CCNA Security 640-554 Official Cert Guide

CCNA Security 640-554 Official Cert Guide

4.15 (76 ratings by Goodreads)
By (author)  , By (author)  , By (author)  , By (author) 

List price: US$49.99

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam. CCNA Security 640-554 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. "Do I Know This Already?" quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. * Master Cisco CCNA Security 640-554 exam topics * Assess your knowledge with chapter-opening quizzes* Review key concepts with exam preparation tasks* Practice with realistic exam questions on the CD-ROM CCNA Security 640-554 Official Cert Guide, focuses specifically on the objectives for the Cisco CCNA Security IINS exam. Expert networking professionals Keith Barker and Scott Morris share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. The companion CD-ROM contains a powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The CD also contains 90 minutes of video training on CCP, NAT, object groups, ACLs, port security on a Layer 2 switch, CP3L, and zone-based firewalls. Well-regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. The official study guide helps you master all the topics on the CCNA Security IINS exam, including:Network security concepts Security policies and strategies Network foundation protection (NFP) Cisco Configuration Professional (CCP) Management plane security AAA security Layer 2 security threats IPv6 security Threat mitigation and containment Access Control Lists (ACLs) Network Address Translation (NAT) Cisco IOS zone-based firewalls and ASA firewalls Intrusion prevention and detection systems Public Key Infrastructure (PKI) and cryptography Site-to-site IPsec VPNs and SSL VPNs CCNA Security 640-554 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining. The print edition of the CCNA Security 640-554 Official Cert Guide contains 90 minutes of video instruction, two free, complete practice exams as well as an exclusive offer for 70% off Premium Edition eBook and Practice Test. Pearson IT Certification Practice Test minimum system requirements: Windows XP (SP3), Windows Vista (SP2), or Windows 7; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB disc space plus 50 MB for each downloaded practice exam Also available from Cisco Press for Cisco CCNA Security study is the CCNA Security 640-554 Official Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson IT Certification Practice Test. This integrated learning package: * Allows you to focus on individual topic areas or take complete, timed exams* Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions* Provides unique sets of exam-realistic practice questions* Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed mostshow more

Product details

  • Mixed media product | 700 pages
  • 193.04 x 233.68 x 40.64mm | 1,338.09g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • New ed.
  • w. figs.
  • 1587204460
  • 9781587204463
  • 130,457

About Keith Barker

Keith Barker, CCIE No. 6783 (R&S and Security), is a 27-year veteran of the networking industry. He currently works as a network engineer and trainer for Copper River IT. His past experience includes EDS, Blue Cross, Paramount Pictures, and KnowledgeNet, and he has delivered CCIE-level training over the past several years. As part of the original set of Cisco VIPs for the Cisco Learning Network, he continues to give back to the community in many ways. He is CISSP and CCSI certified, loves to teach, and keeps many of his video tutorials at http://www.youtube.com/keith6783. He can be reached at Keith.Barker@CopperRiverIT.com or by visiting http://www.CopperRiverIT.com. Scott Morris, CCIE No. 4713 (R&S, ISP/Dial, Security, and Service Provider), has more than 25 years in the industry. He also has CCDE and myriad other certifications, including nine expert-level certifications spread over four major vendors. Having traveled the world consulting for various enterprise and service provider companies, Scott currently works at Copper River IT as the chief technologist. He, too, has delivered CCIE-level training and technology training for Cisco Systems and other technology vendors. Having spent a "past life" (early career) as a photojournalist, he brings interesting points of view from entering the IT industry from the ground up. As part of the original set of Cisco VIPs for the Cisco Learning Network, he continues to give back to the community in many ways. He can be reached at smorris@CopperRiverIT.com or by visiting http://www.CopperRiverIT.com.show more

