did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780782144222

CCSP Complete Study Guide : Exams 642-501, 642-511, 642-521, 642-531, 642-541

by ; ; ; ; ; ; ;
  • ISBN13:

    9780782144222

  • ISBN10:

    0782144225

  • Edition: CD
  • Format: Hardcover
  • Copyright: 2005-04-01
  • Publisher: Sybex
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $89.99

Summary

The Most Comprehensive and Current CCSP Self-Study Solution on the Market!Here's the comprehensive and economical self-study solution that will provide you with the knowledge and skills needed to approach the CCSP exams with confidence. This Study Guide was developed to meet the exacting requirements of today's certification candidates. In addition to the consistent and accessible instructional approach that has earned Sybex the reputation as the leading publisher for certification study guides, this book provides: Clear and concise information on securing Cisco internetworks Practical examples and insights drawn from real-world experience Leading-edge exam preparation software, including a testing engine and electronic flashcards And of course, you'll find in-depth coverage of all official objectives for all five exams required for the CCSP: 642-501: Securing Cisco IOS Networks 642-511: Cisco Secure VPN 642-521: Cisco Secure PIX Firewall Advanced 642-531: Cisco Secure Intrusion Detection System 642-541: Cisco SAFE Implementation Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Author Biography

Wade Edwards, CCIE, has over 15 years of networking experience and has been actively involved in the computer industry for over 24 years.

Todd Lammle, CCNP is CEO and Chief Scientist of RouterSim, LLC and President of GlobalNet Training, Inc., and is the author of the best-selling CCNA: Cisco Certified Network Associate Study Guide from Sybex.

Tom Lancaster, CCIE, is a consultant with IBM Global Services.

Justin Menga, CCIE, is a Network Solutions Architect in the wireless and e-infrastructure field in New Zealand.

Eric Quinn, CCSI, CCNP + Voice is an Arizona-based instructor and security consultant.

Jason Rohm, CCIE, is a network consultant and adjunct instructor from Green Bay, Wisconsin.

Carl Timm, CCIE, has over 10 years of experience in the design and implementation of large scale IP-based internetworks.

Bryant Tow has over 15 years of experience in the IT industry as an instructor and entrepreneur.

