You are previewing CCSP Self-Study: CCSP SNRS Exam Certification Guide.
O'Reilly logo
CCSP Self-Study: CCSP SNRS Exam Certification Guide

Book Description

Official self-study test preparation guide for the Cisco SNRS exam 642-502

  • Attack threats

  • Router management and administration

  • Authentication, Authorization, and Accounting (AAA) and Cisco Secure Access Control Server

  • RADIUS and TACACS+

  • Cisco IOS® Firewall feature set

  • Securing networks with Cisco routers

  • Mitigating Layer 2 attacks

  • IPsec and Easy Virtual Private Network (VPN)

  • Security Device Manager (SDM)

  • CCSP SNRS Exam Certification Guide is a best-of-breed Cisco® exam study guide that focuses specifically on the objectives for the SNRS exam. Network security engineers Greg Bastien, Sara Nasseh, and Christian Degu share preparation hints and test-taking tips, helping you identify areas of weakness and improve your knowledge of router and switch security. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

    CCSP SNRS Exam Certification Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Foundation summary information gives you a quick refresher whenever you need it. Challenging chapter-ending review questions help you assess your knowledge and reinforce key concepts.

    The companion CD-ROM contains a powerful test engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback module-by-module basis, presenting question-by-question remediation to the text.

    Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this book helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

    CCSP SNRS Exam Certification Guide is part of a recommended learning path from Cisco Systems® that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press®. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

      

    Companion CD-ROM

    The CD-ROM contains an electronic copy of the book and over 200 practice questions for the SNRS exam, all available in study mode, test mode, and flash card format.

    Includes a FREE 45-Day Online Edition

    This volume is part of the Exam Certification Guide Series from Cisco Press. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears.

