fbpx

Advanced Diploma in Network Engineering

Advanced Diploma in Network Engineering - Advanced Diploma in Network Engineering

78%

Alumni Career Transitions

5200+

Hiring Partners

60%

Avg Salary Hike

22

Years of R & D in Syllabus

** Syllabus Updated on April 2023 -2024

CCNA + ( CCNP / CCNP Security / MCSE / RHCE / AWS / Azure ) Any Three Module

CCNA

  • Explain the role and function of network components
    1. Routers
    2. Layer 2 and Layer 3 switches
    3. Next-generation firewalls and IPS
    4. Access points
    5. Controllers (Cisco DNA Center and WLC)
    6. Endpoints
    7. Servers
    8. PoE
  • Describe characteristics of network topology architectures
    1. Two-tier
    2. Three-tier
    3. Spine-leaf
    4. WAN
    5. Small office/home office (SOHO)
    6. On-premise and cloud
  • Compare physical interface and cabling types
    1. Single-mode fiber, multimode fiber, copper
    2. Connections (Ethernet shared media and point-to-point)
  • Identify interface and cable issues
    (collisions, errors, mismatch duplex, and/or speed)
  • Compare TCP to UDP
  • Configure and verify IPv4 addressing and subnetting
  • Describe the need for private IPv4 addressing
  • Configure and verify IPv6 addressing and prefix
  • Describe IPv6 address types
    1. Unicast (global, unique local, and link local)
    2. Anycast
    3. Multicast
    4. Modified EUI 64
  • Verify IP parameters for Client OS (Windows, Mac OS, Linux)
  • Describe wireless principles
    1. Nonoverlapping Wi-Fi channels
    2. SSID
    3. RF
    4. Encryption
  • Explain virtualization fundamentals (server virtualization, containers, and VRFs)
  • Describe switching concepts
  • MAC learning and aging
  • Frame switching
  • Frame flooding
  • MAC address table
  • Configure and verify VLANs (normal range) spanning multiple switches
    1. Access ports (data and voice)
    2. Default VLAN
    3. Connectivity
  • Configure and verify interswitch connectivity
    1. Trunk ports
    2. 1Q
    3. Native VLAN
  • Configure and verify Layer 2 discovery protocols (Cisco Discovery Protocol and LLDP)
  • Configure and verify (Layer 2/Layer 3) EtherChannel (LACP
  • Describe the need for and basic operations of Rapid PVST+ Spanning Tree Protocol andidentify basic operations
    1. Root port, root bridge (primary/secondary), and other port names
    2. Port states (forwarding/blocking)
    3. PortFast benefits
  • Compare Cisco Wireless Architectures and AP modes
  • Describe physical infrastructure connections of WLAN components (AP,WLC,
    access/trunk ports, and LAG)
  • Describe AP and WLC management access connections (Telnet, SSH, HTTP,HTTPS,
    console, and TACACS+/RADIUS)
  • Configure the components of a wireless LAN access for client connectivity using GUI
    only such as WLAN creation, security settings, QoS profiles, and advanced WLAN settings
  • Interpret the components of routing table
    1. Routing protocol code
    2. Prefix
    3. Network mask
    4. Next hop
    5. Administrative distance
    6. Metric
    7. Gateway of last resort
  • Determine how a router makes a forwarding decision by default
    1. Longest match
    2. Administrative distance
    3. Routing protocol metric
  • Configure and verify IPv4 and IPv6 static routing
    1. Default route
    2. Network route
    3. Host route
    4. Floating static
  • Configure and verify single area OSPFv2
    1. Neighbor adjacencies
    2. Point-to-point
    3. Broadcast (DR/BDR selection)
    4. Router ID
  • Describe the purpose of first hop redundancy protocol
  • Configure and verify inside source NAT using static and pools
  • Configure and verify NTP operating in a client and server mode
  • Explain the role of DHCP and DNS within the network
  • Explain the function of SNMP in network operations
  • Describe the use of syslog features including facilities and levels
  • Configure and verify DHCP client and relay
  • Explain the forwarding per-hop behaviour (PHB) for QoS such as classification,
    marking, queuing, congestion, policing, shaping
  • Configure network devices for remote access using SSH
  • Describe the capabilities and function of TFTP/FTP in the network
  •  Define key security concepts (threats, vulnerabilities, exploits, and
    mitigation techniques)
  • Describe security program elements (user awareness, training, and
    physical access control)
  • Configure device access control using local passwords
  • Describe security password policies elements, such as management, complexity,
    and password alternatives (multifactor authentication, certificates, and biometrics)
  • Describe remote access and site-to-site VPNs
  • Configure and verify access control lists
  • Configure Layer 2 security features
    (DHCP snooping, dynamic ARP inspection, and port security)
  • Differentiate authentication, authorization, and accounting concepts
  • Describe wireless security protocols (WPA, WPA2, and WPA3)
  • Configure WLAN using WPA2 PSK using the GUI
  • Explain how automation impacts network management
  • Compare traditional networks with controller-based networking
  • Describe controller-based and software defined architectures
    (overlay, underlay, and fabric)
    1. Separation of control plane and data plane
    2. North-bound and south-bound APIs
  • Compare traditional campus device management with Cisco DNA Center
    enabled device management
  • Describe characteristics of REST-based APIs
    (CRUD, HTTP verbs, and data encoding)
  • Recognize the capabilities of configuration management mechanisms Puppet,
    Chef, and Ansible
  • Interpret JSON encoded data

CCNP

  • Illustrate the hierarchical network design model and architecture using the access, distribution, and core layers
  • Compare and contrast the various hardware and software switching mechanisms and operation, while defining the Ternary Content Addressable Memory (TCAM) and Content Addressable Memory (CAM), along with process switching, fast switching, and Cisco Express Forwarding concepts
  • Troubleshoot Layer 2 connectivity using VLANs and trunking
  • Implementation of redundant switched networks using Spanning Tree Protocol
  • Troubleshooting link aggregation using Etherchannel
  • Describe the features, metrics, and path selection concepts of Enhanced Interior Gateway Routing Protocol (EIGRP)
  • Implementation and optimization of Open Shortest Path First (OSPF)v2 and OSPFv3, including adjacencies, packet types, and areas, summarization, and route filtering for IPv4 and IPv6
  • Implementing External Border Gateway Protocol (EBGP) interdomain routing, path selection, and single and dual-homed networking
  • Implementing network redundancy using protocols including Hot Standby Routing Protocol (HSRP) and Virtual Router Redundancy Protocol (VRRP)
  • Implementing internet connectivity within Enterprise using static and dynamic Network Address Translation (NAT)
  • Describe the virtualization technology of servers, switches, and the various network devices and components
  • Implementing overlay technologies such as Virtual Routing and Forwarding (VRF), Generic Routing Encapsulation (GRE), VPN, and Location Identifier Separation Protocol (LISP)
  • Describe the components and concepts of wireless networking including Radio Frequency (RF) and antenna characteristics, and define the specific wireless standards
  • Describe the various wireless deployment models available, include autonomous Access Point (AP) deployments and cloud-based designs within the centralized Cisco Wireless LAN Controller (WLC) architecture
  • Describe wireless roaming and location services
  • Describe how APs communicate with WLCs to obtain software, configurations, and centralized management
  • Configure and verify Extensible Authentication Protocol (EAP), WebAuth, and Pre-Shared Key (PSK) wireless client authentication on a WLC
  • Troubleshoot wireless client connectivity issues using various available tools
  • Troubleshooting Enterprise networks using services such as Network Time Protocol (NTP), Simple Network Management Protocol (SNMP), Cisco Internetwork Operating System (Cisco IOS®) IP Service Level Agreements (SLAs), NetFlow, and Cisco IOS Embedded Event Manager
  • Explain the use of available network analysis and troubleshooting tools, which include show and debug commands, as well as best practices in troubleshooting
  • Configure secure administrative access for Cisco IOS devices using the Command-Line Interface (CLI) access, Role-Based Access Control (RBAC), Access Control List (ACL), and Secure Shell (SSH), and explore device hardening concepts to secure devices from less secure applications, such as Telnet and HTTP
  • Implement scalable administration using Authentication, Authorization, and Accounting (AAA) and the local database, while exploring the features and benefits
  • Describe the enterprise network security architecture, including the purpose and function of VPNs, content security, logging, endpoint security, personal firewalls, and other security features
  • Explain the purpose, function, features, and workflow of Cisco DNA Center™ Assurance for Intent-Based Networking, for network visibility, proactive monitoring, and application experience
  • Describe the components and features of the Cisco SD-Access solution, including the nodes, fabric control plane, and data plane, while illustrating the purpose and function of the Virtual Extensible LAN (VXLAN) gateways
  • Define the components and features of Cisco SD-WAN solutions, including the orchestration plane, management plane, control plane, and data plane
  • Describe the concepts, purpose, and features of multicast protocols, including Internet Group Management Protocol (IGMP) v2/v3, Protocol-Independent Multicast (PIM) dense mode/sparse mode, and rendezvous points
  • Describe the concepts and features of Quality of Service (QoS), and describe the need within the enterprise network
  • Explain basic Python components and conditionals with script writing and analysis
  • Describe network programmability protocols such as Network Configuration Protocol (NETCONF) and RESTCONF
  • Describe APIs in Cisco DNA Center and vManage

Knowledge and skills you should have before attending this course:

  • Implementation of Enterprise LAN networks
  • Basic understanding of Enterprise routing and wireless connectivity
  • Basic understanding of Python scripting
  • Examining Cisco Enterprise Network Architecture
  • Understanding Cisco Switching Paths
  • Implementing Campus LAN Connectivity
  • Building Redundant Switched Topology
  • Implementing Layer 2 Port Aggregation
  • Understanding EIGRP
  • Implementing OSPF
  • Optimizing OSPF
  • Exploring EBGP
  • Implementing Network Redundancy
  • Implementing NAT
  • Introducing Virtualization Protocols and Techniques
  • Understanding Virtual Private Networks and Interfaces
  • Understanding Wireless Principles
  • Examining Wireless Deployment Options
  • Understanding Wireless Roaming and Location Services
  • Examining Wireless AP Operation
  • Understanding Wireless Client Authentication
  • Troubleshooting Wireless Client Connectivity
  • Introducing Multicast Protocols
  • Introducing QoS
  • Implementing Network Services
  • Using Network Analysis Tools
  • Implementing Infrastructure Security
  • Implementing Secure Access Control
  • Understanding Enterprise Network Security Architecture
  • Exploring Automation and Assurance Using Cisco DNA Center
  • Examining the Cisco SD-Access Solution
  • Understanding the Working Principles of the Cisco SD-WAN Solution
  • Understanding the Basics of Python Programming
  • Introducing Network Programmability Protocols
  • Introducing APIs in Cisco DNA Center and vManage
  • Investigate the CAM
  • Analyze Cisco Express Forwarding
  • Troubleshoot VLAN and Trunk Issues
  • Tuning Spanning Tree Protocol (STP) and Configuring Rapid Spanning Tree Protocol (RSTP)
  • Configure Multiple Spanning Tree Protocol
  • Troubleshoot EtherChannel
  • Implement Multi-area OSPF
  • Implement OSPF Tuning
  • Apply OSPF Optimization
  • Implement OSPFv3
  • Configure and Verify Single-Homed EBGP
  • Implementing Hot Standby Routing Protocol (HSRP)
  • Configure Virtual Router Redundancy Protocol (VRRP)
  • Implement NAT
  • Configure and Verify Virtual Routing and Forwarding (VRF)
  • Configure and Verify a Generic Routing Encapsulation (GRE) Tunnel
  • Configure Static Virtual Tunnel Interface (VTI) Point-to-Point Tunnels
  • Configure Wireless Client Authentication in a Centralized Deployment
  • Troubleshoot Wireless Client Connectivity Issues
  • Configure Syslog
  • Configure and Verify Flexible NetFlow
  • Configuring Cisco IOS Embedded Event Manager (EEM)
  • Troubleshoot Connectivity and Analyze Traffic with Ping, Traceroute, and Debug
  • Configure and Verify Cisco IP SLAs
  • Configure Standard and Extended ACLs
  • Configure Control Plane Policing
  • Implement Local and Server-Based AAA
  • Writing and Troubleshooting Python Scripts
  • Explore JavaScript Object Notation (JSON) Objects and Scripts in Python
  • Use NETCONF Via SSH
  • Use RESTCONF with Cisco IOS XE Software