Table of Contents

Introduction xxvii
Securing Cisco IOS Networks Assessment Test 1 lii
Cisco Secure PIX Firewall Advanced Assessment Test 2 lxiii
Cisco Secure Virtual Private Networks Assessment Test 3 lxviii
Cisco Secure Intrusion Detection Systems Assessment Test 4 lxxi
Cisco Safe Implementation Assessment Test 5 lxxvii
Part I Securing Cisco IOS Networks (SECUR)
1(218)
Introduction to Network Security
3(20)
Types of Network Security Threats
5(1)
Types of Security Weaknesses
6(4)
Technology Weaknesses
6(1)
Configuration Weaknesses
7(2)
Policy Weaknesses
9(1)
Types of Network Attacks
10(9)
Eavesdropping
12(2)
Denial-of-Service Attacks
14(1)
Unauthorized Access
15(1)
WareZ
16(1)
Masquerade Attack (IP Spoofing)
16(1)
Session Hijacking or Replaying
16(1)
Rerouting Attacks
17(1)
Repudiation
17(1)
Smurfing Attacks
17(1)
Password Attacks
18(1)
Man-in-the-Middle Attacks
18(1)
Application-Layer Attacks
18(1)
Trojan Horse Programs, Viruses, and Worms
19(1)
HTML Attacks
19(1)
The Corporate Security Policy
19(1)
Summary
20(1)
Exam Essentials
21(2)
Introduction to AAA Security
23(28)
Understanding Network Access Server and Cisco AAA
24(2)
Authentication Methods
26(9)
Windows Authentication
28(1)
Security Server Authentication
28(2)
PAP and CHAP Authentication
30(2)
PAP Callback
32(3)
Configuring the NAS for AAA
35(14)
Securing Access to the Exec Mode
35(3)
Enabling AAA Locally on the NAS
38(1)
Configuring Authentication on the NAS
39(2)
Configuring Authorization on the NAS
41(3)
Configuring Accounting on the NAS
44(2)
Verifying the NAS Configuration
46(1)
Troubleshooting AAA on the Cisco NAS
47(2)
Summary
49(1)
Exam Essentials
50(1)
Configuring Cisco Secure ACS and TACACS+
51(32)
Introduction to the Cisco Secure ACS
52(5)
Using User Databases for Authentication
54(1)
Populating the User Database
55(1)
New ACS Features
56(1)
Installing Cisco Secure ACS 3.0
57(7)
Administering Cisco Secure ACS
64(7)
TACACS+ Overview
71(1)
Configuring TACACS+
72(2)
Using RADIUS
74(4)
Cisco Secure User Database NAS Configuration for Radius
74(4)
Verifying TACACS+
78(3)
Summary
81(1)
Exam Essentials
81(2)
Cisco Perimeter Router Problems and Solutions
83(18)
Solving Eavesdropping and Session Replay Problems
85(1)
Deferding Against Unauthorized Access, Data Manipulation, and Malicious Destruction
86(2)
Solving Lack of Legal IP Addresses Problems
88(1)
Fighting Rerouting Attacks
88(2)
Fighting Denial-of-Service Attacks
90(2)
Turning Off and Configuring Network Services
92(7)
Blocking SNMP Packets
92(1)
Disabling Echo
92(1)
Turning Off BOOTP and Auto-Config
93(1)
Disabling the HTTP Interface
93(1)
Disabling IP Source Routing
94(1)
Disabling Proxy ARP
94(1)
Disabling Redirect Messages
94(1)
Disabling the Generation of ICMP Unreachable Messages
94(1)
Disabling Multicast Route Caching
95(1)
Disabling the Maintenance Operation Protocol
95(1)
Turning Off the X.25 PAD Service
95(1)
Enabling the Nagle TCP Congestion Algorithm
95(1)
Logging Every Event
96(1)
Disabling Cisco Discovery Protocol
96(1)
Configuring SNMP
96(1)
Configuring Exec Timeout Values
97(1)
Disabling the Default Forwarded UDP Protocols
97(2)
Summary
99(1)
Exam Essentials
99(2)
Context-Based Access Control Configuration
101(20)
Understanding the Cisco IOS Firewall
102(1)
Authentication Proxy and IDS
103(1)
Context-Based Access Control
103(4)
CBAC Compared to ACLs
103(3)
CBAC-Supported Protocols
106(1)
Introduction to CBAC Configuration
107(12)
Using Audit Trails and Alerts
108(1)
Configuring Global Timeouts and Thresholds
108(2)
Configuring PAM
110(4)
Defining Inspection Rules
114(2)
Applying Inspection Rules and ACLs to Router Interfaces
116(1)
Configuring IP ACLs at the Interface
