CCSP Snpa Official Exam Certification Guide

CCSP Snpa Official Exam Certification Guide

3 (4 ratings by Goodreads)
By (author)  , By (author)  , By (author)  , By (author)  , By (author) 

List price: US$64.95

Currently unavailable

Add to wishlist

AbeBooks may have this title (opens in new window).

Try AbeBooks

Description

Assessment, review, and practice for CCSP SNPA exam 642-522 The official study guide helps you master all the topics on the SNPA exam, including: *Firewall technologies *Cisco Security Appliance translation and connection *Access control configuration *Modular policy framework *Security contexts *Syslog *Routing protocol support *Failover *Virtual private networks (VPN) *Adaptive Security Device Manager (ASDM) *Content filtering *Authentication, authorization, and accounting (AAA) configuration *Intrusion Prevention Systems (IPS) and advanced protocol handling CCSP SNPA Official Exam Certification Guide, Third Edition, is a best-of-breed Cisco(R) exam study guide that focuses specifically on the objectives for the Securing Networks with PIX and ASA (SNPA) exam. Network security consultant, Michael Gibbs, shares preparation hints and test-taking tips, helping you identify areas of weakness and improve your knowledge of firewall and Adaptive Security Appliance (ASA) security. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.This guide presents you with an organized test preparation routine through the use of proven series elements and techniques. "Do I Know This Already?" quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists and Foundation Summary tables make referencing easy and give you a quick refresher whenever you need it. Challenging chapter-ending review questions help you assess your knowledge and reinforce key concepts. The companion CD-ROM contains a powerful testing engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, presenting question-by-question remediation to the text. Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this book helps you master the concepts and techniques that will enable you to succeed on the exam the first time.CCSP SNPA Official Exam Certification Guide, Third Edition, is part of a recommended learning path from Cisco Systems(R) that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, visit www.cisco.com/go/authorizedtraining. Companion CD-ROM The CD-ROM contains an electronic copy of the book and more than 200 practice questions for the SNPA exam, all available in study mode, test mode, and flash card format. This volume is part of the Exam Certification Guide Series from Cisco Press(R). Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears.show more

Product details

  • Mixed media product | 768 pages
  • 185.4 x 233.7 x 50.8mm | 1,406.15g
  • Pearson Education (US)
  • Cisco Press
  • Indianapolis, United States
  • English
  • Revised
  • 3rd Revised edition
  • 1587201526
  • 9781587201523
  • 1,852,846

About Greg Bastien

Michael Gibbs is the CTO for Security Evolutions, Inc., (SEI) where he is responsible for the overall technical management of SEI's Cisco IT security consulting services. Greg Bastien, CCNP(R), CCSP , CISSP(R), is the chief technical officer of Virtue Technologies, Inc., and directs the actions of the engineering staff that supports several federal agencies. Earl Carter is a member of the Security Technologies Assessment Team (STAT) at Cisco Systems where he performs security evaluations on numerous Cisco products. Christian Abera Degu, CCNP, CCDP(R), CCSP, currently works for Veridian Networks/General Dynamics as a consulting engineer to the Federal Energy Regulatory Commission.show more

