CCNP Security IPS 642-627 Official Cert Guide

CCNP Security IPS 642-627 Official Cert Guide

3.88 (9 ratings by Goodreads)
By (author)  , By (author)  , By (author) 

Free delivery worldwide

Available. Dispatched from the UK in 2 business days
When will my order arrive?


CCNP Security IPS 642-627 Official Cert Guide David BurnsOdunayo Adesina, CCIE (R) No. 26695Keith Barker, CCIE No. 6783 . Master CCNP Security IPS 642-627 exam topics . Assess your knowledge with chapter-opening quizzes . Review key concepts with exam preparation tasks . Practice with realistic exam questions on the CD-ROM Learn, prepare, and practice for exam success CCNP Security IPS 642-627 Official Cert Guide is a best-of-breed Cisco exam study guide that focuses specifically on the objectives for the CCNP Security IPS exam. Senior security engineers David Burns, Odunayo Adesina, and Keith Barker share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics. CCNP Security IPS 642-627 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. "Do I Know This Already?" quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. The companion CD-ROM contains the powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take a complete, timed exam. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time. CCNP Security IPS 642-627 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit The official study guide helps you master all the topics on the CCNP Security IPS exam, includingCisco IPS software, hardware, and supporting applications Network IPS and IDS deployment architecture Installing and maintaining Cisco IPS physical and virtual sensors Traffic analysis IPS signatures and responses Anomaly-based operations Improving alarm response and quality Managing and analyzing events High availability and performance IPS modules for ASAs, routers, and switches Companion CD-ROMThe CD-ROM contains a free, complete practice exam. Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test Pearson IT Certification Practice Test minimum system requirements:Windows XP (SP3), Windows Vista (SP2), or Windows 7; Microsoft .NET Framework 4.0 Client; Microsoft SQL Server Compact 4.0; Pentium class 1GHz processor (or equivalent); 512 MB RAM; 650 MB disc space plus 50 MB for each downloaded practice exam CCNP Security Category: Cisco Press-Cisco CertificationCovers: CCNP Security IPS 642-627show more

Product details

  • Mixed media product | 672 pages
  • 203.2 x 233.68 x 40.64mm | 1,247.37g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • 1587142554
  • 9781587142550
  • 632,282

About David Burns

David Burns has in-depth knowledge of routing and switching technologies, network security, and mobility. He is currently a systems engineering manager for Cisco, covering various U.S. Service Provider accounts. Dave joined Cisco in July 2008 as a lead systems engineer in a number of areas that include Femtocell, Datacenter, MTSO, and Security Architectures, working for a U.S.-based SP Mobility account. He came to Cisco from a large U.S.-based cable company, where he was a senior network and security design engineer. Dave has held various roles prior to joining Cisco during his ten-plus years in the industry, working in SP operations, SP engineering, SP architecture, enterprise IT, and also U.S. military intelligence communications engineering. He holds various sales and industry/Cisco technical certifications, including the CISSP, CCSP, and CCDP, as well as two associate-level certifications. Dave recently passed the CCIE Security Written and is currently preparing for the CCIE Security Lab. Dave is a big advocate of knowledge transfer and sharing and has a passion for network technologies, especially as they relate to network security. Dave has been a speaker at Cisco Live on topics including Femtocell (IP Mobility) and IPS (Security). Dave earned his bachelor of science degree in telecommunications engineering technology from Southern Polytechnic State University, Georgia, where he currently serves as a member of the Industry Advisory Board for the Computer & Electrical Engineering Technology School. Odunayo Adesina, CCIE No. 26695 (Routing and Switching), is a systems engineer with Cisco in the U.S. commercial segment. In this role for over four years, Odunayo has worked with commercial customers in St. Louis, Missouri, to help develop their enterprise network architectures, which are typically a combination of borderless, collaboration, and virtualization solutions. He has more than 12 years of experience in the industry and holds various industry and Cisco certifications, including the CISSP No. 54152, CCSP, CEH, and VSP. He was one of the first few people who were CSS1 certified when the Cisco security certification was first developed. Prior to his role at Cisco, Odunayo worked with a large service provider as a network engineer, implementing and managing security, routing, and switching solutions, and later as a security specialist, driving ISO 27001 compliance, developing and enforcing security policies for the enterprise. He also worked with Cisco partners, where he implemented solutions across many industry verticals. Odunayo holds a bachelor of technology degree in electronics and electrical engineering from Ladoke Akintola University of Technology. Keith Barker, CCIE No. 6783 R/S & Security, is a 27-year veteran of the networking industry. He currently works as a network engineer and trainer for Nova Datacom. His past experience includes EDS, Blue Cross, Paramount Pictures, and KnowledgeNET, and he has delivered CCIE-level training over the past several years. He is CISSP and CCSI certified, loves to teach, and keeps many of his video tutorials at He can be reached at or by visiting more

