Learning Path

Implementing Cisco Network Security, Part 1

Time to complete: 2h 28m

Published byO'Reilly Media, Inc.

CreatedJuly 2019

The alarming frequency and scope of data breaches today has not only shifted the subject of data security to the forefront of every IT organization’s priorities, it has also drawn the public’s attention. Today, consumers are increasingly aware of the consequences of their personally identifiable information (PII) being stolen and expect that the organizations they deal with to securely maintain that PII. So, it is no surprise that network security engineers are in high demand, with companies hiring them at a frenzied pace.

And just as the nature of attacks has become more sophisticated, so have the defenses that are put in place to thwart them. Security engineers today need a deep understanding of the products and discipline of good network security, the practices and compliance mandates of industry and government, and the necessity of protecting their organizations from complex and ever-changing threats to their systems. Achieving Cisco Certified Network Associate (CCNA) certification lays the foundation for job roles such as Network Security Specialist, Security Administrator and Network Security Support Engineer. Additionally, the United States Department of Defense has certified the Cisco CCNA Security certification as DoD 8570.01-M compliant.

In this three-part learning path series, designed for intermediate-level engineers with some proficiency in Cisco networking and Internet Operating System (IOS) concepts, you see how to prepare for the Cisco 210-260 IINS exam. Part 1 begins your preparation by introducing the four main topics that are the focus of this exam: common security principles, common security threats, cryptography concepts, and network topologies. You’ll learn basic terminology and examine major sources of network attacks, what the potential data loss is for organizations, and basic cryptographic technologies. You’ll also explore the different types of network security architecture. Going deeper, the discussion moves on to the techniques and methods that are available to secure the management plane, the tools and protocols used to secure device management traffic, AAA network access control services, preventing unauthorized clients from accessing the LAN, and how to manage a BYOD (bring your own device) architecture. When you’ve completed this part, you’ll be well equipped to move on to the more advanced subjects introduced in Part 2.

What you’ll learn—and how you can apply it

  • How to apply common network security concepts
  • The three basic elements of network security that make up the “CIA” triangle
  • Understand the three network attack categories
  • Recognizing the various types of malware and how to mitigate them
  • How to use hashing algorithms to assure data integrity
  • The different types of network architectures commonly found today in enterprise organizations
  • Understand symmetric and asymmetric encryption as well as public key infrastructure
  • Securing the management plane
  • How to use Secure Copy Protocol (SCP) to securely copy the Cisco router configuration files
  • And more

This learning path is for you because…

  • You're preparing to take the Cisco IINS 210-260 exam
  • You're preparing for Cisco CCNA Security Certification
  • You're preparing to recertify
  • You're a network designer, administrator, or engineer
  • You're a network security specialist
  • You're a security technician
  • You're a security administrator
  • You're a network security support engineer
  • You're a network and security manager


  • You should have a working knowledge of the Windows operating system
  • Cisco Certified Entry Networking Technician (CCENT) certification or equivalent skills and knowledge
  • Basic practical skills and knowledge of Cisco IOS networking and concepts
  • Materials or downloads needed in advance: None

    Further resources: