CCSP Self-Study : Securing Cisco IOS Networks (SECUR)

John Roland, Cisco Systems Inc.

  • 出版商: Cisco Press
  • 出版日期: 2004-04-21
  • 售價: $2,300
  • 貴賓價: 9.5$2,185
  • 語言: 英文
  • 頁數: 864
  • 裝訂: Hardcover
  • ISBN: 1587051516
  • ISBN-13: 9781587051517
  • 相關分類: CiscoApple Developer
  • 已絕版

買這商品的人也買了...

商品描述

Cisco authorized self-study book for CCSP 642-501 foundation learning

  • Identify the lineup of Cisco Systems network security products and enumerate the components of a complete security policy
  • Use Cisco Secure ACS for Windows and Cisco Secure ACS for UNIX to implement TACACS+ and RADIUS AAA support in Cisco router networks
  • Configure AAA support on perimeter Cisco routers and Cisco IOS Firewalls
  • Implement standard practices to secure administrative access and disable unused router protocols, services, and interfaces
  • Use AutoSecure to configure security parameters on Cisco routers
  • Configure Cisco IOS Firewalls for CBAC, Authentication Proxy, and AAA support
  • Configure and manage Cisco IOS IDS router signatures and audit rules
  • Monitor Cisco IOS IDS routers using Security Monitor or Syslog servers
  • Configure IPSec VPN tunnels on Cisco routers using preshared keys or RSA signatures
  • Configure Cisco routers to use IPSec with Network Address Translation
  • Use Security Device Manager and Router Management Center to configure and manage Cisco IOS VPN and Cisco IOS Firewall policies
  • Mitigate common router security threats with access control lists (ACLs)

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is a complete reference for security practices, protocols, software, and equipment that work on or in conjunction with Cisco IOS equipment to provide layers of security to networks. In addition to acting as a key study aid for the CCSP SECUR 642-501 exam, this book will be an invaluable theory and configuration guide for years to come.

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is a Cisco authorized, self-paced learning tool that helps you gain mastery over all security techniques and technologies, including newer topics such as Cisco Easy VPN and Security Device Manager (SDM). Chapter overviews bring you quickly up to speed on technologies you can use to secure your network. Configuration examples are designed to show you how to make Cisco IOS devices secure, and unique chapter-ending review questions test your knowledge.

Whether you are seeking a reference guide to working with Cisco IOS security or a study guide for the 642-501 exam, CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is the reference you are looking for.

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is part of a recommended learning path from Cisco Systems that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

This volume is in the Certification Self-Study Series offered by Cisco Press. Books in this series provide officially developed training solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

Table of Contents:

Foreword.

Preface.

Introduction.

   1. Introduction to Network Security.

Objectives. The Cisco SAFE Blueprint. Network Attack Taxonomy. Network Security Policy. Cisco Network Security Products. Cisco Management Software. Management Protocols and Functions. Network Address Translation and NAT Transversal. Chapter Summary. Chapter Review Questions.

2. Basic Cisco Router Security.

Cisco IOS Firewall Features. Securing Cisco Router Installations. Securing Cisco Router Administrative Access. Introduction to AAA for Cisco Routers. Configuring AAA for Cisco Perimeter Routers. Troubleshooting AAA. Chapter Summary. Review of Cisco IOS Commands. Chapter Review Questions. Case Study.

3. Advanced AAA Security for Cisco Router Networks.

Cisco Secure ACS Introduction. Installing Cisco Secure ACS 3.0 for Windows 2000/NT Servers. Administering and Troubleshooting Cisco Secure ACS for Windows. TACACS+ Overview. RADIUS Overview. Kerberos Overview. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

4. Cisco Router Threat Mitigation.

Using Routers to Secure the Network. Securing Router Services and Interfaces. Disabling Unused Router Interfaces. Implementing Cisco Access Control Lists. Mitigating Security Threats by Using ACLs. Filtering Router Service Traffic. Filtering Network Traffic. DDoS Mitigation. Sample Router Configuration. Implementing Syslog Logging. Designing Secure Management and Reporting for Enterprise Networks. Using AutoSecure to Secure Cisco Routers. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

5. Cisco IOS Firewall Context-Based Access Control Configuration.

Cisco IOS Firewall Introduction. Using CBAC to Protect Users from Attack. Configuring CBAC. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

6. Cisco IOS Firewall Authentication Proxy.

Introduction to the Cisco IOS Firewall Authentication Proxy. Configuring the AAA Server. Configuring the Cisco IOS Firewall with an AAA Server. Configuring the Authentication Proxy. Testing and Verifying the Configuration. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

7. Cisco IOS Firewall Intrusion Detection System.

Cisco IOS IDS Introduction. Configuring Cisco IOS IDS. Chapter Summary. Signatures Used By Cisco IOS IDS. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

8. Building IPSec VPNs Using Cisco Routers and Pre-Shared Keys.

Cisco Routers Enable Secure VPNs. What Is IPSec? IPSec Protocol Framework. Five Steps of IPSec. IPSec and Dynamic Virtual Private Networks. Configuring IPSec for IKE Pre-Shared Keys. Configuring IPSec Manually. Configuring IPSec for RSA-Encrypted Nonces. Using NAT with IPSec. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

9. Building Advanced IPSec VPNs Using Cisco Routers and Certificate Authorities.

Certificate Authorities. Configuring CA Support Tasks. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

10. Configuring IOS Remote Access Using Cisco Easy VPN.

Cisco Easy VPN Introduction. Cisco Easy VPN Server Overview. Cisco Easy VPN Remote Overview. Configuring Cisco Easy VPN Server for XAUTH. RADIUS Authentication for Group Profiles. Cisco VPN Client 3.5 Installation and Configuration Tasks. Working with Cisco VPN Client 3.5. Upcoming Cisco VPN Client Changes. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

11. Securing Cisco Routers Using Security Device Manager.

Understanding Security Device Manager. Understanding SDM Software. Using the SDM Startup Wizard. Introducing the SDM User Interface. Configuring a WAN Using the WAN Wizard. Using SDM to Configure a Firewall. Using SDM to Configure a VPN. Using SDM to Perform Security Audits. Using the Factory Reset Wizard. Using SDM Advanced Mode. Understanding Monitor Mode. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

12. Managing Enterprise VPN Routers.

Router MC 1.2.1 Introduction. Installing Router MC. Using Router MC. Creating Workflows and Activities. Configuring General Cisco IOS Firewall Settings. Building Access Rules. Using Building Blocks. Network Address Translation Rules. Managing Configurations. Administration. Chapter Summary. Chapter Review Questions. Case Study.

13. Case Study.

Introduction. Requirements. Solutions.

Appendix A: Answers to Chapter Review Questions.
Appendix B: Sample Network Security Policy.
Appendix C: Configuring Standard and Extended Access Lists.
Glossary.
Index.