Cisco CCIE Security Certification Prep Training Courses


Why Choose Us   |   CCIE Security Employment Objective

  • Description
  • Schedule
  • What You'll Learn
  • Outline
  • Prerequisites
  • Income Expectations
  • Next Step
  • Tuition Fee
  • Exam

Cisco CCIE Security Certification Prep Training Classes

Implementing Cisco Enterprise Advanced Routing and Services v1.0 (ENARSI 300-410) is a 90-minute exam associated with the CCNP Enterprise Certification. This exam certifies a candidate's knowledge for implementation and troubleshooting of advanced routing technologies and services including Layer 3, VPN services, infrastructure security, infrastructure services, and infrastructure automation. The course, Implementing Cisco Enterprise Advanced Routing and Services, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Cisco CCIE Security Certification Objective

Layer 3 Technologies

VPN Technologies

Infrastructure Security

Infrastructure Services

Implementing Cisco Enterprise Advanced Routing and Services
 

Layer 3 Technologies

Troubleshoot administrative distance (all routing protocols)

Troubleshoot route map for any routing protocol (attributes, tagging, filtering)

Troubleshoot loop prevention mechanisms (filtering, tagging, split horizon, route poisoning)

Troubleshoot redistribution between any routing protocols or routing sources

Troubleshoot manual and auto-summarization with any routing protocol

Configure and verify policy-based routing

Configure and verify VRF-Lite

Describe Bidirectional Forwarding Detection

Troubleshoot EIGRP (classic and named mode)

  1. Address families (IPv4, IPv6)
  2. Neighbor relationship and authentication
  3. Loop-free path selections (RD, FD, FC, successor, feasible successor, stuck in active)
  4. Stubs
  5. Load balancing (equal and unequal cost)
  6. Metrics

Troubleshoot OSPF (v2/v3)

  1. Address families (IPv4, IPv6)
  2. Neighbor relationship and authentication
  3. Network types, area types, and router types
    1. Point-to-point, multipoint, broadcast, nonbroadcast
    2. Area type: backbone, normal, transit, stub, NSSA, totally stub
    3. Internal router, backbone router, ABR, ASBR
    4. Virtual link
  4. Path preference

Troubleshoot BGP (Internal and External)

  1. Address families (IPv4, IPv6)
  2. Neighbor relationship and authentication (next-hop, mulithop, 4-byte AS, private AS, route refresh, synchronization, operation, peer group, states and timers)
  3. Path preference (attributes and best-path)
  4. Route reflector (excluding multiple route reflectors, confederations, dynamic peer)
  5. Policies (inbound/outbound filtering, path manipulation)

VPN Technologies

Describe MPLS operations (LSR, LDP, label switching, LSP)

Describe MPLS Layer 3 VPN

Configure and verify DMVPN (single hub)

  1. GRE/mGRE
  2. NHRP
  3. IPsec
  4. Dynamic neighbor
  5. Spoke-to-spoke

Infrastructure Security

Troubleshoot device security using IOS AAA (TACACS+, RADIUS, local database)

Troubleshoot router security features

  1. IPv4 access control lists (standard, extended, time-based)
  2. IPv6 traffic filter
  3. Unicast reverse path forwarding (uRPF)

Troubleshoot control plane policing (CoPP) (Telnet, SSH, HTTP(S), SNMP, EIGRP, OSPF, BGP)

Describe IPv6 First Hop security features (RA guard, DHCP guard, binding table, ND inspection/snooping, source guard)

Infrastructure Services

Troubleshoot device management

  1. Console and VTY
  2. Telnet, HTTP, HTTPS, SSH, SCP
  3. (T)FTP

Troubleshoot SNMP (v2c, v3)

Troubleshoot network problems using logging (local, syslog, debugs, conditional debugs, timestamps)

Troubleshoot IPv4 and IPv6 DHCP (DHCP client, IOS DHCP server, DHCP relay, DHCP options)