CCNP Security

Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0

After taking this course, you should be able to:

  • Describe information security concepts and strategies within the network
  • Describe common TCP/IP, network application, and endpoint attacks
  • Describe how various network security technologies work together to guard against attacks
  • Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
  • Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
  • Describe and implement web content security features and functions provided by Cisco Web Security Appliance
  • Describe Cisco Umbrella® security capabilities, deployment models, policy management, and Investigate console
  • Introduce VPNs and describe cryptography solutions and algorithms
  • Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS®) Virtual Tunnel Interface (VTI)-based point-to point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW)
  • Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication
  • Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features
  • Examine various defenses on Cisco devices that protect the control and management plane
  • Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls
  • Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
  • Describe basics of cloud computing and common cloud attacks and how to secure cloud environment

To fully benefit from this course, you should have the following knowledge
and skills:

  • Skills and knowledge equivalent to those learned in Implementing and Administering Cisco Solutions (CCNA®) v1.0 course
  • Familiarity with Ethernet and TCP/IP networking
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts
  • Familiarity with basics of networking security concepts These Cisco
    courses are recommended to help you meet these prerequisites:
  • Implementing and Administering Cisco Solutions (CCNA)
  • Describing Information Security Concepts*
    1. Information Security Overview
    2. Assets, Vulnerabilities, and Countermeasures
    3. Managing RisK
  • Describing Common TCP/IP Attacks*
    1. Legacy TCP/IP Vulnerabilities
    2. IP Vulnerabilities
    3. Internet Control Message Protocol (ICMP) Vulnerabilities
  • Describing Common Network Application Attacks*
    1. Password Attacks
    2. Domain Name System (DNS)-Based Attacks
    3. DNS Tunnelling
  • Describing Common Endpoint Attacks*
    1. Buffer Overflow
    2. Malware
    3. Reconnaissance Attack
  • Describing Network Security Technologies
    1. Défense-in-Depth Strategy
    2. Defending Across the Attack Continuum
    3. Network Segmentation and Virtualization Overview
  • Deploying Cisco ASA Firewall
    1. Cisco ASA Deployment Types
    2. Cisco ASA Interface Security Levels
    3. Cisco ASA Objects and Object Groups
  • Deploying Cisco Firepower Next-Generation Firewall
    1. Cisco Firepower NGFW Deployments
    2. Cisco Firepower NGFW Packet Processing and Policies
    3. Cisco Firepower NGFW Objects
  • Deploying Email Content Security
    1. Cisco Email Content Security Overview
    2. Simple Mail Transfer Protocol (SMTP) Overview
    3. Email Pipeline Overview
  • Deploying Web Content Security
    1. Cisco Web Security Appliance (WSA) Overview
    2. Deployment Options
    3. Network Users Authentication
  • Deploying Cisco Umbrella*
    1. Cisco Umbrella Architecture
    2. Deploying Cisco Umbrella
    3. Cisco Umbrella Roaming Client
  • Explaining VPN Technologies and Cryptography
    1. VPN Definition
    2. VPN Types
    3. Secure Communication and Cryptographic Services
  • Introducing Cisco Secure Site-to-Site VPN Solutions
    1. Site-to-Site VPN Topologies
    2. IPsec VPN Overview
    3. IPsec Static Crypto Maps
  • Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs
    1. Cisco IOS VTIs
    2. Static VTI Point-to-Point IPsec Internet Key Exchange (IKE) v2
      VPN Configuration
  • Deploying Point-to-Point IPsec VPNs on the Cisco ASA and Cisco Firepower NGFW
    1. Point-to-Point VPNs on the Cisco ASA and Cisco Firepower
      NGFW
    2. Cisco ASA Point-to-Point VPN Configuration
    3. Cisco Firepower NGFW Point-to-Point VPN Configuration
  • Introducing Cisco Secure Remote Access VPN Solutions
    1. Remote Access VPN Components
    2. Remote Access VPN Technologies
    3. Secure Sockets Layer (SSL) Overview
  • Deploying Remote Access SSL VPNs on the Cisco ASA and Cisco Firepower NGFW
    1. Remote Access Configuration Concepts
    2. Connection Profiles
