Book description
CCNA Security
Official Exam Certification Guide
Master the IINS 640-553 exam with this official study guide
Assess your knowledge with chapter-opening quizzes
Review key concepts with Exam Preparation Tasks
Practice with realistic exam questions on the CD-ROM
CCNA Security Official Exam Certification Guide is a best of breed Cisco® exam study guide that focuses specifically on the objectives for the CCNA® Security IINS exam. Senior security instructors Michael Watkins and Kevin Wallace share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
CCNA Security Official Exam Certification Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks sections help drill you on key concepts you must know thoroughly.
The companion CD-ROM contains a powerful testing engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a topic-by-topic basis, presenting question-by-question remediation to the text and laying out a complete study plan for review.
Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.
CCNA Security Official Exam Certification Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.
Michael Watkins, CCNA/CCNP®/CCVP®/CCSP®, is a full-time senior technical instructor with SkillSoft Corporation. With 13 years of network management, training, and consulting experience, Michael has worked with organizations such as Kraft Foods, Johnson and Johnson, Raytheon, and the United States Air Force to help them implement and learn the latest network technologies.
Kevin Wallace, CCIE® No. 7945, is a certified Cisco instructor working full time for SkillSoft, where he teaches courses in the Cisco CCSP, CCVP, and CCNP tracks. With 19 years of Cisco networking experience, Kevin has been a network design specialist for the Walt Disney World Resort and a network manager for Eastern Kentucky University. Kevin also is a CCVP, CCSP, CCNP, and CCDP with multiple Cisco security and IP communications specializations.
The official study guide helps you master all the topics on the IINS exam, including
Network security threats
Security policies
Network perimeter defense
AAA configuration
Router security
Switch security
Endpoint security
SAN security
VoIP security
IOS firewalls
Cisco IOS® IPS
Cryptography
Digital signatures
PKI and asymmetric encryption
IPsec VPNs
This volume is part of the Exam Certification Guide Series from Cisco Press®. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears.
Category: Cisco Press—Cisco Certification
Covers: IINS exam 640-553
Table of contents
- Copyright
- About the Authors
- About the Technical Reviewers
- Acknowledgments
- Icons Used in This Book
- Command Syntax Conventions
- Foreword
- Introduction
-
I. Network Security Concepts
-
1. Understanding Network Security Principles
- “Do I Know This Already?” Quiz
- Foundation Topics
- Understanding the Methods of Network Attacks
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
2. Developing a Secure Network
- “Do I Know This Already?” Quiz
- Foundation Topics
- Constructing a Comprehensive Network Security Policy
- Creating a Cisco Self-Defending Network
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
3. Defending the Perimeter
- “Do I Know This Already?” Quiz
-
Foundation Topics
-
ISR Overview and Providing Secure Administrative Access
- IOS Security Features
- Cisco Integrated Services Routers
- Password-Protecting a Router
- Limiting the Number of Failed Login Attempts
- Setting a Login Inactivity Timer
- Configuring Privilege Levels
- Creating Command-Line Interface Views
- Protecting Router Files
- Enabling Cisco IOS Login Enhancements for Virtual Connections
- Creating a Banner Message
-
ISR Overview and Providing Secure Administrative Access
- Cisco Security Device Manager Overview
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- Command Reference to Check Your Memory
-
4. Configuring AAA
- “Do I Know This Already?” Quiz
- Foundation Topics
- Configuring AAA Using Cisco Secure ACS
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- Command Reference to Check Your Memory
-
5. Securing the Router
- “Do I Know This Already?” Quiz
- Foundation Topics
- Using Secure Management and Reporting
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- Command Reference to Check Your Memory
-
1. Understanding Network Security Principles
-
II. Constructing a Secure Infrastructure