Table of contents

Introduction xxviiiPart I Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices 3 Chapter 1 Intrusion Prevention and Intrusion Detection Systems 5"Do I Know This Already?" Quiz 5Foundation Topics 8Intrusion Prevention Overview 8Intrusion Detection Versus Intrusion Prevention 8Intrusion Prevention Terminology 9Intrusion Prevention Systems 12 Features of Network Intrusion Prevention Systems 13 Limitations of Network Intrusion Prevention Systems 14Network Intrusion Prevention Approaches 14Endpoint Security Controls 16 Host-Based Firewalls 17 API and System Call Interception 17 Cisco Security Agent 17 Antimalware Agents 18 Data Loss Prevention Agents 19 Cryptographic Data Protection 19A Systems Approach to Security 20Exam Preparation Tasks 21Review All the Key Topics 21Complete the Tables and Lists from Memory 21Define Key Terms 21Chapter 2 Cisco IPS Software, Hardware, and Supporting Applications 23Overview 23"Do I Know This Already?" Quiz 23Foundation Topics 26Cisco IPS Network Sensors 26Cisco IPS 4200 Series Sensors 27 Cisco IPS 4240 Sensor 28 Cisco IPS 4255 Sensor 29 Cisco IPS 4260 Sensor 30 Cisco IPS 4270 Sensor 32 Sensing Interface Details 33 10GE Interface Card 33 4GE Bypass Interface Card 33 2SX Interface Card 34 Cisco ASA AIP SSM and AIP SSC-5 Modules 34 Cisco Catalyst 6500 Series IDSM-2 Module 35 Cisco AIM-IPS and NME-IPS Supported on Cisco ISR Routers 36Cisco IPS Software Architecture 38Cisco IPS Management Products 41 Cisco IPS Device Manager 42 Cisco IPS Manager Express 42 Cisco Security Manager 43 Cisco Security MARS 43Cisco Security Intelligence Operations and Cisco Security IntelliShield Alert Manager Service 45 Cisco Security IntelliShield Alert Manager Service 47Summary 48References 48Exam Preparation Tasks 49Review All the Key Topics 49Definitions of Key Terms 49Chapter 3 Network IPS Traffic Analysis Methods, Evasion Possibilities, and Anti-evasive Countermeasures 51Overview 51"Do I Know This Already?" Quiz 51Foundation Topics 54Network IPS Traffic Analysis Methods 54 Stateful Content Matching 54 Protocol Decoding 55 Traffic Correlation 55 Rate Analysis 55 Packet Header Matching 56 Packet Content Matching 56 Statistical Modeling 57 Event Correlation 57Network IPS Evasion Techniques 57 Encryption and Tunneling 58 Timing Attacks 58 Resource Exhaustion 58 Traffic Fragmentation 59 Protocol-Level Misinterpretation 59 Traffic Substitution and Insertion 60Summary 63References 63Exam Preparation Tasks 64Review All the Key Topics 64Complete the Tables and Lists from Memory 64Definitions of Key Terms 64Chapter 4 Network IPS and IDS Deployment Architecture 67Overview 67"Do I Know This Already?" Quiz 67Foundation Topics 70Sensor Deployment Considerations 70 Security Considerations 70 Prevention Mode Versus Detection Mode 70 Performance Considerations 71 Virtualization Requirements 72Network IPS Implementation Guidelines 72 Enterprise or Provider Internet Edge 73 Wide-Area Network 75 Implementing an IPS in Data Centers 78 Centralized Campus 79Design and Implementation Resources 81Summary 81Exam Preparation Tasks 82Review All the Key Topics 82Definitions of Key Terms 82Part II Installing and Maintaining Cisco IPS Sensors 85Chapter 5 Integrating the Cisco IPS Sensor into a Network 87Overview 87"Do I Know This Already?" Quiz 87Foundation Topics 90Sensor Deployment Modes 90 Deploying Sensors in Promiscuous Mode 90 Deploying Sensors in Inline Interface Pair Mode 100 Deploying Sensors in Inline VLAN Pair Mode 102 Deploying Sensors in Inline