CCIE Security

1. Virutal Private Networks [VPN]

Basic VPNs
  • LAN-to-LAN IPSec VPNS [with NAT-T & without NAT-T]

  • GRE, GRE/IPSEC

  • Static-Virtual Tunnel interface [S-VTI]

Advanced VPNs
  • DMVPN

  • GET VPN

  • VRF-Aware VPNs

  • VPNs using Certificates with Router as a CA Server

IKEv2 VPNs
  • D-VTI /S-VTI based Site-To-Site VPN

  • D-VTI /S-VTI based Spoke-to-Spoke using NHRP

2. UCS

Overview of the UCS Server
  • UCS Ports

  • Communication of UCS to the Fiber Interconnect (FI)

  • Initializing the FI Switches

Configuring the Basic Configuration to boot the UCS Server
  • Configuring Port Types

  • Configuring VLANS

  • Configuring VNIC Templates

  • Configuring Port-Channels

  • Configuring Mac Address Pools

  • Configuring IP Address Pools

  • Configuring UUID-Pool

  • Configuring VSANS

  • Configuring WWXN Pools

Configuring Policies to Boot the UCS Server
  • Configuring LAN Connectivity Policy

  • Configuring SAN Connectivity Policy

  • Configuring a FCOE Boot Policy

3. Firewalls – ASA

Basic Configuration
  • Interface configuration

  • Security Levels

  • Management [Telnet / SSH]

  • Routing [RIPv2, EIGRP, EIGRP, BGP]

  • NAT

    • Dynamic NAT

    • Static NAT

    • Dynamic PAT

    • Static PAT

    • Destination NAT

    • Manual NAT/Twice-NAT

  • Access Policies

Transparent firewall
  • Initialization

  • Access policies/Routing Protocol Access

  • Ethertype ACLs

Redundancy
  • Redundant Interfaces

  • Port-channels

  • Security Contexts [Virtual Firewalls]

  • Failover

    • Active/Standby

    • Active/Active

  • Clustering

    • Spanned mode

    • Individual Interface mode

Deep-Packet Inspection using MPF
  • Tuning the global policy

  • Configuring custom L7 policy

VPNs
  • Site-to-Site IPSec

  • Remote access

    • SSL

    • IKev2

4. Cisco Nexus 9000 Concepts and Technologies:

Cisco ACI Architecture Design Principles
  • Central Point of Management but no Centralized Control Plane

  • Controller Availability

Fabric
  • Zero Touch Provisioning

  • What is an Integrated Overlay

  • Routed Design with VxLAN Overlays

  • Leaf-and-Spine Design

Access Layer
  • Use of VLANs as a Segmentation Mechanism

  • VLANs and VxLANs Namespaces

  • Concept of Domain

  • Policy-based Configuration of Access Ports

  • PortChannels

  • Virtual PortChannels

Tenant Considerations
  • Bridge Domain

  • Endpoint Connectivity

  • Connecting a Physical Server

  • Connecting a Virtual Server

  • EPG, Contracts and Filters

  • External Connectivity
    L2-OUT
    L3-OUT

  • White LinkedIn Icon
  • White Facebook Icon
  • White Twitter Icon
  • White Google+ Icon