You are previewing CCNA Security Exam Cram (Exam IINS 640-553).
O'Reilly logo
CCNA Security Exam Cram (Exam IINS 640-553)

Book Description

In this book you’ll learn how to:

  • Build a secure network using security controls

  • Secure network perimeters

  • Implement secure management and harden routers

  • Implement network security policies using Cisco IOS firewalls

  • Understand cryptographic services

  • Deploy IPsec virtual private networks (VPNs)

  • Secure networks with Cisco IOS® IPS

  • Protect switch infrastructures

  • Secure endpoint devices, storage area networks (SANs), and voice networks

  • WRITTEN BY A LEADING EXPERT:

    Eric Stewart is a self-employed network security contractor who finds his home in Ottawa, Canada. Eric has more than 20 years of experience in the information technology field, the last 12 years focusing primarily on Cisco® routers, switches, VPN concentrators, and security appliances. The majority of Eric’s consulting work has been in the implementation of major security infrastructure initiatives and architectural reviews with the Canadian Federal Government. Eric is a certified Cisco instructor teaching Cisco CCNA, CCNP®, and CCSP® curriculum to students throughout North America and the world.

    CD Features MeasureUp Practice Questions!

  • This book includes a CD-ROM that features:

  • Practice exams with complete coverage of CCNA® Security exam topics

  • Detailed explanations of correct and incorrect answers

  • Multiple exam modes

  • Flash Card format

  • An electronic copy of the book

  • informit.com/examcram

    ISBN-13: 978-0-7897-3800-4

    ISBN-10: 0-7897-3800-7

    Table of Contents

    1. Title Page
    2. Copyright Page
    3. Contents at a Glance
    4. Table of Contents
    5. Introduction
      1. Organization and Elements of This Book
      2. Contacting the Author
    6. Self Assessment
      1. Who Is a CCNA Security?
      2. The Ideal CCNA Security Candidate
      3. Put Yourself to the Test
      4. Exam Topics for 640-553 IINS (Implementing Cisco IOS Network Security)
      5. Strategy for Using This Exam Cram
    7. Part I: Network Security Architecture
      1. Chapter 1: Network Insecurity
        1. Exploring Network Security Basics and the Need for Network Security
        2. Exploring the Taxonomy of Network Attacks
        3. Best Practices to Thwart Network Attacks
        4. Exam Prep Questions
        5. Answers to Exam Prep Questions
      2. Chapter 2: Building a Secure Network Using Security Controls
        1. Defining Operations Security Needs
        2. Establishing a Comprehensive Network Security Policy
        3. Examining Cisco’s Model of the Self-Defending Network
        4. Exam Prep Questions
        5. Answers to Exam Prep Questions
    8. Part II: Perimeter Security
      1. Chapter 3: Security at the Network Perimeter
        1. Cisco IOS Security Features
        2. Securing Administrative Access to Cisco Routers
        3. Introducing Cisco SDM
        4. Configuring Local Database AAA on a Cisco Router
        5. Configuring External AAA on a Cisco Router Using Cisco Secure ACS
        6. Exam Prep Questions
        7. Answers to Exam Prep Questions
      2. Chapter 4: Implementing Secure Management and Hardening the Router
        1. Planning for Secure Management and Reporting
        2. Using Cisco SDM and CLI Tools to Lock Down the Router
        3. Exam Prep Questions
        4. Answers to Exam Prep Questions
    9. Part III: Augmenting Depth of Defense
      1. Chapter5: Using Cisco IOS Firewalls to Implement a Network Security Policy
        1. Examining and Defining Firewall Technologies
        2. Creating Static Packet Filters with ACLs
        3. Cisco Zone-Based Policy Firewall Fundamentals
        4. Exam Prep Questions
        5. Answers to Exam Prep Questions
      2. Chapter6: Introducing Cryptographic Services
        1. Cryptology Overview
        2. Exploring Symmetric Key Encryption
        3. Exploring Cryptographic Hashing Algorithms and Digital Signatures
        4. Exploring Asymmetric Key Encryption and Public Key Infrastructure
        5. Exam Prep Questions
        6. Answers to Exam Prep Questions
      3. Chapter7: Virtual Private Networks with IPsec
        1. Overview of VPN Technology
        2. Conceptualizing a Site-to-Site IPsec VPN
        3. Implementing IPsec on a Site-to-Site VPN Using the CLI
        4. Implementing IPsec on a Site-to-Site VPN Using Cisco SDM
        5. Exam Prep Questions
        6. Answers to Exam Prep Questions
      4. Chapter 8: Network Security Using Cisco IOS IPS
        1. Exploring IPS Technologies
        2. Implementing Cisco IOS IPS
        3. Exam Prep Questions
        4. Answers to Exam Prep Questions
    10. Part IV: Security Inside the Perimeter
      1. Chapter 9: Introduction to Endpoint, SAN, and Voice Security
        1. Introducing Endpoint Security
        2. Exploring SAN Security
        3. Exploring Voice Security
        4. Exam Prep Questions
        5. Answers to Exam Prep Questions
      2. Chapter 10: Protecting Switch Infrastructure
        1. VLAN Hopping Attacks
        2. STP Manipulation Attack
        3. CAM Table Overflow Attack
        4. MAC Address Spoofing Attack
        5. Configuring Port Security
        6. Miscellaneous Switch Security Features
        7. Switch Security Best Practices
        8. Exam Prep Questions
        9. Answers to Exam Prep Questions
    11. Part V: Practice Exams and Answers
      1. Practice Exam 1
      2. Answers to Practice Exam 1
      3. Practice Exam 2
      4. Answers to Practice Exam 2
    12. Part VI: Appendixes
      1. Appendix A: What’s on the CD-ROM
        1. Multiple Test Modes
        2. Attention to Exam Objectives
        3. Installing the CD
        4. Creating a Shortcut to the MeasureUp Practice Tests
        5. Technical Support
      2. Appendix B: Need to Know More?
        1. Network Security Policies
        2. Network Security Practices
        3. Cryptography
    13. Index
    14. EXAM CRAM CCNA Security Cram Sheet