    Table of Contents

    1. Copyright
      1. Dedications
    2. About the Authors
    3. About the Technical Reviewers
    4. Acknowledgments
    5. Command Syntax Conventions
    6. Foreword
    7. Introduction
      1. Who Should Read This Book
        1. How to Use This Book
      2. Certification Exam and This Preparation Guide
        1. Overview of the Cisco Certification Process
        2. Taking the SNRS Certification Exam
        3. Tracking CCSP Status
        4. How to Prepare for an Exam
        5. Assessing Exam Readiness
        6. Cisco Security Specialist in the Real World
        7. Cisco IOS Software Commands
        8. Rules of the Road
        9. Exam Registration
        10. Book Content Updates
    8. I. Overview of Network Security
      1. 1. Network Security Essentials
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Defining Network Security
          2. Balancing Business Needs with Network Security Requirements
          3. Network Security Policies
            1. Security Policy Goals
            2. Security Guidelines
              1. Management Must Support the Policy
              2. The Policy Must Be Consistent
              3. The Policy Must Be Technically Feasible
              4. The Policy Should Not Be Written as a Technical Document
              5. The Policy Must Be Implemented Globally Throughout the Organization
              6. The Policy Must Clearly Define Roles and Responsibilities
              7. The Policy Must Be Flexible Enough to Respond to Changing Technologies and Organizational Goals
              8. The Policy Must Be Understandable
              9. The Policy Must Be Widely Distributed
              10. The Policy Must Specify Sanctions for Violations
              11. The Policy Must Include an Incident-Response Plan for Security Breaches
              12. Security Is an Ongoing Process
          4. Network Security as a Process
          5. Network Security as a Legal Issue
        3. Foundation Summary
          1. Network Security Policies
            1. Security Policy Goals
            2. Security Guidelines
          2. Network Security as a Process
        4. Q&A
      2. 2. Defining and Detailing Attack Threats
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Vulnerabilities
            1. Self-Imposed Network Vulnerabilities
              1. Lack of Effective Network Security Policy
              2. Network Configuration Weakness
              3. Technology Weakness
          2. Threats
          3. Intruder Motivations
            1. Lack of Understanding of Computers or Networks
            2. Intruding for Curiosity
            3. Intruding for Fun and Pride
            4. Intruding for Revenge
            5. Intruding for Profit
            6. Intruding for Political Purposes
          4. Types of Network Attacks
            1. Reconnaissance Attacks
            2. Access Attacks
            3. DoS Attacks
        3. Foundation Summary
          1. Vulnerabilities
            1. Self-Imposed Network Vulnerabilities
          2. Threats
          3. Intruder Motivations
          4. Types of Network Attacks
        4. Q&A
      3. 3. Defense in Depth
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Overview of Defense in Depth
            1. Components Used for a Defense-in-Depth Strategy
            2. Physical Security
        3. Foundation Summary
        4. Q&A
    9. II. Managing Cisco Routers
      1. 4. Basic Router Management
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Router Configuration Modes
          2. Accessing the Cisco Router CLI
            1. Configuring CLI Access
          3. Cisco IOS Firewall Features
        3. Foundation Summary
          1. Router Configuration Modes
          2. Accessing the Cisco Router CLI
          3. Cisco IOS Firewall Features
        4. Q&A
      2. 5. Secure Router Administration
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Privilege Levels
          2. Securing Console Access
          3. Configuring the enable Password
            1. enable secret Command
          4. service password-encryption Command
          5. Configuring Multiple Privilege Levels
          6. Warning Banners
          7. Interactive Access
          8. Securing vty Access
          9. SSH Protocol
            1. Setting Up SSH on a Cisco IOS Router or Switch
              1. Configuring a Router for SSHv2 Using a Host Name and Domain Name
              2. Configuring a Router for SSHv2 Using RSA Key Pairs
            2. Secure Copy
          10. Port Security for Ethernet Switches
            1. Configuring Port Security
          11. AutoSecure
        3. Foundation Summary
        4. Q&A
    10. III. AAA
      1. 6. Authentication
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Authentication
            1. Configuring Line Password Authentication
            2. Configuring Username Authentication
            3. Remote Security Servers
              1. TACACS Overview
              2. RADIUS Overview
              3. Kerberos Overview
          2. PAP, CHAP, and EAP Authentication
            1. PAP
            2. CHAP
              1. MS-CHAP
              2. MS-CHAP Version 2
            3. EAP
        3. Foundation Summary
