CCNP Security SISAS 300-208 Official Cert Guide

CCNP Security SISAS 300-208 Official Cert Guide

Released
Publisher(s): Cisco Press
ISBN: None

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

None

Table of contents

  1. About This eBook
  2. Title Page
  3. Copyright Page
  4. About the Authors
  5. About the Technical Reviewers
  6. Dedications
  7. Acknowledgments
  8. Contents at a Glance
  9. Contents
  10. Icons
  11. Command Syntax Conventions
  12. Introduction
    1. Goals and Methods
    2. How This Book Is Organized
  13. Part I: The CCNP Certification
    1. Chapter 1. CCNP Security Certification
      1. CCNP Security Certification Overview
      2. Contents of the CCNP-Security SISAS Exam
      3. How to Take the SISAS Exam
      4. Who Should Take This Exam and Read This Book?
      5. Format of the CCNP-Security SISAS Exam
      6. CCNP-Security SISAS 300-208 Official Certification Guide
      7. Book Features and Exam Preparation Methods
  14. Part II: “The Triple A” (Authentication, Authorization, and Accounting)
    1. Chapter 2. Fundamentals of AAA
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Triple-A
        2. Compare and Select AAA Options
        3. TACACS+
        4. RADIUS
        5. Comparing RADIUS and TACACS+
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    2. Chapter 3. Identity Management
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. What Is an Identity?
        2. Identity Stores
        3. External Identity Stores
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    3. Chapter 4. EAP Over LAN (Also Known As 802.1X)
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Extensible Authentication Protocol
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    4. Chapter 5. Non-802.1X Authentications
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Devices Without a Supplicant
        2. MAC Authentication Bypass
        3. Web Authentication
        4. Remote Access Connections
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    5. Chapter 6. Introduction to Advanced Concepts
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Change of Authorization
        2. Automating MAC Authentication Bypass
        3. Posture Assessments
        4. Mobile Device Managers
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
  15. Part III: Cisco Identity Services Engine
    1. Chapter 7. Cisco Identity Services Engine Architecture
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. What Is Cisco ISE?
        2. Personas
        3. Physical or Virtual Appliance
        4. ISE Deployment Scenarios
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    2. Chapter 8. A Guided Tour of the Cisco ISE Graphical User Interface
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Logging In to ISE
        2. Organization of the ISE GUI
        3. Type of Policies in ISE
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    3. Chapter 9. Initial Configuration of Cisco ISE
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Cisco Identity Services Engine Form Factors
        2. Bootstrapping Cisco ISE
        3. Network Devices
        4. Local User Identity Groups
        5. Local Endpoint Groups
        6. Local Users
        7. External Identity Stores
      3. Exam Preparation Tasks
        1. Review All Key Topics
    4. Chapter 10. Authentication Policies
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. The Relationship Between Authentication and Authorization
        2. Authentication Policy
        3. Understanding Authentication Policies
        4. Common Authentication Policy Examples
        5. More on MAB
        6. Restore the Authentication Policy
      3. Exam Preparation Tasks
        1. Review All Key Topics
    5. Chapter 11. Authorization Policies
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Authentication Versus Authorization
        2. Authorization Policies
        3. Saving Conditions for Reuse
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
  16. Part IV: Implementing Secure Network Access
    1. Chapter 12. Implement Wired and Wireless Authentication
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Authentication Configuration on Wired Switches
        2. Authentication Configuration on WLCs
        3. Verifying Dot1X and MAB
        4. Live Sessions Log
        5. Looking Forward
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    2. Chapter 13. Web Authentication
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Web Authentication Scenarios
        2. Configuring Centralized Web Authentication
        3. Building CWA Authorization Policies
        4. Configuring Device Registration Web Authentication
        5. Verifying Centralized Web Authentication
      3. Exam Preparation Tasks
        1. Review All Key Topics
    3. Chapter 14. Deploying Guest Services
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Guest Services Overview
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    4. Chapter 15. Profiling
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. ISE Profiler
        2. Cisco ISE Probes
        3. Infrastructure Configuration
        4. Profiling Policies
        5. ISE Profiler and CoA
        6. Profiles in Authorization Policies
        7. Verify Profiling
      3. Exam Preparation Tasks
        1. Review All Key Topics
  17. Part V: Advanced Secure Network Access
    1. Chapter 16. Certificate-Based User Authentications
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Certificate Authentication Primer
        2. A Common Misconception About Active Directory
        3. EAP-TLS
        4. Configuring ISE for Certificate-Based Authentications
        5. Verifying Certificate Authentications
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    2. Chapter 17. Bring Your Own Device
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. BYOD Challenges
        2. Onboarding Process
        3. Configuring NADs for Onboarding
        4. ISE Configuration for Onboarding
        5. BYOD Onboarding Process Detailed
        6. Verifying BYOD Flows
        7. MDM Onboarding
        8. Managing Endpoints
        9. The Opposite of BYOD: Identify Corporate Systems
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    3. Chapter 18. TrustSec and MACSec
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Ingress Access Control Challenges
        2. What Is TrustSec?
        3. What Is a Security Group Tag?
        4. Defining the SGTs
        5. Classification
        6. Transport: Security Group Exchange Protocol
        7. Transport: Native Tagging
        8. Enforcement
        9. MACSec
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    4. Chapter 19. Posture Assessment
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Posture Service Overview
        2. Posture Flow
        3. Agent Types
        4. Posture Conditions
        5. CoA with Posture
        6. Configuring Posture
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
  18. Part VI: Safely Deploying in the Enterprise
    1. Chapter 20. Deploying Safely
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Why Use a Phased Approach?
        2. A Phased Approach
        3. Transitioning from Monitor Mode to Your End State
        4. Wireless Networks
      3. Exam Preparation Tasks
        1. Review All Key Topics
    2. Chapter 21. ISE Scale and High Availability
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Configuring ISE Nodes in a Distributed Environment
        2. Making the First Node a Primary Device
        3. Registering an ISE Node to the Deployment
        4. Licensing in a Multinode ISE Cube
        5. Understanding the HA Options Available
        6. Using Load Balancers
        7. IOS Load Balancing
        8. Maintaining ISE Deployments
      3. Exam Preparation Tasks
        1. Review All Key Topics
        2. Define Key Terms
    3. Chapter 22. Troubleshooting Tools
      1. “Do I Know This Already?” Quiz
      2. Foundation Topics
        1. Logging
        2. Diagnostics Tools
        3. Troubleshooting Outside of ISE
      3. Exam Preparation Tasks
        1. Review All Key Topics
  19. Part VII: Final Preparation
    1. Chapter 23. Final Preparation
      1. Advice About the Exam Event
        1. Learning the Question Types Using the Cisco Certification Exam Tutorial
        2. Thinking About Your Time Budget Versus Number of Questions
        3. A Suggested Time-Check Method
        4. Miscellaneous Pre-Exam Suggestions
        5. Exam-Day Advice
      2. Exam Review
        1. Taking Practice Exams
        2. Finding Knowledge Gaps Through Question Review
        3. Other Study Tasks
        4. Final Thoughts
  20. Part VIII: Appendixes
    1. Appendix A. Answers to the “Do I Know This Already?” Quizzes
      1. Chapter 2
      2. Chapter 3
      3. Chapter 4
      4. Chapter 5
      5. Chapter 6
      6. Chapter 7
      7. Chapter 8
      8. Chapter 9
      9. Chapter 10
      10. Chapter 11
      11. Chapter 12
      12. Chapter 13
      13. Chapter 14
      14. Chapter 15
      15. Chapter 16
      16. Chapter 17
      17. Chapter 18
      18. Chapter 19
      19. Chapter 20
      20. Chapter 21
      21. Chapter 22
    2. Appendix B. Configuring the Microsoft CA for BYOD
      1. CA Requirements
        1. Other Useful Information
        2. Microsoft Hotfixes
        3. AD Account Roles
      2. Configuration Steps
        1. Installing the CA
        2. Adding the Remaining Roles
        3. Configuring the Certificate Template
        4. Publishing the Certificate Template
        5. Editing the Registry
      3. Useful Links
    3. Appendix C. Using the Dogtag CA for BYOD
      1. What Is Dogtag, and Why Use It?
        1. Prerequisites
        2. Installing Packages with yum
        3. Configuring Proxy (if Needed)
      2. Updating System Packages with yum
      3. Installing and Configuring the NTP Service
      4. Installing the LDAP Server
      5. Installing the PHP Services
      6. Installing and Configuring Dogtag
        1. Modifying the Firewall Rules (iptables)
        2. Creating a New CA Instance
        3. Enabling and Configuring SCEP
        4. Preparing Apache
      7. Configuring ISE to Use the New Dogtag CA
        1. Adding Dogtag to the SCEP RA Profiles
    4. Appendix D. Sample Switch Configurations
      1. Catalyst 2960/3560/3750 Series, 12.2(55)SE
      2. Catalyst 3560/3750 Series, 15.0(2)SE
      3. Catalyst 4500 Series, IOS-XE 3.3.0/15.1(1)SG
      4. Catalyst 6500 Series, 12.2(33)SXJ
  21. Glossary
  22. Index
  23. Code Snippets

Product information

  • Title: CCNP Security SISAS 300-208 Official Cert Guide
  • Author(s):
  • Release date:
  • Publisher(s): Cisco Press
  • ISBN: None