117(1)
Testing and Verifying CBAC
117(2)
Summary
119(1)
Exam Essentials
120(1)
Cisco IOS Firewall Authentication and Intrusion Detection
121(28)
Introduction to the Cisco IOS Firewall Authentication Proxy
123(12)
Configuring the AAA Server
125(3)
Configuring AAA
128(4)
Configuring the Authentication Proxy
132(1)
Testing and Verifying Your Configuration
133(2)
Introduction to the Cisco IOS Firewall IDS
135(4)
Initializing the Cisco IOS Firewall IDS
137(1)
Configuring, Disabling, and Excluding Signatures
137(2)
Creating and Applying Audit Rules
139(4)
Setting Default Actions
139(2)
Creating an Audit Rule
141(1)
Applying the Audit Rule
142(1)
Verifying the Configuration
143(2)
Stopping the IOS Firewall IDS
145(1)
Summary
146(1)
Exam Essentials
147(2)
Understanding Cisco IOS IPSec Support
149(18)
What Is a Virtual Private Network?
150(1)
Introduction to Cisco IOS IPSec
151(6)
IPSec Transforms
152(2)
IPSec Operation
154(3)
The Components of IPSec
157(8)
IPSec Encapsulation
157(2)
Internet Key Exchange (IKE)
159(6)
Summary
165(1)
Exam Essentials
165(2)
Cisco IOS IPSec Pre-shared Keys and Certificate Authority Support
167(42)
Configuring Cisco IOS IPSec for Pre-shared Keys Site-to-Site
168(18)
Preparing for IKE and IPSec
169(1)
Configuring IKE
169(6)
Configuring IPSec
175(9)
Testing and Verifying IPSec
184(2)
Configuring IPSec Manually
186(6)
Configuring IPSec for RSA-Encrypted Nonces
187(5)
Configuring Cisco IOS IPSec Certificate Authority Support Site-to-Site
192(14)
Configuring CA Support Tasks
193(1)
Preparing for IKE and IPSec
193(1)
Configuring CA Support
193(5)
Configuring IKE Using CA
198(1)
Configuring IPSec for CA
198(7)
Testing and Verifying IPSec for CA
205(1)
Summary
206(1)
Exam Essentials
206(3)
Cisco IOS Remote Access Using Cisco Easy VPN
209(10)
Configuring IOS Remote Access Using Cisco Easy VPN
210(3)
Introduction to Cisco Easy VPN
210(1)
The Easy VPN Server
211(2)
Introduction to the Cisco VPN Software Client
213(4)
Easy VPN Server Configuration Tasks
215(1)
Preconfiguring the Cisco VPN Software Client
216(1)
Router and Security Device Manager Overview
216(1)
Summary
217(1)
Exam Essentials
218(1)
Part II Cisco Secure PIX Firewall Advanced
219(244)
PIX Firewall Basics
221(36)
Understanding a Firewall's Role in Network Security
222(2)
What Is a Firewall?
222(2)
What Are the Potential Threats?
224(1)
Reviewing Firewall Technologies
224(6)
Dual-Homed Gateways
225(1)
Packet-Filtering Firewalls
225(1)
Stateful Firewalls
226(1)
Firewall Technology Combinations
227(3)
Hardware and Software Components of the Cisco Secure PIX Firewall
230(7)
PIX Firewall Features
230(1)
PIX Firewall Components
231(6)
PIX Firewall Operation
237(4)
NAT Mechanisms
237(1)
Packet Processing
238(1)
The Adaptive Security Algorithm and Security Levels
239(2)
Working with the Firewall Services Module
241(5)
Overview of Configuration
241(1)
Configuring an IOS Switch
242(2)
Configuring a CatOS Switch
244(1)
Connecting to the Module
244(1)
Configuring the FWSM
245(1)
Using the PIX Firewall CLI
246(9)
CLI Access Methods
246(1)
CLI Modes
247(1)
Editing in the CLI
248(1)
Basic Commands
249(6)
Summary
255(1)
Exam Essentials
256(1)
PIX Firewall Configuration
257(50)
Preparing for Firewall Configuration
258(1)
Using Common Global Configuration Commands
259(8)
The Remote Access Commands
259(2)
The clock Command
261(1)
The ntp Command
262(1)
The domain-name and hostname Commands
263(1)
The name/names Commands
264(1)
The dhcpd Command
264(2)
The logging Command
266(1)
Configuring PIX Firewall Interfaces
267(6)
Naming an Interface and Assigning a Security Level
267(2)
Setting Interface Properties and Shutting Down the Interface
269(2)