Troubleshoot network performance issues using IP SLA (jitter, tracking objects, delay, connectivity)

Troubleshoot NetFlow (v5, v9, flexible NetFlow)

Troubleshoot network problems using Cisco DNA Center assurance (connectivity, monitoring, device health, network health)

Implementing Cisco SD-WAN Solutions Certification Prep Training Courses Classes
 

Architecture

Describe Cisco SD-WAN Architecture and Components

  1. Orchestration plane (vBond, NAT)
  2. Management plane (vManage)
  3. Control plane (vSmart, OMP)
  4. Data plane (vEdge)
    1. TLOC
    2. IPsec
    3. vRoute
    4. BFD
  5. Describe WAN Edge platform types, capabilities (vEdges, cEdges)

Controller Deployment

Describe controller cloud deployment

Describe Controller on-Prem Deployment

  1. Hosting platform (KVM/Hypervisor)
  2. Installing controllers
  3. Scalability and redundancy

Configure and verify certificates and whitelisting

Troubleshoot control-plane connectivity between controllers

Router Deployment

Describe WAN Edge deployment

  1. On-boarding
  2. Orchestration with zero-touch provisioning/plug-and-play
  3. Single/multi data center/regional hub deployments

Configure and verify SD-WAN data plane

  1. Circuit termination/TLOC-extension
  2. Underlay-overlay connectivity

Configure and verify OMP

Configure and verify TLOCs

Configure and verify CLI and vManage feature configuration templates

  1. VRRP
  2. OSPF
  3. BGP

Policies

Configure and verify control policies

Configure and verify data policies

Configure and verify end-to-end segmentation

  1. VPN segmentation
  2. Topologies

Configure and verify SD-WAN application-aware routing

Configure and verify direct Internet access

Security and Quality of Service

Configure and verify service insertion

Describe application-aware firewall

Configure and verify QoS treatment on WAN edge routers

  1. Scheduling
  2. Queuing
  3. Shaping
  4. Policing

Management and Operations

  1. Describe monitoring and reporting from vManage
  2. Configure and verify monitoring and reporting
  3. Describe REST API monitoring
  4. Describe software upgrade from vManage
Designing Cisco Enterprise Networks Certification Prep Training Courses Classes
 

Advanced Addressing and Routing Solutions

Create structured addressing plans for IPv4 and IPv6

Create stable, secure, and scalable routing designs for IS-IS

Create stable, secure, and scalable routing designs for EIGRP

Create stable, secure, and scalable routing designs for OSPF

Create stable, secure, and scalable routing designs for BGP

  1. Address families
  2. Basic route filtering
  3. Attributes for path preference
  4. Route reflectors
  5. Load sharing

Determine IPv6 migration strategies

  1. Overlay (tunneling)
  2. Native (dual-stacking)
  3. Boundaries (IPv4/IPv6 translations)

Advanced Enterprise Campus Networks

Design campus networks for high availability

  1. First Hop Redundancy Protocols
  2. Platform abstraction techniques
  3. Graceful restart
  4. BFD

Design campus Layer 2 infrastructures

  1. STP scalability
  2. Fast convergence
  3. Loop-free technologies
  4. PoE and WoL

Design multicampus Layer 3 infrastructures

  1. Convergence
  2. Load sharing
  3. Route summarization
  4. Route filtering
  5. VRFs
  6. Optimal topologies
  7. Redistribution

Describe SD-Access Architecture (underlay, overlay, control and data plane, automation, wireless, and security)

Describe SD-Access fabric design considerations for wired and wireless access (overlay, fabric design, control plan design, border design, segmentation, virtual networks, scalability, over the top and fabric for wireless, multicast)

