CCIE Security Exam Certification Guide (CCIE Self-Study)

CCIE Security Exam Certification Guide (CCIE Self-Study)

5 (2 ratings by Goodreads)
By (author) 

List price: US$79.95

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

Official self-study test preparation guide for the CCIE Security written exam 350-018 Updated content covers all the latest CCIE Security written exam 2.0 objectives, including:AES, EAP, IOS SSH, RDEP, and intrusion prevention DNS, TFTP, Secure Shell, Secure Socket Layer Protocol, NTP, and SNMP Password security, password recovery, and standard and extended access lists Encryption technologies and security protocols, including IPSec, AES, 3DES, TACACS+, and RADIUS Cisco security applications, including Cisco Secure PIX (R) Firewall, VPN, IDS, IPS, and Cisco Policy Manager Basic security methods and the evolution of new secure networks including packet filtering, proxies, and NAT/PAT Cisco security applications such as the VPN 3000, client-side VPNs, and service modules With increased reliance on networking resources to provide productivity gains and corporate revenue contributions, the need for network security has never been higher. Rising concerns over corporate espionage, cyber-terrorism, financial fraud, and theft of proprietary information have radically increased the demand for highly skilled networking security professionals. As one of the most sought-after and highly valued networking certifications, the Cisco Systems (R) CCIE Security certification is answering the need for technical expertise in this critical market by distinguishing the top echelon of internetworking experts. CCIE Security Exam Certification Guide, Second Edition, is a comprehensive study tool for the CCIE Security written exam version 2.0. Fully updated and reviewed by present and former members of the CCIE Security team at Cisco (R), this book helps you understand and master the material you need to know to pass the written exam. Covering all the topics in this challenging exam, this book is your ultimate exam preparation resource. Designed to optimize your study time, CCIE Security Exam Certification Guide helps you assess your knowledge of the material at the start of each chapter with customized quizzes for each topic. Increase retention of key concepts by reviewing succinct summaries of crucial concepts. Test your comprehension with chapter-ending review questions. Determine your assimilation of knowledge and get a taste of the CCIE Security lab exam with sample lab scenarios in the last chapter. Take timed practice exams that mimic the real testing environment with the CD-ROM test engine or customize the test bank to focus on the topics for which you need the most help. CCIE Security Exam Certification Guide, Second Edition, is part of a recommended study program from Cisco Systems that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining. "This book will be a valuable asset for potential CCIE Security candidates. I am positive individuals will inevitably gain extensive security network knowledge during their preparation for the CCIE Security written exam using this book."-Yusuf Hussain Bhaiji, CCIE Security Program Manager, Cisco Systems Companion CD-ROMCD-ROM contains a test engine with over 500 questions covering the full range of CCIE Security written exam topics, flash card format practice questions, and an electronic version of the text. CD-ROM test engine powered by www.boson.com. Boson Software is a Cisco Learning Partner. This volume is part of the Exam Certification Guide Series from Cisco Press (R). Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears.show more

Product details

  • Mixed media product | 720 pages
  • 190.5 x 236.2 x 48.3mm | 1,338.11g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • 2nd edition
  • 1587201356
  • 9781587201356