Assigning an IP Address
271(1)
Setting the Maximum Transfer Unit
272(1)
Configuring NAT and PAT
273(25)
Understanding Address Translation
273(3)
NAT, PAT, and Security
276(1)
Configuring NAT
277(9)
Configuring PAT
286(4)
Configuring NAT on Multiple Interfaces
290(8)
Configuring Routing
298(8)
Configuring Dynamic Routing
299(2)
Configuring Static Routing
301(3)
Configuring Multicast Routing
304(2)
Summary
306(1)
Exam Essentials
306(1)
ACLs, Filtering, Object Grouping, and AAA
307(34)
Using PIX Firewall ACLs
308(4)
Creating a PIX ACL
309(1)
Applying a PIX ACL
310(1)
Converting Conduits to ACLs
311(1)
URL Filtering
312(3)
How Does URL Filtering Work?
312(1)
Configuring the PIX Firewall for URL Filtering
313(2)
PPPoE and the PIX Firewall
315(4)
Configuring the PPPoE Client Username and Password
316(1)
Enabling PPPoE on the PIX Firewall
317(1)
Verifying PPPoE Operation
318(1)
Object Groups
319(5)
Configuring Object Groups
320(3)
Using Object Groups
323(1)
Authentication, Authorization, and Accounting (AAA) Services
324(14)
Installing Cisco Secure ACS for Windows 2000/NT
324(6)
Implementing AAA on the PIX Firewall
330(7)
Downloadable PIX ACLs
337(1)
Summary
338(1)
Exam Essentials
339(2)
Advanced Protocol Handling, Attack Guards, and Intrusion Detection
341(30)
Advanced Protocol Handling
342(11)
Special Protocol Support Basics
343(2)
File Transfer Protocol
345(3)
Remote Shell
348(1)
SQL*Net
349(1)
Multimedia Support
350(2)
Alternative Solutions to Problem Protocols
352(1)
Attack Guards
353(9)
AAA Flood Guard
353(1)
SYN Flood Guard
354(1)
Mail Guard
355(4)
IP Fragmentation Guard
359(3)
DNS Guard
362(1)
Intrusion Detection
362(8)
IP Audit
362(7)
Shunning
369(1)
Summary
370(1)
Exam Essentials
370(1)
Firewall Failover and PDM
371(34)
Fault-Tolerance Concepts
372(5)
Points of Failure
372(4)
Fault-Tolerant Strategies
376(1)
PIX Firewall Failover
377(13)
PIX Firewall Failover Features
377(1)
PIX Firewall Failover Requirements
378(1)
How PIX Firewall Failover Works
378(7)
Stateful Failover
385(1)
Basic Failover Configuration
386(4)
Cisco PIX Device Manager (PDM)
390(13)
PDM Overview
390(1)
Operating Requirements
391(1)
Preparing for PDM
392(2)
Using PDM to Configure the PIX Firewall
394(9)
Summary
403(1)
Exam Essentials
403(2)
VPNs and the PIX Firewall
405(58)
Preparing to Configure VPN support
406(1)
Configuring IKE on a Firewall
407(8)
Enabling IKE
407(1)
Configuring the IKE Policy
407(2)
Configuring Pre-shared Keys
409(1)
Configuring the Use of Certificate Authorities (CAs) on a Firewall
410(5)
Configuring IPSec on a Firewall
415(7)
Creating Crypto ACLs
415(1)
Creating and Configuring Transform Sets
416(2)
Setting the Tunnel Lifetime
418(1)
Creating Crypto Maps
419(3)
Verifying and Troubleshooting IPSec Configuration on a Firewall
422(4)
Viewing Configuration Information
422(4)
Understanding Error and Status Messages
426(1)
Debugging
426(1)
Understanding Remote Access VPN
426(6)
Extended Authentication (Xauth)
426(1)
IKE Mode Config for Dynamic Addressing
427(1)
Pushing Additional Attributes to the VPN Client
428(1)
Common Commands
429(3)
Installing and Configuring the Cisco VPN Client
432(7)
Deploying the VPN Client
433(6)
Using PDM to Create VPNs
439(12)
Setting Up a Site-to-Site VPN
441(5)
Setting Up a Remote Access VPN
446(5)
Enterprise PIX Firewall Management and Maintenance
451(9)
Cisco Secure Policy Manager (CSPM)
452(1)
PIX Management Center (MC)
453(3)
Auto Update Server (AUS)
456(4)
Summary
460(1)
Exam Essentials
460(3)
Part III Cisco Secure Virtual Private Networks
463(164)
Introduction to Virtual Private Networks
465(28)
VPN Basics
466(4)
Major Types of VPNs
466(1)
VPN Devices
467(3)
Introducing IPSec
