CCNP Encor Security

 CCNP Encor Security

An important part of securing our network involves the layer 2 and 3  parts of the network, specifically the switches. Many people think of attacks originating from outside and  tend to ignore the security vulnerabilities that can be exploited with switches, but these devices are just as vulnerable as high layer devices but are just attacked in different ways.

These attackes  are usually an inside job , an originated from seemingly innocent sources like DHCP , ARP CDP, telnet, etc.

The attacker’s goal is to become the Man-In-The-Middle, with a naive user sending packets to the attacker as if it were a router. The attacker can glean information from the packets sent to it before it forwards them normally. In this post



 This switch security  section  check on t these potential threats and at the different  configurations that can be used to avoid them.We will do this in packet tracert  so you can graphically understand what we are doing and with real equipment as well the ones not available through PT.


In this post I’ll describe different security  features of CiscoNetwork devices 

5.1 Configure and verify device access control

5.1.a Lines and password protection

5.1.b Authentication and authorization using AAA

5.2 Configure and verify infrastructure security features

5.2.a ACLs

5.2.b CoPP

5.3 Describe REST API security

5.4 Configure and verify wireless security features

5.4.a EAP

5.4.b WebAuth

5.4.c PSK

5.5 Describe the components of network security design

5.5.a Threat defense

5.5.b Endpoint security

5.5.c Next-generation firewall

5.5.d TrustSec, MACsec

5.5.e Network access control with 802.1X, MAB, and WebAuth

These security features  will prevent certain types of malicious attacks  and will enhance your network security..

We invite everyone to try these labs in their home to improve your network  security skills..