Table of contents

Chapter 1 Network Security How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation and Supplemental Topics Overview of Network Security Vulnerabilities, Threats, and Attacks Vulnerabilities Threats Types of Attacks Security Policies Step 1: Secure Step 2: Monitor Step 3: Test Step 4: Improve Network Security as a "Legal Issue" Defense in Depth Cisco AVVID and Cisco SAFE Cisco AVVID? Cisco SAFE Foundation Summary Network Security Vulnerabilities, Threats, and Attacks Vulnerabilities Threats Attacks Security Policies Network Security as a Process Defense in Depth Cisco AVVID Cisco SAFE Key Terms Q&A Chapter 2 Firewall Technologies and the Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Firewall Technologies Packet Filtering Proxy Stateful Packet Inspection Cisco PIX Firewall Secure Real-Time Embedded System Adaptive Security Algorithm Cut-Through Proxy Security Contexts (Virtual Firewall) Redundancy Foundation Summary Firewall Technologies Cisco Security Appliance Q&A Chapter 3 Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Overview of the Cisco Security Appliance ASA Cut-Through Proxy Cisco PIX Firewall Models and Features Intrusion Protection AAA Support X.509 Certificate Support Modular Policy Framework Network Address Translation/Port Address Translation Firewall Management Simple Network Management Protocol Syslog Support Security Contexts Transparent Firewalls Virtual Private Networks Optional Firewall Components PIX Firewall Model Capabilities Cisco PIX 501 Cisco PIX 506E Cisco PIX 515E Cisco PIX 525 Cisco PIX 535 Cisco ASA Security Model Capabilities Cisco ASA 5510 Security Appliance Cisco ASA 5520 Security Appliance Cisco ASA 5540 Security Appliance Foundation Summary Adaptive Security Algorithm Cut-Through Proxy Cisco PIX Firewall Models and Features Cisco ASA Security Appliance Models and Features Intrusion Protection AAA Support X.509 Certificate Support Modular Policy Framework NAT/PAT Firewall Management SNMP Syslog Support Virtual Private Networks Security Context Cisco Security Appliance Models Q&A Chapter 4 System Management/Maintenance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Accessing Cisco Security Appliance Accessing a Cisco Security Appliance with Telnet Accessing the Cisco Security Appliance with Secure Shell Command-Level Authorization Installing a New Operating System Upgrading Your Activation Key Upgrading the Cisco Security Appliance Operating System Upgrading the Operating System Using the copy tftp flash Command Upgrading the Operating System Using Monitor Mode Upgrading the OS Using an HTTP Client Creating a Boothelper Disk Using a Windows PC Password Recovery Cisco PIX Firewall Password Recovery: Getting Started Password Recovery Procedure for a PIX Firewall with a Floppy Drive (PIX 520) Password Recovery Procedure for a Diskless PIX Firewall (PIX 501, 506, 506E, 515E, 515, 525, and 535) Password Recovery Procedure for the ASA Security Appliance Overview of Simple Network Management Protocol on the PIX Firewall Configuring Simple Network Management Protocol on Security Appliance Troubleshooting Commands Foundation Summary Q&A Chapter 5 Understanding Cisco Security Appliance Translation and Connection How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics How the Cisco Security Appliance Handles Traffic Interface Security Levels and the Default Security Policy Transport Protocols Address Translation Translation Commands NAT PAT Static Translation Using the static Command for Port Redirection Configuring Multiple Translation Types on the Cisco Security Appliance Bidirectional NAT Translation Versus Connection Configuring DNS Support Foundation Summary Q&A Chapter 6 Getting Started with the Cisco Security Appliance Family of Firewalls How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Access Modes Configuring a Cisco Security Appliance interface Command security-level Command nameif Command ip address Command nat Command speed Command duplex Command nat-control Command global Command route Command Routing Information Protocol Testing Your Configuration Saving Your Configuration Support for Domain Name System Messages Configuring Dynamic Host Configuration Protocol on the Cisco Security Appliance Using the Cisco Security Appliance DHCP Server Configuring the Security Appliance DHCP Client