470(14)
IPSec Services
471(1)
IPSec Building Blocks: AH and ESP
471(5)
Hashing
476(1)
Encryption
476(1)
Diffie-Hellman Key Exchange
477(1)
Internet Key Exchange
478(3)
Transform Sets
481(2)
IPSec Security Associations
483(1)
How IPSec Works
484(6)
Defining Interesting Traffic
485(1)
IKE Phase 1
486(1)
IKE Phase 2
487(1)
IPSec Task Flow
488(2)
IPSec Troubleshooting
490(1)
Traffic Delay Problems
490(1)
Filtering Problems
490(1)
NAT Problems
491(1)
ACL Problems
491(1)
Summary
491(1)
Exam Essentials
492(1)
Introduction to Cisco VPN Devices
493(40)
Introducing the VPN 3000 Concentrators
494(6)
Overview of the VPN 3005 Concentrator
495(2)
Overview of VPN 3015 through 3080 Concentrators
497(2)
VPN Concentrator Client Support
499(1)
Introducing the 3002 VPN Hardware Client
500(20)
Configuring the 3002 CLI Quick Configuration Utility
501(4)
Configuring the Hardware Client with the Quick Configuration Utility
505(8)
Managing the Hardware Client
513(1)
Additional VPN 3002 Client Features
514(6)
Introducing the VPN Software Clients
520(9)
Configuring the Connection
521(1)
Setting Authentication Properties
521(2)
Setting Connection Properties
523(1)
Installing a Certificate
523(3)
Preconfiguring the VPN Client
526(3)
Overview of the Cisco VPN Software Client Auto-Initiation
529(2)
Summary
531(1)
Exam Essentials
532(1)
Configuring the VPN Concentrator
533(64)
Using the CLI for Initial Configuration
536(7)
Starting the CLI
536(7)
Using Web Quick Configuration Mode
543(6)
Configuring Physical Interfaces
545(1)
Setting System Information
545(1)
Setting the Tunnel-Creation Method
546(1)
Setting the Address Assignment
546(1)
Configuring Authentication
547(1)
Setting a Group Name
548(1)
Changing the admin Password
549(1)
Configuring User and Policy Management
549(25)
Navigating the GUI
550(1)
Setting Up Groups
550(9)
Setting Up Users
559(1)
Configuring an Authentication Server
559(1)
Configuring Access Hours and Filters
560(3)
Configuring Backup on the Hardware Client
563(1)
Configuring Load Balancing
564(2)
Configuring Lan-to-Lan IPSec
566(2)
Updating Clients Automatically
568(3)
Setting Up the Stateful Firewall
571(3)
Configuring the Use of IPSec Digital Certificates
574(12)
Introducing the Public Key Infrastructure
574(1)
Requesting and Installing Concentrator Certificates
575(8)
Requesting and Installing Client Certificates
583(3)
Firewall Feature Set for the IPSec Software Client
586(5)
Software Client's Are You There Feature
587(1)
Software Client's Stateful Firewall Feature
587(1)
Software Client's Central Policy Protection Feature
587(1)
Client Firewall Statistics
588(2)
Customizing Firewall Policy
590(1)
Configuring the VPN 3000 Concentrator for IPSec over UDP and IPSec over TCP
591(4)
Overview of Port Address Translation
592(1)
Configuring IPSec over UDP
592(2)
Configuring NAT-Transversal
594(1)
Configuring IPSec over TCP
594(1)
Summary
595(1)
Exam Essentials
595(2)
Managing the VPN Concentrator
597(30)
Monitoring the VPN Concentrator
598(18)
Viewing Concentrator Monitoring Information
599(10)
Configuring Logging and SNMP Traps
609(7)
Administering the VPN Concentrator
616(8)
Configuring Access Rights
616(4)
Administering Sessions
620(1)
Administering File Management
620(3)
Updating Software
623(1)
Pinging Devices
624(1)
Summary
624(1)
Exam Essentials
625(2)
Part IV Cisco Secure Intrusion Detection Systems
627(438)
Introduction to Intrusion Detection and Protection
629(54)
Understanding Security Threats
630(16)
Hacker Characteristics
631(1)
Attack Types
632(14)
Implementing Network Security
646(12)
Securing the Network
646(9)
Monitoring Network Security
655(1)
Testing Network Security
656(1)
Improving Network Security
