Atnaujinkite slapukų nuostatas

CCSP Secure Pix and Secure VPN Study Guide (642-521 and 642-511): Secure PIX and Secure VPN Study Guide (642-521 and 642-511) [Minkštas viršelis]

5.00/5 (2 ratings by Goodreads)
, , ,
  • Formatas: Paperback / softback, 526 pages, aukštis x plotis: 228x191 mm, weight: 1032 g, Contains 1 Paperback / softback and 1 CD-ROM
  • Išleidimo metai: 01-Nov-2003
  • Leidėjas: Sybex Inc.,U.S.
  • ISBN-10: 0782142877
  • ISBN-13: 9780782142877
Kitos knygos pagal šią temą:
CCSP Secure Pix and Secure VPN Study Guide (642-521 and 642-511): Secure PIX and Secure VPN Study Guide (642-521 and 642-511)Didesnis paveikslėlis
  • Formatas: Paperback / softback, 526 pages, aukštis x plotis: 228x191 mm, weight: 1032 g, Contains 1 Paperback / softback and 1 CD-ROM
  • Išleidimo metai: 01-Nov-2003
  • Leidėjas: Sybex Inc.,U.S.
  • ISBN-10: 0782142877
  • ISBN-13: 9780782142877
Kitos knygos pagal šią temą:
Pastovi nuoroda: https://www.kriso.lt/db/9780782142877.html
Raktažodžiai:
Here's the book you need to prepare for Cisco's Secure PIX Firewall (CSPFA) and Secure VPN (CSVPN) exams.

This two-in-one Study Guide provides:

  • In-depth coverage of all exam topics
  • Practical information on implementing Cisco's Secure PIX and Secure VPN technologies
  • Hundreds of challenging review questions
  • Leading-edge exam preparation software, including a test engine and electronic flashcards

Authoritative coverage of all exam objectives, including:
Secure PIX Firewall:

  • Translations and Connections
  • Access Control Lists and Content Filtering
  • Object Grouping
  • Advanced Protocol Handling
  • Attack Guards, Intrusion Detection, and Shunning
  • Authentication, Authorization, and Accounting
  • Failover
  • Cisco PIX Device Manager
  • Enterprise PIX Firewall Management and Maintenance
  • Firewall Services Module

Secure VPN:

  • VPN and IPSec Technology Overview
  • VPN 3000 Concentrator Series Hardware
  • Remote Access with Pre-shared Keys and Digital Certificates
  • IPSec Software Client Firewalls
  • Software Client Auto-Initiation
  • Hardware Client Configuration
  • Network Client Backup and Load Balancing
  • Software Auto-Update
  • Configuring for the IPSec Over UDP and IPSec Over TCP\
  • LAN-to-LAN with Pre-Shared Keys, NAT, and Digital Certificates

Note: CD-ROM/DVD and other supplementary materials are not included as part of eBook file.