        4. Q&A
      2. 7. Authentication, Authorization, and Accounting
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. AAA Overview
            1. Authentication
            2. Authorization
            3. Accounting
          2. Configuring AAA Services
            1. Configuring AAA Authentication
              1. Configuring Login Authentication Using AAA
              2. Enabling Password Protection at the Privileged Level
              3. Configuring PPP Authentication Using AAA
              4. Limiting the Number of Login Attempts
            2. Configuring AAA Authorization
            3. Configuring AAA Accounting
          3. Troubleshooting AAA
        3. Foundation Summary
        4. Q&A
      3. 8. Configuring RADIUS and TACACS+ on Cisco IOS Software
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Configuring TACACS+ on Cisco IOS Software
            1. TACACS+ Authentication Example
            2. TACACS+ Authorization Example
            3. TACACS+ Accounting Example
            4. AAA TACACS+ Testing and Troubleshooting
              1. debug aaa authentication
              2. debug tacacs
              3. debug tacacs events
          2. Configuring RADIUS on Cisco IOS Software
            1. RADIUS Authentication Example
            2. RADIUS Authorization Example
            3. RADIUS Accounting Example
            4. RADIUS Configuration Testing and Troubleshooting
        3. Foundation Summary
        4. Q&A
      4. 9. Cisco Secure Access Control Server
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Cisco Secure ACS for Windows
            1. Authentication
            2. Authorization
            3. Accounting
          2. Administration
          3. Replicating, Synchronizing, and Backing Up Databases
            1. Database Replication
            2. RDBMS Synchronization
            3. Database Backup
          4. Cisco Secure ACS for Windows Architecture
            1. CSAdmin
            2. CSAuth
            3. CSDBSync
            4. CSLog
            5. CSMon
            6. CSTacacs and CSRadius
          5. Authenticating Users
            1. Local Database
            2. Windows NT/2000 AD
            3. Generic LDAP User Database
            4. Token Server
          6. Enabling User Changeable Passwords
        3. Foundation Summary
        4. Q&A
      5. 10. Administration of Cisco Secure Access Control Server for Windows
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Basic Deployment Factors for Cisco Secure ACS
            1. Hardware Requirements
            2. Operating System Requirements
            3. Browser Compatibility
            4. Performance Considerations
            5. AAA Clients
          2. Installing Cisco Secure ACS for Microsoft Windows
            1. Cisco Secure ACS Deployment Sequence
          3. Troubleshooting Cisco Secure ACS for Windows
            1. Authentication Problems
            2. Troubleshooting Authorization Problems
            3. Administration Issues
        3. Foundation Summary
        4. Q&A
    11. IV. IOS Firewall Feature Set
      1. 11. Securing Networks with Cisco Routers
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Defining ACLs
            1. Determining When to Configure Access Lists
            2. Types of IP ACLs
              1. Standard IP ACLs
              2. Extended IP ACLs
              3. Reflexive ACLs
              4. Time-Based ACLs
              5. Certificate-Based ACLs
            3. Configuring ACLs on a Router
          2. Simple Network Management Protocol
            1. Controlling Interactive Access Through a Browser
          3. Disabling Directed Broadcasts
            1. Routing Protocol Authentication
            2. Defining Small Server Services
            3. Disabling Finger Services
            4. Disabling Network Time Protocol
            5. Disabling Cisco Discovery Protocol
        3. Foundation Summary
        4. Q&A
      2. 12. The Cisco IOS Firewall and Advanced Security Feature Set
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Cisco IOS Firewall and Advanced Security Feature Set
            1. Authentication Proxy
            2. DoS Protection
            3. Logging and Audit Trail
            4. Port-to-Application Mapping
              1. System-Defined Port Mapping
              2. User-Defined Port Mapping
              3. Host-Specific Port Mapping
            5. URL Filtering
        3. Foundation Summary
        4. Q&A
      3. 13. Cisco IOS Intrusion Prevention System
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Cisco IOS IPS
            1. Cisco IOS IPS Features
            2. Cisco IOS IPS Functions
            3. Cisco IOS IPS Restrictions
              1. Memory Considerations
              2. Unsupported Signatures
              3. Unsupported CLI Features
            4. Cisco IOS IPS Application
          2. Cisco IOS IPS Configuration Tasks
          3. Initializing the Cisco IOS IPS
            1. Configuring the Notification Type
            2. Configuring the Router Maximum Queue for Alarms
            3. Defining the Protected Network
          4. Working with Cisco IOS IPS Signatures and Rules
            1. Loading IPS-Based Signatures