VLAN Group Mode 103 Deploying Sensors in Selective Inline Analysis Mode 105Design and Implementation Resources 107Summary 107Exam Preparation Tasks 108Review All the Key Topics 108Definitions of Key Terms 108Chapter 6 Performing the Cisco IPS Sensor Initial Setup 111Overview 111"Do I Know This Already?" Quiz 111Foundation Topics 114Accessing and Using the Cisco IPS Sensor CLI 114 IPS Modules 114 Command-Line Interface Features 116 Command-Line Interface Uses 119 Command-Line Interface Modes 119Initializing the Cisco IPS Sensor 123Introducing and Configuring Cisco IPS Device Manager 126Deploying and Configuring Cisco IPS Sensor Interfaces 130 Creating Promiscuous Interfaces 132 Creating Inline Interface Pairs 133 Creating Inline VLAN Pairs 133 Creating Inline VLAN Groups 133 Configuring a CDP Policy 134 Configuring Traffic Flow Notifications 134 Configuring Sensor Bypass 135Troubleshooting the Initial Cisco IPS Sensor Configuration 136Troubleshooting the Cisco IPS Sensor Hardware 138Restoring the Cisco IPS Sensor Default Settings 138Summary 138References 139Exam Preparation Tasks 140Review All the Key Topics 140Definitions of Key Terms 140Chapter 7 Managing Cisco IPS Devices 143Overview 143"Do I Know This Already?" Quiz 143Foundation Topics 146Managing Basic IPS Sensor Device Features 146 Reconfiguring Basic Network Settings 146 Configuring Time and Time Zone 147 Scheduling Sensor Reboots 150 Viewing the Local Sensor Events Log 150Managing Users and Remote Management Channels 151 Sensor Local User Accounts 151 Managing the Sensor's Authentication Credentials 153 Managing Remote Management Access Rules 154Managing Cisco IPS Licensing 155Upgrading and Recovering Cisco IPS Sensor Software 157Updating Cisco IPS Signatures 160Recovering System Passwords 162Monitoring Cisco IPS Sensor Health and Performance 163 Displaying and Troubleshooting the Sensor 163 Monitoring Sensor Health and Performance 165Summary 167References 168Exam Preparation Tasks 169Review All the Key Topics 169Definitions of Key Terms 169Part III Applying Cisco IPS Security Policies 171Chapter 8 Configuring Basic Traffic Analysis 173Overview 173"Do I Know This Already?" Quiz 173Foundation Topics 176Configuring the Default Virtual Sensor 176 Assigning and Verifying Traffic Sources to the Default Virtual Sensor 176Understanding Cisco IPS Sensor Inline Traffic Normalization 177 Clearing Flow States 177Configuring Cisco IPS Sensor Promiscuous Mode Traffic Reassembly Options 179 IP Fragment Reassembly 179 TCP Stream Reassembly 180Configuring TCP Session Tracking 181Understanding IPv6 Support in Cisco IPS Sensors 182Selecting and Configuring Cisco IPS Sensor Bypass 183Summary 184References 185Exam Preparation Tasks 186Review All the Key Topics 186Definitions of Key Terms 186Chapter 9 Implementing Cisco IPS Signatures and Responses 189Overview 189"Do I Know This Already?" Quiz 189Foundation Topics 192Cisco IPS Signatures 192 Signature Engines 193 Alerts 193Configuring Basic Signature Properties 197 Enabling and Disabling Signatures 200 Retiring and Activating Signatures 200Configuring Signature Actions 201 Signature Detective Actions 201 SNMP Traps 202 Signature Preventive Actions 202 Managing Denied Attackers 205 Detective Signature Action Implementation Guidelines 205 Preventive Signature Action Implementation Guidelines 206Configuring Remote Blocking 207 Using ACLs on a Router 207 Configuration Tasks 208Configuring Packet Capture and IP Logging 214 Downloading, Saving, and Stopping IP Logs 