Introduction xxi
Assessment Test xxxiv
Part I Cisco Secure PIX Firewall Advanced
1(294)
PIX Firewell Basics
3(40)
Understanding a Firewall's Role in Network Security
4(2)
What Is a Firewall?
4(2)
What Are the Potential Threats?
6(1)
Reviewing Firewall Techonologies
6(6)
Dual-Homed Gateways
6(1)
Packet-Filtering Firewalls
7(1)
Stateful Firewells
8(1)
Firewell Technology Combinations
9(3)
Hardware and Software Components of the Cisco Secure PIX Firewall
12(6)
PIX Firewall Features
12(1)
PIX Firewall Components
13(5)
PIX Firewall Operation
18(4)
NAT Machanisms
19(1)
Packet Processing
20(1)
The Adaptive Security Algorithm (ASA) and Security Levels
21(1)
Working with the Firewall Services Module (FWSM)
22(6)
Overview of Configuration
23(1)
Configuring an IOS Switch
24(1)
Configuring a CatOS switch
25(1)
Connecting to the Module
26(1)
Configuring the FWSM
27(1)
Using the PIX Firewall CLI
28(9)
CLI Access Methods
28(1)
CLI Modes
28(2)
Editing in the CLI
30(1)
Basic Commands
30(7)
Summary
37(1)
Exam Essentials
37(1)
Key Terms
38(1)
Review Questions
39(2)
Answers to Review Questions
41(2)
PIX Firewall Configuration
43(60)
Preparing for Firewall Configuration
44(1)
Using Common Global Configuration Commands
45(8)
The Remote Access Commands
45(2)
The Clock Command
47(1)
The ntp Command
48(1)
The domain-name and hostname Commands
49(1)
The name/names Commands
50(1)
The dhcpd Command
50(2)
The logging Command
52(1)
Configuring PIX Firewall Interfaces
53(6)
Naming an Interface and Assigning a Security Level
53(3)
Setting Interface Properties and Shutting Down the Interface
56(1)
Assigning an IP Address
57(1)
Setting the Maximum Tranfer Unit
58(1)
Configuring NAT and PAT
59(26)
Understanding Address Translation
59(4)
NAT, PAT, and Security
63(1)
Configuring NAT
64(9)
Configuring PAT
73(4)
Configuring NAT on Multiple Interfaces
77(8)
Configuring Routing
85(7)
Configuring Dynamic Routing
86(1)
Configuring Static Routing
87(3)
Configuring Multicast Routing
90(2)
Summary
92(1)
Exam Essentials
92(1)
Key Terms
93(1)
Hands-On Lab
93(6)
Answer to Lab 2.1
96(1)
Answer to Lab 2.2
96(1)
Answer to Lab 2.3
96(1)
Answer to Lab 2.4
97(1)
Answer to Lab 2.5
97(1)
Answer to Lab 2.6
97(2)
Review Questions
99(2)
Answer to Review Questions
101(2)
ACLs, Filtering, Object Grouping, and AAA
103(44)
Using PIX Firewall ACLs
104(4)
Creating a PIX ACL
105(1)
Applying a PIX ACL
106(1)
Converting Conduits to ACLs
106(2)
URL Filtering
108(3)
How Does URL Filtering Works?
108(1)
Configuring the PIX Firewall for URL Filtering
108(3)
PPPoE and the PIX Firewall
111(4)
Configuring the PPPoE Client Username and Passwrd
111(1)
Enabling PPPoE and the PIX Firewall
112(1)
Verifying PPPoE Operation
113(2)
Object Groups
115(4)
Configuring Objects Groups
115(4)
Using Objects Groups
119(1)
Authentication, Authorization, and Accounting (AAA) Services
119(15)
Installing CiscoSecure ACS for Windows 2000/NT
120(5)
Implementing AAA on the PIX Firewall
125(7)
Downloadable PIX ACLs
132(2)
Summary
134(1)
Exam Essentials
134(1)
Key Terms
135(1)
Written Lab
135(1)
Hands-On Lab
136(6)
Answer to Lab 3.1
138(1)
Answer to Lab 3.2
139(1)
Answer to Lab 3.3
139(1)
Answer to Lab 3.4
140(1)
Answer to Lab 3.5
140(1)
Answer to Lab 3.6
140(2)
Review Questions
142(2)
Answers to Written Lab
144(1)
Answer to Review Questions
145(2)
Advanced Protocol Handling, Attack Guards, and Intrusion Detection
147(42)
Advanced Protocol Handling
148(11)
Special Protocol Support Basics
149(2)
File Transfer Protocol
151(3)
Remote Shell
154(1)
SQL *Net
154(2)
Multimedia Support
156(2)
Alternative Solutions to Problem Protocols
158(1)
Attack Guards
159(10)
AAA Flood Guard
159(1)
SYN Flood Guard
