You are previewing CSI Exam Cram™ 2 (Exam 642-541).
O'Reilly logo
CSI Exam Cram™ 2 (Exam 642-541)

Book Description

Security is Cisco's top priority in 2003 and few other resources are available for exam preparation on this topic!

  • Industry experts expect the CCSP to be one of the most popular certifications in 2003.

  • The CSI exam is the fifth and final exam required to obtain a CCSP.

  • Cisco's new security certification gives thousands of specialists an opportunity for advancement and credibility, and many will turn to Exam Cram 2 to make sure they're prepared for the exam.

  • Features the Cram Sheet for that last minute review.

  • Table of Contents

    1. Copyright
      1. Dedication
    2. The CSI Cram Sheet
      1. SECURITY FUNDAMENTALS
      2. ARCHITECTURAL OVERVIEW
      3. CISCO SECURITY PORTFOLIO
      4. SAFE SMALL NETWORK DESIGN
      5. SAFE MEDIUM NETWORK DESIGN
      6. SAFE REMOTE-USER DESIGN (FOUR OPTIONS)
      7. BRANCH VERSUS HEADEND OR STANDALONE CONSIDERATIONS
      8. SIMULATION
    3. A Note from Series Editor Ed Tittel
    4. About the Author
    5. About the Technical Editors
    6. Acknowledgments
    7. We Want to Hear from You!
    8. Introduction
      1. The Cisco Certification Program
      2. Taking a Cisco Exam
      3. Arriving at the Exam Site
      4. In the Exam Room
      5. How to Prepare for an Exam
      6. About This Book
    9. Self-Assessment
      1. CCSPs in the Real World
      2. The Ideal CCSP Candidate
      3. Put Yourself to the Test
        1. Educational Background
        2. Hands-On Experience
        3. Testing Your Exam-Readiness
      4. Help from Your Peers
      5. And Now, Let's Get on with It!
    10. I. Certification
      1. 1. Overview of Cisco Certification
        1. Taking the Exam
        2. Results
        3. The Exam's Content
        4. Exam Description and Topics
        5. Are You Ready?
        6. Exam Techniques and Cisco Exams
        7. Master the Inner Game
        8. Additional Resources
    11. II. Security Foundations
      1. 2. Information Assets
        1. What Is the SAFE Blueprint For?
        2. What Are Information Assets?
          1. Hardware Assets
            1. End-User Devices
            2. User-Support Devices
            3. Networking Devices
          2. Software Assets
        3. Location Matters
          1. Internal-Only Assets
          2. External-Facing Assets
        4. Exam Prep Questions
        5. Need to Know More?
      2. 3. Threats
        1. Origin
          1. Internal Threats
            1. Bad Intentions
            2. Unauthorized Activities
            3. Mismanagers
          2. External Threats
        2. Threat Types
          1. Reconnaissance
            1. Target Discovery
            2. Network Commands
            3. Ping Sweeps and Port Scans
            4. Eavesdropping
            5. Information Theft
          2. Unauthorized Access
            1. Denial of Service
            2. Data Manipulation
        3. Summary
        4. Exam Prep Questions
        5. Need to Know More?
      3. 4. The Security Policy
        1. What a Security Policy Is
          1. Assets
          2. Threats
          3. Risks Accepted
          4. Security Technologies
          5. Authorities
          6. Acceptable Use
          7. Audit
          8. Incident Response
          9. Revisions
        2. The Security Wheel
          1. Secure
          2. Monitor
          3. Test
          4. Improve
        3. Tradeoffs
        4. Example Security Policy
        5. Exam Prep Questions
        6. Need to Know More?
      4. 5. Management Protocols and Functions
        1. Network Time Protocol
          1. Why Time Matters
          2. Using NTP
          3. Configuring NTP
            1. Router
            2. Switch
          4. Securing NTP
            1. Access List
            2. Authentication
          5. NTP Versions
        2. Simple Network Management Protocol
          1. Configuring SNMP
            1. Router
            2. Switch
            3. Practicality
          2. SNMP Versions
        3. Cisco Discovery Protocol
          1. Configuring CDP
          2. CDP Versions
        4. Authentication, Authorization, and Accounting
          1. Authentication
            1. Back Doors
            2. Configuring Authentication
          2. Authorization
          3. Accounting
        5. Trivial File Transport Protocol
        6. Summary
        7. Exam Prep Questions
        8. Need to Know More?
    12. III. Architecture and Products
      1. 6. The SAFE Security Blueprint
        1. Philosophy
        2. Modular Approach
        3. Enterprise SAFE Assumptions
        4. Enterprise SAFE Design Objectives
        5. Enterprise SAFE Axioms
          1. Routers Are Targets
          2. Switches Are Targets
          3. Hosts Are Targets
          4. Networks Are Targets
          5. Applications Are Targets
          6. Intrusion-Detection Systems Help
          7. Secure Management and Reporting
        6. Modular Approach
        7. Edge Modules
          1. E-Commerce Module
            1. Design Alternatives
          2. Corporate Internet Module
            1. Design Alternatives
          3. VPN/Remote Access Module