Configuring Time Settings on the Cisco Security Appliance NTP Cisco Security Appliance System Clock Configuring Login Banners on the Cisco Security Appliance Configuring Transparent Mode Enabling Transparent Mode Traffic Management in Transparent Mode Monitoring in Transparent Mode Sample Security Appliance Configuration Foundation Summary Q&A Chapter 7 Configuring Access How Best to Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Configuring Inbound Access Through a Cisco Security Appliance Static NAT Static PAT TCP Intercept Feature nat 0 Command Policy NAT Access Lists Object Grouping network Object Type protocol Object Type service Object Type icmp-type Object Type Nesting Object Groups ACL Logging Advanced Protocol Handling FTP DNS Simple Mail Transfer Protocol Foundation Summary Q&A Chapter 8 Modular Policy Framework How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Modular Policy Framework Overview Traffic Flow Matching Step 1: Create a Class Map Step 2: Define Class Map Matches Viewing the Class Map Configuration Assigning Actions to a Traffic Class Step 1: Create a Policy Map Step 2: Assign Traffic Classes to the Policy Map Step 3: Assign Policies for Each Class Viewing the Policy Map Configuration Assigning Policies to an Interface Service Policy Matching Logic Viewing the Service Policy Configuration Viewing the Service Policy Statistics Foundation Summary Q&A Chapter 9 Security Contexts How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Security Context Overview Multiple Context Modes Administration Context Configuring Security Contexts Creating a New Context Assigning Interfaces to a Context Uploading a Configuration Using the config-url Command Managing Security Contexts Deleting Contexts Navigating Multiple Contexts Viewing Context Information Step-by-Step Configuration of a Security Context Foundation Summary Q&A Chapter 10 Syslog and the Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics How Syslog Works Logging Facilities Logging Levels How Log Messages Are Organized How to Read System Log Messages Configuring Syslog on a Cisco Security Appliance Configuring the ASDM to View Logging Configuring Syslog Messages at the Console Sending Syslog Messages to a Telnet Session Configuring the Cisco Security Appliance to Send Syslog Messages to a Log Server Configuring SNMP Traps and SNMP Requests Configuring a Syslogd Server PIX Firewall Syslog Server Foundation Summary Q&A Chapter 11 Routing and the Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics and Supplemental Topics General Routing Principles Ethernet VLAN Tagging Understanding VLANs Understanding Trunk Ports Understanding Logical Interfaces Managing VLANs IP Routing Static Routes Dynamic Routes Multicast Routing Multicast Commands Inbound Multicast Traffic Outbound Multicast Traffic Debugging Multicast Foundation Summary Q&A Chapter 12 Cisco Security Appliance Failover How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics What Causes a Failover Event? What Is Required for a Failover Configuration? Failover Monitoring Configuration Replication Stateful Failover LAN-Based Failover Active-Active Failover Configuring Failover Foundation Summary Q&A Chapter 13 Virtual Private Networks How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Overview of Virtual Private Network Technologies Internet Protocol Security Internet Key Exchange Perfect Forward Secrecy Certification Authorities Overview of WebVPN WebVPN Portal Interface Port Forwarding Configuring the Security Appliance as a VPN Gateway Selecting the Configuration Configuring IKE Configuring IPSec Troubleshooting the VPN Connection Configuring the Security Appliance as a WebVPN Gateway WebVPN Global Configuration Configuring URLs and File Servers Configuring Port Forwarding Configuring E-Mail Proxies Setting Up Filters and ACLs Configuring Security Appliances for Scalable VPNs Foundation Summary Q&A Scenario VPN Configurations Completed PIX Configurations How the Configuration Lines Interact Chapter 14 Configuring Access VPNs How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation and Supplemental Topics Introduction to Cisco Easy VPN Easy VPN Server Easy VPN Remote Feature Overview of the Easy VPN Server Major Features Server Functions Supported Servers Overview of Easy VPN Remote Feature Supported Clients Easy VPN