CCSP Cisco Secure Pix Firewall Advanced Exam Certification Guide

CCSP Cisco Secure Pix Firewall Advanced Exam Certification Guide

3 (1 rating by Goodreads)
By (author)  , By (author)  , By (author) 

List price: US$54.95

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

CCSP PIX Firewalls Advanced Exam Certification Guide, Second Edition covers all of the major topics on the 642-521 CSPFA exam, allowing readers to practice the skills critical for everyday administration and troubleshooting of the Cisco PIX Firewall. Included are practical explanations of the various functions of the Cisco PIX Firewall as well as a description of how the functions interrelate. Each chapter focuses study on and tests knowledge of the subjects through specially designed assessment and study features. Traditional Exam Certification Guide features assess readers' topic knowledge, and then highlight the essential concepts for quick reference and study. The final section includes troubleshooting scenarios for the Cisco PIX Firewall configuration. How this book differs from the first edition: Coverage of Enterprise PIX Firewall Management and Maintenance, Firewall Services Module, as well as of the Easy VPNRemote, which is not covered by other books on the 642-521 exam.show more

Product details

  • Hardback | 816 pages
  • 196 x 230 x 50mm | 1,601.17g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • 2nd
  • 1587201232
  • 9781587201233

About Christian Degu

Greg Bastien, CCSP, CISSP, is the chief technical officer for Virtue Technologies, Inc., where he provides consulting services to various federal agencies and commercial clients. Greg also holds a position as adjunct professor at Strayer University, teaching networking and network security classes. He completed his undergraduate and graduate degrees at Embry-Riddle Aeronautical University while on active duty as a helicopter flight instructor in the U.S. Army. Earl Carter is a member of the Security Technologies Assessment Team (STAT) that is part of Consulting Engineering (CE) at Cisco Systems. His duties involve performing security evaluations on numerous Cisco products and consulting with other teams within Cisco to help enhance the security of Cisco products. Christian Abera Degu, CCSP, CISSP, works as a senior network engineer for General Dynamics Network Systems Signal Solutions, consulting with the U.S. Federal Energy Regulatory commission.show more