218Understanding Threat and Risk Management 219Risk Rating Calculation 221Threat Rating 221Understanding and Configuring Event Action Overrides 223Using Event Action Filters 226Choosing an Action Configuration Strategy 228Examining Alerts in IPS Event Logs 229 Viewing Events in the Cisco IDM 232Summary 233References 234Exam Preparation Tasks 235Review All the Key Topics 235Complete the Tables and Lists from Memory 235Definitions of Key Terms 235Chapter 10 Configuring Cisco IPS Signature Engines and the Signature Database 237Overview 237"Do I Know This Already?" Quiz 237Foundation Topics 239Using Cisco IPS Signature Engines and Configuring Common Signature Engine Parameters 239 Signature and Signature Engines 239 Trigger Counting 243 Summary Key 244 Alarm Summarization 244 Dynamic Alarm Summarization 244Deploying ATOMIC Signature Engines 245 ATOMIC IP Signature Example 245 Implementation Guidelines for ATOMIC Signature Engines 246Deploying STRING Signature Engines 246 STRING TCP Signature Example 246 Implementation Guidelines for STRING Signature Engines 247Deploying SERVICE Signature Engines 247 SERVICE HTTP Signature Example 248 Implementation Guidelines for SERVICE Signature Engines 248Deploying FLOOD Signature Engines 249 FLOOD Signature Example 249 Implementation Guidelines for FLOOD Signature Engines 249Deploying SWEEP Signature Engines 250 SWEEP Signature Example 250 Implementation Guidelines for SWEEP Signature Engines 250Deploying the META Signature Engine 251 META Correlation Example 251 Implementation Guidelines for META Signature Engines 251Deploying the NORMALIZER Engine 252 NORMALIZER Engine Example 252 Implementation Guidelines for the NORMALIZER Engine 252Deploying Other Engines 253 AIC Signature Engine Example 253 Implementation Guidelines for AIC Engines 253Summary 254References 254Exam Preparation Tasks 255Review All the Key Topics 255Complete the Tables and Lists from Memory 255Definitions of Key Terms 255Chapter 11 Deploying Anomaly-Based Operation 257Overview 257"Do I Know This Already?" Quiz 257Foundation Topics 259Anomaly Detection Overview 259 Scanning Worm Details 259Anomaly Detection Components 260 Histograms 261 Zones 261 Learning 261 Signatures Related to Anomaly Detection 262Configuring Anomaly Detection 262 Default Anomaly Detection Policy ad0 262Verifying Anomaly Detection 271 Verifying Anomaly Detection at the Command Line 273 Troubleshooting Anomaly Detection 274Summary 275References 275Exam Preparation Tasks 276Review All the Key Topics 276Definitions of Key Terms 276Part IV Adapting Traffic Analysis and Response to the Environment 279Chapter 12 Customizing Traffic Analysis 281Overview 281"Do I Know This Already?" Quiz 281Foundation Topics 283Understanding Custom Signatures 283 Creating Custom Signature Guidelines 283 Selecting Criteria to Match 284 Regular Expressions 284Using the Custom Signature Wizard 285 Signature Wizard, Specifying the Engine 286 Verifying the Custom Signature 293 Signature Wizard, Without Specifying the Engine 297Creating Custom Signatures, Without the Wizard 306Summary 308References 308Exam Preparation Tasks 309Review All the Key Topics 309Definitions of Key Terms 309Chapter 13 Managing False Positives and False Negatives 311Overview 311"Do I Know This Already?" Quiz 311Foundation Topics 313Identifying False Positives and False Negatives 313 False Positives 313 False Negatives 313 Tuning Consequences 314 Tuning Process Prioritization 314Tuning to Reduce False Positives 314 Do No Harm, Initially 315 Learning