Atjaunināt sīkdatņu piekrišanu

CCNA Security Study Guide: Exam 210-260 2nd edition [Mīkstie vāki]

3.25/5 (7 ratings by Goodreads)
  • Formāts: Paperback / softback, 384 pages, height x width x depth: 234x185x28 mm, weight: 499 g
  • Izdošanas datums: 06-Mar-2018
  • Izdevniecība: Sybex Inc.,U.S.
  • ISBN-10: 1119409934
  • ISBN-13: 9781119409939
Citas grāmatas par šo tēmu:
  • Mīkstie vāki
  • Cena: 44,28 €*
  • * ši ir gala cena, t.i., netiek piemērotas nekādas papildus atlaides
  • Standarta cena: 52,11 €
  • Ietaupiet 15%
  • Grāmatu piegādes laiks ir 3-4 nedēļas, ja grāmata ir uz vietas izdevniecības noliktavā. Ja izdevējam nepieciešams publicēt jaunu tirāžu, grāmatas piegāde var aizkavēties.
  • Daudzums:
  • Ielikt grozā
  • Piegādes laiks - 4-6 nedēļas
  • Pievienot vēlmju sarakstam
  • Bibliotēkām
CCNA Security Study Guide: Exam 210-260 2nd editionPalielināt
  • Formāts: Paperback / softback, 384 pages, height x width x depth: 234x185x28 mm, weight: 499 g
  • Izdošanas datums: 06-Mar-2018
  • Izdevniecība: Sybex Inc.,U.S.
  • ISBN-10: 1119409934
  • ISBN-13: 9781119409939
Citas grāmatas par šo tēmu:
Permanent link: https://www.kriso.lv/db/9781119409939.html
Keywords:
Cisco has announced big changes to its certification program.

As of February 24, 2020, all current certifications will be retired, and Cisco will begin offering new certification programs.

The good news is if youre working toward any current CCNA certification, keep going. You have until February 24, 2020 to complete your current CCNA. If you already have CCENT/ICND1 certification and would like to earn CCNA, you have until February 23, 2020 to complete your CCNA certification in the current program.  Likewise, if youre thinking of completing the current CCENT/ICND1, ICND2, or CCNA Routing and Switching certification, you can still complete them between now and February 23, 2020. 





Lay the foundation for a successful career in network security

CCNA Security Study Guide offers comprehensive review for Exam 210-260. Packed with concise explanations of core security concepts, this book is designed to help you successfully prepare for the exam. Expert instruction guides you through critical concepts relating to secure network infrastructure, access management, VPN encryption, Firewalls, intrusion prevention and more, with complete coverage of the CCNA exam objectives. Practical examples allow you to apply your skills in real-world scenarios, helping you transition effectively from "learning" to "doing". You also get access to the Sybex online learning environment, featuring the tools you need to maximize your study time: key terminology and flash cards allow you to study anytime, anywhere, while chapter tests and practice exams help you track your progress and gauge your readiness along the way.

The CCNA Security certification tests your knowledge of secure network installation, monitoring, and troubleshooting using Cisco security hardware and software solutions. When you're ready to get serious about preparing for the exam, this book gives you the advantage of complete coverage, real-world application, and extensive learning aids to help you pass with confidence.





Master Cisco security essentials, standards, and core technologies Work through practical examples drawn from real-world examples Track your progress with online study aids and self-tests





Develop critical competencies in maintaining data integrity, confidentiality, and availability