Back cover copy

CCNA Security 640-554 Official Cert Guide Keith Barker, CCIE(r) No. 6783 Scott Morris, CCIE(r) No. 4713 ISBN: 1587204460 CCNA Security 640-554 Official Cert Guide is a best of breed Cisco exam study guide that focuses specifically on the objectives for the CCNA Security IINS exam. Cisco Certified Internetwork Experts (CCIE) Keith Barker and Scott Morris share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. CCNA Security 640-554 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. A list of official exam topics make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. The companion CD-ROM contains the powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a chapter-by-chapter basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The CD also contains 90 minutes of video training on CCP, NAT, object groups, ACLs, port security on a Layer 2 switch, CP3L, and zone-based firewalls. Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. CCNA Security 640-554 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining. The official study guide helps you master all the topics on the CCNA Security IINS exam, including -- Network Foundation Protection (NFP) -- Cisco Configuration Professional (CCP) -- Management plane security -- AAA security -- Layer 2 security threats -- IPv6 security -- Threat mitigation and containment -- ACLs and NAT -- Cisco IOS zone-based firewalls and ASA firewalls -- Intrusion prevention/detection systems -- PKI and cryptography -- Site-to-site IPsec VPNs and SSL VPNs Companion CD-ROM The CD-ROM contains two free, complete practice exams and 90 minutes of video training. COVER Bullets -- Master CCNA Security 640-554 exam topics -- Assess your knowledge with chapter-opening quizzes -- Review key concepts with exam preparation tasks -- Practice with realistic exam questions on the CD-ROM -- Learn from 90 minutes of video training "show more