WAN for Enterprise Networks

Compare WAN connectivity options

  1. Layer 2 VPN
  2. MPLS Layer 3 VPN
  3. Metro Ethernet
  4. DWDM
  5. 4G/5G
  6. SD-WAN customer edge

Design site-to-site VPN

  1. Dynamic Multipoint VPN (DMVPN)
  2. Layer 2 VPN
  3. MPLS Layer 3 VPN
  4. IPsec
  5. Generic Routing Encapsulation (GRE)
  6. Group Encrypted Transport VPN (GET VPN)

Design high availability for enterprise WAN

  1. Single-homed
  2. Multihomed
  3. Backup connectivity
  4. Failover

Describe Cisco SD-WAN Architecture (orchestration plane, management plane, control plane, data plane, on-boarding and provisioning, security)

Describe Cisco SD-WAN design considerations (control plane design, overlay design, LAN design, high availability, redundancy, scalability, security design, QoS and multicast over SD-WAN fabric)

Network Services

Select appropriate QoS strategies to meet customer requirements (DiffServ, IntServ)

Design end-to-end QoS policies

  1. Classification and marking
  2. Shaping
  3. Policing
  4. Queuing

Design network management techniques

  1. In-band vs. out-of-band
  2. Segmented management networks
  3. Prioritizing network management traffic

Describe multicast routing concepts (source trees, shared trees, RPF, rendezvous points)

Design multicast services (SSM, PIM bidirectional, MSDP)

Automation

Choose the correct YANG data model set based on requirements

Differentiate between IETF, Openconfig, and Cisco native YANG models

Differentiate between NETCONF and RESTCONF

Describe the impact of model-driven telemetry on the network

  1. Periodic publication
  2. On-change publication

Compare dial-in and dial-out approaches to model-driven telemetry

Cisco CCIE Security Certification Prep Training Program
 
  • This course is designed for individuals who have basic computer user skills and who are interested in obtaining a job as an entry-level IT technician.
  • HS Diploma/GED

Cisco CCIE Security Certification

 

Income Expectation

$113,322/yr

The average salary for a Cisco CCIE Security Certified Employee is $113,322 in New York City. Salary estimates are provided by CISCO.

 

Upon completion of this course, and the certifying exam(s), the student will be qualified to take a job as a

Cisco CCIE Security

Cisco CCIE Security Certification Prep Training Classes Courses

CCIE Collaboration

CCIE Data Center

CCIE Service Provider

Cisco CCIE Security Certification Prep Training Courses Classes

$12,000

Implementing Cisco Enterprise Advanced Routing and Services Certification Prep Training Courses Classes

Implementing Cisco Enterprise Advanced Routing and Services v1.0 (ENARSI 300-410) is a 90-minute exam associated with the CCNP Enterprise Certification.

CCIE Security v5.0

CCIE Security v6.0

Discount Vouchers

Certified Instructors

Why Choose Us?

We provide quality education

  • Institute of Information Technology is approved by the U.S. Department of Homeland Security for Education and Training
  • Approved by NYS Labor Department
  • Approved by Workforce1 Development
  • Approved by Adult Career and Continuing Education Services-Vocational Rehabilitation (ACCES-VR)
  • Course Contents are approved by Authorized Partners
  • Unlimited Practice Exam

We use up-to-date course content

  • Real work Experience from Expert Certified Instructors
  • Authorized Partner Approved Course Contents
  • Hands-On Instructor-Led Classroom Training
  • Simulations of Real Work Projects
  • Limitless Practice Exams
  • One-On-One Help
  • Group Study
  • Lab Practice
  • Mentoring

We value your time & investment

  • Extra Help if Needed, At No Cost, Until You Are Certified!
  • Students can repeat class until certified at no cost
  • MetroCard will be given to students
  • Payment Plan for Eligible Students
  • Lunch will be provided to students
  • Textbooks included in tuition fee
  • Free Job Placement Assistance
  • Graduates & Career Services
  • Certification Exams Center
  • Discount Exam Vouchers
  • Affordable Tuition Fee
  • Mock Interview