Course Introduction

The Cisco CCNA Security Training provides the delegates with the knowledge and skills required to secure Cisco networks. It confirms that a candidate possesses the skills needed to develop a security set-up, recognise risks and vulnerabilities to networks, and reduce any security threats to those networks. The CCNA Security curriculum contains the necessary content to make the delegates familiar with core security technologies that include installing, troubleshooting and monitoring network devices. The curriculum also goes on to suggest how to maintain data and device integrity, confidentiality, and availability, along with competency in the technologies Cisco uses in its security structure.

  • Secure Your Network and Devices with Cisco Technologies

  • Understand Firewall and VPN Technologies

  • Learn to Detect and Protect Your Network from Intruders

  • Learn about Advanced network security architectures

What's included


Tutor Support




Key Learning Points


The delegates who wish to take up this course need to have either a CCENT (Cisco Certified Entry Network Technician) Certification or the delegate must possess ICND1 (Interconnecting Cisco Networking Devices, Part 1) v3.0 Certification. This training comprises of two courses namely Interconnecting Cisco Networking Devices ICND1 and Implementing Cisco IOS Networking Security. In case the candidate already possesses the ICND1 certification, he/she can skip that module and continue with the mandatory course Implementing Cisco IOS Networking Security.

PATH to CCNA Security

Also, an experience of 2 years is recommended (but not a prerequisite) by Cisco before appearing for the exam.

What Will You Learn

By the time the course comes to an end the delegate will have learnt the following concepts:

  • Typical network security concepts
  • Secure routing and switching infrastructure
  • Deploy basic authentication, authorization, and accounting services
  • Deploy basic firewalling services
  • Implement necessary site-to-site and remote access VPN services
  • Advanced security services such as intrusion protection, content security and identity management
  • Develop a comprehensive network security policy to counter threats against information security
  • Configure routers with Cisco IOS software security features, including administration and reporting functions
  • Bootstrap the Cisco ASA Firewall for use in a production network
  • Configure the Cisco ASA Firewall for remote access to a Secure Sockets Layer (SSL) VPN
  • Configure a Cisco IOS zone-based firewall (ZBF) to perform basic security operations on a network
  • Configure site-to-site VPNs using Cisco IOS features
  • Configure security features on IOS switches to mitigate various Layer 2 and Layer 3 attacks
  • How a network can be compromised using freely available tools
  • Implement line passwords, and enable passwords and secrets
  • Examine authentication, authorization, and accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
  • Configure packet filtering on the perimeter router

Who should take this course

The target audience for this course includes candidates who wish to make a career in network security as Support Engineers, Network Security Specialists or Administrators. All the delegates must treat this course as one of the most important steps in their path to achieving success.


The delegates lay their foundation for doing the CCNA Security Training by opting for the ICND1 ver 3.0 course. During this course they learn how to install, operate, configure, and verify a basic IPv4 and IPv6 network, including configuring a LAN switch, configuring an IP router, managing network devices, and identifying basic security threats.  This course can also be followed or even substituted by CCENT (Cisco Certified Entry Network Technician). The goal of the course is to provide you with the knowledge and skills necessary to install, configure, and operate a small- to medium-sized network. CCENT is the first step toward achieving CCNA certifications in routing and switching, network design, network security and wireless networking, enabling you to work with medium-size enterprise branch networks with more complex connections.


The required exam for this training/certification is 210-260 IINS. This CCNA Security Certification is valid for three years after which the delegate will have to recertify or take the exam as a new exam to keep them certified. The cost of the exam is $250. It is an exam that lasts for 90 minutes during which the delegates have to answer 55-65 questions.


Course Content

Describe the security threats facing modern network infrastructures

  • Describe and list mitigation methods for common network attacks
  • Describe and list mitigation methods for Worm, Virus, and Trojan Horse attacks
  • Describe the Cisco Self Defending Network architecture Secure Cisco routers

Secure Cisco routers using the SDM Security Audit feature

  • Use the One-Step Lockdown feature in SDM to secure a Cisco router 
  • Secure administrative access to Cisco routers by setting strong encrypted passwords, exec-timeout, login failure rate and using IOS login enhancements
  • Secure administrative access to Cisco routers by configuring multiple privilege levels
  • Secure administrative access to Cisco routers by configuring role-based CLI
  • Secure the Cisco IOS image and configuration file CCNA (SECURITY)

Implement AAA on Cisco routers using local router database and external ACS

  • Explain the functions and importance of AAA
  • Describe the features of TACACS+ and RADIUS AAA protocols
    • Configure AAA authentication
    • Configure AAA authorization
    • Configure AAA accounting

Mitigate threats to Cisco routers and networks using ACLs

  • Explain the functionality of standard, extended, and named IP ACLs used by routers to filter packets
  • Configure and verify IP ACLs to mitigate given threats (filter IP traffic destined for Telnet, SNMP, and DDoS attacks) in a network using CLI
  • Configure IP ACLs to prevent IP address spoofing using CLI
  • Discuss the caveats to be considered when building ACLs

Implement secure network management and reporting

  • Use CLI and SDM to configure SSH on Cisco routers to enable secured management access
  • Use CLI and SDM to configure Cisco routers to send Syslog messages to a Syslog server CCNA Security

Mitigate common Layer 2 attacks

  • Describe how to prevent layer 2 attacks by configuring basic Catalyst switch security features

Implement the Cisco IOS firewall feature set using SDM

  • Describe the operational strengths and weaknesses of the different firewall technologies
  • Explain stateful firewall operations and the function of the state table
  • Implement Zone-Based Firewall using SDM

Implement the Cisco IOS IPS feature set using SDM

  • Define network based vs. host-based intrusion detection and prevention
  • Explain IPS technologies, attack responses, and monitoring options
  • Enable and verify Cisco IOS IPS operations using SDM

Implement site-to-site VPNs on Cisco Routers using SDM

  • Explain the different methods used in cryptography
  • Explain IKE protocol functionality and phases
  • Describe the building blocks of IPSec and the security functions it provides
  • Configure and verify an IPSec site-to-site VPN with pre-shared key authentication using SDM


CCNA Security Training Schedules

Course Name Duration Dates Price
CCNA Security Training 5 days London
CCNA Security Training 5 days Manchester
CCNA Security Training 5 days Birmingham
CCNA Security Training 5 days Leeds
CCNA Security Training 5 days Bristol
CCNA Security Training 5 days Reading
CCNA Security Training 5 days Edinburgh
CCNA Security Training 5 days Glasgow
CCNA Security Training 5 days Southampton
CCNA Security Training 5 days Canterbury

Training Venues

Maven Training provides top-notch training at different venues across the world. We offer nearly 200 courses at 1000+ locations. Our learning programs are the blend of thorough understanding and application of skills.

View All Locations