            2. Creating and Applying IPS Rules
          5. Verifying the Cisco IOS IPS Configuration
          6. Cisco IOS IPS Deployment Strategies
        3. Foundation Summary
        4. Q&A
      4. 14. Mitigating Layer 2 Attacks
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Types of Attacks
            1. CAM Table Overflow Attacks
              1. Mitigating CAM Table Overflow Attacks
            2. VLAN Hopping Attacks
              1. Mitigating VLAN Hopping Attacks
            3. STP Manipulation Attacks
              1. Preventing STP Manipulation Attacks
            4. MAC Address Spoofing—Man-in-the-Middle Attacks
              1. Mitigating MAC Address Spoofing Attacks
                1. Using DHCP Snooping
                2. Using DAI
            5. Private VLAN Vulnerabilities
              1. Defending Private VLANs
            6. DHCP Starvation Attacks
              1. Mitigating DHCP Starvation Attacks
            7. IEEE 802.1x EAP Attacks
              1. Mitigating IEEE 802.1x EAP Attacks
          2. Factors Affecting Layer 2 Mitigation Techniques
        3. Foundation Summary
        4. Q&A
      5. 15. Context-Based Access Control
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Context-Based Access Control Features
            1. Detecting and Protecting Against DoS Attacks
            2. Generating Alerts and Audit Trails
            3. How CBAC Works
              1. UDP Sessions
              2. ACL Entries
              3. Handling Half-Open Sessions
            4. CBAC Restrictions
            5. Supported Protocols
              1. RTSP
            6. H.323
            7. CPU and Performance Impact
              1. Throughput Performance
              2. Session Connection Improvements
              3. CPU Utilization Improvements
              4. Improvement Benefits
          2. Configuring CBAC
            1. Selecting an Interface
            2. Configuring IP ACLs at the Interface
            3. Configuring Global Timeouts and Thresholds
            4. Port to Application Mapping
              1. PAM Configuration Task List
            5. Defining an Inspection Rule
              1. Configuring Generic TCP and UDP Inspection
              2. Configuring Java Inspection
            6. Applying the Inspection Rule to an Interface
          3. Verifying and Debugging CBAC
            1. Debugging CBAC
              1. Generic debug Commands
              2. Transport-Level debug Commands
            2. Configuring CBAC Example
        3. Foundation Summary
        4. Q&A
      6. 16. Authentication Proxy and the Cisco IOS Firewall
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Understanding Authentication Proxy
            1. How Authentication Proxy Works
            2. What Authentication Proxy Looks Like
          2. Authentication Proxy and the Cisco IOS Firewall
          3. Configuring Authentication Proxy on the Cisco IOS Firewall
            1. Authentication Proxy Configuration Steps
              1. Step 1: Configure AAA
              2. Step 2: Configure the HTTP Server
              3. Step 3: Configure the Authentication Proxy
              4. Step 4: Verify the Authentication Proxy Configuration
            2. Authentication Proxy Configuration Examples
          4. Using Authentication Proxy with TACACS+
            1. Step 1: Complete the Network Configuration
            2. Step 2: Complete the Interface Configuration
            3. Step 3: Complete the Group Setup
          5. Using Authentication Proxy with RADIUS
          6. Limitations of Authentication Proxy
        3. Foundation Summary
        4. Q&A
      7. 17. Identity-Based Networking Services
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. IBNS Overview
          2. IEEE 802.1x
            1. 802.1x Components
          3. How 802.1x Works
            1. Port State
          4. Selecting EAP
            1. EAP-MD5
            2. Cisco Lightweight EAP
            3. EAP Transport Layer Security
            4. Protected EAP
            5. EAP Flexible Authentication via Secure Tunneling
            6. EAP Methods Comparison
          5. Cisco Secure ACS
        3. Foundation Summary
        4. Q&A
      8. 18. Configuring 802.1x Port-Based Authentication
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. 802.1x Port-Based Authentication Configuration Tasks
          2. 802.1x Mandatory Configuration
            1. Enabling 802.1x Authentication
            2. Configuring the Switch-to-RADIUS Server Communication
          3. 802.1x Optional Configurations
            1. Enabling Periodic Re-Authentication
            2. Manually Re-Authenticating a Client Connected to a Port
            3. Changing the Quiet Period
            4. Changing the Switch-to-Client Retransmission Time
            5. Setting the Switch-to-Client Frame-Retransmission Number
            6. Enabling Multiple Hosts
            7. Configuring a Guest VLAN
            8. Resetting the 802.1X Configuration to the Default Values
          4. Displaying 802.1x Statistics and Status
        3. Foundation Summary
        4. Q&A
    12. V. VPN
      1. 19. Building a VPN Using IPsec
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Configuring a Cisco Router for IPsec Using Preshared Keys