About the Signatures and Why They Triggered a False Positive 316 Selecting and Verifying Signatures and Rules in Place 316 Removing All Aggressive Actions 317 Adding Verbose Alerts and Logging 319 Using the Alert Data and Logging to Tune Out False Positives 322 Tuning the Signatures Based on Your Network 327 Removing the Preliminary Overrides and Filters 328Tuning the Sensor to Reduce False Negatives 329 Tuning a Specific Signature 330 Promiscuous Mode IP Reassembly 331 TCP Reassembly Mode 333 Normalizer Tuning 334 Application-Layer Decoding and Deobfuscation 335 Encrypted Traffic 335Summary 336References 336Exam Preparation Tasks 337Review All the Key Topics 337Definitions of Key Terms 337Chapter 14 Improving Alarm and Response Quality 339Overview 339"Do I Know This Already?" Quiz 339Foundation Topics 341Identifying and Adjusting Risk-Rating Components 341 Formula for Risk Rating 341 Using Attack Severity and Signature Fidelity Ratings 342 Target Value Ratings 343 Attack Relevancy Rating 345 Watch List Rating 346Operating System Fingerprinting 346Global Correlation and Reputation-Based Filtering 351 Reputation Filters 351 Global Correlation 351Summary 355References 355Exam Preparation Tasks 356Review All the Key Topics 356Definitions of Key Terms 356Part V Managing and Analyzing Events 359Chapter 15 Installing and Integrating Cisco IPS Manager Express with Cisco IPS Sensors 361Overview 361"Do I Know This Already?" Quiz 361Foundation Topics 364Cisco IPS Manager Express Overview 364 Cisco IME Versus Cisco IDM 365Installing Cisco IPS Manager Express 366Installing Cisco IME 367Integrating Cisco IPS Manager Express with Cisco IPS Sensors 370Tuning the Cisco IPS Sensor 374Using and Customizing the Cisco IPS Manager Express User Interface 376Customizing Cisco IME: Dashboards 378Adding Gadgets 380Customizing Cisco IME: Cisco Security Center 382Summary 385References 386Exam Preparation Tasks 387Review All the Key Topics 387Complete the Tables and Lists from Memory 387Definitions of Key Terms 387Chapter 16 Managing and Investigating Events Using Cisco IPS Manager Express 389Overview 389"Do I Know This Already?" Quiz 389Foundation Topics 391Managing IPS Events Using Cisco IPS Manager Express 391 Event Monitoring Views 391 Creating and Customizing Event Views 393 View Settings 393 Customizing Event Views 395 Tuning and Creating IME Filters from the Event Display 398 Saving and Deleting Events 400Investigating IPS Events Using Cisco IPS Manager Express 401Acting on IPS Events Using Cisco IPS Manager Express 405Exporting, Importing, and Archiving Events 408Summary 409Exam Preparation Tasks 410Review All the Key Topics 410Complete the Tables and Lists from Memory 410Definitions of Key Terms 410Chapter 17 Using Cisco IPS Manager Express Correlation, Reporting, Notification, and Archiving 413Overview 413"Do I Know This Already?" Quiz 413Foundation Topics 415Configuring Event Reporting in Cisco IME 415 IME Reporting 415 Configuring and Generating Reports 416 Event Dashboards 417Using Notifications in Cisco IME 418Summary 420References 420Exam Preparation Tasks 421Review All the Key Topics 421Complete the Tables and Lists from Memory 421Definitions of Key Terms 421Chapter 18 Integrating Cisco IPS with CSM and Cisco Security MARS 423Overview 423"Do I Know This Already?" Quiz 423Foundation Topics 425Configuring Integration with Cisco Security Manager 425 Cisco Security Manager 4.0 Features and Benefits 425 Managing Cisco IPS Sensors Using Cisco Security Manager 428 Adding