Earning your CCNA Security certification validates your abilities in areas that define careers including network security, administrator, and network security support engineer. With data threats continuing to mount, the demand for this skill set will only continue to growand in an employer's eyes, a CCNA certification makes you a true professional. CCNA Security Study Guide is the ideal preparation resource for candidates looking to not only pass the exam, but also succeed in the field.
Introduction xxi
Assessment Test xxxi
Chapter 1 Understanding Security Fundamentals 1(24)
Goals of Security
2(13)
Confidentiality
2(1)
Integrity
3(1)
Availability
3(1)
Guiding Principles
3(3)
Common Security Terms
6(1)
Risk Management Process
7(8)
Network Topologies
15(2)
CAN
15(1)
WAN
16(1)
Data Center
16(1)
SOHO
17(1)
Virtual
17(1)
Common Network Security Zones
17(2)
DMZ
17(1)
Intranet and Extranet
18(1)
Public and Private
18(1)
VLAN
18(1)
Summary
19(1)
Exam Essentials
19(1)
Review Questions
20(5)
Chapter 2 Understanding Security Threats 25(20)
Common Network Attacks
26(12)
Motivations
26(1)
Classifying Attack Vectors
27(1)
Spoofing
28(1)
Password Attacks
29(1)
Reconnaissance Attacks
30(4)
Buffer Overflow
34(1)
DoS
34(2)
DDoS
36(1)
Man-in-the-Middle Attack
37(1)
ARP Poisoning
37(1)
Social Engineering
38(2)
Phishing/Pharming
38(1)
Prevention
38(1)
Malware
39(1)
Data Loss and Exfiltration
39(1)
Summary
40(1)
Exam Essentials
40(2)
Review Questions
42(3)
Chapter 3 Understanding Cryptography 45(28)
Symmetric and Asymmetric Encryption
46(7)
Ciphers
46(2)
Algorithms
48(5)
Hashing Algorithms
53(4)
MD5
54(1)
SHA-1
54(1)
SHA-2
54(1)
HMAC
55(1)
Digital Signatures
55(2)
Key Exchange
57(1)
Application: SSH
57(1)
Public Key Infrastructure
57(11)
Public and Private Keys
58(2)
Certificates
60(1)
Certificate Authorities
61(2)
PKI Standards
63(1)
PKI Topologies
64(1)
Certificates in the ASA
65(2)
Cryptanalysis
67(1)
Summary
68(1)
Exam Essentials
68(1)
Review Questions
69(4)
Chapter 4 Securing the Routing Process 73(18)
Securing Router Access
74(6)
Configuring SSH Access
74(2)
Configuring Privilege Levels in IOS
76(1)
Configuring IOS Role-Based CLI
77(2)
Implementing Cisco IOS Resilient Configuration
79(1)
Implementing OSPF Routing Update Authentication
80(2)
Implementing OSPF Routing Update Authentication
80(2)
Implementing EIGRP Routing Update Authentication
82(1)
Securing the Control Plane
82(2)
Control Plane Policing
83(1)
Summary
84(1)
Exam Essentials
85(1)
Review Questions
86(5)
Chapter 5 Understanding Layer 2 Attacks 91(16)
Understanding STP Attacks
92(1)
Understanding ARP Attacks
93(2)
Understanding MAC Attacks
95(1)
Understanding CAM Overflows
96(1)
Understanding CDP/LLDP Reconnaissance
97(1)
Understanding VLAN Hopping
98(1)
Switch Spoofing
98(1)
Double Tagging
99(1)
Understanding DHCP Spoofing
99(2)
Summary
101(1)
Exam Essentials
101(1)
Review Questions
102(5)
Chapter 6 Preventing Layer 2 Attacks 107(20)
Configuring DHCP Snooping
108(2)
Configuring Dynamic ARP Inspection
110(2)
Configuring Port Security
112(2)
Configuring STP Security Features
114(2)
BPDU Guard
114(1)
Root Guard
115(1)
Loop Guard
115(1)
Disabling DTP
116(1)
Verifying Mitigations
116(4)