            1. Design Alternatives
          4. WAN Module
            1. Design Alternatives
          5. Edge Summary
        8. Campus Modules
          1. Server Module
            1. Design Alternatives
          2. Management Module
            1. Design Alternatives
        9. Summary
        10. Exam Prep Questions
        11. Need to Know More?
      2. 7. The Extended SAFE Blueprints
        1. The SAFE VPN Blueprint
          1. Design Fundamentals
          2. Axioms
          3. SAFE VPN Network Designs
        2. The SAFE IP Telephony Blueprint
          1. Design Fundamentals
          2. Axioms
        3. The SAFE Wireless Blueprint
          1. Design Fundamentals
          2. Axioms
        4. The SAFE SMR Blueprint
          1. Design Fundamentals
          2. Axioms
          3. Headend vs. Branch Considerations
        5. Summary
        6. Exam Prep Questions
        7. Need to Know More?
      3. 8. Products in the Campus
        1. Routers
          1. Securing Access
          2. Securing Services and Management
        2. Switches
          1. Securing Access
          2. Securing Services and Management
          3. Securing Ports
        3. IDS
          1. NIDS Configuration
          2. HIDS Configuration
        4. CiscoSecure Access Control Server
        5. Summary
        6. Exam Prep Questions
        7. Need to Know More?
      4. 9. Products in the Edge
        1. Routers Redux
          1. RFC 2827 Filtering
          2. Unicast RPF
          3. Nonperimeter Routers in the Edge
            1. NAT on the Router
            2. IPSec on the Router
        2. The PIX Firewall
          1. Traffic Segregation
          2. NAT on a PIX
          3. IPSec on a PIX
        3. The VPN Concentrator
        4. The VPN Client
          1. The 3002 VPN Hardware Client
          2. The VPN Software Client
        5. Summary
        6. Exam Prep Questions
        7. Need to Know More?
    13. IV. The SAFE SMR Network Designs—Putting the Pieces Together
      1. 10. The Small Network Implementation
        1. The Small Network Edge
          1. Assets
          2. Threats
          3. Devices and Implementation
          4. Threats Mitigated
          5. Design Alternatives
        2. The Small Network Campus
          1. Assets
          2. Threats
          3. Devices and Implementation
          4. Threats Mitigated
          5. Design Alternatives
        3. Branch Versus Standalone
        4. Summary
        5. Exam Prep Questions
        6. Need to Know More?
      2. 11. The Medium Network Implementation
        1. The Medium Network Edge
          1. Assets
          2. Threats
          3. Devices and Implementation
          4. Threats Mitigated
          5. Design Alternatives
        2. The Medium Network WAN
        3. The Medium Network Campus
          1. Assets
          2. Threats
          3. Devices and Implementation
          4. Threats Mitigated
          5. Design Alternatives
        4. Branch Versus Headend
        5. Summary
        6. Exam Prep Questions
        7. Need to Know More?
      3. 12. The Remote-User Design
        1. The Remote-User Problem
          1. Assets
          2. Threats
          3. Devices and Implementation
          4. Threats Mitigated
        2. The Four Options
          1. The Software Access Option
          2. The Remote Site Firewall Option
          3. The Hardware VPN Client Option
          4. The Remote Site Broadband Router Option
        3. User Authentication
        4. Centralized Management
        5. Summary
        6. Pulling It All Together
        7. Exam Prep Questions
        8. Need to Know More?
    14. V. Final Review
      1. 13. Practice Exam 1
      2. 14. Answers to Practice Exam 1
      3. 15. Practice Exam 2
      4. 16. Answers to Practice Exam 2
    15. VI. Appendixes
      1. A. Resources
        1. Books
        2. Web
      2. B. What's on the CD-ROM
        1. The PrepLogic Practice Exams, Preview Edition Software
        2. An Exclusive Electronic Version of the Text
      3. C. Using the PrepLogic Practice Exams, Preview Edition Software
        1. The Exam Simulation
        2. Question Quality
        3. The Interface Design
        4. The Effective Learning Environment
        5. Software Requirements
        6. Installing PrepLogic Practice Exams, Preview Edition
        7. Removing PrepLogic Practice Exams, Preview Edition from Your Computer
        8. How to Use the Software
          1. Starting a Practice Exam Mode Session
          2. Starting a Flash Review Mode Session
          3. Standard PrepLogic Practice Exams, Preview Edition Options
          4. Seeing Time Remaining
          5. Getting Your Examination Score Report
          6. Reviewing Your Exam
        9. Contacting PrepLogic
          1. Customer Service
          2. Product Suggestions and Comments
        10. License Agreement
    16. Glossary
    17. The CSI Cram Sheet
      1. Security Fundamentals
      2. Architectural Overview
      3. Cisco Security Portfolio
      4. SAFE Small Network Design
      5. SAFE Medium Network Design
      6. SAFE Remote-User Design (Four Options)
      7. Branch Versus Headend or Standalone Considerations
      8. Simulation