    3. Group Policies
  • Explaining Cisco Secure Network Access Solutions
    1. Cisco Secure Network Access
    2. Cisco Secure Network Access Components
    3. AAA Role in Cisco Secure Network Access Solution
  • Describing 802.1X Authentication
    1. 1X and Extensible Authentication Protocol (EAP)
    2. EAP Methods
    3. Role of Remote Authentication Dial-in User Service (RADIUS) in
      1X Communications
  • Configuring 802.1X Authentication
    1. Cisco Catalyst® Switch 802.1X Configuration
    2. Cisco Wireless LAN Controller (WLC) 802.1X Configuration
    3. Cisco Identity Services Engine (ISE) 802.1X Configuration
  • Describing Endpoint Security Technologies*
    1. Host-Based Personal Firewall
    2. Host-Based Anti-Virus
    3. Host-Based Intrusion Prevention System
  • Deploying Cisco Advanced Malware Protection (AMP) for Endpoints*
    1. Cisco AMP for Endpoints Architecture
    2. Cisco AMP for Endpoints Engines
    3. Retrospective Security with Cisco AMP
  • Introducing Network Infrastructure Protection*
    1. Identifying Network Device Planes
    2. Control Plane Security Controls
    3. Management Plane Security Controls
  • Deploying Control Plane Security Controls*
    1. Infrastructure ACLs
    2. Control Plane Policing
    3. Control Plane Protection
  • Deploying Layer 2 Data Plane Security Controls*
    1. Overview of Layer 2 Data Plane Security Controls
    2. Virtual LAN (VLAN)-Based Attacks Mitigation
    3. Spanning Tree Protocol (STP) Attacks Mitigation
  • Deploying Layer 3 Data Plane Security Controls*
    1. Infrastructure Antispoofing ACLs
    2. Unicast Reverse Path Forwarding
    3. IP Source Guard
  • Deploying Management Plane Security Controls*
    1. Cisco Secure Management Access
    2. Simple Network Management Protocol Version 3
    3. Secure Access to Cisco Devices
  • Deploying Traffic Telemetry Methods*
    1. Network Time Protocol
    2. Device and Network Events Logging and Export
    3. Network Traffic Monitoring Using NetFlow
  • Deploying Cisco Stealthwatch Enterprise*
    1. Cisco Stealthwatch Offerings Overview
    2. Cisco Stealthwatch Enterprise Required Components
    3. Flow Stitching and Deduplication
  • Describing Cloud and Common Cloud Attacks*
    1. Evolution of Cloud Computing
    2. Cloud Service Models
    3. Security Responsibilities in Cloud
  • Securing the Cloud*
    1. Cisco Threat-Centric Approach to Network Security
    2. Cloud Physical Environment Security
    3. Application and Workload Security
  • Deploying Cisco Stealth watch Cloud*
    1. Cisco Stealth watch Cloud for Public Cloud Monitoring
    2. Cisco Stealth watch Cloud for Private Network Monitoring
    3. Cisco Stealth watch Cloud Operations
  • Describing Software-Defined Networking (SDN*)
    1. Software-Defined Networking Concepts
    2. Network Programmability and Automation
    3. Cisco Platforms and APIs
    4. This section is self-study material that can be done at yourown pace if you are taking the instructor-led version of this
  • Configure Network Settings and NAT on Cisco ASA
  • Configure Cisco ASA Access Control Policies
  • Configure Cisco Firepower NGFW NAT
  • Configure Cisco Firepower NGFW Access Control Policy
  • Configure Cisco Firepower NGFW Discovery and IPS Policy
  • Configure Cisco NGFW Malware and File Policy
  • Configure Listener, Host Access Table (HAT), and Recipient Access
    Table (RAT) on Cisco Email Security Appliance (ESA)
  • Configure Mail Policies
  • Configure Proxy Services, Authentication, and HTTPS Decryption
  • Enforce Acceptable Use Control and Malware Protection
  • Examine the Umbrella Dashboard
  • Examine Cisco Umbrella Investigate
  • Explore DNS Ransomware Protection by Cisco Umbrella
  • Configure Static VTI Point-to-Point IPsec IKEv2 Tunnel
  • Configure Point-to-Point VPN between the Cisco ASA and Cisco
  • Firepower NGFW
  • Configure Remote Access VPN on the Cisco Firepower NGFW
  • Explore Cisco AMP for Endpoints
  • Perform Endpoint Analysis Using AMP for Endpoints Console
  • Explore File Ransomware Protection by Cisco AMP for Endpoints Console
  • Explore Cisco Stealth watch Enterprise v6.9.3
  • Explore Cognitive Threat Analytics (CTA) in Stealth watch Enterprise v7.0
  • Explore the Cisco Cloud lock Dashboard and User Security
  • Explore Cisco Cloud lock Application and Data Security
  • Explore Cisco Stealth watch Cloud
  • Explore Stealth watch Cloud Alert Settings, Watch lists, and Sensors