            1. How IPsec Works
            2. Step 1: Select the IKE and IPsec Parameters
              1. Define the IKE (Phase 1) Policy
              2. Define the IPsec Policies
              3. Verify the Current Router Configuration
              4. Verify Connectivity
              5. Ensure Compatible Access Lists
            3. Step 2: Configure IKE
              1. Enable IKE
              2. Create the IKE Policy
              3. Configure Preshared Key
              4. Verify the IKE Configuration
            4. Step 3: Configure IPsec
              1. Create the IPsec Transform Set
              2. Configure IPsec SA Lifetimes
              3. Create the Crypto ACLs
              4. Create the Crypto Map
              5. Apply the Crypto Map to the Correct Interface
            5. Step 4: Test and Verify the IPsec Configuration
          2. Configuring Manual IPsec
          3. Configuring IPsec Using RSA-Encrypted Nonces
            1. Configure the RSA Keys
              1. Plan the Implementation Using RSA Keys
              2. Configure the Router Host Name and Domain Name
              3. Generate the RSA Keys
              4. Verifying the RSA Keys
              5. Enter Your Peer RSA Public Keys
              6. Verify the Key Configuration
              7. Manage the RSA Keys
        3. Foundation Summary
          1. Configure a Cisco Router for IPsec Using Preshared Keys
          2. Verifying the IKE and IPsec Configuration
          3. Explain the Issues Regarding Configuring IPsec Manually and Using RSA-Encrypted Nonces
        4. Q&A
      2. 20. Scaling a VPN Using IPsec with a Certificate Authority
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Advanced IPsec VPNs Using Cisco Routers and CAs
            1. Digital Signatures, Certificates, and Certificate Authorities
            2. Overview of Cisco Router CA Support
            3. SCEP
            4. Configuring the Cisco Router for IPsec VPNs Using CA Support
              1. Step 1: Select the IKE and IPsec Parameters
              2. Step 2: Configure the Router CA Support
              3. Step 3: Configure IKE Using RSA Signatures
              4. Step 4: Configure IPsec
              5. Step 5: Test and Verify the Configuration
        3. Foundation Summary
          1. Advanced IPsec VPNs Using Cisco Routers and CAs
        4. Q&A
      3. 21. Troubleshooting the VPN Configuration on a Cisco Router
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. show Commands
            1. show crypto ca certificates Command
            2. show crypto isakmp policy Command
            3. show crypto ipsec sa Command
            4. show crypto ipsec security-association lifetime Command
            5. show crypto ipsec transform-set Command
            6. show crypto isakmp key Command
            7. show crypto map Command (IPsec)
            8. show crypto key pubkey-chain rsa Command
            9. show crypto key mypubkey rsa Command
          2. debug Commands
            1. debug crypto isakmp Command
            2. debug crypto key-exchange Command
            3. debug crypto engine Command
            4. debug crypto ipsec Command
            5. debug crypto pki messages Command
            6. debug crypto pki transactions Command
          3. clear Commands
            1. clear crypto sa Command
            2. clear crypto isakmp Command
            3. clear crypto sa counters Command
        3. Foundation Summary
        4. Q&A
      4. 22. Configuring Remote Access Using Easy VPN
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Describe the Easy VPN Server
          2. Describe the Easy VPN Remote
          3. Easy VPN Server Functionality
            1. How Cisco Easy VPN Works?
            2. Configuring the Easy VPN Server
              1. Create IP Address Pool
              2. Prepare the Router for Easy VPN Server
              3. Configure the Group Policy Lookup
              4. Create the ISAKMP Policy for the Remote VPN Clients
              5. Define a Group Policy for a Mode Configuration Push
              6. Create the Transform Set
              7. Create the Dynamic Crypto Maps with RRI
              8. Apply the Mode Configuration to the Dynamic Crypto Map
              9. Apply the Dynamic Crypto Map to the Interface
              10. Enable IKE DPD
              11. Configure Xauth
            3. Easy VPN Modes of Operation
        3. Foundation Summary
          1. Describe the Easy VPN Server
            1. Easy VPN Server Functionality
            2. Configuring the Easy VPN Server
            3. Easy VPN Modes of Operation
        4. Q&A
    13. VI. Enterprise Network Management
      1. 23. Security Device Manager
        1. “Do I Know This Already?” Quiz
        2. Foundation Topics
          1. Security Device Manager Overview
            1. Hardware Requirements
            2. Operating System Requirements
            3. Browser Compatibility
          2. Installing SDM Software
          3. SDM User Interface
          4. SDM Wizards
            1. SDM LAN Wizard
            2. Using SDM to Configure a Firewall
              1. Selecting the Type of Firewall Configuration
              2. Configuring the Firewall Interfaces
