Cuyamaca College

CCNA Security - Cisco Networking Academy

CIS 209 -  Spring 2012

Changes to this syllabus may occur anytime during the semester.  Notification of changes will be provided via Blackboard announcements

I.  COURSE DESCRIPTION

 Open Entry-Open Exit

The Cisco CCNA Security course is designed for students seeking career-oriented, entry-level security specialist skills. This course equips students with both the technical knowledge and skill experience needed to prepare for entry-level security specialist careers. The CCNA Security curriculum blends classroom hands-on experience using Cisco routers and switches and an online e-learning solution. CCNA Security aims to develop an in-depth understanding of network security principles as well as security tools such as: protocol sniffers/analyzers, TCP/IP and common desktop utilities, Cisco IOS Software, Cisco VPN client, and Web-based resources. The CCNA Security curriculum prepares students for the Implementing Cisco IOS Network Security (IINS) certification exam (640-553), leading to the CCNA Security certification. 

II.  PREREQUISITE

CIS-204, or successful completion of CCNA1 - CCNA4 at another Cisco Networking Academy, or possess a current CCNA certification.  Note: if you haven't completed the Networking Academy courses and have a current CCNA certification it is assumed you have at least the equivalent knowledge and skills taught in the NetAcad CCNA1-CCNA4 classes.

III. COURSE GOALS

This curriculum provides students with the skills needed to succeed in networking-related degree programs and helps them to prepare for the CCNA Security certification. It also helps students develop the skills necessary to fulfill the job responsibilities of network technicians, network administrators, and network engineers. It provides a theoretically-rich, hands-on introduction to networking and the internet.

The goals of CCNA Security are as follows:

• Provide an in-depth, theoretical understanding of network security

• Provide students with the knowledge and skills necessary to design and support network security

• Provide an experience-oriented course that employs industry-relevant instructional approaches to prepare students for associate-level jobs in the industry

• Enable students to have significant hands-on interaction with IT equipment to prepare them for certification exams and career opportunities

IV. COURSE OBJECTIVES

By the end of the course each student will:

1.    Describe the common network attack methodologies and mitigation techniques for securing network devices

2.    Configure secure administrative access on network routers and switches

3.    Configure network devices with secure network management and reporting  tools.

4.    Secure IOS-based routers using automated features.

5.    Describe the purpose of AAA and the various implementation techniques.

6.    Implement AAA using the local database and RADIUS (Remote Access Dial-In User Service) protocols.

7.    Implement various types of ACLs.

8.    Describe the purpose and operation of firewall technologies.

9.    Implement firewalls using a GUI-based configuration tool and CLI (Command Line Interface).

10.  Describe the purpose and operation of network-based and host-based Intrusion Prevention.

11.  Implement Cisco IOS IPS operations using a GUI-based configuration tool and CLI.

12.  Describe endpoint vulnerabilities and protection methods.

13.  Configure and verify basic switch security features.

14.  Describe how different types of encryption, hashes, and digital signatures work together to provide confidentiality, integrity, and non-repudiation.

15.  Describe the mechanisms to ensure data integrity  and data confidentiality.

16.  Describe the purpose and operation of VPN types.

17.  Configure and verify a site-to-site IPSec VPN, remote access VPN and SSL (Secure Socket Layer) VPN.

18. Describe the secure network lifecycle.

19. Establish a comprehensive security policy to meet the security needs of a given enterprise.

Students will demonstrate their understanding of networking by completing the following tasks:

• Completing labs and activities as assigned
• Passing chapter online exams
• Completing the practice comprehensive online final
• Passing the comprehensive online final
• Passing the skills-based final

V. TEXT AND MATERIALS

   Course content for this class is available online so no textbook is required.  The recommendations below can be used by  students as an additional source for acquiring course content information.

 Text Options

Text is provided online at cisco.netacad.net

Reference Texts:

Implementing Cisco IOS Network Security (IINS) Authorized Self-Study Guide, Author: Catherine Paquet, Publisher: Cisco Press,  ISBN-10: 1-58705-815-4  ISBN-13: 978-1-58705-815-8.  Publication Date: April 27, 2009

CCNA Security, Official Exam Certification Guide, Authors: Michael Watkins, Kevin Wallace, Publisher: Cisco Press.  ISBN-10: 1587202204/ISBN-13: 978-1587202209 Publication Date: July 4, 2008

CCNA Portable Command Guide Second Edition, 387 pages, Author Scott Empson, Publisher: Cisco Press; Publication Date:28 July 2007 ISBN-10: 1-58720-193-6 / ISBN-13: 1-58720-193-6

Cisco IOS in a Nutshell, 796 pages, Author: James Boney, Publisher O'Reilly Media Inc;  Publication Date: August 22, 2005; ISBN-10: 0596008694; ISBN-13: 978-0596008697

Cisco Network Academy Curriculum: On-line at Cuyamaca College 
                   http://www.cuymaca.net/cisco
                   login id: your Cuyamaca student login ID and your Cuyamaca student login password 

Materials:      

       Recommended, 1 Flash drive

      Notebook, 3 ring binder or spiral bound notebook.