MCSE

  • Installing, upgrading, and migrating servers and workloads
    1. Introducing Windows Server 2019
    2. Preparing and installing Server Core
    3. Preparing for upgrades and migrations
    4. Migrating server roles and workloads
    5. Windows Server activation models
  • Configuring local storage
    1. Managing disks in Windows Server
    2. Managing volumes in Windows Server
  • Implementing enterprise storage solutions
    1. Overview of DAS, NAS, and SANs
    2. Comparing Fiber Channel, iSCSI, and Fiber Channel over Ethernet
    3. Understanding iSNS, DCB, and MPIO
    4. Configuring sharing in Windows Server 2019
  • Implementing Storage Spaces and Data Deduplication
    1. Implementing Storage Spaces
    2. Managing Storage Spaces
    3. Implementing Data Deduplication
  • Installing and configuring Hyper-V and virtual machines
    1. Overview of Hyper-V
    2. Installing Hyper-V
    3. Configuring storage on Hyper-V host servers
    4. Configuring networking on Hyper-V host servers
    5. Configuring Hyper-V virtual machines
    6. Managing virtual machines
  • Deploying and managing Windows and Hyper-V containers
    1. Overview of containers in Windows Server 2016
    2. Deploying Windows Server and Hyper-V containers
    3. Installing, configuring, and managing containers by using
    4. Docker
  • Overview of high availability and disaster recovery
    • Defining levels of availability
    • Planning high availability and disaster recovery solutions with Hyper-V virtual machines
    • Backing up and restoring by using Windows Server Backup
  • Implementing failover clustering
    1. Planning a failover cluster
    2. Creating and configuring a new failover cluster
    3. Maintaining a failover cluster
    4. Troubleshooting a failover cluster
    5. Implementing site high availability with stretch clustering
  • Implementing failover clustering with Windows Server 2019 Hyper-V
    1. Overview of the integration of Hyper-V Server 2019 with
    2. failover clustering
    3. Implementing Hyper-V VMs on failover clusters
    4. Key features for VMs in a clustered environment
  • Implementing Network Load Balancing
    1. Overview of NLB
    2. Configuring an NLB cluster
    3. Planning an NLB implementation
  • Creating and managing deployment images
    1. Introduction to deployment images
    2. Creating and managing deployment images by using MDT
    3. Virtual machine environments for different workloads
  • Managing, monitoring, and maintaining virtual machine installations
    1. WSUS overview and deployment options
    2. Update management process with WSUS
    3. Overview of Windows PowerShell DSC
    4. Overview of Windows Server 2019 monitoring tools
    5. Using Performance Monitor
    6. Monitoring event logs
  • Planning and implementing an IPv4 network
    1. Planning IPv4 addressing
    2. Configuring an IPv4 host
    3. Managing and troubleshooting IPv4 network connectivity
  • Implementing DHCP
    1. Overview of the DHCP server role
    2. Deploying DHCP
    3. Managing and troubleshooting DHCP
  • Implementing IPv6
    1. Overview of IPv6 addressing
    2. Configuring an IPv6 host
    3. Implementing IPv6 and IPv4 coexistence
    4. Transitioning from IPv4 to IPv6
  • Implementing DNS
    1. Implementing DNS servers
    2. Configuring zones in DNS
    3. Configuring name resolution between DNS zones
    4. Configuring DNS integration with Active Directory Domain Services (AD DS)
    5. Configuring advanced DNS settings
  • Implementing and managing IPAM
    1. Overview of IPAM
    2. Deploying IPAM
    3. Managing IP address spaces by using IPAM
    4. Remote access in Windows Server 2019
  • Overview of remote access
    1. Implementing the Web Application Proxy Implementing DirectAccess
    2. Overview of DirectAccess
    3. Implementing DirectAccess by using the Getting Started Wizard
    4. Implementing and managing an advanced DirectAccess infrastructure
  • Implementing VPNs
    1. Planning VPNs
    2. Implementing VPNs
  • Implementing networking for branch offices
    1. Networking features and considerations for branch offices
    2. Implementing Distributed File System (DFS) for branch offices
    3. Implementing BranchCache for branch offices
  • Configuring advanced networking features
    1. Overview of high-performance networking features
    2. Configuring advanced Microsoft Hyper-V networking features
  • Implementing Software Defined Networking Overview of SDN.
    1. Implementing network virtualization
    2. Implementing Network Controller
  • Installing and configuring domain controllers
    1. Overview of AD DS
    2. Overview of AD DS domain controllers
    3. Deploying a domain controller
  • Managing objects in AD DS
    1. Managing user accounts
    2. Managing groups in AD DS
    3. Managing computer objects in AD DS
    4. Using Windows PowerShell for AD DS administration
    5. Implementing and managing OUs
  • Advanced AD DS infrastructure management
    1. Overview of advanced AD DS deployments
    2. Deploying a distributed AD DS environment
    3. Configuring AD DS trusts
  • Implementing and administering AD DS sites and replication
    1. Overview of AD DS replication
    2. Configuring AD DS sites
    3. Configuring and monitoring AD DS replication
  • Implementing Group Policy
    1. Introducing Group Policy
    2. Implementing and administering GPOs
    3. Group Policy scope and Group Policy processing
    4. Troubleshooting the application of GPOs
  • Managing user settings with Group Policy
    1. Implementing administrative templates
    2. Configuring Folder Redirection, software installation, and scripts
    3. Configuring Group Policy preferences
  • Securing Active Directory Domain Services
    1. Securing domain controllers
    2. Implementing account security
    3. Implementing audit authentication
    4. Configuring managed service accounts
  • Deploying and managing AD CS
    1. Deploying CAs
    2. Administering CAs
    3. Troubleshooting and maintaining CAs
  • Deploying and managing certificates
    1. Deploying and managing certificate templates
    2. Managing certificate deployment, revocation, and recovery
    3. Using certificates in a business environment
    4. Implementing and managing smart cards
  • Implementing and administering AD FS
    1. Overview of AD FS
    2. AD FS requirements and planning
    3. Deploying and configuring AD FS
    4. Web Application Proxy Overview
  • Implementing and administering AD RMS
    1. Overview of AD RMS
    2. Deploying and managing an AD RMS infrastructure
    3. Configuring AD RMS content protection
  • Implementing AD DS synchronization with Microsoft Azure AD
    1. Planning and preparing for directory synchronization
    2. Implementing directory synchronization by using Azure AD Connect
    3. Managing identities with directory synchronization
  • Monitoring, managing, and recovering AD DS
    1. Monitoring AD DS
    2. Managing the Active Directory database
    3. Active Directory backup and recovery options for AD DS and other identity and access solutions
  • Attacks, breach detection, and Sy internals tools
    1. Understanding attacks
    2. Detecting security breaches
    3. Examining activity with the Sy internals tools
  • Protecting credentials and privileged access
    1. Understanding user rights
    2. Computer and service accounts
    3. Protecting credentials
    4. Privileged Access Workstations and jump servers
    5. Local administrator password solution
  • Limiting administrator rights with Just Enough Administration
    1. Understanding JEA
    2. Verifying and deploying JEA
  • Privileged access management and administrative forests
    1. ESAE forests
    2. Overview of Microsoft Identity Manager
    3. Overview of JIT administration and PAM
  • Mitigating malware and threats
    1. Configuring and managing Windows Defender
    2. Restricting software
    3. Configuring and using the Device Guard feature
  • Analyzing activity with advanced auditing and log analytics
    • Overview of auditing
    • Advanced auditing
    • Windows PowerShell auditing and logging
  • Deploying and configuring Advanced Threat Analytics and Microsoft Operations Management Suite
    1. Deploying and configuring ATA
    2. Deploying and configuring Microsoft Operations
    3. Management Suite
    4. Deploying and configuring Azure Security Center
  • Secure Virtualization Infrastructure
    1. Guarded fabric
    2. Shielded and encryption-supported virtual machines
  • Securing application development and serverworkload infrastructure
    1. Using SCT
    2. Understanding containers
  • Planning and protecting data
    1. Planning and implementing encryption
    2. Planning and implementing BitLocker
    3. Protecting data by using Azure Information Protection
  • Optimizing and securing file services
    1. File Server Resource Manager
    2. Implementing classification and file management tasks
    3. Dynamic Access Control
  • Securing network traffic with firewalls and encryption
    1. Understanding network-related security threats
    2. Understanding Windows Firewall with Advanced Security
    3. Configuring IPsec
    4. Datacenter Firewall
  • Securing network traffic
    1. Configuring advanced DNS settings
    2. Examining network traffic with Message Analyzer
    3. Securing and analyzing SMB traffic

AWS

Task Statement 1: Design secure access to AWS resources.