160(1)
Mail Guard
161(4)
IP Fragmentation Guard
165(3)
DNS Guard
168(1)
Instrusion Detection
169(7)
IP Audit
169(6)
Shunning
175(1)
Summary
176(1)
Exam Essentials
176(1)
Key Terms
177(1)
Written Lab
177(1)
Hands-On Lab
178(6)
Answer to Lab 4.1
180(1)
Answer to Lab 4.2
180(1)
Answer to Lab 4.3
181(1)
Answer to Lab 4.4
181(1)
Answer to Lab 4.5
181(3)
Review Questions
184(2)
Answers to the Written Lab
186(1)
Answer To Review Questions
187(2)
Firewall Failover and PDM
189(38)
Fault-Tolerance Concepts
190(5)
Points of Failure
190(4)
Fault-Tolerant Strategies
194(1)
PIX Firewall Failover
195(13)
PIX Firewall Failover Features
195(1)
PIX Firewall Failover Requirements
195(1)
How PIX Firewall Failover Works
196(7)
Statful Failover
203(1)
Basic Failover Configuration
204(4)
Cisco PIX Device Manager (PDM)
208(12)
PDM Overview
208(1)
Operating Requirements
209(1)
Preparing for PDM
210(2)
Using PDM to Configure the PIX Firewall
212(8)
Summary
220(1)
Exam Essentials
221(1)
Key Terms
221(1)
Written Lab
222(1)
Review Questions
223(2)
Answers to Written Lab
225(1)
Answers to Review Questions
226(1)
VPNs and the PIX Firewall
227(68)
Preparing to Configure VPN support
228(1)
Configuring IKE on a Firewall
229(8)
Enabling IKE
229(1)
Configuring the IKE Policy
230(1)
Configuring Preshared Keys
231(1)
Configuring the Use of Certificate Authorities (CAs) on a Firewall
232(5)
Configuring IPSec on a Firewall
237(7)
Creating Crypto ACLs
237(1)
Creating and Configuring Transform Sets
238(2)
Setting the Tunnel Lifetime
240(1)
Creating Crypto Maps
241(3)
Verifying and Troubleshooting IPSec Configuration on a Firewall
244(4)
Viewing Configuration Information
244(3)
Understanding Error Messages
247(1)
Debugging
248(1)
Understanding Remote Access VPN
248(5)
Extended Authentication (Xauth)
248(1)
IKE Mode Config for Dynamic Addressing
249(1)
Pushing Additional Attributes to the VPN Client
250(1)
Common Commands
251(2)
Installing and Configuring the Cisco VPN Client
253(8)
Deploying the VPN Client
255(6)
Using PDM to Create VPNs
261(12)
Setting Up a Site-to-Site VPN
263(5)
Setting Up a Remote Access VPN
268(5)
Enterprise PIX Firewall Management and Maintenance
273(8)
Cisco Secure Policy Manager (CSPM)
273(2)
PIX Management Center (MC)
275(2)
Auto Update Server (AUS)
277(4)
Summary
281(1)
Exam Essentials
281(1)
Key Terms
282(1)
Written Lab
282(1)
Hands-On Lab
283(8)
Answer to Lab 6.1
286(1)
Answer to Lab 6.2
286(1)
Answer to Lab 6.3
286(1)
Answer to Lab 6.4
287(1)
Answer to Lab 6.5
287(1)
Answer to Lab 6.6
288(3)
Review Questions
291(2)
Answers to the Written Lab
293(1)
Answers to Review Questions
294(1)
Part II Cisco Secure Virtual Private Networks
295(192)
Introduction to Virtual Private Networks
297(32)
VPN Basics
298(4)
Major Types of VPNs
298(1)
VPN Devices
299(3)
Introducing IPSec
302(15)
IPSec Services
303(1)
IPSec Building Blocks: AH and ESP
303(4)
Hashing
307(2)
Encryption
309(1)
Diffie-Hellman Key Exchange
309(2)
Internet Key Exchange
311(2)
Transform Sets
313(2)
IPSec Security Associations
315(2)
How IPSec Works
317(5)
Defining Interesting Traffic
317(1)
IKE Phase 1
318(2)
IKE Phase 2
320(1)
IPSec Task Flow
320(2)
IPSec Troubleshooting
322(1)
Traffic Delay Problems
322(1)
Filtering Problems
322(1)
NAT Problems
323(1)
ACL Problems
323(1)
Summary
323(1)
Exam Essentials
323(1)
Key Terms
324(1)
Review Questions
325(3)
Answers to Review Questions
328(1)
Introduction to Cisco VPN Devices
329(54)
Introducting the VPN 3000 Concentrators
330(6)
Overview of the VPN 3005 Concentrator
331(2)
Overview of VPN 3015 through 3080 Concentrators
333(2)
VPN Concentrator Client Support
335(1)
Introducing the 3002 VPN Hardware Client