              3. Applying the Firewall Configuration to the Router
              4. Advanced Firewall Configuration Options
            3. Using SDM to Configure a VPN
              1. Site-to-Site VPN
              2. Easy VPN Remote
              3. Easy VPN Server
              4. Dynamic Multipoint VPN
            4. Using SDM to Perform Security Audits
              1. Security Audit Wizard
              2. One-Step Lockdown
            5. Using the Factory Reset Wizard
          5. Using SDM Advanced Options
          6. Using SDM Monitor Mode
        3. Foundation Summary
        4. Q&A
    14. VII. Scenarios
      1. 24. Final Scenarios
        1. Task 1—Configure Cisco Secure ACS for AAA on Miami Network Devices
        2. Task 2—Configure and Secure Miami Router
        3. Task 3—Configure 802.1x on Miami User Switches
        4. Task 4—Configure Miami User Switches and Router to Mitigate Layer 2 Attacks
        5. Task 5—Configure PEAP with Cisco Secure ACS
        6. Task 6—Prepare the Network for IPsec Using Preshared Keys
          1. Establish a Common Convention for Connectivity Between Locations
          2. Configure Initial Setup of the Router and Verify Connectivity
          3. Prepare for IKE and IPsec
          4. Define the Preshared Key
        7. Task 7—Configure IKE Using Preshared Keys
          1. Enable IKE
          2. Create the IKE Policy
          3. Configure the Preshared Key
          4. Verify the IKE Configuration
        8. Task 8—Configure IPsec Using Preshared Keys
          1. Configure Transform Sets and SA Parameters
          2. Configure IPsec SA Lifetimes
          3. Configure Crypto ACLs
          4. Configure Crypto Maps
          5. Apply the Crypto Map to the Interface
        9. Task 9—Configure IKE and IPsec on a Cisco Router
          1. Enable IKE
          2. Create an IKE Policy Using RSA Signatures
          3. Configure Transform Sets and SA Parameters
          4. Configure IPsec SA Lifetimes
          5. Configure Crypto ACLs
          6. Configure Crypto Maps
          7. Apply the Crypto Map to the Interface
        10. Task 10—Prepare the Network for IPsec Using Digital Certificates
          1. Configure Initial Setup of the Router and Verify Connectivity
          2. Prepare for IKE and IPsec
          3. Configure CA Support
        11. Task 11—Test and Verify IPsec CA Configuration
          1. Display IKE Policies
          2. Display Transform Sets
          3. Display Configured crypto maps
          4. Display the Current State of IPsec SAs
          5. Clear Any Existing SAs
          6. Enable Debug Output for IPsec Events
          7. Enable Debug Output for ISAKMP Events
          8. Observe the IKE and IPsec Debug Outputs
          9. Verify IKE and IPsec SAs
        12. Task 12—Configure Authentication Proxy on the Miami Router
          1. Configure AAA
          2. Configure the HTTP Server
          3. Configure Authentication Proxy
          4. Test and Verify the Authentication Proxy Configuration
        13. Task 13—Configure CBAC on the Miami Router
        14. Task 14—Configure Miami Router with IPS Using SDM
        15. Task 15—Verify and Monitor Miami Router with IPS Using SDM
        16. Task 16—Configure Easy VPN Server Using SDM
        17. Task 17—Configure Easy VPN Remote Using SDM
    15. VIII. Appendix
      1. A. Answers to the “Do I Know This Already?” Quizzes and Q&A Sections
        1. Chapter 1
          1. “Do I Know This Already?”
          2. Q&A
        2. Chapter 2
          1. “Do I Know This Already?”
          2. Q&A
        3. Chapter 3
          1. “Do I Know This Already?”
          2. Q&A
        4. Chapter 4
          1. “Do I Know This Already?”
          2. Q&A
        5. Chapter 5
          1. “Do I Know This Already?”
          2. Q&A
        6. Chapter 6
          1. “Do I Know This Already?”
          2. Q&A
        7. Chapter 7
          1. “Do I Know This Already?”
          2. Q&A
        8. Chapter 8
          1. “Do I Know This Already?”
          2. Q&A
        9. Chapter 9
          1. “Do I Know This Already?”
          2. Q&A
        10. Chapter 10
          1. “Do I Know This Already?”
          2. Q&A
        11. Chapter 11
          1. “Do I Know This Already?”
          2. Q&A
        12. Chapter 12
          1. “Do I Know This Already?”
          2. Q&A
        13. Chapter 13
          1. “Do I Know This Already?”
          2. Q&A
        14. Chapter 14
          1. “Do I Know This Already?”
          2. Q&A
        15. Chapter 15
          1. “Do I Know This Already?”
          2. Q&A
        16. Chapter 16
          1. “Do I Know This Already?”
          2. Q&A
        17. Chapter 17
          1. “Do I Know This Already?”
          2. Q&A
        18. Chapter 18
          1. “Do I Know This Already?”
          2. Q&A
        19. Chapter 19
          1. “Do I Know This Already?”
          2. Q&A
        20. Chapter 20
          1. “Do I Know This Already?”
          2. Q&A
        21. Chapter 21
          1. “Do I Know This Already?”
          2. Q&A
        22. Chapter 22
          1. “Do I Know This Already?”
          2. Q&A
        23. Chapter 23
          1. “Do I Know This Already?”
          2. Q&A