Table of contents

Introduction xxvPart I Fundamentals of Network SecurityChapter 1 Networking Security Concepts"Do I Know This Already?" Quiz 5Foundation Topics 8Understanding Network and Information Security Basics 8 Network Security Objectives 8 Confidentiality, Integrity, and Availability 8 Cost-Benefit Analysis of Security 9 Classifying Assets 10 Classifying Vulnerabilities 11 Classifying Countermeasures 12 What Do We Do with the Risk? 12Recognizing Current Network Threats 13 Potential Attackers 13 Attack Methods 14 Attack Vectors 15 Man-in-the-Middle Attacks 15 Other Miscellaneous Attack Methods 16Applying Fundamental Security Principles to Network Design 17 Guidelines 17 How It All Fits Together 19Exam Preparation Tasks 20Review All the Key Topics 20Complete the Tables and Lists from Memory 20Define Key Terms 20Chapter 2 Understanding Security Policies Using a Lifecycle Approach"Do I Know This Already?" Quiz 23Foundation Topics 25Risk Analysis and Management 25 Secure Network Lifecycle 25 Risk Analysis Methods 25 Security Posture Assessment 26 An Approach to Risk Management 27 Regulatory Compliance Affecting Risk 28Security Policies 28 Who, What, and Why 28 Specific Types of Policies 29 Standards, Procedures, and Guidelines 30 Testing the Security Architecture 31 Responding to an Incident on the Network 32 Collecting Evidence 32 Reasons for Not Being an Attacker 32 Liability 33 Disaster Recovery and Business Continuity Planning 33Exam Preparation Tasks 34Review All the Key Topics 34Complete the Tables and Lists from Memory 34Define Key Terms 34Chapter 3 Building a Security Strategy"Do I Know This Already?" Quiz 37Foundation Topics 40Securing Borderless Networks 40 The Changing Nature of Networks 40 Logical Boundaries 40 SecureX and Context-Aware Security 42Controlling and Containing Data Loss 42 An Ounce of Prevention 42 Secure Connectivity Using VPNs 43 Secure Management 43Exam Preparation Tasks 44Review All the Key Topics 44Complete the Tables and Lists from Memory 44Define Key Terms 44Part II Protecting the Network InfrastructureChapter 4 Network Foundation Protection"Do I Know This Already?" Quiz 49Foundation Topics 52Using Network Foundation Protection to Secure Networks 52 The Importance of the Network Infrastructure 52 The Network Foundation Protection (NFP) Framework 52 Interdependence 53 Implementing NFP 53Understanding the Management Plane 55 First Things First 55 Best Practices for Securing the Management Plane 55Understanding the Control Plane 56 Best Practices for Securing the Control Plane 56Understanding the Data Plane 57 Best Practices for Protecting the Data Plane 59 Additional Data Plane Protection Mechanisms 59Exam Preparation Tasks 60Review All the Key Topics 60Complete the Tables and Lists from Memory 60Define Key Terms 60Chapter 5 Using Cisco Configuration Professional to Protect the Network Infrastructure "Do I Know This Already?" Quiz 63Foundation Topics 65Introducing Cisco Configuration Professional 65Understanding CCP Features and the GUI 65 The Menu Bar 66 The Toolbar 67 Left Navigation Pane 68 Content Pane 69 Status Bar 69Setting Up New Devices 69CCP Building Blocks 70 Communities 70 Templates 74 User Profiles 78CCP Audit Features 81 One-Step Lockdown 84 A Few Highlights 84Exam Preparation Tasks 88Review All the Key Topics 88Complete the Tables and Lists from Memory 88Define Key Terms 88Command Reference to Check Your Memory 89Chapter 6 Securing the Management Plane on Cisco IOS Devices"Do I Know This Already?" Quiz 91Foundation Topics 94Securing Management Traffic 94 What Is Management Traffic and the Management Plane? 94 Beyond the Blue Rollover Cable 94 Management Plane Best Practices 95 Password Recommendations 97 Using AAA to Verify Users 97 AAA Components 98 Options for Storing Usernames, Passwords, and Access Rules 98 Authorizing VPN Users 99 Router Access Authentication 100 The AAA Method List 101 Role-Based Access Control 102 Custom Privilege Levels 103 Limiting the Administrator by Assigning a View 103 Encrypted Management Protocols 103 Using Logging Files 104 Understanding NTP 105 Protecting Cisco IOS Files 106Implement Security Measures to Protect the Management Plane 106 Implementing Strong Passwords 106 User Authentication with AAA 108 Using the CLI to Troubleshoot AAA for Cisco Routers 113 RBAC Privilege Level/Parser View 118 Implementing Parser Views 120 SSH and HTTPS 122 Implementing Logging Features 125 Configuring Syslog Support 125 SNMP