DHCP Snooping
116(1)
DAI
117(1)
Port Security
118(1)
STP Features
118(2)
DTP
120(1)
Summary
120(1)
Exam Essentials
121(1)
Review Questions
122(5)
Chapter 7 VLAN Security 127(14)
Native VLANs
128(1)
Mitigation
128(1)
PVLANs
128(5)
PVLAN Edge
131(1)
PVLAN Proxy Attack
132(1)
ACLs on Switches
133(1)
Port ACLs
133(1)
VLAN ACLs
133(1)
Summary
134(1)
Exam Essentials
134(2)
Review Questions
136(5)
Chapter 8 Securing Management Traffic 141(16)
In-Band and Out-of-Band Management
142(4)
AUX Port
142(1)
VTY Ports
143(1)
HTTPS Connection
144(1)
SNMP
144(1)
Console Port
145(1)
Securing Network Management
146(3)
SSH
146(1)
HTTPS
146(1)
ACLs
146(1)
Banner Messages
147(2)
Securing Access through SNMP v3
149(1)
Securing NTP
150(1)
Using SCP for File Transfer
151(1)
Summary
151(1)
Exam Essentials
152(1)
Review Questions
153(4)
Chapter 9 Understanding 802.1x and AAA 157(14)
802.1x Components
158(1)
RADIUS and TACACS+ Technologies
159(1)
Configuring Administrative Access with TACACS+
160(1)
Local AAA Authentication and Accounting
160(1)
SSH Using AAA
161(1)
Understanding Authentication and Authorization Using ACS and ISE
161(1)
Understanding the Integration of Active Directory with AAA
162(2)
TACACS+ on IOS
162(2)
Verify Router Connectivity to TACACS+
164(1)
Summary
164(1)
Exam Essentials
165(1)
Review Questions
166(5)
Chapter 10 Securing a BYOD Initiative 171(14)
The BYOD Architecture Framework
172(5)
Cisco ISE
172(2)
Cisco TrustSec
174(3)
The Function of Mobile Device Management
177(1)
Integration with ISE Authorization Policies
177(1)
Summary
178(1)
Exam Essentials
179(1)
Review Questions
180(5)
Chapter 11 Understanding VPNs 185(18)
Understanding IPsec
186(9)
Security Services
186(3)
Protocols
189(3)
Delivery Modes
192(2)
IPsec with IPV6
194(1)
Understanding Advanced VPN Concepts
195(4)
Hairpinning
195(1)
Split Tunneling
196(1)
Always-on VPN
197(1)
NAT Traversal
198(1)
Summary
199(1)
Exam Essentials
199(1)
Review Questions
200(3)
Chapter 12 Configuring VPNs 203(16)
Configuring Remote Access VPNs
204(5)
Basic Clientless SSL VPN Using ASDM
204(3)
Verify a Clientless Connection
207(1)
Basic AnyConnect SSL VPN Using ASDM
207(2)
Verify an AnyConnect Connection
209(1)
Endpoint Posture Assessment
209(1)
Configuring Site-to-Site VPNs
209(3)
Implement an IPsec Site-to-Site VPN with Preshared Key Authentication
209(3)
Verify an IPsec Site-to-Site VPN
212(1)
Summary
212(1)
Exam Essentials
213(1)
Review Questions
214(5)
Chapter 13 Understanding Firewalls 219(10)
Understanding Firewall Technologies
220(2)
Packet Filtering
220(1)
Proxy Firewalls
220(1)
Application Firewall
221(1)
Personal Firewall
221(1)
Stateful vs. Stateless Firewalls
222(2)
Operations
222(1)
State Table
223(1)
Summary
224(1)
Exam Essentials
224(1)
Review Questions
225(4)
Chapter 14 Configuring NAT and Zone-Based Firewalls 229(16)
Implementing NAT on ASA 9.x
230(6)
Static
231(1)
Dynamic
232(1)
PAT
233(1)
Policy NAT
233(2)
Verifying NAT Operations
235(1)
Configuring Zone-Based Firewalls
236(4)
Class Maps
237(1)
Default Policies
237(2)
Configuring Zone-to-Zone Access
239(1)
Summary
240(1)
Exam Essentials
240(1)
Review Questions
241(4)
Chapter 15 Configuring the Firewall on an ASA 245(18)
