About the course

About the course

Prepare for the Implementing Cisco Network Security (IINS) certification exam (210-260), leading to the CCNA Security certification. Gain the knowledge and skills needed to prepare for entry-level security specialist careers. This course is a hands-on, career-oriented e-learning solution that emphasises practical experience. CCNA Security is a blended curriculum with both online and classroom learning.

Course Details


Fees & Schedule

Course Content

CCNA Security Outline

This course teaches students the skills needed to obtain entry-level security specialist jobs. It provides a hands-on introduction to network security. Instructors are encouraged to provide outside-the-classroom learning experiences.

Chapter Outline

Chapter 1. Modern Network Security Threats

  • Explain network threats, mitigation techniques, and the basics of securing a network
  • 1.1 Fundamental Principles of a Secure Network Describe the fundamental principles of securing a network
  • 1.2 Worms, Viruses and Trojan Horses Describe the characteristics of worms, viruses, and Trojan horses and mitigation methods
  • 1.3 Attack Methodologies Describe common network attack methodologies and mitigation techniques such as Reconnaissance, Access, Denial of Service, and DDoS

Chapter 2. Securing Network Devices

  • Secure administrative access on Cisco routers
  • 2.1 Securing Device Access and Files Configure secure administrative access and router resiliency
  • 2.2 Privilege Levels and Role-Based CLI Configure command authorization using privilege levels and role-based CLI
  • 2.3 Monitoring Devices Configure network devices for monitoring
  • 2.4 Using Automated Features Secure IOS-based routers using automated features

Chapter 3. Authentication, Authorisation and Accounting

  • Secure administrative access with AAA
  • 3.1 Purpose of AAA Describe the purpose of AAA and the various implementation techniques
  • 3.2 Configuring Local AAA Implementing AAA using the local database
  • 3.3 Configure Server-Based AAA Implementing AAA using TACACS+ and RADIUS protocols

Chapter 4. Implementing Firewall Technologies

  • Implement firewall technologies to secure the network perimeter
  • 4.1 Access Control Lists Implement ACLs
  • 4.2 Firewall Technologies Describe the purpose and operation of firewall technologies
  • 4.3 Context-Based Access Control Implement CBAC
  • 4.4 Zone-Based Policy Firewall Implement Zone-based policy Firewall using SDM and CLI

Chapter 5. Implementing Intrusion Prevention

  • Configure IPS to mitigate attacks on the network
  • 5.1 IPS Technologies Describe the purpose and operation of network-based and host-based Intrusion Prevention Systems
  • 5.2 Implementing IPS Implement Cisco IOS IPS operations using SDM and CLI

Chapter 6. Securing the Local Area Network

  • Describe LAN security considerations and implement endpoint and Layer 2 security features
  • 6.1 Endpoint Security Considerations Describe endpoint vulnerabilities and protection methods
  • 6.2 Layer 2 Security Considerations Describe basic Catalyst switch vulnerabilities such as VLAN attacks, STP manipulation, CAM table overflow attacks, and MAC address spoofing attacks
  • 6.3 Wireless, VoIP and SAN Security Considerations Describe the fundamentals of Wireless, VoIP and SANs, and the associated security considerations
  • 6.4 Configuring Switch Security Configure and verify switch security features, including port security and storm control
  • 6.5 SPAN and RSPAN Describe Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN)

Chapter 7. Cryptography

  • Describe methods for implementing data confidentiality and integrity
  • 7.1 Cryptographic Services Describe how different types of encryption, hashes, and digital signatures work together to provide confidentiality, integrity, and non-repudiation
  • 7.2 Hashes and Digital Signatures and authentication Describe the mechanisms to ensure data integrity
  • 7.3 Symmetric and Asymmetric Encryption Describe the mechanisms used to ensure data confidentiality

Chapter 8. Implementing Virtual Private Networks

  • Implement secure virtual private networks
  • 8.1 VPNs Describe the purpose and operation of VPN types
  • 8.2 IPSec VPN Components and Operation Describe the components and operations of IPSec VPNs
  • 8.3 Implementing Site-to-Site IPSec VPNs Configure and verify a site-to-site IPSec VPN with pre-shared key authentication using SDM and CLI
  • 8.4 Implementing a Remote Access VPN Configure and verify a remote access VPN
  • 8.5 Implementing SSL VPNs Configure and verify SSL VPNs

Chapter 9. Managing a Secure Network

  • Given the security needs of an enterprise, create and implement a comprehensive security policy
  • 9.1 Secure Network Lifecycle Describe the secure network lifecycle
  • 9.2 Self-Defending Network Describe the components of a self-defending network and business continuity plans
  • 9.3 Building a Comprehensive Security Policy Establish a comprehensive security policy to meet the security needs of a given enterprise


You should have the following skills and knowledge:

  • Basic PC skills such as typing, mouse, and desktop navigation skills
  • Basic Internet navigation skills
  • CCNA-level networking concepts and skills

You are encouraged to complete the CCNA Exploration course to acquire the fundamental CCNA-level routing and switching skills needed for success in this course.

Materials Required for class

Online course materials via the Cisco Networking Academy and Student Lab Manuals are provided to all participants. The Packet Tracer network simulator is also available exclusivley to students of the Cisco Networking Academy.

Target Audience

The Cisco® CCNA® Security course is designed for Cisco Networking Academy® students seeking career-oriented, entry-level security specialist skills. Target students include IT professionals who want to enhance their core routing and switching skills and students enrolled in technology degree programs at institutions of higher education. CCNA Security helps students develop the skills needed to succeed in IT-related degree programs and prepare for the CCNA Security certification. It provides a theoretically rich, hands-on introduction to network security, in a logical sequence driven by technologies. The goals of CCNA Security are as follows:

  • Provide an in-depth, theoretical understanding of network security
  • Provide students with the knowledge and skills necessary to design and support network security
  • Provide an experience-oriented course that employs industry-relevant instructional approaches to prepare students for associate-level jobs in the industry
  • Enable students to have significant hands-on interaction with IT equipment to prepare them for certification exams and career opportunities

Upon completion of the CCNA Security course, students will be able to perform the following tasks:

  • Describe the security threats facing modern network infrastructures
  • Secure network device access
  • Implement AAA on network devices
  • Mitigate threats to networks using ACLs
  • Implement secure network management and reporting
  • Mitigate common Layer 2 attacks
  • Implement the Cisco IOS firewall feature set
  • Implement the Cisco IOS IPS feature set
  • Implement site-to-site IPSec VPNs
  • Administer effective security policies

Is this the course for you?
Enrol now or enquire about this course.

IT & Cyber Security

Cyber Security Education Provider of the Year

Box Hill Institute Wins at the 2020 Australian Information Security Awards

Box Hill Institute has won the Cyber Security Educator of the Year Award at the Australian Information Security Awards (AISA) 2020 aka the Oscars of Cyber Security. This category is for the TAFE or university that has developed and implemented a comprehensive, flexible and easily accessible cyber security education program, which delivers industry ready graduates to the market.

Read the full article about our win


Interested in IT & Cyber Security?
Discover more

Discover IT & Cyber Security