Features 128 Configuring NTP 131 Securing the Cisco IOS Image and Configuration Files 133Exam Preparation Tasks 134Review All the Key Topics 134Complete the Tables and Lists from Memory 135Define Key Terms 135Command Reference to Check Your Memory 135Chapter 7 Implementing AAA Using IOS and the ACS Server"Do I Know This Already?" Quiz 137Foundation Topics 140Cisco Secure ACS, RADIUS, and TACACS 140 Why Use Cisco ACS? 140 What Platform Does ACS Run On? 141 What Is ISE? 141 Protocols Used Between the ACS and the Router 141 Protocol Choices Between the ACS Server and the Client (the Router) 142Configuring Routers to Interoperate with an ACS Server 143Configuring the ACS Server to Interoperate with a Router 154Verifying and Troubleshooting Router-to-ACS Server Interactions 164Exam Preparation Tasks 171Review All the Key Topics 171Complete the Tables and Lists from Memory 171Define Key Terms 171Command Reference to Check Your Memory 172Chapter 8 Securing Layer 2 Technologies"Do I Know This Already?" Quiz 175Foundation Topics 178VLAN and Trunking Fundamentals 178 What Is a VLAN? 178 Trunking with 802.1Q 180 Following the Frame, Step by Step 181 The Native VLAN on a Trunk 181 So, What Do You Want to Be? (Says the Port) 182 Inter-VLAN Routing 182 The Challenge of Using Physical Interfaces Only 182 Using Virtual "Sub" Interfaces 182Spanning-Tree Fundamentals 183 Loops in Networks Are Usually Bad 184 The Life of a Loop 184 The Solution to the Layer 2 Loop 184 STP Is Wary of New Ports 187 Improving the Time Until Forwarding 187Common Layer 2 Threats and How to Mitigate Them 188 Disrupt the Bottom of the Wall, and the Top Is Disrupted, Too 188 Layer 2 Best Practices 189 Do Not Allow Negotiations 190 Layer 2 Security Toolkit 190 Specific Layer 2 Mitigation for CCNA Security 191 BPDU Guard 191 Root Guard 192 Port Security 192Exam Preparation Tasks 195Review All the Key Topics 195Complete the Tables and Lists from Memory 195Review the Port Security Video Included with This Book 196Define Key Terms 196Command Reference to Check Your Memory 196Chapter 9 Securing the Data Plane in IPv6"Do I Know This Already?" Quiz 199Foundation Topics 202Understanding and Configuring IPv6 202 Why IPv6? 202 The Format of an IPv6 Address 203 Understanding the Shortcuts 205 Did We Get an Extra Address? 205 IPv6 Address Types 206Configuring IPv6 Routing 208 Moving to IPv6 210Developing a Security Plan for IPv6 210 Best Practices Common to Both IPv4 and IPv6 210 Threats Common to Both IPv4 and IPv6 212 The Focus on IPv6 Security 213 New Potential Risks with IPv6 213 IPv6 Best Practices 214Exam Preparation Tasks 216Review All the Key Topics 216Complete the Tables and Lists from Memory 216Define Key Terms 217Command Reference to Check Your Memory 217Part III Mitigating and Controlling ThreatsChapter 10 Planning a Threat Control Strategy"Do I Know This Already?" Quiz 221Foundation Topics 224Designing Threat Mitigation and Containment 224 The Opportunity for the Attacker Is Real 224 Many Potential Risks 224 The Biggest Risk of All 224 Where Do We Go from Here? 225Securing a Network via Hardware/Software/Services 226 Switches 227 Routers 228 ASA Firewall 230 Other Systems and Services 231Exam Preparation Tasks 232Review All the Key Topics 232Complete the Tables and Lists from Memory 232Define Key Terms 232Chapter 11 Using Access Control Lists for Threat Mitigation"Do I Know This Already?" Quiz 235Foundation Topics 238Access Control List Fundamentals and Benefits 238 Access Lists Aren't Just for Breakfast Anymore 238 Stopping Malicious Traffic with an Access List 239 What Can We Protect Against? 240 The Logic in a Packet-Filtering ACL 241 Standard and Extended Access Lists 242 Line Numbers Inside an Access List 243 Wildcard Masks 244 Object Groups 244Implementing IPv4 ACLs as Packet Filters 244 Putting the Policy in Place 244 Monitoring the Access Lists 255 To Log or Not to Log 257Implementing IPv6 ACLs as Packet Filters 259Exam Preparation Tasks 263Review All the Key Topics 263Complete the Tables and Lists from Memory 263Review the NAT Video Included with This Book 263Define Key Terms 264Command Reference to Check Your Memory 264Chapter 12 Understanding Firewall Fundamentals"Do I Know This Already?" Quiz 267Foundation Topics 270Firewall Concepts and Technologies 270 Firewall Technologies 270 Objectives of a Good Firewall 270 Firewall Justifications 271 The Defense-in-Depth Approach 272 Five Basic Firewall Methodologies 273 Static