Table of contents

ForewordIntroductionChapter 1 General Networking Topics"Do I Know This Already?" QuizFoundation TopicsNetworking Basics-The OSI Reference ModelLayer 1: The Physical LayerLayer 2: The Data Link LayerLayer 3: The Network LayerLayer 4: The Transport LayerLayer 5: The Session LayerLayer 6: The Presentation LayerLayer 7: The Application LayerTCP/IP and OSI Model ComparisonExample of Peer-to-Peer CommunicationEthernet OverviewSwitching and BridgingBridge Port StatesFast EtherChannelInternet ProtocolVariable-Length Subnet MasksClassless Interdomain RoutingTransmission Control ProtocolTCP MechanismsTCP/IP ServicesAddress Resolution ProtocolReverse ARPDynamic Host Configuration ProtocolHot Standby Router ProtocolInternet Control Message ProtocolTelnetFile Transfer Protocol and Trivial File Transfer ProtocolRouting ProtocolsRouting Information ProtocolEnhanced Interior Gateway Routing ProtocolOpen Shortest Path FirstBorder Gateway ProtocolIntegrated Services Digital NetworkBasic Rate and Primary Rate InterfacesISDN Framing and Frame FormatISDN Layer 2 ProtocolsCisco IOS ISDN CommandsIP MulticastAsynchronous Communications and Access DevicesTelephony Best PracticesWireless Best PracticesFoundation SummaryWireless Best PracticesQ & AScenario: Routing IP on Cisco RoutersScenario AnswersChapter 2 Application Protocols"Do I Know This Already?" QuizFoundation TopicsDomain Name SystemTrivial File Transfer ProtocolFile Transfer ProtocolActive FTPPassive FTPHypertext Transfer ProtocolSecure Sockets LayerSimple Network Management ProtocolSNMP NotificationsSNMP ExamplesSimple Mail Transfer ProtocolNetwork Time ProtocolSecure Shell and Cisco IOS SSHCisco IOS SSHRemote Data Exchange ProtocolFoundation SummaryQ & AScenario: Configuring DNS, TFTP, NTP, and SNMPScenario AnswersChapter 3 Cisco IOS Specifics and Security"Do I Know This Already?" QuizFoundation TopicsCisco HardwareRandom-Access Memory Nonvolatile RAMSystem FlashCentral Processing UnitRead-Only MemoryConfiguration RegistersCisco InterfacesSaving and Loading Filesshow and debug CommandsRouter CLIshow CommandsDebugging Cisco RoutersPassword RecoveryBasic Security on Cisco RoutersIP Access ListsAccess Lists on Cisco RoutersExtended Access ListsLayer 2 Switching SecurityCAM Table OverflowVLAN HoppingSpanning Tree Protocol ManipulationMAC Spoofing AttackDHCP Starvation AttacksSecurity Policy Best Practices-A Cisco ViewFoundation SummaryQ & AScenario: Configuring Cisco Routers for Passwords and Access ListsScenario AnswersChapter 4 Security Protocols"Do I Know This Already?" QuizFoundation TopicsAuthentication, Authorization, and AccountingAuthenticationAuthorizationAccountingRemote Authentication Dial-In User ServiceRADIUS Configuration Task ListTerminal Access Controller Access Control System PlusTACACS+ Configuration Task ListTACACS+ Versus RADIUSEncryption Technology OverviewDES and 3DESAdvanced Encryption StandardMessage Digest 5 and Secure Hash AlgorithmDiffie-HellmanIP SecurityCertificate Enrollment ProtocolExtensible Authentication Protocol, Protected EAP, and Temporal Key Integrity ProtocolVirtual Private Dial-Up Networks (VPDN)VPDN Configuration Task ListFoundation SummaryQ & AScenario: Configuring Cisco Routers for IPSecScenario AnswersChapter 5 Cisco Security Applications"Do I Know This Already?" QuizFoundation TopicsCisco Secure for Windows (NT) and Cisco Secure ACSCisco Secure ACSIDS FundamentalsNotification AlarmsSignature-Based IDSAnomaly-Based IDSNetwork-Based IDS Versus Host-Based IDSIDS PlacementIDS TuningCisco Secure Intrusion Detection System and Catalyst Services ModulesCisco Secure IDSCisco Inline IDS (Intrusion Prevention System)Catalyst Services ModuleCiscoWorks VMSCisco VPN 3000 ConcentratorCisco Secure VPN ClientCisco Router and Security Device ManagerSecurity Information Monitoring SystemFoundation SummaryQ & AScenario: Cisco Secure IDS Database EventScenario AnswersChapter 6 Security Technologies"Do I Know This Already?" QuizFoundation TopicsAdvanced Security ConceptsNetwork Address Translation and Port Address TranslationNAT Operation on Cisco RoutersCisco PIX FirewallConfiguring a PIX FirewallTroubleshooting PIX Firewall Log FilesCisco PIX Firewall Software FeaturesCisco IOS Firewall Feature SetCBAC Configuration Task ListPublic Key InfrastructureVirtual Private NetworksNetwork-Based Intrusion Detection SystemsCisco Security Agent and Host-Based IDSCisco Threat ResponseCisco Threat Response IDS RequirementsAuthorization Technologies (IOS Authentication 802.1X)Foundation SummaryQ & AScenario: Configuring a Cisco PIX Firewall for NATScenario AnswerChapter 7 Network Security Policies, Vulnerabilities, and Protection"Do I Know This Already?" QuizFoundation TopicsNetwork Security PoliciesStandards Bodies and Incident Response TeamsIncident Response TeamsInternet NewsgroupsVulnerabilities, Attacks, and Common ExploitsIntrusion Detection SystemProtecting Cisco IOS from IntrusionFoundation SummaryQ & AScenario: Defining Cisco IOS Commands to View DoS Attacks in Real TimeScenario AnswersChapter 8 CCIE Security Self-Study LabHow to Use This ChapterPreparing for this LabGoal of This LabCCIE Security Self-Study Lab Part I GoalsCCIE Security Self-Study Lab Part II GoalsGeneral Lab Guidelines and SetupCommunications Server (0 Points)CCIE Security Self-Study Lab Part I: Basic Network Connectivity (4 Hours)Basic Frame Relay Setup (5 Points)Physical Connectivity (0 Points)Catalyst Ethernet Switch Setup I (5 Points)Catalyst Ethernet Switch Setup II (6 Points)IP Host Lookup and Disable DNS (1 Point)PIX Configuration (6 Points)IGP Routing (18 Points)Basic ISDN Configuration (6 Points)DHCP Configuration (3 Points)BGP Routing Configuration (6 Points)CCIE Security Self-Study Lab Part II: Advanced Security Design (4 Hours)IP Access List (4 Points)Prevent Denial-of-Service Attacks (4 Points)Time-Based Access List (4 Points)Dynamic Access List/Lock and Key Feature (5 Points)Cisco IOS Firewall Configuration on R5 (6 Points)IPSec Configuration (6 Points)Advanced PIX Configuration (5 Points)ACS Configuration (5 Points)Cisco Intrusion Detection System (5 Points)Final ConfigurationsAdditional Advanced Lab Topics (No Solutions Provided)Advanced Security Lab Topics (4 Points)Content Filtering (2 Points)FTP Issues (3 Points)Routing Table Authenticity (4 Points)Access Control on R2 Ethernet Interface (4 Points)ConclusionAppendix A Answers to Quiz QuestionsAppendix B Study Tips for CCIE Security ExaminationsAppendix C Sample CCIE Routing and Switching Lab IAppendix D Sample CCIE Routing and Switching Lab IIshow more

About Henry Benjamin

Henry Benjamin, CCIE No. 4695, is a triple CCIE. He has more than 15 years experience in Cisco networks including planning, designing, and implementing large IP networks running IGRP, EIGRP, BGP, OSPF, and voice over IP. Henry has been a key member of the CCIE global team and internal Cisco IT team based in Sydney, Australia, where his tasks included writing and proctoring new laboratory examinations and questions for the coveted CCIE R/S, CCIE Security, and CCIE Service Provider tracks.show more

Rating details

2 ratings
5 out of 5 stars
5 100% (2)
4 0% (0)
3 0% (0)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X