657(1)
Understanding Intrusion Detection Basics
658(7)
Triggers
658(3)
IDS System Location
661(3)
IDS Evasive Techniques
664(1)
Cisco Secure Intrusion Protection
665(2)
Introduction to Cisco Secure IDS
667(14)
Cisco Secure IDS Features
668(4)
Cisco Secure Sensor Platforms
672(4)
Cisco Secure IDS Management Platforms
676(2)
Cisco Host IDS Platforms
678(3)
Summary
681(1)
Exam Essentials
682(1)
Installing Cisco Secure IDS Sensors and IDSMs
683(52)
Deploying Cisco Secure IDS
684(9)
Sensor Selection Considerations
684(4)
Sensor Deployment Considerations
688(5)
Installing and Configuring Cisco Secure IDS Sensors
693(39)
Planning the Installation
694(1)
Physically Installing the Sensor
695(9)
Gaining Initial Management Access
704(4)
Logging In to the Sensor
708(2)
Configuring the Sensor for the First Time
710(14)
Administering the Sensor
724(4)
Cisco Secure IDS Architecture
728(4)
Summary
732(1)
Exam Essentials
733(2)
Configuring the Network to Support Cisco Secure IDS Sensors
735(48)
Capturing Traffic
736(1)
Configuring Traffic Capture for the 4200 Series Sensors
737(24)
Configuring Traffic Capture Using Span
743(7)
Configuring Traffic Capture Using RSPAN
750(11)
Configuring Traffic Capture for the IDSM
761(18)
Configuring Span for the IDSM-2
765(2)
Configuring Traffic Capture Using VACLs
767(7)
Configuring Traffic Capture using the mls ip ids Command
774(2)
Configuring the Sensing Interface to Control Trunk Traffic
776(1)
Restricting VLANs on CatOS
777(1)
Restricting VLANs on Cisco IOS
778(1)
Assigning the Command-and-Control Port VLAN
778(1)
Configuring the Command-and-Control VLAN on CatOS
779(1)
Configuring the Command-and-Control VLAN on Cisco IOS
779(1)
Configuring Traffic Capture for the NM-CIDS
779(2)
Summary
781(1)
Exam Essentials
781(2)
Configuring Cisco Secure IDS Sensors Using the IDS Device Manager
783(82)
IDS Device Manager Introduction
784(6)
IDM Components and System Requirements
784(1)
Accessing the IDM for the First Time
785(3)
Navigating the IDM
788(2)
Configuring Cisco Secure IDS Sensors Using the IDM
790(50)
Performing Sensor Setup Using the IDM
790(6)
Configuring Intrusion Detection Using the IDM
796(17)
Configuring Blocking Using the IDM
813(24)
Configuring Auto Update Using the IDM
837(3)
Administering and Monitoring Cisco Secure IDS Sensors Using the IDM
840(21)
IDM Administration
841(13)
IDM Monitoring
854(7)
Summary
861(1)
Exam Essentials
862(3)
Configuring Signatures and Using the IDS Event Viewer
865(76)
Cisco Secure IDS Signatures
866(18)
Cisco Secure IDS Signature Engines
868(5)
Signature Engine Parameters
873(11)
Configuring Cisco Secure IDS Signatures
884(14)
Configuring Signatures Using the IDM
884(9)
Configuring Signatures Using the CLI
893(5)
Introduction to the IDS Event Viewer
898(5)
Installing the IEV
900(1)
Accessing the IEV for the First Time
901(2)
Configuring the IEV
903(35)
Adding Sensors to the IEV
903(4)
Configuring Filters and Views
907(7)
Creating a View
914(7)
Configuring Application Settings and Preferences
921(3)
Administering the IEV Database
924(14)
Summary
938(1)
Exam Essentials
939(2)
Enterprise Cisco Secure IDS Management
941(76)
Introduction to CiscoWorks VMS
942(6)
CiscoWorks VMS Components
942(2)
CiscoWorks VMS System Requirements
944(4)
Installing CiscoWorks VMS
948(14)
Installing CiscoWorks Common Services
948(4)
Installing the IDS Management Center and Security Monitoring Center
952(4)
Starting the CiscoWorks Desktop
956(3)
Adding Users
959(1)
Licensing CiscoWorks VMS Components
960(2)
Configuring IDS Sensors Using the IDS MC
962(44)
IDS Management Center Architecture
963(1)
Starting the IDS Management Center
964(2)
Configuring Sensor Groups
