The following topics are general guidelines for the content likely to be included on the Petabyte Network & Security Course. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Describe how a network works

Describe the purpose and functions of various network devices

Select the components required to meet a network specification

Use the OSI and TCP/IP models and their associated protocols to explain how data flows in a network

Describe common networked applications including web applications

Describe the purpose and basic operation of the protocols in the OSI and TCP models

Describe the impact of applications (Voice Over IP and Video Over IP) on a network

Interpret network diagrams

Determine the path between two hosts across a network

Describe the components required for network and Internet communications

Identify and correct common network problems at layers 1, 2, 3 and 7 using a layered model approach

Differentiate between LAN/WAN operation and features

Configure, verify and troubleshoot a switch with VLANs and interswitch communications

Select the appropriate media, cables, ports, and connectors to connect switches to other network devices and hosts

Explain the technology and media access control method for Ethernet networks

Explain network segmentation and basic traffic management concepts

Explain basic switching concepts and the operation of Cisco switches

Perform and verify initial switch configuration tasks including remote access management

Verify network status and switch operation using basic utilities (including: ping, traceroute, telnet, SSH, arp, ipconfig), SHOW & DEBUG commands

Identify, prescribe, and resolve common switched network media issues, configuration issues, auto negotiation, and switch hardware failures

Describe enhanced switching technologies (including: VTP, RSTP, VLAN, PVSTP, 802.1q)

Describe how VLANs create logically separate networks and the need for routing between them

Configure, verify, and troubleshoot VLANs

Configure, verify, and troubleshoot trunking on Cisco switches

Configure, verify, and troubleshoot interVLAN routing

Configure, verify, and troubleshoot VTP

Configure, verify, and troubleshoot RSTP operation

Interpret the output of various show and debug commands to verify the operational status of a Cisco switched network.

Implement basic switch security (including: port security, trunk access, management vlan other than vlan1, etc.)

Implement an IP addressing scheme and IP Services to meet network requirements in a medium-size Enterprise branch office network

Describe the operation and benefits of using private and public IP addressing

Explain the operation and benefits of using DHCP and DNS

Configure, verify and troubleshoot DHCP and DNS operation on a router.(including: CLI/SDM)

Implement static and dynamic addressing services for hosts in a LAN environment

Calculate and apply an addressing scheme including VLSM IP addressing design to a network

Determine the appropriate classless addressing scheme using VLSM and summarization to satisfy addressing requirements in a LAN/WAN environment

Describe the technological requirements for running IPv6 in conjunction with IPv4 (including: protocols, dual stack, tunneling, etc).

Describe IPv6 addresses

Identify and correct common problems associated with IP addressing and host configurations

Configure, verify, and troubleshoot basic router operation and routing on Cisco devices

Describe basic routing concepts (including: packet forwarding, router lookup process)

Describe the operation of Cisco routers (including: router bootup process, POST, router components)

Select the appropriate media, cables, ports, and connectors to connect routers to other network devices and hosts

Configure, verify, and troubleshoot RIPv2

Access and utilize the router to set basic parameters.(including: CLI/SDM)

Connect, configure, and verify operation status of a device interface

Verify device configuration and network connectivity using ping, traceroute, telnet, SSH or other utilities

Perform and verify routing configuration tasks for a static or default route given specific routing requirements

Manage IOS configuration files. (including: save, edit, upgrade, restore)

Manage Cisco IOS

Compare and contrast methods of routing and routing protocols

Configure, verify, and troubleshoot OSPF

Configure, verify, and troubleshoot EIGRP

Verify network connectivity (including: using ping, traceroute, and telnet or SSH)

Troubleshoot routing issues

Verify router hardware and software operation using SHOW & DEBUG commands.

Implement basic router security

Explain and select the appropriate administrative tasks required for a WLAN

Describe standards associated with wireless media (including: IEEE WI-FI Alliance, ITU/FCC)

Identify and describe the purpose of the components in a small wireless network. (Including: SSID, BSS, ESS)

Identify the basic parameters to configure on a wireless network to ensure that devices connect to the correct access point

Compare and contrast wireless security features and capabilities of WPA security (including: open, WEP, WPA-1/2)

Identify common issues with implementing wireless networks. (Including: Interface, missconfiguration)

Identify security threats to a network and describe general methods to mitigate those threats

Describe today's increasing network security threats and explain the need to implement a comprehensive security policy to mitigate the threats

Explain general methods to mitigate common security threats to network devices, hosts, and applications

Describe the functions of common security appliances and applications

Describe security recommended practices including initial steps to secure network devices

Implement, verify, and troubleshoot NAT and ACLs in a medium-size Enterprise branch office network

Describe the purpose and types of ACLs

Configure and apply ACLs based on network filtering requirements.(including: CLI/SDM)

Configure and apply an ACLs to limit telnet and SSH access to the router using (including: SDM/CLI)

Verify and monitor ACLs in a network environment

Troubleshoot ACL issues

Explain the basic operation of NAT

Configure NAT for given network requirements using (including: CLI/SDM)

Troubleshoot NAT issues

Implement and verify WAN links

Describe different methods for connecting to a WAN

Configure and verify a basic WAN serial connection

Configure and verify Frame Relay on Cisco routers

Troubleshoot WAN implementation issues

Describe VPN technology (including: importance, benefits, role, impact, components)

Configure and verify a PPP connection between Cisco routers

Security Training:

Network Security Technology Foundations

Course Description

Network Security Technology Foundations is the NSE-1 course. This bundle of self-study course provides the foundation knowledge for presenting a network security sales opportunity. There are seven self-study modules and seven quizzes. Once you register, you are given access to the course content and can work through the material at your own pace.

Agenda

Introduction to Network Security

Data Center Firewall

Next Generation Firewall

Unified Threat Management

Application Security

Management and Analytics

Fortinet Corporate Overview

•Describe common network security appliances and their roles in protecting a network.

•Describe various network threats and how to protect against attacks.

•Describe hardware and software used to protect a network against attacks.

•Identify and position firewalls, mail, and web security devices within a network.

•Explain the role of management and analytics in modern network security.

Agenda

FortiGate Overview

Enterprise Next Generation Firewall

Data Center Firewall

Distributed Enterprise / SMB

Cloud and SDN

Threat Landscape

Carrier MSSP

Management Analytics

Competitive Overview

•Describe Fortinet’s FortiGate products.

•Position FortiGate as the Next Generation Firewall solution in small, medium an enterprise environments.

•Describe the role FortiGate plays in a service delivery network (SDN).

•Describe today’s networks Threat Landscape.

•Describe the role of FortiGate in a carrier’s MSSP environment.

•Describe how FortiManager and ForiAnalyzer offer management and analytics.

•Describe the competition and position Fortinet as the superior solution.

Describe capabilities of FortiGate UTM

•Neutralize threats / misuse: viruses, torrents, and inappropriate web sites

•Control network access based on device type

•Authenticate users via firewall policies

•Offer an SSL VPN for secure access to your private network

•Establish an IPsec VPN tunnel between two FortiGate appliances

•Compare policy- vs. tunnel-based IPsec VPN

•Apply port forwarding, source NAT, and destination NAT

•Interpret log entries

•Generate reports

•Use the GUI and CLI for administration

•Deploy the right operation mode

•Deploy an explicit proxy with firewall policies, authentication, and caching

•Simplify protocol handling with application control

Deploy FortiGate devices as an HA cluster for fault-tolerance & high performance

•Inspect traffic transparently, forwarding as a Layer 2 device

•Manage FortiGate device's route table

•Route packets using policy-based and static routes for multi-path and load-balance deployments

•Connect virtual domains (VDOMs) without packets leaving FortiGate

•Implement a meshed / partially redundant VPN

•Diagnose failed IKE exchanges

•Fight hacking & denial of service (DoS)

•Diagnose IPS engine performance issues

•Offer Fortinet Single Sign On (FSSO) access to network services, integrated with Microsoft Active Directory

•Inspect SSL/TLS-secured traffic to prevent encryption used to bypass security policies

•Understand encryption functions and certificates

•Defend against data leaks by identifying files with sensitive data, and blocking them from leaving your private network

•Diagnose and correct common problems

•Optimize performance by configuring to leverage ASIC acceleration chips, such as CP or NPs, instead of only the CPU resources

•Implement IPv6 and hybrid IPv4-IPv6 networks

Featured Workshops

  • FORTINET Firewall
  • Cisco 4506 Core Switch
  • Cisco Express Call Manager
  • Cisco 4400 WLAN
  • Juniper VPN
  • Cisco Catalyst 3560
  • Cisco WAN Optimizer
  • PIX 525 Firewall
  • Cisco 2900 Router
  • Linksys Office Connect