CCIE Security

CCIE Security : Exam Certification Guide

4.66 (3 ratings by Goodreads)
By (author)  , By (author)  , By (author) 

List price: US$69.96

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

The Cisco Certified Internetworking Expert (CCIE) Certification from Cisco Systems is the most prestigious certification in the networking industry. In 2001, Cisco introduced the CCIE in Security. This exam, a combination of a written qualification exam with a one-day intensive lab exam, is a highly sought after affirmation of a networker's security skills.The CCIE Security Exam Certification Guide (CCIE Self-Study) is a valuable self-study aid in preparing for the Security Qualification Exam (#350-018). The book covers security and application protocols, security technologies, general and Cisco-specific security applications, as well as related general networking and operating system issues.This book includes the proven tools from the best-selling line of Cisco Press Exam Certification Guides like pre- and post-chapter exams, exam objective reviews, and a CD-ROM-based testing engine that allows for focused or comprehensive tests. Also included are case studies and testing tips from the author who is a former CCIE Lab proctor, a triple CCIE (soon to be certified a fourth time), and a former member of the CCIE team at Cisco Systems.show more

Product details

  • Mixed media product | 648 pages
  • 191.5 x 241.8 x 45.2mm | 1,288.21g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • 1587200651
  • 9781587200656

About Henry Benjamin

Henry Benjamin, CCIE No. 4695, has more than ten years experience with Cisco networks. Henry recently worked for Cisco in the internal IT department helping to design and implement networks throughout Australia and Asia. Henry was a key member of the CCIE global team, where he was responsible for writing new laboratory examinations and questions for the coveted CCIE R/S, CCIE Security, and CCIE C/S examinations.show more