VI. ATTENDANCE

The Self-paced open-entry/open-exit program requires students to complete a minimum of 80 classroom hours. 48 hours must be obtained in the classroom or laboratory with an instructor present, in order to meet academic standards. Self-paced education places additional responsibility on the student for success. Irregular attendance and lack of participation are key factors in determining poor student performance. The greater the amount of time and effort applied by the student, the greater the opportunity for success, rapid advancement of knowledge, and advancement through the program. Students will be expected to manage their attendance with the goal of completing at least one Cisco Semester during a Cuyamaca College Semester. Higher goals of completion are very possible and will be supported. If you have questions about recommended progress rates, please ask the instructor for guidance.

VII. DROPPING THE CLASS

It is the STUDENT’S responsibility to complete the necessary forms to withdraw from the class. All students that are enrolled at the end of the semester must be given a grade. Students who drop but don’t officially withdraw will receive an F.

VIII. ASSIGNMENTS

The assignments for this course can be broken in the following groups:

1.    In-class reading/Tests: Most of the material for this course is available online at the Cisco Network Academy website. The materials should be read before the beginning of class. Students are responsible for all the terms and concepts in the modules that we cover. Log in to your Cisco Student Account to access this material. http://www.cisco.com/web/learning/netacad/index.html

2.    Lab Assignments: During the course, labs will be used to guide students through the practical application of concepts learned in the chapter content and provide an opportunity to learn skills for configuring Cisco routers and switches. Lab assignments will be provided in the assignments section of each chapter on Blackboard. Once a lab assignment is completed it should be submitted using Blackboard or placing lab documents in the trays in the classroom. Assignments are considered completed when the questions on the lab assignment are answered and a copy of the configuration has been submitted. Packet Tracer activities are not considered a replacement for a lab activity.  If an assignment is listed as a lab activity it must be completed on routers and switches. A lab assignment submitted using Packet Tracer or similar network simulator will receive no credit for completion.  Students may, however, practice their labs with packet tracer or similar network simulators.

Important Note:

    The Cuyamaca College Cisco Networking Academy is equipped with access servers
that allow students to access the laboratory equipment from home via the Internet.
This means that students can cable equipment at the end of a class and continue
to work on the labs from a remote location. In order to best accommodate the use
of the lab equipment, the following policy will be applied in the laboratory:

• Students present in the classroom have first priority for access to network equipment during class hours.

• During class hours the lab equipment wiring will be pulled on any equipment that is not in use by a student present in the classroom.

• When finished with a lab assignment, please delete router/switch configurations, disconnect equipment cabling, and power-off the equipment, including PCs, that you used for the lab assignment prior to leaving the lab.

• Students may wire equipment for use at home during the last hour of class.

3.     Packet Tracker Activities: Throughout the course Packet Tracer Network Simulation software activities will provide students with experience designing, configuring, testing, and troubleshooting virtual switched and wireless network topologies. Students can send simulated network traffic across the virtual network topologies, track the traffic as it moves through each device, and view the traffic similar to the view a packet sniffer provides.
Packet Tracer assignments will be provided in the assignments section of each chapter on Blackboard. Once a Packet Tracer assignment is completed it should be submitted using Blackboard. Packet Tracer activities are not considered a replacement for a lab activity.  If an assignment is listed as a lab activity it must be completed on routers and switches. A lab assignment submitted using Packet Tracer or similar network simulator will receive no credit for completion.  Students may, however, practice their labs with packet tracer or similar network simulators

4.    Study Guides: During the course, study guides will be provided to assist students with identifying key information in the reading assignment.  These study guides are not graded but their completion is highly recommended. The study guides will be useful for studying for chapter exams, the comprehensive final, and CCNA Security Certification exams.
Note: Handwritten study material, including the study guide, will be allowed as reference material during chapter exams.  The Comprehensive Online Final exam must be taken in the classroom with no notes or reference material available.

5.    Journal Entry: The journal is a private communication between the student and the instructor. Students are responsible for contacting the instructor once a week via the Blackboard Journal. The journal entry does not have to be extensive. The journal entry should at a minimum provide a list of the week's assignment progress. The journal is how you inform the instructor of extended absences (greater than one week). It can also be used to ask the instructor questions or request assistance. The journal can be used to provide feedback to the instructor about the course.

IX. EVALUATION AND GRADING

Evaluation in this course is designed to give students a maximum feedback of their progress and to work as a tool to reinforce concepts.