-
6. Securing Layer 2 Devices
- “Do I Know This Already?” Quiz
-
Foundation Topics
-
Defending Against Layer 2 Attacks
- Review of Layer 2 Switch Operation
- Basic Approaches to Protecting Layer 2 Switches
- Preventing VLAN Hopping
- Protecting Against an STP Attack
- Combating DHCP Server Spoofing
- Using Dynamic ARP Inspection
- Mitigating CAM Table Overflow Attacks
- Spoofing MAC Addresses
- Additional Cisco Catalyst Switch Security Features
- Port Security Configuration
- Configuration Recommendations
-
Defending Against Layer 2 Attacks
- Cisco Identity-Based Networking Services
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- Command Reference to Check Your Memory
-
7. Implementing Endpoint Security
- “Do I Know This Already?” Quiz
- Foundation Topics
- Securing Endpoints with Cisco Technologies
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
8. Providing SAN Security
- “Do I Know This Already?” Quiz
- Foundation Topics
-
Implementing SAN Security Techniques
- Using LUN Masking to Defend Against Attacks
- Examining SAN Zoning Strategies
- Understanding World Wide Names
- Defining Virtual SANs
- Identifying Port Authentication Protocols
- Working with Fibre Channel Authentication Protocol
- Understanding Fibre Channel Password Authentication Protocol
- Assuring Data Confidentiality in SANs
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- 9. Exploring Secure Voice Solutions
-
10. Using Cisco IOS Firewalls to Defend the Network
- “Do I Know This Already?” Quiz
-
Foundation Topics
-
Exploring Firewall Technology
- The Role of Firewalls in Defending Networks
- The Advance of Firewall Technology
- Transparent Firewalls
- Application Layer Firewalls
- Static Packet-Filtering Firewalls
- Stateful Packet-Filtering Firewalls
- Application Inspection Firewalls
- Overview of the Cisco ASA Adaptive Security Appliance
- The Role of Firewalls in a Layered Defense Strategy
- Creating an Effective Firewall Policy
-
Exploring Firewall Technology
- Using ACLs to Construct Static Packet Filters
- Implementing a Cisco IOS Zone-Based Firewall
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- Command Reference to Check Your Memory
-
11. Using Cisco IOS IPS to Secure the Network
- “Do I Know This Already?” Quiz
- Foundation Topics
- Using SDM to Configure Cisco IOS IPS
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
6. Securing Layer 2 Devices
-
III. Extending Security and Availability with Cryptography and VPNs
-
12. Designing a Cryptographic Solution
- “Do I Know This Already?” Quiz
- Foundation Topics
- Exploring Symmetric Encryption
- Understanding Security Algorithms
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
13. Implementing Digital Signatures
- “Do I Know This Already?” Quiz
- Foundation Topics
- Using Digital Signatures
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
14. Exploring PKI and Asymmetric Encryption
- “Do I Know This Already?” Quiz
- Foundation Topics
- Working with a PKI
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
-
15. Building a Site-to-Site IPsec VPN Solution
- “Do I Know This Already?” Quiz
- Foundation Topics
- Constructing an IPsec Site-to-Site VPN
- Using Cisco SDM to Configure IPsec on a Site-to-Site VPN
- Exam Preparation Tasks
- Complete the Tables and Lists from Memory
- Definition of Key Terms
- Command Reference to Check Your Memory
-
12. Designing a Cryptographic Solution
- IV. Final Preparation
- V. Appendixes
Product information
- Title: CCNA Security Official Exam Certification Guide (Exam 640-553)
- Author(s):
- Release date: June 2008
- Publisher(s): Cisco Press
- ISBN: 9781587057953
You might also like
book
CCNA Security 640-554 Official Cert Guide
Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, …
book
Interconnecting Cisco Network Devices, Part 1 (ICND1) Foundation Learning Guide, Fourth Edition
This Cisco-authorized, self-paced foundation learning tool for both the CCENT 100-101 and CCNA® 200-120 exams offers …
book
CCNA Security (210-260) Portable Command Guide, Second Edition
Preparing for the latest CCNA Security exam? Here are all the CCNA Security (210-260) commands you …
book
31 Days Before Your CCNA Security Exam: A Day-By-Day Review Guide for the IINS 210-260 Certification Exam
31 Days Before Your CCNA Security Exam 31 Days Before Your CCNA Security Exam offers you …