Remote Connection Process Extended Authentication Configuration Easy VPN Remote Modes of Operation Client Mode Network Extension Mode Overview of Cisco VPN Software Client Features Specifications Cisco VPN Client Manual Configuration Tasks Security Appliance Easy VPN Remote Configuration Basic Configuration Client Device Mode Secure Unit Authentication Individual User Authentication Point-to-Point Protocol over Ethernet and the Security Appliance Configuring the VPDN Group Configuring VPDN Group Authentication Assigning the VPDN Group Username Configuring the VPDN Username and Password Enabling the Point-to-Point over Ethernet Client Monitoring the Point-to-Point over Ethernet Client Dynamic Host Configuration Protocol Server Configuration DHCP Overview Configuring the Security Appliance DHCP Server DHCP Server Auto Configuration DHCP Debugging Commands Foundation Summary Q&A Chapter 15 Adaptive Security Device Manager How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics ASDM Overview Security Appliance Requirements to Run ASDM ASDM Workstation Requirement ASDM Installation Using ASDM to Configure the Cisco Security Appliance Monitoring Using ASDM for VPN Configuration Using ASDM to Create a Site-to-Site VPN Using ASDM to Create a Remote-Access VPN Foundation Summary Q&A Chapter 16 Content Filtering on the Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Filtering ActiveX Objects and Java Applets Filtering Java Applets Filtering ActiveX Objects Filtering URLs Identifying the URL-Filtering Server Configuring URL-Filtering Policy Filtering HTTPS and FTP Filtering Long URLs Viewing Filtering Statistics and Configuration Foundation Summary Q&A Chapter 17 Overview of AAA and the Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Overview of AAA and the Cisco Security Appliance Definition of AAA AAA and the Cisco Security Appliance Cut-Through Proxy Supported AAA Server Technologies Cisco Secure Access Control Server Minimum Hardware and Operating System Requirements for Cisco Secure ACS Installing Cisco Secure ACS Version 3.3 on Windows Server Foundation Summary Q&A Chapter 18 Configuration of AAA on the Cisco Security Appliance How to Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Specifying Your AAA Servers Configuring AAA on the Cisco Security Appliance Step 1: Identifying the AAA Server and NAS Step 2: Configuring Authentication Step 3: Configuring Authorization Step 4: Configuring Accounting Cisco Secure and Cut-Through Configuration Configuring Downloadable Security Appliance ACLs Troubleshooting Your AAA Setup Checking the Security Appliance Checking the Cisco Secure ACS Foundation Summary Q&A Chapter 19 IPS and Advanced Protocol Handling How To Best Use This Chapter "Do I Know This Already?" Quiz Foundation Topics Multimedia Support on the Cisco Security Appliance RTSP Application Inspection Support for Voice over IP CTIQBE H.323 MGCP SCCP SIP Application Inspection FTP Inspection HTTP Inspection Domain Name Inspection Mail Inspection ICMP Inspection Remote Shell Inspections SNMP Inspection SQL*Net Inspection Security Appliance Intrusion Protection Feature AIP-SSM Module Configuring IPS Through ASDM Foundation Summary Q&A Chapter 20 Case Study and Sample Configuration Remote Offices Firewall Growth Expectation Task 1: Basic Configuration for the Cisco Security Appliance Basic Configuration Information for HQ-PIX Basic Configuration Information for MN-PIX Basic Configuration Information for HOU-PIX Task 2: Configuring Access Rules on HQ Task 3: Configuring Authentication Task 4: Configuring Logging Task 5: Configuring a VPN Between HQ and Remote Sites Configuring the Central PIX Firewall, HQ-PIX, for VPN Tunneling Configuring the Houston PIX Firewall, HOU-PIX, for VPN Tunneling Configuring the Minneapolis PIX Firewall, MN-PIX, for VPN Tunneling Verifying and Troubleshooting Task 6: Configuring a Remote-Access VPN to HQ Create an IP Address Pool Define a Group Policy for Mode Configuration Push Enable IKE Dead Peer Detection Task 7: Configuring Failover What Is Wrong with This Picture? Foundation Summary Q&A Appendix a Answers to the "Do I Know This Already?" Quizzes and Q&A Sections 1587201526toc041806show more

Rating details

4 ratings
3 out of 5 stars
5 0% (0)
4 0% (0)
3 100% (4)
2 0% (0)
1 0% (0)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X