Introduction
Congratulations! If you are reading this, you have in your possession a powerful tool that can help you to
■ Improve your awareness and knowledge of network security
■ Increase your skill level related to the implementation of that security
■ Prepare for the CCNA Security certification exam
When writing this book, it was done with you in mind, and together we will discover the critical ingredients that make up the recipe for a secure network and work through examples of how to implement these features. By focusing on both covering the objectives for the CCNA Security exam and integrating that with real-world best practices and examples, Scott Morris and I created this content with the intention of being your personal tour guides, as we take you on a journey through the world of network security. The 640-554 official cert guide pdf Implementing Cisco IOS Network Security (IINSv2) exam is required for the CCNA Security certification. The prerequisite for CCNA Security is the CCNA Route/Switch certification (or any CCIE certification).
■ Improve your awareness and knowledge of network security
■ Increase your skill level related to the implementation of that security
■ Prepare for the CCNA Security certification exam
When writing this book, it was done with you in mind, and together we will discover the critical ingredients that make up the recipe for a secure network and work through examples of how to implement these features. By focusing on both covering the objectives for the CCNA Security exam and integrating that with real-world best practices and examples, Scott Morris and I created this content with the intention of being your personal tour guides, as we take you on a journey through the world of network security. The 640-554 official cert guide pdf Implementing Cisco IOS Network Security (IINSv2) exam is required for the CCNA Security certification. The prerequisite for CCNA Security is the CCNA Route/Switch certification (or any CCIE certification).
The CCNA Security exam tests your knowledge of securing Cisco routers and switches and their associated networks, and this book prepares you for that exam. This book covers all the topics listed in Cisco’s exam blueprint, and each chapter includes key topics and preparation tasks to assist you in mastering this information. The CD that accompanies this book also includes bonus videos to assist you in your journey toward becoming a CCNA in Security. Of course, the CD included with the printed book also includes several practice questions to help you prepare for the exam.
About the 640-554 Implementing Cisco IOS Network Security (IINSv2) Exam
Cisco’s objective of the CCNA Security exam is to verify the candidate’s understanding, implementation, and verification of security best practices on Cisco hardware and software 640-554 review.
About the 640-554 Implementing Cisco IOS Network Security (IINSv2) Exam
Cisco’s objective of the CCNA Security exam is to verify the candidate’s understanding, implementation, and verification of security best practices on Cisco hardware and software 640-554 review.
The focus points for the exam (which this book prepares you for) are as follows:
Cisco routers and switches
- Common threats, including blended threats, and how to mitigate them.
- The lifecycle approach for a security policy
- Understanding and implementing network foundation protection for the control, data, and management planes
- Understanding, implementing, and verifying AAA (authentication, authorization, and accounting) , including the details of TACACS+ and RADIUS
- Understanding and implementing basic rules inside of Cisco Access Control Server (ACS) Version 5.x, including configuration of both ACS and a router for communications with each otherStandard, extended, and named access control lists used for packet filtering and for the classification of traffic
- Understanding and implementing protection against Layer 2 attacks, including CAM table overflow attacks, and VLAN hopping
Cisco firewall technologies
- Understanding and describing the various methods for filtering implemented by firewalls, including stateful filtering. Compare and contrast the strengths and weaknesses of the various firewall technologies.
- Understanding the methods that a firewall may use to implement Network Address Translation (NAT) and Port Address Translation (PAT) .
- Understanding, implementing, and interpreting a Zone-Based Firewall policy through Cisco Configuration Professional (CCP) .
- Understanding and describing the characteristics and defaults for interfaces, security levels, and traffic flows on the Adaptive Security Appliance (ASA) .
- Implementing and interpreting a firewall policy on an ASA through the GUI tool named the ASA Security Device Manager (ASDM) .
- Intrusion prevention systems
- Comparing and contrasting intrusion prevention systems (IPS) versus intrusion detection systems (IDS) , including the pros and cons of each and the methods used by these systems for identifying malicious traffic
- Describing the concepts involved with IPS included true/false positives/negatives
- Configuring and verifying IOS-based IPS using CCP
- VPN technologies
- Understanding and describing the building blocks used for virtual private networks (VPN) today, including the concepts of symmetrical, asymmetrical, encryption, hashing, Internet Key Exchange (IKE) , public key infrastructure
- (PKI) , authentication, Diffie-Hellman, certificate authorities, and so on
- Implementing and verifying IPsec VPNs on IOS using CCP and the commandline
- interface (CLI)
- Implementing and verifying Secure Sockets Layer (SSL) VPNs on the ASA firewall using ASDM
- As you can see, it is an extensive list, but together we will not only address and learn each of these, but we will also have fun doing it. You can take the exam at Pearson VUE testing centers. You can register with VUE at vue.com/cisco/ .
No comments:
Post a Comment