You are previewing CCIE Security Practice Labs.
O'Reilly logo
CCIE Security Practice Labs

Book Description

Seven comprehensive CCIE security labs to hone configuration and troubleshooting skills

Prepare for the CCIE Security lab exam and hone your security configuration and troubleshooting skills with seven complete practice scenarios that cover:

  • Basic device configuration

  • Routing configuration

  • ISDN configuration

  • Cisco PIX Firewall configuration

  • VPN configuration, including IPSec, GRE, L2TP, and PPTP

  • VPN-3000 Concentrator configuration

  • Intrusion Detection System (IDS) 42xx Appliance configuration

  • Cisco IOS Firewall configuration

  • AAA configuration

  • Advanced security issues

  • IP services and protocol-independent features

  • Security violations

  • The explosive growth of the Internet economy over the past several years and new IP-based enterprise applications has heightened requirements for continuous availability of mission-critical data. Today's network administrators and managers are under big pressure to satisfy ever-increasing demands from customers, suppliers, and employees for 100 percent network resource availability and access to applications and data. The end result is that the cost of a network security breach has never been higher. Accordingly, the demand for networking professionals with expert-level network security configuration and troubleshooting skills is also great. The Cisco Systems CCIE Security certification is a prestigious program that sets the professional benchmark for internetworking expertise, validating proficiency with advanced technical skills required to design, configure, and maintain a wide range of network security technologies.

    CCIE Security Practice Labs provides a series of complete practice labs that mirror the difficult hands-on lab exam. Written by a CCIE Security engineer and Cisco Systems CCIE proctor, this book lays out seven end-to-end scenarios that are both complex and realistic, providing you with the practice needed to prepare for your lab examination and develop critical-thinking skills that are essential for resolving complex, real-world security problems. While many engineers are able to configure single technologies in standalone environments, most will struggle when dealing with integrated technologies in heterogeneous environments.

    CCIE Security Practice Labs consists of seven full-blown labs. The book does not waste time covering conceptual knowledge found in other security manuals, but focuses exclusively on these complex scenarios. The structure of each chapter is the same, covering a broad range of security topics. Each chapter starts with an overview, equipment list, and general guidelines and instructions on setting up the lab topology, including cabling instructions, and concludes with verification, hints, and troubleshooting tips, which highlight show and debug commands. The companion CD-ROM contains solutions for all of the labs, including configurations and common show command output from all the devices in the topology.
    "Security is one of the fastest-growing areas in the industry. There is an ever-increasing demand for the experts with the knowledge and skills to do it."
    -Gert De Laet, Product Manager, CCIE Security, Cisco Systems

    CCIE Security Practice Labs is part of a recommended study program from Cisco Systems that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press.

    Companion CD-ROM
    The CD-ROM contains the solutions to the seven complete lab scenarios in the book including configurations and show command output.

    This volume is part of the Cisco Press Practical Studies Series, which offers readers a means to apply their theoretical knowledge through hands-on lab scenarios for key networking technologies. This unique approach enables readers to practice and hone their internetworking skills while preparing for Cisco certification exams.