Understanding Firewall Services
246(1)
Understanding Modes of Deployment
247(1)
Routed Firewall
247(1)
Transparent Firewall
247(1)
Understanding Methods of Implementing High Availability
247(2)
Active/Standby Failover
248(1)
Active/Active Failover
248(1)
Clustering
249(1)
Understanding Security Contexts
249(1)
Configuring ASA Management Access
250(1)
Initial Configuration
250(1)
Configuring Cisco ASA Interface Security Levels
251(2)
Security Levels
251(2)
Configuring Security Access Policies
253(3)
Interface Access Rules
253(1)
Object Groups
254(2)
Configuring Default Cisco Modular Policy Framework (MPF)
256(1)
Summary
257(1)
Exam Essentials
257(2)
Review Questions
259(4)
Chapter 16 Intrusion Prevention 263(22)
IPS Terminology
264(3)
Threat
264(1)
Risk
264(1)
Vulnerability
265(1)
Exploit
265(1)
Zero-Day Threat
265(1)
Actions
265(1)
Network-Based IPS vs. Host-Based IPS
266(1)
Host-Based IPS
266(1)
Network-Based IPS
266(1)
Promiscuous Mode
266(1)
Detection Methods
267(1)
Evasion Techniques
267(4)
Packet Fragmentation
267(3)
Injection Attacks
270(1)
Alternate String Expressions
271(1)
Introducing Cisco FireSIGHT
271(2)
Capabilities
271(1)
Protections
272(1)
Understanding Modes of Deployment
273(2)
Inline
275(1)
Positioning of the IPS within the Network
275(2)
Outside
275(1)
DMZ
276(1)
Inside
277(1)
Understanding False Positives, False Negatives, True Positives, and True Negatives
277(1)
Summary
278(1)
Exam Essentials
278(2)
Review Questions
280(5)
Chapter 17 Content and Endpoint Security 285(16)
Mitigating Email Threats
286(6)
Spam Filtering
286(1)
Context-Based Filtering
287(1)
Anti-Malware Filtering
287(1)
DLP
287(1)
Blacklisting
288(1)
Email Encryption
288(1)
Cisco Email Security Appliance
288(2)
Putting the Pieces Together
290(2)
Mitigating Web-Based Threats
292(2)
Understanding Web Proxies
292(1)
Cisco Web Security Appliance
293(1)
Mitigating Endpoint Threats
294(1)
Cisco Identity Services Engine (ISE)
294(1)
Antivirus/Anti-Malware
294(1)
Personal Firewall
294(1)
Hardware/Software Encryption of Local Data
294(1)
HIPS
295(1)
Summary
295(1)
Exam Essentials
295(1)
Review Questions
296(5)
Appendix Answers to Review Questions 301(30)
Chapter 1 Understanding Security Fundamentals
302(2)
Chapter 2 Understanding Security Threats
304(1)
Chapter 3 Understanding Cryptography
305(2)
Chapter 4 Securing the Routing Process
307(2)
Chapter 5 Understanding Layer 2 Attacks
309(2)
Chapter 6 Preventing Layer 2 Attacks
311(1)
Chapter 7 VLAN Security
312(2)
Chapter 8 Securing Management Traffic
314(2)
Chapter 9 Understanding 802.1x and AAA
316(1)
Chapter 10 Securing a BYOD Initiative
317(2)
Chapter 11 Understanding VPNs
319(2)
Chapter 12 Configuring VPNs
321(1)
Chapter 13 Understanding Firewalls
322(2)
Chapter 14 Configuring NAT and Zone-Based Firewalls
324(1)
Chapter 15 Configuring the Firewall on an ASA
325(2)
Chapter 16 Intrusion Prevention
327(1)
Chapter 17 Content and Endpoint Security
328(3)
Index 331
Troy McMillan, CCNA, CCNP, CISSP, CASP, Security+, writes practice tests, study guides, and online course material for Kaplan IT Cert Prep. As a trainer and consultant with over 30 industry certifications, he delivers training in both live and video formats.