 Knowledge of:

  • Access controls and management across multiple accounts
  • AWS federated access and identity services (for example, AWS Identity and Access Management [IAM], AWS Single Sign-On [AWS SSO])
  • AWS global infrastructure (for example, Availability Zones, AWS Regions) AWS security best practices (for example, the principle of least privilege)
  • Applying AWS security best practices to IAM users and root users (for example, multi-factor authentication [MFA])
  • Designing a flexible authorization model that includes IAM users, groups, roles, and policies
  • Designing a role-based access control strategy (for example, AWS Security Token Service [AWS STS], role switching, cross-account access)
  • Designing a security strategy for multiple AWS accounts (for example, AWS Control Tower, service control policies [SCPs])
  • Determining the appropriate use of resource policies for AWS services
  • Determining when to federate a directory service with IAM roles

Task Statement 2: Design secure workloads and applications.

Knowledge of:

  • Application configuration and credentials security
  • AWS service endpoints
  • Control ports, protocols, and network traffic on AWS
  • Secure application access
  • Security services with appropriate use cases (for example, Amazon Cognito, Amazon GuardDuty, Amazon Macie)
  • Threat vectors external to AWS (for example, DDoS, SQL injection) Skills in:
  • Designing VPC architectures with security components (for example, security groups, route tables, network ACLs, NAT gateways)
  • Determining network segmentation strategies (for example, using public subnets and private subnets)
  • Integrating AWS services to secure applications (for example, AWS Shield, AWS WAF, AWS SSO, AWS Secrets Manager)
  • Securing external network connections to and from the AWS Cloud (for example, VPN, AWS Direct Connect)

Task Statement 3: Determine appropriate data security controls.

Knowledge of:

  • Data access and governance
  • Data recovery
  • Data retention and classification
  • Encryption and appropriate key management Skills in:
  • Aligning AWS technologies to meet compliance requirements
  • Encrypting data at rest (for example, AWS Key Management Service [AWS KMS])
  • Encrypting data in transit (for example, AWS Certificate Manager [ACM] using TLS)
  • Implementing access policies for encryption keys
  • Implementing data backups and replications
  • Implementing policies for data access, lifecycle, and protection
  • Rotating encryption keys and renewing certificates

Task Statement 1: Design scalable and loosely coupled architectures.

Knowledge of:

  • API creation and management (for example, Amazon API Gateway, REST API)
  • AWS managed services with appropriate use cases (for example, AWS Transfer Family, Amazon Simple Queue Service [Amazon SQS], Secrets Manager)
  • Caching strategies
  • Design principles for microservices (for example, stateless workloads compared with stateful workloads)
  • Event-driven architectures
  • Horizontal scaling and vertical scaling
  • How to appropriately use edge accelerators (for example, content delivery network [CDN])
  • How to migrate applications into containers
  • Load balancing concepts (for example, Application Load Balancer)
  • Multi-tier architectures
  • Queuing and messaging concepts (for example, publish/subscribe)
  • Serverless technologies and patterns (for example, AWS Fargate, AWS Lambda)
  • Storage types with associated characteristics (for example, object, file, block)
  • The orchestration of containers (for example, Amazon Elastic Container Service [Amazon ECS], Amazon Elastic Kubernetes Service [Amazon EKS])
  • When to use read replicas
  • Workflow orchestration (for example, AWS Step Functions)

 

Skills in:

  • Designing event-driven, micro service, and/or multi-tier architectures based on requirements
  • Determining scaling strategies for components used in an architecture design
  • Determining the AWS services required to achieve loose coupling based on requirements
  • Determining when to use containers
  • Determining when to use serverless technologies and patterns
  • Recommending appropriate compute, storage, networking, and database technologies based on requirements
  • Using purpose-built AWS services for workloads

 

Task Statement 2: Design highly available and/or fault-tolerant architectures.

Knowledge of:

  • AWS global infrastructure (for example, Availability Zones, AWS Regions, Amazon Route 53)
  • AWS managed services with appropriate use cases (for example, Amazon Comprehend, Amazon Polly)
  • Basic networking concepts (for example, route tables)
  • Disaster recovery (DR) strategies (for example, backup and restore, pilot light, warm standby, active- active failover, recovery point objective [RPO], recovery time objective [RTO])
  • Distributed design patterns
  • Failover strategies
  • Immutable infrastructure
  • Load balancing concepts (for example, Application Load Balancer)
  • Proxy concepts (for example, Amazon RDS Proxy)
  • Service quotas and throttling (for example, how to configure the service quotas for a workload in a standby environment)
  • Storage options and characteristics (for example, durability, replication)
  • Workload visibility (for example, AWS X-Ray) Skills in:
  • Determining automation strategies to ensure infrastructure integrity
  • Determining the AWS services required to provide a highly available and/or fault-tolerant architecture across AWS Regions or Availability Zones
  • Identifying metrics based on business requirements to deliver a highly available solution
  • Implementing designs to mitigate single points of failure
  • Implementing strategies to ensure the durability and availability of data (for example, backups)
  • Selecting an appropriate DR strategy to meet business requirements
  • Using AWS services that improve the reliability of legacy applications and applications not built for the cloud (for example, when application changes are not possible)
  • Using purpose-built AWS services for workloads

Task Statement 1: Determine high-performing and/or scalable storage solutions.

Knowledge of:

  • Hybrid storage solutions to meet business requirements
  • Storage services with appropriate use cases (for example, Amazon S3, Amazon Elastic File System [Amazon EFS], Amazon Elastic Block Store [Amazon EBS])
  • Storage types with associated characteristics (for example, object, file, block) Skills in:
  • Determining storage services and configurations that meet performance demands
  • Determining storage services that can scale to accommodate future needs

Task Statement 2: Design high-performing and elastic compute solutions.

Knowledge of:

  • AWS compute services with appropriate use cases (for example, AWS Batch, Amazon EMR, Fargate)
  • Distributed computing concepts supported by AWS global infrastructure and edge services
  • Queuing and messaging concepts (for example, publish/subscribe)
  • Scalability capabilities with appropriate use cases (for example, Amazon EC2 Auto Scaling, AWS Auto Scaling)
  • Serverless technologies and patterns (for example, Lambda, Fargate)
  • The orchestration of containers (for example, Amazon ECS, Amazon EKS) Skills in: Decoupling workloads so that components can scale independently
  • Identifying metrics and conditions to perform scaling actions
  • Selecting the appropriate compute options and features (for example, EC2 instance types) to meet business requirements
  • Selecting the appropriate resource type and size (for example, the amount of Lambda memory) to meet business requirements

Task Statement 3: Determine high-performing database solutions.