Table of contents

Introduction. 1. Network Security. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation and Supplemental Topics. Overview of Network Security. Vulnerabilities, Threats, and Attacks. Vulnerabilities. Threats. Types of Attacks. Security Policies. Step 1: Secure. Step 2: Monitor. Step 3: Test. Step 4: Improve. Network Security as a "Legal Issue". Defense in Depth. Cisco AVVID and Cisco SAFE. Cisco AVVID? Cisco SAFE. Foundation Summary. Network Security. Vulnerabilities, Threats, and Attacks. Vulnerabilities. Threats. Attacks. Security Policies. Network Security as a Process. Defense in Depth. Cisco AVVID. Cisco SAFE. Key Terms. Q&A. 2. Firewall Technologies and the Cisco PIX Firewall. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Firewall Technologies. Packet Filtering. Proxy. Stateful Inspection. Cisco PIX Firewall. Secure Real-Time Embedded System. Adaptive Security Algorithm. Cut-Through Proxy. Redundancy. Foundation Summary. Firewall Technologies. Cisco PIX Firewall. Q&A. 3. Cisco PIX Firewall. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Overview of the Cisco PIX Firewall. Adaptive Security Algorithm. Cut-Through Proxy. Cisco PIX Firewall Models and Features. Intrusion Protection. AAA Support. X.509 Certificate Support. Network Address Translation/Port Address Translation. Firewall Management. Simple Network Management Protocol. Syslog Support. Virtual Private Networks. Optional Firewall Components. PIX Firewall Model Capabilities. Cisco PIX 501. Cisco PIX 506E. Cisco PIX 515E. Cisco PIX 525. Cisco PIX 535. Foundation Summary. Adaptive Security Algorithm. Cut-Through Proxy. Cisco PIX Firewall Models and Features. Intrusion Protection. AAA Support. X.509 Certificate Support. Network Address Translation/Port Address Translation. Firewall Management. Simple Network Management Protocol. Syslog Support. Virtual Private Networks. Q&A. 4. System Management Maintenance. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Accessing the Cisco PIX Firewall. Accessing the Cisco PIX Firewall with Telnet. Accessing the Cisco PIX Firewall with Secure Shell. Command-Level Authorization. Installing a New Operating System. Upgrading Your Activation Key. Upgrading the Cisco PIX Firewall Operating System. Upgrading the Operating System Using the copy tftp flash Command. Upgrading the Operating System Using Monitor Mode. Upgrading the OS Using an HTTP Client. Creating a Boothelper Disk Using a Windows PC. Password Recovery. Cisco PIX Firewall Password Recovery: Getting Started. Password Recovery Procedure for a PIX Firewall with a Floppy Drive (PIX 520). Password Recovery Procedure for a Diskless PIX Firewall (PIX 501, 506, 506E, 515E, 515, 525, and 535). Overview of Simple Network Management Protocol on the PIX Firewall. Configuring Simple Network Management Protocol on the PIX Firewall. Troubleshooting Commands. Foundation Summary. Q&A. 5. Understanding Cisco PIX Firewall Translation and Connection. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. How the PIX Firewall Handles Traffic. Interface Security Levels and the Default Security Policy. Transport Protocols. Address Translation. Translation Commands. Network Address Translation. Port Address Translation. Static Translation. Using the static Command for Port Redirection. Configuring Multiple Translation Types on the Cisco PIX Firewall. Bidirectional Network Address Translation. Translation Versus Connection. Configuring DNS Support. Foundation Summary. Q&A. 6. Getting Started with the Cisco PIX Firewall. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Access Modes. Configuring the PIX Firewall. interface Command. nameif Command. ip address Command. nat Command. global Command. route Command. Routing Information Protocol. Testing Your Configuration. Saving Your Configuration. Support for Domain Name System Messages. Configuring Dynamic Host Configuration Protocol on the Cisco PIX Firewall. Using the PIX Firewall Dynamic Host Configuration Protocol Server. Configuring the PIX Firewall Dynamic Host Configuration Protocol Client. Configuring Time Settings on the Cisco PIX Firewall. Network Time Protocol. PIX Firewall System Clock. Configuring Login Banners on the PIX Firewall. Sample PIX Configuration. Foundation Summary. Q&A. 7. Configuring Access. How Best to Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Configuring Inbound Access Through the PIX Firewall. Static Network Address Translation. Static Port Address Translation. Transmission Control Protocol Intercept Feature. nat 0 Command. Policy Network Address Translation. Access Lists. TurboACL. Configuring Individual TurboACL. Globally Configuring TurboACL. Object Grouping. network Object Type. protocol Object Type. service Object Type. icmp-type Object Type. Nesting Object Groups. Access Control List Logging. Using the fixup Command. Advanced Protocol Handling. File Transfer Protocol. Domain Name System. Simple Mail Transfer Protocol. Multimedia Support. Foundation Summary. Q&A. 8. Syslog and the PIX. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. How Syslog Works. Logging Facilities. Logging Levels. How Log Messages Are Organized. How to Read System Log Messages. Configuring Syslog on the Cisco PIX Firewall. Configuring the PIX Device Manager to View Logging. Configuring Syslog Messages at the Console. Sending Syslog Messages to a Telnet Session. Configuring the Cisco PIX Firewall to Send Syslog Messages to a Log Server. Configuring SNMP Traps and SNMP Requests. Configuring a Syslogd Server. PIX Firewall Syslog Server. Foundation Summary. Q&A. 9. Routing and the PIX Firewall. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation and Supplemental Topics. General Routing Principles. Ethernet VLAN Tagging. Understanding VLANs. Understanding Trunk Ports. Understanding Logical Interfaces. Managing VLANs. IP Routing. Static Routes. Dynamic Routes. Multicast Routing. Multicast Commands. Inbound Multicast Traffic. Outbound Multicast Traffic. Debugging Multicast. Foundation Summary. Q&A. 10. Cisco PIX Firewall Failover. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. What Causes a Failover Event? What Is Required for a Failover Configuration? Failover Monitoring. Configuration Replication. Stateful Failover. LAN-Based Failover. Configuring Failover. Foundation Summary. Q&A. 11. Virtual Private Networks. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Overview of Virtual Private Network Technologies. Internet Protocol Security. Internet Key Exchange. Perfect Forward Secrecy. Certification Authorities. Configuring the PIX Firewall as a Virtual Private Network Gateway. Selecting the Configuration. Configuring IKE. Configuring IPSec. Troubleshooting the Virtual Private Network Connection. Configuring PIX Firewalls for Scalable Virtual Private Networks. Foundation Summary. Q&A. Scenario. VPN Configurations. Completed PIX Configurations. How the Configuration Lines Interact. 12. Configuring Access VPNs. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation and Supplemental Topics. Introduction to Cisco Easy VPN. Easy VPN Server. Easy VPN Remote Feature. Overview of the Easy VPN Server. Major Features. Server Functions. Supported Servers. Overview of Easy VPN Remote Feature. Supported Clients. Easy VPN Remote Connection Process. Extended Authentication Configuration. Easy VPN Remote Modes of Operation. Client Mode. Network Extension Mode. Overview of Cisco VPN Software Client. Features. Specifications. Cisco VPN Client Manual Configuration Tasks. PIX Easy VPN Remote Configuration. Basic Configuration. Client Device Mode. Secure Unit Authentication. Individual User Authentication. Point-to-Point Protocol over Ethernet and the PIX Firewall. Configuring the Virtual Private Dial-Up Networking Group. Configuring Virtual Private Dial-Up Networking Group Authentication. Assigning the Virtual Private Dial-Up Networking Group Username. Configuring the Virtual Private Dial-Up Networking Username and Password. Enabling the Point-to-Point over Ethernet Client. Monitoring the Point-to-Point over Ethernet Client. Dynamic Host Configuration Protocol Server Configuration. DHCP Overview. Configuring the PIX Firewall Dynamic Host Configuration Protocol Server. Dynamic Host Configuration Protocol Server Auto Configuration. Dynamic Host Configuration Protocol Debugging Commands. Foundation Summary. Q&A. 13. PIX Device Manager. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. PDM Overview. PIX Firewall Requirements to Run PDM. PDM Workstation Requirement. Browser Requirements. Windows Requirements. SUN Solaris Requirements. Linux Requirements. PDM Installation. Using PDM to Configure the Cisco PIX Firewall. Monitoring. Using PDM for VPN Configuration. Using PDM to Create a Site-to-Site VPN. Using PDM to Create a Remote-Access VPN. Foundation Summary. Q&A. 14. CiscoWorksManagementCenterfor Firewalls (PIX MC). How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation and Supplemental Topics. CiscoWorks Management Center for Firewalls Overview. Key Concepts. Supported Devices. Installation. PIX Bootstrap Commands. CiscoWorks. Login Process. User Authorization Roles. Adding Users. Firewall MC Interface. Configuration Tabs. Options Bar. Table of Contents. Path Bar. Instructions Box. Content Area. Scope Bar. Object Selector. Tools Bar. Activity Bar. Basic User Task Flow. Device Management. Managing Groups. Importing Devices. Managing Devices. Configuration Tasks. Configuring Device Settings. Defining Access Rules. Defining Translation Rules. Creating Building Blocks. Generating and Viewing Configuration Information. MC Settings. Deployment Tasks. Deploy Saved Changes. Summary Report. Reports. Activity Report. Configuration Differences Report. Device Setting Report. Administration Tasks. Workflow Setup. Maintenance. Support. CiscoWorks Auto Update Server. Supported Devices. Installation. Communication Settings. AUS Activation. Auto Update Server Interface. Configuring Devices. Configuring Images. Configuring Assignments. Reports. Administrative Tasks. Foundation Summary. Q&A. 15. Content Filtering on the PIX. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Filtering ActiveX Objects and Java Applets. Filtering Java Applets. Filtering ActiveX Objects. Filtering URLs. Identifying the URL-Filtering Server. Configuring URL-Filtering Policy. Filtering HTTPS and FTP. Filtering Long URLs. Viewing Filtering Statistics and Configuration. Foundation Summary. Q&A. 16. Overview of AAA and the PIX. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Overview of AAA and the Cisco PIX Firewall. Definition of AAA. AAA and the Cisco PIX Firewall. Cut-Through Proxy. Supported AAA Server Technologies. Cisco Secure Access Control Server. Minimum Hardware and Operating System Requirements for Cisco Secure ACS. Installing Cisco Secure ACS Version 3.2 on Windows Server. Foundation Summary. Q&A. 17. Configuration of AAA on the PIX. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Specifying Your AAA Servers. Configuring AAA on the Cisco PIX Firewall. Step 1: Identifying the AAA Server and NAS. Step 2: Configuring Authentication. Step 3: Configuring Authorization. Step 4: Configuring Accounting. Cisco Secure and Cut-Through Configuration. Configuring Downloadable PIX ACLs. Troubleshooting Your AAA Setup. Checking the PIX Firewall. Checking the Cisco Secure ACS. Foundation Summary. Q&A. 18. Attack Guards and Advanced Protocol Handling. How To Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation Topics. Multimedia Support on the Cisco PIX Firewall. Real-Time Streaming Protocol. Application Inspection Support for Voice over IP. Computer Telephony Interface Quick Buffer Encoding. H.323. Media Gateway Control Protocol. Skinny Client Control Protocol. Session Initiation Protocol. Attack Guards. Fragmentation Guard and Virtual Reassembly. Domain Name System Guard. Mail Guard. Flood Defender. AAA Floodguard. PIX Firewall Intrusion Detection Feature. Intrusion Detection Configuration. Dynamic Shunning. ip verify reverse-path Command. Foundation Summary. Q&A. 19. Firewall Services Module. How to Best Use This Chapter. "Do I Know This Already?" Quiz. Foundation and Supplemental Topics. Cisco Firewall Services Module Overview. Basic Deployment Scenarios. Multilayer Switch Feature Card as the Inside Router. Multilayer Switch Feature Card as the Outside Router. Multilayer Switch Feature Card Not Directly Connected to FWSM. Initializing the Firewall Services Module. Switch Configuration. Basic Firewall Services Module Configuration. Using PIX Device Manager with the Firewall Services Module. Initial Preparation. Installing the PIX Device Manager Image. Launching PIX Device Manager. Troubleshooting the Firewall Services Module. Switch Commands. Firewall Services Module Status LED. Foundation Summary. Q&A. 20. Case Study and Sample Configuration. Remote Offices. Firewall. Growth Expectation. Task 1: Basic Configuration for the Cisco PIX Firewall. Basic Configuration Information for HQ-PIX. Basic Configuration Information for MN-PIX. Basic Configuration Information for HOU-PIX. Task 2: Configuring Access Rules on HQ. Task 3: Configuring Authentication. Task 4: Configuring Logging. Task 5: Configuring a VPN Between HQ and Remote Sites. Configuring the Central PIX Firewall, HQ-PIX, for VPN Tunneling. Configuring the Houston PIX Firewall, HOU-PIX, for VPN Tunneling. Configuring the Minneapolis PIX Firewall, MN-PIX, for VPN Tunneling. Verifying and Troubleshooting. Task 6: Configuring a Remote Access VPN to HQ. Create an IP Address Pool. Define a Group Policy for Mode Configuration Push. Enable IKE Dead Peer Detection. Task 7: Configuring Failover. What Is Wrong with This Picture? Appendix A: Answers to the "Do I Know This Already?" Quizzes and Q&A Sections. Chapter 1. "Do I Know This Already?" Quiz. Q&A. Chapter 2. "Do I Know This Already?" Quiz. Q&A. Chapter 3. Do I Know This Already?" Quiz. Q&A. Chapter 4. "Do I Know This Already?" Quiz. Q&A. Chapter 5. "Do I Know This Already?" Quiz. Q&A. Chapter 6. "Do I Know This Already?" Quiz. Q&A. Chapter 7. "Do I Know This Already?" Quiz. Q&A. Chapter 8. "Do I Know This Already?" Quiz. Q&A. Chapter 9. "Do I Know This Already?" Quiz. Q&A. Chapter 10. "Do I Know This Already?" Quiz. Q&A. Chapter 11. "Do I Know This Already?" Quiz. Q&A. Chapter 12. "Do I Know This Already?" Quiz. Q&A. Chapter 13. "Do I Know This Already?" Quiz. Q&A. Chapter 14. "Do I Know This Already?" Quiz. Q&A. Chapter 15. "Do I Know This Already?" Quiz. Q&A. Chapter 16. "Do I Know This Already?" Quiz. Q&A. Chapter 17. "Do I Know This Already?" Quiz. Q&A. Chapter 18. "Do I Know This Already?" Quiz. Q&A. Chapter 19. "Do I Know This Already?" Quiz. Q&A. Chapter 20. Index.show more

Rating details

1 ratings
3 out of 5 stars
5 0% (0)
4 0% (0)
3 100% (1)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X