Packet Filtering 274 Application Layer Gateway 275 Stateful Packet Filtering 276 Application Inspection 277 Transparent Firewalls 277Using Network Address Translation 278 NAT Is About Hiding or Changing the Truth About Source Addresses 278 Inside, Outside, Local, Global 279 Port Address Translation 280 NAT Options 281Creating and Deploying Firewalls 283 Firewall Technologies 283 Firewall Design Considerations 283 Firewall Access Rules 284 Packet-Filtering Access Rule Structure 285 Firewall Rule Design Guidelines 285 Rule Implementation Consistency 286Exam Preparation Tasks 288Review All the Key Topics 288Complete the Tables and Lists from Memory 288Define Key Terms 288Chapter 13 Implementing Cisco IOS Zone-Based Firewalls"Do I Know This Already?" Quiz 291Foundation Topics 294Cisco IOS Zone-Based Firewall 294 How Zone-Based Firewall Operates 294 Specific Features of Zone-Based Firewalls 294 Zones and Why We Need Pairs of Them 295 Putting the Pieces Together 296 Service Policies 297 The Self Zone 300Configuring and Verifying Cisco IOS Zone-Based Firewall 300 First Things First 301 Using CCP to Configure the Firewall 301 Verifying the Firewall 314 Verifying the Configuration from the Command Line 315 Implementing NAT in Addition to ZBF 319 Verifying Whether NAT Is Working 322Exam Preparation Tasks 324Review All the Key Topics 324Review the Video Bonus Material 324Complete the Tables and Lists from Memory 324Define Key Terms 325Command Reference to Check Your Memory 325Chapter 14 Configuring Basic Firewall Policies on Cisco ASA"Do I Know This Already?" Quiz 327Foundation Topics 330The ASA Appliance Family and Features 330 Meet the ASA Family 330 ASA Features and Services 331ASA Firewall Fundamentals 333 ASA Security Levels 333 The Default Flow of Traffic 335 Tools to Manage the ASA 336 Initial Access 337 Packet Filtering on the ASA 337 Implementing a Packet-Filtering ACL 338 Modular Policy Framework 338 Where to Apply a Policy 339Configuring the ASA 340 Beginning the Configuration 340 Getting to the ASDM GUI 345 Configuring the Interfaces 347 IP Addresses for Clients 355 Basic Routing to the Internet 356 NAT and PAT 357 Permitting Additional Access Through the Firewall 359 Using Packet Tracer to Verify Which Packets Are Allowed 362 Verifying the Policy of No Telnet 366Exam Preparation Tasks 368Review All the Key Topics 368Complete the Tables and Lists from Memory 368Define Key Terms 369Command Reference to Check Your Memory 369Chapter 15 Cisco IPS/IDS Fundamentals"Do I Know This Already?" Quiz 371Foundation Topics 374IPS Versus IDS 374 What Sensors Do 374 Difference Between IPS and IDS 374 Sensor Platforms 376 True/False Negatives/Positives 376 Positive/Negative Terminology 377Identifying Malicious Traffic on the Network 377 Signature-Based IPS/IDS 377 Policy-Based IPS/IDS 378 Anomaly-Based IPS/IDS 378 Reputation-Based IPS/IDS 378 When Sensors Detect Malicious Traffic 379 Controlling Which Actions the Sensors Should Take 381 Implementing Actions Based on the Risk Rating 382 IPv6 and IPS 382 Circumventing an IPS/IDS 382Managing Signatures 384 Signature or Severity Levels 384Monitoring and Managing Alarms and Alerts 385 Security Intelligence 385 IPS/IDS Best Practices 386Exam Preparation Tasks 387Review All the Key Topics 387Complete the Tables and Lists from Memory 387Define Key Terms 387Chapter 16 Implementing IOS-Based IPS"Do I Know This Already?" Quiz 389Foundation Topics 392Understanding and Installing an IOS-Based IPS 392 What Can IOS IPS Do? 392 Installing the IOS IPS Feature 393 Getting to the IPS Wizard 394Working with Signatures in an IOS-Based IPS 400 Actions That May Be Taken 405 Best Practices When Tuning IPS 412Managing and Monitoring IPS Alarms 412Exam Preparation Tasks 417Review All the Key Topics 417Complete the Tables and Lists from Memory 417Define Key Terms 417Command Reference to Check Your Memory 418Part IV Using VPNs for Secure ConnectivityChapter 17 Fundamentals of VPN Technology "Do I Know This Already?" Quiz 423Foundation Topics 426Understanding VPNs and Why We Use Them 426 What Is a VPN? 426 Types of VPNs 427 Two Main Types of VPNs 427 Main Benefits of VPNs 427 Confidentiality 428 Data Integrity 428 Authentication 430 Antireplay 430Cryptography Basic Components 430 Ciphers and Keys 430 Ciphers 430 Keys 431 Block and Stream Ciphers 431 Block Ciphers 432 Stream Ciphers 432 Symmetric and Asymmetric Algorithms 432 Symmetric 432 Asymmetric 433 Hashes 434 Hashed Message Authentication Code 434 Digital Signatures 435 Digital Signatures in Action 435 Key Management 436 IPsec and SSL 436 IPsec 436 SSL 437Exam Preparation Tasks 439Review All the Key Topics 439Complete the Tables and Lists from Memory 439Define Key Terms 439Chapter 18 Fundamentals of the Public Key Infrastructure"Do I Know This Already?" Quiz 441Foundation Topics 444Public Key Infrastructure 444 Public and Private Key Pairs 444 RSA Algorithm, the Keys, and Digital Certificates 445 Who Has Keys and a Digital Certificate? 