Knowledge of:

  • AWS global infrastructure (for example, Availability Zones, AWS Regions)
  • Caching strategies and services (for example, Amazon ElastiCache)
  • Data access patterns (for example, read-intensive compared with write-intensive)
  • Database capacity planning (for example, capacity units, instance types, Provisioned IOPS)
  • Database connections and proxies
  • Database engines with appropriate use cases (for example, heterogeneous migrations, homogeneous migrations)
  • Database replication (for example, read replicas)
  • Database types and services (for example, serverless, relational compared with non-relational, in- memory)

Skills in:

  • Configuring read replicas to meet business requirements
  • Designing database architectures
  • Determining an appropriate database engine (for example, MySQL compared with PostgreSQL)
  • Determining an appropriate database type (for example, Amazon Aurora, Amazon DynamoDB)
  • Integrating caching to meet business requirements

Task Statement 4: Determine high-performing and/or scalable network architectures. Knowledge of: • Edge networking services with appropriate use cases (for example, Amazon CloudFront, AWS Global Accelerator)

  • How to design network architecture (for example, subnet tiers, routing, IP addressing)
  • Load balancing concepts (for example, Application Load Balancer)
  • Network connection options (for example, AWS VPN, Direct Connect, AWS PrivateLink) Skills in:
  • Creating a network topology for various architectures (for example, global, hybrid, multi-tier)
  • Determining network configurations that can scale to accommodate future needs Determining the appropriate placement of resources to meet business requirements
  • Selecting the appropriate load balancing strategy

Task Statement 5: Determine high-performing data ingestion and transformation solutions.

Knowledge of:

  • Data analytics and visualization services with appropriate use cases (for example, Amazon Athena, AWS Lake Formation, Amazon Quick Sight)
  • Data ingestion patterns (for example, frequency)
  • Data transfer services with appropriate use cases (for example, AWS Data Sync, AWS Storage Gateway)
  • Data transformation services with appropriate use cases (for example, AWS Glue)
  • Secure access to ingestion access points
  • Sizes and speeds needed to meet business requirements
  • Streaming data services with appropriate use cases (for example, Amazon Kinesis) Skills in:
    • Building and securing data lakes
    • Designing data streaming architectures
    • Designing data transfer solutions
    • Implementing visualization strategies
    • Selecting appropriate compute options for data processing (for example, Amazon EMR)
    • Selecting appropriate configurations for ingestion
    • Transforming data between formats (for example, .csv to .parquet)

Knowledge of:

  • Access options (for example, an S3 bucket with Requester Pays object storage)
  • AWS cost management service features (for example, cost allocation tags, multi-account billing)
  • AWS cost management tools with appropriate use cases (for example, AWS Cost Explorer, AWS Budgets, AWS Cost and Usage Report)
  • AWS storage services with appropriate use cases (for example, Amazon FSx, Amazon EFS, Amazon S3, Amazon EBS)
  • Backup strategies
  • Block storage options (for example, hard disk drive [HDD] volume types, solid state drive [SSD] volume types)
  • Data lifecycles
  • Hybrid storage options (for example, DataSync, Transfer Family, Storage Gateway)
  • Storage access patterns
  • Storage tiering (for example, cold tiering for object storage)
  • Storage types with associated characteristics (for example, object, file, block)

Knowledge of:

  • AWS cost management service features (for example, cost allocation tags, multi-account billing)
  • AWS cost management tools with appropriate use cases (for example, Cost Explorer, AWS Budgets, AWS Cost and Usage Report)
  • AWS global infrastructure (for example, Availability Zones, AWS Regions)
  • AWS purchasing options (for example, Spot Instances, Reserved Instances, Savings Plans)
  • Distributed compute strategies (for example, edge processing)
  • Hybrid compute options (for example, AWS Outposts, AWS Snowball Edge)
  • Instance types, families, and sizes (for example, memory optimized, compute optimized, virtualization)
  • Optimization of compute utilization (for example, containers, serverless computing, microservices)
  • Scaling strategies (for example, auto scaling, hibernation)
  • Configuring appropriate NAT gateway types for a network (for example, a single shared NAT gateway compared with NAT gateways for each Availability Zone)
  • Configuring appropriate network connections (for example, Direct Connect compared with VPN compared with internet)
  • Configuring appropriate network routes to minimize network transfer costs (for example, Region to Region, Availability Zone to Availability Zone, private to public, Global Accelerator, VPC endpoints)
  • Determining strategic needs for content delivery networks (CDNs) and edge caching
  • Reviewing existing workloads for network optimizations
  • Selecting an appropriate throttling strategy
  • Selecting the appropriate bandwidth allocation for a network device (for example, a single VPN compared with multiple VPNs, Direct Connect speed)
  • Configure and verify inside source NAT using static and pools
  • Configure and verify NTP operating in a client and server mode
  • Explain the role of DHCP and DNS within the network
  • Explain the function of SNMP in network operations
  • Describe the use of syslog features including facilities and levels
  • Configure and verify DHCP client and relay
  • Explain the forwarding per-hop behaviour (PHB) for QoS such as classification,
    marking, queuing, congestion, policing, shaping
  • Configure network devices for remote access using SSH
  • Describe the capabilities and function of TFTP/FTP in the network
  •  Define key security concepts (threats, vulnerabilities, exploits, and
    mitigation techniques)
  • Describe security program elements (user awareness, training, and
    physical access control)
  • Configure device access control using local passwords
  • Describe security password policies elements, such as management, complexity,
    and password alternatives (multifactor authentication, certificates, and biometrics)
  • Describe remote access and site-to-site VPNs
  • Configure and verify access control lists
  • Configure Layer 2 security features
    (DHCP snooping, dynamic ARP inspection, and port security)
  • Differentiate authentication, authorization, and accounting concepts
  • Describe wireless security protocols (WPA, WPA2, and WPA3)
  • Configure WLAN using WPA2 PSK using the GUI
  • Explain how automation impacts network management
  • Compare traditional networks with controller-based networking
  • Describe controller-based and software defined architectures
    (overlay, underlay, and fabric)
    1. Separation of control plane and data plane
    2. North-bound and south-bound APIs
  • Compare traditional campus device management with Cisco DNA Center
    enabled device management
  • Describe characteristics of REST-based APIs
    (CRUD, HTTP verbs, and data encoding)
  • Recognize the capabilities of configuration management mechanisms Puppet,
    Chef, and Ansible
  • Interpret JSON encoded data

