You are previewing CCSP SNRS Quick Reference Sheets.
O'Reilly logo
CCSP SNRS Quick Reference Sheets

Book Description

As a final exam preparation tool, the CCSP SNRS Quick Reference provides a concise review of all objectives on the new CCSP SNRS exam (642-503). This digital Short Cut provides you with detailed, graphical-based information, highlighting only the key topics in cram-style format.

With this document as your guide, you will review topics on securing networks using routers and switches. These fact-filled Quick Reference Sheets allow you to get all-important information at a glance, helping you focus your study on areas of weakness and to enhance memory retention of essential exam concepts.

Table of Contents

  1. Copyright
  2. About the Author
  3. About the Technical Reviewer
  4. 1. Layer 2 Security
    1. Examining Layer 2 Attacks
      1. Types of Layer 2 Attacks
      2. CAM Table Overflow Attack
        1. Port Security
        2. Default Port Security Configuration
        3. Port Security Configuration Guidelines
        4. Enabling and Configuring Port Security
        5. Verifying Port Security
      3. VLAN-Hopping Attacks
      4. STP Vulnerabilities
      5. MAC Spoofing: Man-in-the-Middle Attacks
      6. PVLAN Vulnerabilities
    2. Configuring DHCP Snooping
      1. DHCP Starvation and Spoofing Attacks
        1. Understanding DHCP Snooping and Mitigating DHCP Attacks
        2. Enabling and Configuring DHCP Snooping
        3. Verifying DHCP Snooping
  5. 2. Trust and Identity
    1. Implementing Identity Management
      1. Cisco Secure ACS for Windows Overview
      2. Authentication, Authorization, and Accounting
      3. TACACS+ and RADIUS
      4. Configuring TACACS+ and RADIUS
      5. Working in Cisco Secure ACS
        1. User Setup
        2. Group Setup
        3. Shared Profile Components
        4. Network Configuration
      6. Network Access Profiles
      7. Profile-Based Policies
    2. Implementing Cisco IBNS
      1. Cisco IBNS, 802.1x, and Port-Based Authentication
      2. 802.1x
      3. 802.1x and VLAN Assignment
      4. 802.1x and Guest VLANs
      5. 802.1x and Restricted VLANs
      6. Configuring 802.1x for a Wireless AP
  6. 3. Cisco Network Foundation Protection
    1. Introducing Cisco Network Foundation Protection
    2. Securing the Control Plane
    3. Management Plane Protection
    4. Securing the Data Plane
  7. 4. Secured Connectivity
    1. IPsec Overview
    2. Cisco IOS VPNs
    3. Implementing IPsec VPNs Using Pre-Shared Keys
      1. Step 1. Preparing for IPsec on the Network
      2. Step 2. Planning the IKE Policy
      3. Step 3. Planning the IPsec Policy
      4. Step 4. Configuring ISAKMP
      5. Step 5. Configuring Pre-Shared Keys
      6. Step 6. Configuring IPsec Policies
      7. Step 7. Defining the Crypto ACLs
      8. Step 8. Creating the Crypto Map
      9. Step 9. Applying Crypto Maps to Interfaces
    4. Implementing IPsec VPNs Using PKI
      1. The Enrollment Process and Simple Certificate Enrollment Protocol
      2. Configuring IPsec VPN Using Digital Certificates
    5. Configuring GRE Tunnels (and Why That’s Important)
      1. Configuring GRE Tunnels and Encryption
    6. Configuring a DMVPN
      1. How NHRP Is Used
      2. How mGRE Is Used
      3. Configuring the IKE Policy and IPsec Transform Set
      4. Configuring the IPsec Profile
      5. Configuring the Tunnel Interface on the Hub in a Spoke-to-Spoke DMVPN
      6. Configuring the Routing Protocols
      7. Configuring the Spoke in a Spoke-to-Spoke DMVPN
      8. Verifying DMVPN
    7. Configuring Cisco IOS SSL VPN (WebVPN)
      1. Overview of Cisco IOS SSL VPN (WebVPN)
      2. WebVPN Configuration Tasks
    8. Configuring Cisco Easy VPN Remote Access
      1. Easy VPN Operation
      2. Configuration Tasks for Cisco Easy VPN Remote for Access Routers
      3. Configuring Cisco Easy VPN Server
      4. Configuring Cisco VPN Client 4.x
  8. 5. Adaptive Threat Defense
    1. Configuring Cisco IOS Firewall
    2. Configuring Cisco IOS Classic Firewall
      1. Cisco IOS Classic Firewall Configuration Tasks
    3. Configuring Cisco IOS Zoned-Based Policy Firewall
      1. Zones
      2. Security Zone Firewall Policies
      3. Configuring a Cisco IOS Zoned-Based Policy Firewall
      4. Configuration Example
      5. Verifying Cisco IOS Zone-Based Policy Firewall
    4. Configuring Cisco IOS Firewall Authentication Proxy
      1. AAA Server Configuration
      2. Cisco IOS Firewall Authentication Proxy Configuration Task List
      3. Cisco IOS Firewall Authentication Proxy Configuration on a Cisco Router
      4. Test and Verify
    5. Configuring Cisco IOS IPS
      1. Cisco IOS Firewall IPS Configuration Tasks
      2. Configuring the Cisco IOS IPS
      3. Configure Logging via Syslog or SDEE
      4. Verifying IPS Configuration