CCIE SEC

1. Virutal Private Networks [VPN]

Basic VPNs
  • LAN-to-LAN IPSec VPNS [with NAT-T & without NAT-T]
  • GRE, GRE/IPSEC
  • Static-Virtual Tunnel interface [S-VTI]
Advanced VPNs
  • DMVPN
  • GET VPN
  • VRF-Aware VPNs
  • VPNs using Certificates with Router as a CA Server
IKEv2 VPNs
  • D-VTI /S-VTI based Site-To-Site VPN
  • D-VTI /S-VTI based Spoke-to-Spoke using NHRP

2. UCS

Overview of the UCS Server
  • UCS Ports
  • Communication of UCS to the Fiber Interconnect (FI)
  • Initializing the FI Switches
Configuring the Basic Configuration to boot the UCS Server
  • Configuring Port Types
  • Configuring VLANS
  • Configuring VNIC Templates
  • Configuring Port-Channels
  • Configuring Mac Address Pools
  • Configuring IP Address Pools
  • Configuring UUID-Pool
  • Configuring VSANS
  • Configuring WWXN Pools
Configuring Policies to Boot the UCS Server
  • Configuring LAN Connectivity Policy
  • Configuring SAN Connectivity Policy
  • Configuring a FCOE Boot Policy

3. Firewalls – ASA

Basic Configuration
  • Interface configuration
  • Security Levels
  • Management [Telnet / SSH]
  • Routing [RIPv2, EIGRP, EIGRP, BGP]
  • NAT
    • Dynamic NAT
    • Static NAT
    • Dynamic PAT
    • Static PAT
    • Destination NAT
    • Manual NAT/Twice-NAT
  • Access Policies
Transparent firewall
  • Initialization
  • Access policies/Routing Protocol Access
  • Ethertype ACLs
Redundancy
  • Redundant Interfaces
  • Port-channels
  • Security Contexts [Virtual Firewalls]
  • Failover
    • Active/Standby
    • Active/Active
  • Clustering
    • Spanned mode
    • Individual Interface mode
Deep-Packet Inspection using MPF
  • Tuning the global policy
  • Configuring custom L7 policy
VPNs
  • Site-to-Site IPSec
  • Remote access
    • SSL
    • IKev2

4. Cisco Nexus 9000 Concepts and Technologies:

Cisco ACI Architecture Design Principles
  • Central Point of Management but no Centralized Control Plane
  • Controller Availability
Fabric
  • Zero Touch Provisioning
  • What is an Integrated Overlay
  • Routed Design with VxLAN Overlays
  • Leaf-and-Spine Design
Access Layer
  • Use of VLANs as a Segmentation Mechanism
  • VLANs and VxLANs Namespaces
  • Concept of Domain
  • Policy-based Configuration of Access Ports
  • PortChannels
  • Virtual PortChannels
Tenant Considerations
  • Bridge Domain
  • Endpoint Connectivity
  • Connecting a Physical Server
  • Connecting a Virtual Server
  • EPG, Contracts and Filters
  • External Connectivity
    L2-OUT
    L3-OUT