Azure

  • Manage Azure Active Directory (Azure AD) objects
    1. Create users and groups
    2. Manage licenses in Azure AD
    3. Create administrative units
    4. Manage user and group properties
    5. Manage device settings and device identity
    6. Perform bulk updates
    7. Manage guest accounts
    8. Configure self-service password reset
  • Manage access control
    1. Create custom role-based access control (RBAC) and Azure AD roles
    2. Provide access to Azure resources by assigning roles at different scopes
    3. Interpret access assignments
    4. Manage Azure subscriptions and governance
    5. Configure and manage Azure Policy
    6. Configure resource locks
    7. Apply and manage tags on resources
    8. Manage resource groups
    9. Manage subscriptions
    10. Manage costs by using alerts, budgets, and recommendations
    11. Configure management group
  • Configure access to storage
    1. Configure network access to storage accounts
    2. Create and configure storage accounts
    3. Generate shared access signature tokens
    4. Configure stored access policies
    5. Manage access keys
    6. Configure Azure AD authentication for a storage account
    7. Configure storage encryption
  • Manage data in Azure storage accounts
    1. Create import and export jobs
    2. Manage data by using Azure Storage Explorer and AzCopy
    3. Implement Azure Storage redundancy
    4. Configure object replication
  • Configure Azure Files and Azure Blob Storage
    1. Create an Azure file share
    2. Configure Azure Blob Storage
    3. Configure storage tiers
    4. Configure blob lifecycle management
  • Automate deployment of resources by using templates
    1. Modify an ARM template
    2. Deploy a template
    3. Save a deployment as an ARM template
    4. Deploy virtual machine (VM) extensions
  • Create and configure VMs
    1. Create a VM
    2. Manage images by using the Azure Compute Gallery
    3. Configure Azure Disk Encryption
    4. Move VMs from one resource group to another
    5. Manage VM sizes
    6. Add data disks
    7. Configure VM network settings
    8. Configure VM availability options
    9. Deploy and configure VM scale sets
  • Create and configure containers
    1. Configure sizing and scaling for Azure Container Instances
    2. Configure container groups for Azure Container Instances
    3. Configure storage for Azure Kubernetes Service (AKS)
    4. Configure scaling for AKS
    5. Configure network connections for AKS
    6. Upgrade an AKS cluster
  • Create and configure an Azure App Service
    1. Create an App Service plan
    2. Create an App Service
    3. Secure an App Service
    4. Configure custom domain names
    5. Configure backup for an App Service
    6. Configure networking settings
    7. Configure deployment settings
  • Configure virtual networks
    1. Create and configure virtual networks and subnets
    2. Create and configure virtual network peering
    3. Configure private and public IP addresses
    4. Configure user-defined network routes
    5. Configure Azure DNS
  • Configure secure access to virtual networks
    1. Create and configure network security groups (NSGs) and application security groups (ASGs)
    2. Evaluate effective security rules
    3. Implement Azure Bastion
    4. Configure service endpoints on subnets
    5. Configure private endpoints
  • Configure load balancing
    1. Configure Azure Application Gateway
    2. Configure an internal or public load balancer
    3. Troubleshoot load balancing
  • Monitor virtual Networking
    1. Monitor on-premises connectivity
    2. Configure and use Azure Monitor for networks
    3. Use Azure Network Watcher
    4. Troubleshoot external networking
    5. Troubleshoot virtual network connectivity
  • Monitor resources by using Azure Monitor
    1. Configure and interpret metrics
    2. Configure Azure Monitor Logs
    3. Query and analyze logs
    4. Set up alerts and actions
    5. Configure monitoring of VMs, storage accounts, and networks by using VM insights
  • Implement backup and recovery
    1. Create an Azure Recovery Services vault
    2. Create an Azure Backup vault
    3. Create and configure backup policy
    4. Perform backup and restore operations by using Azure Backup
    5. Configure Azure Site Recovery for Azure resources
    6. Perform failover to a secondary region by using Azure Site Recovery
    7. Configure and review backup reports

** The above is the lite syllabus and doesn’t cover the full syllabus. To get full syllabus  Book a Free Demo Now

Advanced Diploma in Network Engineering Certification Course also provides you a huge flexibility so that you can choose a career in networking.

WhatsApp
Facebook
Telegram
Email
Interships - Advanced Diploma in Network Engineering
Register Now

Shareable Certificate

International & National Level Certification.

Practical only subscription

Subscription for remote lab connectivity. 24x7

Flexible Schedule

Set and maintain flexible deadlines.

Advanced Diploma in Network Engineering Certification Course also provides you a huge flexibility so that you can choose a career in networking.

Certifications & Accreditations

NSDC 2 - Advanced Diploma in Network Engineering
iisc 1 - Advanced Diploma in Network Engineering
Zohobooks + Quickbooks
Diploma in Fire and Industrial Safety Management
ESSI - Advanced Diploma in Network Engineering
CGSC - Advanced Diploma in Network Engineering

Benefits of learning from us

Program Fees

Live Instructor Led Training Fee

 187,500.00
  • The above fees are applicable to candidates in India only.

Mode of Training

OnDemand

Live Instructor Led

Virtual Lab

Classroom

Comprehensive Curriculum

6 months +

Learning Content + Practicals

Regular Batch

Date

29-Jul-2024

Time

10:30 AM IST

Fast Track Batch

Date

31-Jul-2024

Time

10:30 AM IST

Extra 5% off on Courses

Coupon Code: UPGRADE

Download Now