Table of contents

1. Using This Book to Prepare for the CCIE Security Written Exam. CCIE Security Certification. CCIE Security Written Exam Blueprint. How to Prepare for the CCIE Security Written Exam Using This Book. 2. General Networking Topics. "Do I Know This Already?" Quiz. Foundation Topics. Networking Basics--The OSI Reference Model. Layer 1: The Physical Layer. Layer 2: The Data Link Layer. Layer 3: The Network Layer. Layer 4: The Transport Layer. Layer 5: The Session Layer. Layer 6: The Presentation Layer. Layer 7: The Application Layer. TCP/IP and OSI Model Comparison. Example of Peer-to-Peer Communication. Ethernet Overview. Switching and Bridging. Bridge Port States. FastEther Channel. Internet Protocol. Variable-Length Subnet Masks. Classless Interdomain Routing. Transmission Control Protocol. TCP Mechanisms. TCP Services. Address Resolution Protocol (ARP). Reverse ARP. Dynamic Host Configuration Protocol. Hot Standby Router Protocol. Internet Control Message Protocol. Telnet. File Transfer Protocol and Trivial File Transfer Protocol. Routing Protocols. Routing Information Protocol. EIGRP. OSPF. Border Gateway Protocol. ISDN. Basic Rate and Primary Rate Interfaces. ISDN Framing and Frame Format. ISDN Layer 2 Protocols. Cisco IOS ISDN Commands. IP Multicast. Asynchronous Communications and Access Devices. Foundation Summary. Requirements for FastEther Channel. Q & A. Scenario. Scenario 2-1: Routing IP on Cisco Routers. Scenario Answers. Scenario 2-1 Answers: Routing IP on Cisco Routers. 3. Application Protocols. "Do I Know This Already?" Quiz. Foundation Topics. Domain Name System. Trivial File Transfer Protocol. File Transfer Protocol. Active FTP. Passive FTP. Hypertext Transfer Protocol. Secure Socket Layer. Simple Network Management Protocol. SNMP Notifications. SNMP Examples. Simple Mail Transfer Protocol. Network Time Protocol. Secure Shell. Foundation Summary. Q & A. Scenario. Scenario 3-1: Configuring DNS, TFTP, NTP, and SNMP. Scenario Answers. Scenario 3-1 Solutions. 4. Cisco IOS Specifics and Security. "Do I Know This Already?" Quiz. Foundation Topics. Cisco Hardware. Random-Access Memory (RAM). Nonvolatile RAM (NVRAM). System Flash. Central Processing Unit. Read-Only Memory. Configuration Registers. Cisco Interfaces. Saving and Loading Files. show and debug Commands. Router CLI. show Commands. Debugging Cisco Routers. Password Recovery. Basic Security on Cisco Routers. IP Access Lists. Access Lists on Cisco Routers. Extended Access Lists. Foundation Summary. Q & A. Scenario. Scenario 4-1: Configuring Cisco Routers for Passwords and Access Lists. Scenario Answers. 5. Security Protocols. "Do I Know This Already?" Quiz. Foundation Topics. Authentication, Authorization, and Accounting (AAA). Authentication. Authorization. Accounting. Remote Authentication Dial-In User Service (RADIUS). RADIUS Configuration Task List. Terminal Access Controller Access Control System Plus (TACACS+). TACACS+ Configuration Task List. TACACS+ Versus RADIUS. Kerberos. Kerberos Configuration Task List. Virtual Private Dial-Up Networks (VPDN). VPDN Configuration Task List. Encryption Technology Overview. Data Encryption Standard (DES) and Triple Data Encryption Standard (3DES). Digital Signature Standard (DSS). Message Digest 5 (MD5) and Secure Hash Algorithm (SHA). Diffie-Hellman. IP Security IPSec. Internet Key Exchange (IKE). IKE Phase I Messages Types 1-6. IKE Phase II Message Types 1-3. Cisco IOS IPSec Configuration. Certificate Enrollment Protocol (CEP). Foundation Summary. Q & A. Scenario. Scenario 5-1: Configuring Cisco Routers for IPSec. Scenario Answers. Scenario 5-1 Solutions. 6. Operating Systems and Cisco Security Applications. "Do I Know This Already?" Quiz. Foundation Topics. UNIX. UNIX Command Structure. UNIX Permissions. UNIX File Systems. Microsoft NT Systems. Browsing and Windows Names Resolution. Scaling Issues in Windows NT. Login and Permissions. Windows NT Users and Groups. Windows NT Domain Trust. Common Windows DOS Commands. Cisco Secure for Windows and UNIX. Cisco Secure Policy Manager. Cisco Secure Intrusion Detection System and Cisco Secure Scanner. NetRanger (Cisco Secure Intrusion Detection System). NetSonar (Cisco Secure Scanner). Cisco Security Wheel. Foundation Summary. Q & A. Scenarios. Scenario 6-1: NT File Permissions. Scenario 6-2: UNIX File Permissions. Scenario Answers. Scenario 6-1 Solution. Scenario 6-2 Solution. 7. Security Technologies. "Do I Know This Already?" Quiz. Foundation Topics. Advanced Security Concepts. Network Address Translation and Port Address Translation. NAT Operation on Cisco Routers. Cisco Private Internet Exchange (PIX). Configuring a PIX. Cisco PIX Firewall Software Features. Cisco IOS Firewall Security Feature Set. CBAC Configuration Task List. Public Key Infrastructure. Virtual Private Networks. Foundation Summary. Q & A. Scenario. Scenario 7-1: Configuring a Cisco PIX for NAT. Scenario Answer. Scenario 7-1 Solution. 8. Network Security Policies, Vulnerabilities, and Protection. "Do I Know This Already?" Quiz. Foundation Topics. Network Security Policies. Standards Bodies and Incident Response Teams. Incident Response Teams. Internet Newsgroups. Vulnerabilities, Attacks, and Common Exploits. Intrusion Detection System. Protecting Cisco IOS from Intrusion. Foundation Summary. Q & A. Scenario. Scenario 8-1: Defining IOS Commands to View DoS Attacks in Real Time. Scenario Answer. Scenario 8-1 Solution. 9. CCIE Security Self-Study Lab. How to Use This Chapter. Goal of This Lab. CCIE Security Self-Study Lab Part I Goals. CCIE Security Self-Study Lab Part II Goals. General Lab Guidelines and Setup. Communications Server. CCIE Security Self-Study Lab Part I: Basic Network Connectivity (4 Hours). Basic Frame Relay Setup. Physical Connectivity. Catalyst Ethernet Switch Setup I. Catalyst Ethernet Switch Setup II. IP Host Lookup and Disable DNS. PIX Configuration. IGP Routing. Basic ISDN Configuration. DHCP Configuration. BGP Routing Configuration. CCIE Security Self-Study Lab Part II: Advanced Security Design (4 Hours). IP Access List. Prevent Denial-of-Service Attacks. Time-Based Access List. Dynamic Access List/Lock and Key Feature. IOS Firewall Configuration on R5. IPSec Configuration. Advanced PIX Configuration. ACS Configuration. Final Configurations. Conclusion. Appendix A. Answers to Quiz Questions. Appendix B. Study Tips for CCIE Security Examinations. Appendix C. Sample CCIE Routing and Switching Lab.show more

Rating details

3 ratings
4.66 out of 5 stars
5 67% (2)
4 33% (1)
3 0% (0)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X