    Table of Contents

    1. Copyright
    2. About the Author
    3. Acknowledgments
    4. Foreword
    5. Introduction
    6. Practice Lab 1
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 1 Exercises
      5. Section 1.0: Basic Configuration (10 points)
      6. Section 2.0: Routing Configuration (25 points)
      7. Section 3.0: ISDN Configuration (8 points)
      8. Section 4.0: PIX Configuration (5 points)
      9. Section 5.0: IPSec/GRE Configuration (10 points)
      10. Section 6.0: IOS Firewall + IOS IDS Configuration (10 points)
      11. Section 7.0: AAA (7 points)
      12. Section 8.0: Advanced Security (10 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (10 points)
      14. Section 10.0: Security Violations (5 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec/GRE Configuration
      21. Section 6.0: IOS Firewall Configuration
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    7. Practice Lab 2
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 2 Exercises
      5. Section 1.0: Basic Configuration (10 points)
      6. Section 2.0: Routing Configuration (25 points)
      7. Section 3.0: ISDN Configuration (7 points)
      8. Section 4.0: PIX Configuration (5 points)
      9. Section 5.0: IPSec/GRE Configuration (15 points)
      10. Section 6.0: IOS Firewall Configuration (8 points)
      11. Section 7.0: AAA (7 points)
      12. Section 8.0: Advanced Security (8 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (10 points)
      14. Section 10.0: Security Violations (6 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec/GRE Configuration
      21. Section 6.0: IOS Firewall Configuration
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    8. Practice Lab 3
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 3 Exercises
      5. Section 1.0: Basic Configuration (8 points)
      6. Section 2.0: Routing Configuration (27 points)
      7. Section 3.0: ISDN Configuration (7 points)
      8. Section 4.0: PIX Configuration (10 points)
      9. Section 5.0: IPSec Configuration (10 points)
      10. Section 6.0: IOS Firewall Configuration (8 points)
      11. Section 7.0: AAA (8 points)
      12. Section 8.0: Advanced Security (6 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (10 points)
      14. Section 10.0: Security Violations (6 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec Configuration
      21. Section 6.0: IOS Firewall Configuration
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    9. Practice Lab 4
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 4 Exercises
      5. Section 1.0: Basic Configuration (10 points)
      6. Section 2.0: Routing Configuration (26 points)
      7. Section 3.0: ISDN Configuration (5 points)
      8. Section 4.0: PIX Configuration (8 points)
      9. Section 5.0: IPSec/GRE Configuration (10 points)
      10. Section 6.0: IOS Firewall Configuration (8 points)
      11. Section 7.0: AAA (7 points)
      12. Section 8.0: Advanced Security (10 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (10 points)
      14. Section 10.0: Security Violations (6 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec/GRE Configuration
      21. Section 6.0: IOS Firewall Configuration
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    10. Practice Lab 5
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 5 Exercises
      5. Section 1.0: Basic Configuration (13 points)
      6. Section 2.0: Routing Configuration (25 points)
      7. Section 3.0: ISDN Configuration (7 points)
      8. Section 4.0: PIX Configuration (8 points)
      9. Section 5.0: IPSec Configuration (10 points)
      10. Section 6.0: Intrusion Detection System (IDS) (6 points)
      11. Section 7.0: AAA (6 points)
      12. Section 8.0: Advanced Security (7 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (12 points)
      14. Section 10.0: Security Violations (6 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec Configuration
      21. Section 6.0: Intrusion Detection System (IDS)
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    11. Practice Lab 6
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 6 Exercises
      5. Section 1.0: Basic Configuration (15 points)
      6. Section 2.0: Routing Configuration (25 points)
      7. Section 3.0: ISDN Configuration (7 points)
      8. Section 4.0: PIX Configuration (6 points)
      9. Section 5.0: IPSec/PPTP Configuration (10 points)
      10. Section 6.0: IOS Firewall Configuration (6 points)
      11. Section 7.0: AAA (4 points)
      12. Section 8.0: Advanced Security (7 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (12 points)
      14. Section 10.0: Security Violations (8 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec/PPTP Configuration
      21. Section 6.0: IOS Firewall Configuration
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    12. Practice Lab 7
      1. Equipment List
      2. General Guidelines
      3. Setting Up the Lab
      4. Practice Lab 7 Exercises
      5. Section 1.0: Basic Configuration (15 points)
      6. Section 2.0: Routing Configuration (20 points)
      7. Section 3.0: ISDN Configuration (6 points)
      8. Section 4.0: PIX Configuration (7 points)
      9. Section 5.0: IPSec/PPTP Configuration (10 points)
      10. Section 6.0: IOS Firewall Configuration (8 points)
      11. Section 7.0: AAA (8 points)
      12. Section 8.0: Advanced Security (8 points)
      13. Section 9.0: IP Services and Protocol-Independent Features (10 points)
      14. Section 10.0: Security Violations (8 points)
      15. Verification, Hints, and Troubleshooting Tips
      16. Section 1.0: Basic Configuration
      17. Section 2.0: Routing Configuration
      18. Section 3.0: ISDN Configuration
      19. Section 4.0: PIX Configuration
      20. Section 5.0: IPSec/PPTP Configuration
      21. Section 6.0: IOS Firewall Configuration
      22. Section 7.0: AAA
      23. Section 8.0: Advanced Security
      24. Section 9.0: IP Services and Protocol-Independent Features
      25. Section 10.0: Security Violations
    13. Index