Orientation Exam

An orientation exam is provided to help ensure students are familiar with the course syllabus. Participation in this exam is required for every student each semester. The exam is provided on Blackboard. The grade for this exam is not included as part of the final grade but the exam is a required component for the course.  This exam must be successfully completed with a score of 100% before any exams will be activated or any assignments graded.

Chapter exams

Each Chapter Exam will be activated only after the student has completed the assignments for the chapter. Chapter exams will be taken in the classroom. Handwritten study material, including the study guide, will be allowed as reference material during chapter exams.  Neither Textbooks nor the Internet are considered authorized reference material.

Final Exams

The Comprehensive Skills-based  Final Exam is a practical exam covering the skills learned during the course and may include skills covered as part of the prerequisites for taking this course. The exam is taken in the classroom using installed routers, switches, computers and other equipment provided by the instructor. Students may use material designed as a professional reference material to assist them during the skills exam. Examples of authorized references are: "CCNA Portable Command Guide"; "Cisco IOS in a nutshell". Neither textbooks nor the Internet are considered authorized reference material.  It is the discretion of the instructor of record for the course to determine whether a specific reference item will be authorized for use during the Comprehensive Skills-based Final Exam.

The Comprehensive Online Final Exam is a multiple-choice exam that covers the entire semester of course material. The Comprehensive Online Final Exam is taken in the classroom on one of the school's computers without access to any reference material. Students will be allowed blank paper and a pen.

The student must obtain a passing score on both the Comprehensive Skills and Online Final Exams to pass the course. The online and skills-based final exams must be taken by the student to complete the course. All exams must be taken in the classroom. Students must have a passing score on both the Skills-based Final Exam and Comprehensive Online Final Exam in order to pass the class regardless of cumulative grade total.

• Copying and/or printing of any test will result in your being dropped from the class.
• Printing of the curriculum is not allowed.
• You must pass the skills-based and comprehensive online final exams to pass the class.

Grades will be assigned as follows: 

X.  STUDENTS RESPONSIBILITIES AND EXPECTATIONS

The Cisco instructors want to see our students succeed. We have used our experience teaching the OEOE classes to write the following rules to benefit the success of our students.

1. Students are responsible for managing their progress through the course. 
To ensure successful completion of the course, please follow the rules listed below concerning submitting assignments and taking chapter exams. 

Note: Arrangements can be made to deviate from the rules by submitting a written request with justification and getting written approval by the course instructor.

2. You should regularly review the assignment schedule and recommended progress schedule to be sure you do not fall behind during the semester.  We have noticed that students who fall further than 1(one) chapter behind the recommended pace have unnecessary stress completing the course.  If you find yourself falling behind the recommended pace please contact your instructor for assistance and/or guidance.

3. Only 5 total lab/packet tracer assignments will be graded by the instructor each week.

Students who have submitted a written notification of accelerated completion at the beginning of the semester will be provided, in writing, the maximum number of assignments that will be accepted each week for grading.

Note: Managing assignment completion is especially critical at the end of the semester. Mismanagement could cause completed assignments not to get graded. 
Students progressing at an accelerated pace will be provided an accelerated assignment schedule.
Submit assignments early and often.

4. Courses with graded study guides:  Up to 2 (two) study guides will be graded for each student per week

5. All Assignments must be submitted no later than the end of week 15 of the semester.
No assignments will be accepted after week 15. 

Note: no more than 5 assignments that are submitted during week 15 will be graded.

6. Only 1 chapter exam will be activated for each student per week. 
You are allowed to take each chapter exam once. Chapter exams will be activated a maximum of 2 times.  Make sure when you request that an exam be activated you will be able to complete the exam during the period requested.

Students who plan to progress through the curriculum at an accelerated pace will be informed, in writing, the maximum number of exams that will be allowed to be activated each week. 

Note: Students progressing at an accelerated pace will be provided an accelerated assignment schedule.

7. Students are responsible to ensure all chapter exams are completed by the end of week 15.
Note: remember, only one chapter exam will be activated each week including week 15.

8. If you have to be absent for more than one (1) week please notify the instructor via the Journal. Please remember, Packet Tracer assignments can still be submitted during periods when you are unable to attend class.

9. Registration in this class implies your interest in learning the knowledge content and skills covered by the course. Prior to performing the assigned skill activities, completing the reading assignment is necessary. Assistance is available in the lab and the classroom by instructors and tutors to help clarify technical concepts you have read in the reading assignments or experienced during the skills assignments. To ensure you benefit from an instructor’s/tutor’s assistance you may be asked relative questions from the reading assignment. Since reading is an important part of your learning experience you may be directed to reread sections of the curriculum prior to receiving further assistance

XI. IMPORTANT DATES      

Changes to this syllabus may occur anytime during the semester.  Notification of changes will be provided via Blackboard announcements