336(20)
Configuring the 3002 CLI Quick Configuration Utility
337(4)
Configuring the Hardware Client with the Quick Configuration Utility
341(8)
Managing the Hardware Client
349(1)
Additional VPN 3002 Client Features
349(7)
Introducing the VPN Software Clients
356(9)
Configurating the Connection
357(1)
Setting Authentication Properties
357(1)
Setting Connection Properties
358(1)
Installing a Certificate
359(3)
Preconfiguring the VPN Client
362(3)
Overview of the Cisco VPN Software Client Auto-Initiation
365(2)
Summary
367(1)
Exam Essentials
367(1)
Key Terms
368(1)
Written Lab
368(2)
Answers to the Written Lab
370(1)
Hands-On Lab
371(9)
Answer to Lab 8.1
373(1)
Answer for Lab 8.2
374(1)
Answer for Lab 8.3
375(1)
Answer for Lab 8.4
376(1)
Answer for Lab 8.5
377(1)
Answer for Lab 8.6
378(1)
Answer for Lab 8.7
378(1)
Answer for Lab 8.8
378(2)
Review Questions
380(2)
Answers to Review Questions
382(1)
Configuring the VPN Concentrator
383(70)
Using the CLI for Initial Configuration
386(7)
Starting the CLI
386(7)
Using Web Quick Configuration Mode
393(6)
Configuring Physical Interfaces
395(1)
Setting System Information
395(1)
Setting the Tunnel-Creation Method
396(1)
Setting Address Assignment
396(1)
Configuring Authentication
397(2)
Setting a Group Name
399(1)
Changing the Admin Password
399(1)
Configuring User and Policy Management
399(25)
Navigating the GUI
400(1)
Setting Up Groups
401(8)
Setting Up Users
409(1)
Configuring an Authentication Server
409(1)
Configuring Access Hours and Filters
410(3)
Configuring Backup on the Hardware Client
413(1)
Configuring Load Balancing
414(2)
Configuring LAN-to-LAN IPSec
416(2)
Updating Clients Automatically
418(3)
Setting Up the Stateful Firewall
421(3)
Configuring the Use of IPSec Digital Certificates
424(12)
Introducing the Public Key Infrastructure
424(1)
Requesting and Installing Concentrator Certificates
425(8)
Requesting and Installing Client Certificates
433(3)
Firewall Feature Set for the IPSec Software Client
436(3)
Software Client's ``Are You There'' Feature
436(1)
Software Clients Stateful Firewall Feature
436(1)
Software Client's Central Policy Protection Feature
437(1)
Client Firewall Statistics
437(2)
Customizing Firewall Policy
439(1)
Configure the VPN 3000 Concentrator for IPSec over UDP and IPSec over TCP
439(4)
Overview of Port Address Translation
440(1)
Configuring IPSec over UDP
441(1)
Configuring NAT-Transversal
442(1)
Configuring IPSec over TCP
443(1)
Summary
443(1)
Exam Essentials
444(1)
Key Terms
445(1)
Written Lab
445(1)
Hands-On Lab
446(3)
Answer to Lab 9.1
447(1)
Answer to Lab 9.2
448(1)
Review Questions
449(2)
Answers to Review Questions
451(1)
Answers to the Written Lab
452(1)
Managing the VPN Concentrator
453(34)
Monitoring the VPN Concentrator
454(17)
Viewing Concentrator Monitoring Information
455(10)
Configuring Logging and SNMP Traps
465(6)
Administering the VPN Concentrator
471(9)
Configuring Access Rights
471(4)
Administering Sessions
475(1)
Administering File Management
476(2)
Updating Software
478(1)
Pinging Devices
479(1)
Summary
480(7)
Exam Essentials
480(1)
Key Terms
481(1)
Written Lab
481(1)
Review Questions
482(2)
Answers to the Written Lab
484(1)
Answers to Review Questions
485(2)
Glossary 487(12)
Index 499
Wade Edwards, CCIE 7009, has over 14 years of networking experience and has been actively involved in the computer industry for over 23 years. Tom Lancaster, CCIE# 8829, is a network security professional and Cisco instructor. Bryant Tow has over 14 years of experience in the IT industry as an instructor and entrepreneur. Eric Quinn, CCSI, CSS1, CCNP + Voice is an instructor and security consultant.