Sensors to Cisco Security Manager 429Configuring Integration with Cisco Security MARS 431 Add a Cisco IPS Sensor to MARS 432 Event Feed Verification 434 Cisco Security Manager (CSM) and MARS Cross-Launch Capability 435Summary 436References 437Exam Preparation Tasks 438Review All the Key Topics 438Complete the Tables and Lists from Memory 438Definitions of Key Terms 438Chapter 19 Using the Cisco IntelliShield Database and Services 441Overview 441"Do I Know This Already?" Quiz 441Foundation Topics 443Using Cisco Security Intelligence Operations 443 Security Alerts 444 Threat Analysis and Reporting 445 Resources 446 Products and Services Updates 448 IPS Threat Defense Bulletin 448Using Cisco IntelliShield Alert Manager Service 449 Home Page 451 Alerts 452 IPS Signatures 454 Inbox 455 Product Sets 456 New Product Sets 458 Notifications 459 Reports 460 Preferences 461 Users 461 Groups 461 IntelliShield Alert Manager Service Subscription 461Summary 461References 462Exam Preparation Tasks 463Review All the Key Topics 463Complete the Tables and Lists from Memory 463Definitions of Key Terms 463Part VI Deploying Virtualization, High Availability, and High-Performance Solutions 465Chapter 20 Using Cisco IPS Virtual Sensors 467Overview 467"Do I Know This Already?" Quiz 467Foundation Topics 469Sensor Virtualization Overview 469 Virtual IPS 469Adding, Editing, and Configuring Virtual Sensors 470Verifying Virtual Sensor Operation 475Summary 478References 478Exam Preparation Tasks 479Review All the Key Topics 479Complete the Tables and Lists from Memory 479Definitions of Key Terms 479Chapter 21 Deploying Cisco IPS for High Availability and High Performance 481Overview 481"Do I Know This Already?" Quiz 481Foundation Topics 483High-Availability Solutions for Cisco IPS Deployments 483Switching-Based Sensor High Availability 484 EtherChannel-Based High Availability 485 Inline Mode Redundant IPS Sensor Deployment Using a Single Switch 486 Promiscuous Mode Redundant IPS Sensor Deployment Using a Single Switch 486 EtherChannel-Based High-Availability Implementation Guidelines 486 STP-Based High Availability 487 STP-Based High-Availability Implementation Guidelines 487Routing-Based Sensor High Availability 488 Routing-Based Sensor High-Availability Implementation Guidelines 488Cisco ASA-Based Sensor High Availability 489 Cisco ASA-Based Sensor High-Availability Implementation Guidelines 490Cisco IPS Sensor Performance Overview 491 Performance Issues 491 Detecting Performance Issues 492 Configuring Traffic Flow Notifications 492 Inspecting Performance-Related Gadgets 493 Checking Switch SPAN Interfaces for Dropped Packets 495 Scaling SPAN Sessions 496Increasing Performance Using Load Sharing 497 ECLB with Cisco Catalyst 6500 Series Switch and IDSM-2 497 Guidelines for Increasing Performance Using Load-Sharing Implementation 497Increasing Performance Using Traffic Reduction 498 Cisco ASA IPS Modules-Inline Operation 498 Cisco ASA IPS Modules-Promiscuous Operation 498 Cisco Catalyst Switches-VACL Capture 498Summary 499References 499Exam Preparation Tasks 500Review All the Key Topics 500Complete the Tables and Lists from Memory 500Definitions of Key Terms 500Part VII Configuring and Maintaining Specific Cisco IPS Hardware 503Chapter 22 Configuring and Maintaining the Cisco ASA AIP SSM Modules 505Overview 505"Do I Know This Already?" Quiz 505Foundation Topics 508Overview of the Cisco ASA AIP SSM and AIP SSC Modules 508 Inline Operation 510 Promiscuous Operation 510 Single-Mode Cisco