966(2)
Adding Sensors to the IDS MC
968(3)
Configuring Sensors Using the IDS MC
971(25)
Saving, Generating, Approving, and Deploying Sensor Configurations
996(7)
Updating Cisco Secure IDS Sensors
1003(3)
Administering the IDS MC
1006(8)
Configuring System Configuration Settings
1006(1)
Configuring Database Rules
1007(4)
Configuring Report Settings
1011(3)
Summary
1014(1)
Exam Essentials
1014(3)
Enterprise Cisco Secure IDS Monitoring
1017(48)
Introduction to the Security Monitor
1018(5)
Security Monitor Features
1018(1)
Supported Devices for the Security Monitor
1019(1)
Accessing the Security Monitor for the First Time
1020(3)
Configuring the Security Monitor
1023(7)
Configuring Sensors to Support the Security Monitor
1023(1)
Defining Devices to Monitor
1023(6)
Verifying Sensor Connection Status
1029(1)
Working with Events
1030(22)
Viewing Events
1030(15)
Defining Notifications Using Event Rules
1045(7)
Administering the Security Monitoring Center
1052(9)
Configuring System Configuration Settings
1053(3)
Configuring Database Rules
1056(1)
Configuring Reports
1057(4)
Summary
1061(1)
Exam Essentials
1062(3)
Part V Cisco SAFE Implementation
1065(96)
Security Fundamentals
1067(26)
Identifying the Need for Network Security
1068(3)
Network Attack Taxonomy
1071(8)
Application Layer Attacks
1072(1)
Denial of Service (DOS) or Distributed Denial of Service (DDOS)
1072(1)
IP Weaknesses
1073(1)
Man-in-the-Middle Attacks
1074(1)
Network Reconnaissance
1074(1)
Packet Sniffers
1075(1)
Password Attacks
1076(1)
Port Redirection
1077(1)
Trojan Horse
1077(1)
Trust Exploitation
1077(1)
Unauthorized Access
1078(1)
Virus
1078(1)
Network Security Policies
1079(1)
Management Protocols and Functions
1079(3)
Configuration Management
1080(1)
SNMP
1080(1)
Syslog
1081(1)
TFTP
1081(1)
NTP
1081(1)
SAFE Architectural Overview
1082(3)
SAFE SMR Design Fundamentals
1084(1)
SAFE SMR Architecture
1084(1)
SAFE Axioms
1085(4)
Routers Are Targets
1086(1)
Switches Are Targets
1087(1)
Hosts Are Targets
1087(1)
Networks Are Targets
1088(1)
Applications Are Targets
1088(1)
Intrusion Detection Systems Mitigate Attacks
1088(1)
Secure Management and Reporting Mitigate Attacks
1089(1)
Identifying the Security Wheel
1089(2)
Summary
1091(1)
Exam Essentials
1091(2)
The Cisco Security Portfolio
1093(18)
Cisco Security Portfolio Overview
1094(1)
Secure Connectivity: Virtual Private Network Solutions
1095(7)
Site-to-Site VPN Solution
1097(2)
Remote Access VPN Solution
1099(2)
Firewall-Based VPN Solution and Perimeter Security
1101(1)
Understanding Intrusion Protection
1102(2)
IDS
1103(1)
Secure Scanner
1104(1)
Understanding Identity
1105(2)
Cisco Secure Access Control Server (ACS)
1106(1)
Understanding Security Management
1107(1)
Cisco AVVID
1107(2)
Summary
1109(1)
Exam Essentials
1109(2)
SAFE Small and Medium Network Designs
1111(30)
Small Network Design Overview
1112(5)
Corporate Internet Module
1112(3)
Campus Module
1115(2)
Medium Network Design Overview
1117(6)
Corporate Internet Module
1118(2)
Campus Module
1120(2)
WAN Module
1122(1)
Implementation of Key Devices
1123(15)
NIDS and HIDS
1123(1)
Implementing the ISP Router
1123(4)
Implementing the IOS-based Firewall
1127(7)
Implementing the PIX Firewall
1134(4)
Summary
1138(1)
Exam Essentials
1138(3)
SAFE Remote Access Network Design
1141(20)
Remote Access Network Design Overview
1142(2)
Key Devices
1143(1)
Implementing the Remote Access Devices
1144(15)
Software Access Option
1144(5)
Remote Site Firewall Option
1149(2)
VPN Hardware Client Option
1151(5)
Remote Site Router Option
1156(3)
Summary
1159(1)
Exam Essentials
1159(2)
Index 1161

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program