445 How Two Parties Exchange Public Keys 445 Creating a Digital Signature 445 Certificate Authorities 446 Root and Identity Certificates 446 Root Certificate 446 Identity Certificate 448 Using the Digital Certificates to get the Peer's Public Key 448 X.500 and X.509v3 Certificates 449 Authenticating and Enrolling with the CA 450 Public Key Cryptography Standards 450 Simple Certificate Enrollment Protocol 451 Revoked Certificates 451 Uses for Digital Certificates 452 PKI Topologies 452 Single Root CA 453 Hierarchical CA with Subordinate CAs 453 Cross-Certifying CAs 453Putting the Pieces of PKI to Work 453 Default of the ASA 454 Viewing the Certificates in ASDM 455 Adding a New Root Certificate 455 Easier Method for Installing Both Root and Identity certificates 457Exam Preparation Tasks 462Review All the Key Topics 462Complete the Tables and Lists from Memory 462Define Key Terms 463Command Reference to Check Your Memory 463Chapter 19 Fundamentals of IP Security"Do I Know This Already?" Quiz 465Foundation Topics 468IPsec Concepts, Components, and Operations 468 The Goal of IPsec 468 The Play by Play for IPsec 469 Step 1: Negotiate the IKE Phase 1 Tunnel 469 Step 2: Run the DH Key Exchange 471 Step 3: Authenticate the Peer 471 What About the User's Original Packet? 471 Leveraging What They Have Already Built 471 Now IPsec Can Protect the User's Packets 472 Traffic Before IPsec 472 Traffic After IPsec 473 Summary of the IPsec Story 474Configuring and Verifying IPsec 475 Tools to Configure the Tunnels 475 Start with a Plan 475 Applying the Configuration 475 Viewing the CLI Equivalent at the Router 482 Completing and Verifying IPsec 484Exam Preparation Tasks 491Review All the Key Topics 491Complete the Tables and Lists from Memory 491Define Key Terms 492Command Reference to Check Your Memory 492Chapter 20 Implementing IPsec Site-to-Site VPNs"Do I Know This Already?" Quiz 495Foundation Topics 498Planning and Preparing an IPsec Site-to-Site VPN 498 Customer Needs 498 Planning IKE Phase 1 500 Planning IKE Phase 2 501Implementing and Verifying an IPsec Site-to-Site VPN 502 Troubleshooting IPsec Site-to-Site VPNs 511Exam Preparation Tasks 526Review All the Key Topics 526Complete the Tables and Lists from Memory 526Define Key Terms 526Command Reference to Check Your Memory 526Chapter 21 Implementing SSL VPNs Using Cisco ASA"Do I Know This Already?" Quiz 529Foundation Topics 532Functions and Use of SSL for VPNs 532 Is IPsec Out of the Picture? 532 SSL and TLS Protocol Framework 533 The Play by Play of SSL for VPNs 534 SSL VPN Flavors 534Configuring SSL Clientless VPNs on ASA 535 Using the SSL VPN Wizard 536 Digital Certificates 537 Authenticating Users 538 Logging In 541 Seeing the VPN Activity from the Server 543Configuring the Full SSL AnyConnect VPN on the ASA 544 Types of SSL VPNs 545 Configuring Server to Support the AnyConnect Client 545 Groups, Connection Profiles, and Defaults 552 One Item with Three Different Names 553 Split Tunneling 554Exam Preparation Tasks 556Review All the Key Topics 556Complete the Tables and Lists from Memory 556Define Key Terms 556Chapter 22 Final PreparationTools for Final Preparation 559 Pearson IT Certification Practice Test Engine and Questions on the CD 559 Installing the Software from the CD 560 Activating and Downloading the Practice Exam 560 Activating Other Exams 560 Premium Edition 561 The Cisco Learning Network 561 Memory Tables 561 Chapter-Ending Review Tools 561 Videos 562Suggested Plan for Final Review/Study 562 Using the Exam Engine 562Summary 563Part V AppendixesAppendix A Answers to the "Do I Know This Already?" Quizzes 567Appendix B CCNA Security 640-554 (IINSv2) Exam Updates 573Glossary 577On the CDAppendix C Memory TablesAppendix D Memory Tables Answer Key 9781587204463 TOC 6/5/2012show more

Rating details

76 ratings
4.15 out of 5 stars
5 38% (29)
4 43% (33)
3 16% (12)
2 1% (1)
1 1% (1)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X