ASA with Multiple Virtual Sensors 511 Cisco ASA with Security Contexts and Virtual Sensors 512 Deployment Guidelines-ASA AIP SSM and SSC 512Initializing the Cisco ASA AIP SSM and AIP SSC Modules 512 Initial Configuration of the AIP SSM and AIP SSC 514 Software Update of the AIP SSM and AIP SSC 516 Basic Configuration of the AIP SSM and AIP SSC 520 Access the AIP SSM and AIP SSC Through the Cisco IDM or ASDM 523Redirecting Traffic to the Cisco ASA AIP SSM and AIP SSC Modules 525 Traffic Redirection Policy Configuration Using the Cisco ASDM 526 Traffic Redirection Policy Configuration Using the CLI 529Troubleshooting the Cisco ASA AIP SSM and AIP SSC Modules 530Summary 531References 531Exam Preparation Tasks 532Review All the Key Topics 532Complete the Tables and Lists from Memory 532Definitions of Key Terms 532Chapter 23 Configuring and Maintaining the Cisco ISR AIM-IPS and NME-IPS Modules 535Overview 535"Do I Know This Already?" Quiz 535Foundation Topics 538Overview of the Cisco ISR AIM-IPS and NME-IPS Modules 538 Inline Operation 540 Promiscuous Operation 540 AIM-IPS and Router Communication 541 NME-IPS and Router Communication 542Initializing the Cisco ISR AIM-IPS and NME-IPS 543 Initial Configuration of the AIM-IPS and NME-IPS 545Redirecting Traffic to the Cisco AIM-IPS and NME-IPS 546Troubleshooting the Cisco AIM-IPS and NME-IPS 547 Heartbeat Operation 547 Rebooting, Resetting, and Shutdown Procedures 548 Password Recovery Procedure 549 IPS Module Interoperability 550Summary 550References 551Exam Preparation Tasks 552Review All the Key Topics 552Complete the Tables and Lists from Memory 552Definitions of Key Terms 552Chapter 24 Configuring and Maintaining the Cisco IDSM-2 555Overview 555"Do I Know This Already?" Quiz 555Foundation Topics 557Overview of the Cisco IDSM-2 557 Inline Operation 560 Promiscuous Operation 561Initializing the Cisco IDSM-2 562 Installing the Cisco IDSM-2 562 Initial Configuration of the Cisco IDSM-2 564 Command and Control Access for the Cisco IDSM-2 568 Redirecting Traffic to the Cisco IDSM-2 568Maintaining the Cisco IDSM-2 572 Upgrade Procedure 572 Recovery Procedure 572 Upgrading the Application Partition 572 Re-imaging the Maintenance Partition 577Troubleshooting the Cisco IDSM-2 577 Password Recovery 577Summary 578References 579Exam Preparation Tasks 580Review All the Key Topics 580Complete the Tables and Lists from Memory 580Definitions of Key Terms 580Part VIII Final Exam Preparation 583Chapter 25 Final Preparation 585Tools for Final Preparation 585 Pearson Cert Practice Test Engine and Questions on the CD 585 Install the Software from the CD 586 Activate and Download the Practice Exam 586 Activating Other Exams 587 Premium Edition 587 Cisco Learning Network 587 Memory Tables 588 Chapter-Ending Review Tools 588Suggested Plan for Final Review/Study 588 Step 1: Review the Key Topics and the "Do I Know This Already?" Questions from the Beginning of the Chapter 589 Step 2: Complete the Memory Tables 589 Step 3: Do Hands-On Practice 589 Step 4: Build Configuration Checklists 590 Step 5: Use the Exam Engine 590Summary 591Part IX AppendixesAppendix A Answers to the "Do I Know This Already?" Quizzes 595Appendix B CCNP Security IPS 642-627 Exam Updates, Version 1.0 609Glossary 613Index 619Appendix C Memory Tables (CD Only)Appendix D Memory Tables Answer Key (CD Only) 9781587142550 TOC 9/23/2011show more

Rating details

9 ratings
3.88 out of 5 stars
5 33% (3)
4 22% (2)
3 44% (4)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X