC, and DHCP spoofing
Implementing DHCP snooping and port security
Securing a VLAN
Skills covered
Cisco RoutersCiscoNetwork SecurityNetwork AdministrationCybersecurityCert PrepNetwork and System Administration
Concepts
0. Introduction
- 01 - Welcome
- 02 - What you need to know
- 03 - Packet Tracer and exercise files
- 04 - Prepare for the CCNA Security exam
1. Secure Routing and Switching
- 05 - Secure routing and switching - Overview
- 06 - Control, data, and management planes
- 07 - Router and switch security basics
2. Securing Cisco Routers
- 08 - Layer 3 attacks - Overview
- 09 - Secure the control plane
- 10 - Examine privilege levels
- 11 - Assign privilege levels
- 12 - Configure IOS role-based CLI access
- 13 - Implement IOSR Resilient Configuration
- 14 - Routing update authentication
- 15 - Challenge - EIGRP authentication
- 16 - Solution - EIGRP authentication
3. Security on Cisco Switches
- 17 - Layer 2 attacks - Overview
- 18 - Spanning-Tree Protocol
- 19 - STP attacks
- 20 - ARP spoofing
- 21 - MAC spoofing
- 22 - macof attack
- 23 - CDP LLDP reconnaissance
- 24 - DHCP spoofing
4. Mitigation Procedures
- 25 - Implement DHCP snooping
- 26 - Dynamic ARP inspection
- 27 - Implement port security
- 28 - BPDU guard, root guard, and loop guard
5. VLAN Security
- 29 - VLAN attacks
- 30 - Security implications of a PVLAN
- 31 - Security implications of a native VLAN
Conclusion
- 32 - Next steps
Related courses
- Cisco CCNP ENARSI v1.1 (300-410) Cert Prep: 3 Infrastructure Security
- Cisco Network Security: Secure Access
- Cisco Network Security: Cisco Firewall Technologies
- Cisco Network Security: VPN
- Cisco CCNP ENCOR v1.1 (350-401) Cert Prep: 2 Network Management, Security, and Automation
- Cisco CCNP ENCOR (350-401) Cert Prep: 2 Network Management, Security, and Automation (2020)
- Cisco CCNP SCOR Security (350-701) Cert Prep: 3 Endpoint Protection and Secure Access
- Cisco Secure Firewall
Related learn paths
- Cisco Network Security: Safeguarding Network Integrity and Data
- Network Administration: Build Core Skills for Network Management and Security
- Prepare for the Cisco CCNP ENCOR v1.1 (350-401) Exam
- Prepare for the MTA: Networking Fundamentals Exam (98-366)
- CCNP Enterprise: Prepare for the Implementing Cisco Enterprise Advanced Routing and Services (300-410 ENARSI) Exam
- CCNP Security: Prepare for the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) Exam
- Become an Ethical Hacker
- The Top Skills IT Professionals Have Right Now