CCSP Self-Study : Securing Cisco IOS Networks (SECUR)
暫譯: CCSP 自學:保護 Cisco IOS 網路 (SECUR)

John Roland, Cisco Systems Inc.

CCSP Self-Study : Securing Cisco IOS Networks (SECUR)
  • 出版商: Cisco Press
  • 出版日期: 2004-04-21
  • 售價: $2,390
  • 貴賓價: 9.5$2,271
  • 語言: 英文
  • 頁數: 864
  • 裝訂: Hardcover
  • ISBN: 1587051516
  • ISBN-13: 9781587051517
  • 相關分類: CiscoApple Developer

    • 已絕版

買這商品的人也買了...

商品描述

Cisco authorized self-study book for CCSP 642-501 foundation learning

  • Identify the lineup of Cisco Systems network security products and enumerate the components of a complete security policy
  • Use Cisco Secure ACS for Windows and Cisco Secure ACS for UNIX to implement TACACS+ and RADIUS AAA support in Cisco router networks
  • Configure AAA support on perimeter Cisco routers and Cisco IOS Firewalls
  • Implement standard practices to secure administrative access and disable unused router protocols, services, and interfaces
  • Use AutoSecure to configure security parameters on Cisco routers
  • Configure Cisco IOS Firewalls for CBAC, Authentication Proxy, and AAA support
  • Configure and manage Cisco IOS IDS router signatures and audit rules
  • Monitor Cisco IOS IDS routers using Security Monitor or Syslog servers
  • Configure IPSec VPN tunnels on Cisco routers using preshared keys or RSA signatures
  • Configure Cisco routers to use IPSec with Network Address Translation
  • Use Security Device Manager and Router Management Center to configure and manage Cisco IOS VPN and Cisco IOS Firewall policies
  • Mitigate common router security threats with access control lists (ACLs)

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is a complete reference for security practices, protocols, software, and equipment that work on or in conjunction with Cisco IOS equipment to provide layers of security to networks. In addition to acting as a key study aid for the CCSP SECUR 642-501 exam, this book will be an invaluable theory and configuration guide for years to come.

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is a Cisco authorized, self-paced learning tool that helps you gain mastery over all security techniques and technologies, including newer topics such as Cisco Easy VPN and Security Device Manager (SDM). Chapter overviews bring you quickly up to speed on technologies you can use to secure your network. Configuration examples are designed to show you how to make Cisco IOS devices secure, and unique chapter-ending review questions test your knowledge.

Whether you are seeking a reference guide to working with Cisco IOS security or a study guide for the 642-501 exam, CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is the reference you are looking for.

CCSP Self-Study: Securing Cisco IOS Networks (SECUR) is part of a recommended learning path from Cisco Systems that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

This volume is in the Certification Self-Study Series offered by Cisco Press. Books in this series provide officially developed training solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

Table of Contents:

Foreword.

Preface.

Introduction.

   1. Introduction to Network Security.

Objectives. The Cisco SAFE Blueprint. Network Attack Taxonomy. Network Security Policy. Cisco Network Security Products. Cisco Management Software. Management Protocols and Functions. Network Address Translation and NAT Transversal. Chapter Summary. Chapter Review Questions.

2. Basic Cisco Router Security.

Cisco IOS Firewall Features. Securing Cisco Router Installations. Securing Cisco Router Administrative Access. Introduction to AAA for Cisco Routers. Configuring AAA for Cisco Perimeter Routers. Troubleshooting AAA. Chapter Summary. Review of Cisco IOS Commands. Chapter Review Questions. Case Study.

3. Advanced AAA Security for Cisco Router Networks.

Cisco Secure ACS Introduction. Installing Cisco Secure ACS 3.0 for Windows 2000/NT Servers. Administering and Troubleshooting Cisco Secure ACS for Windows. TACACS+ Overview. RADIUS Overview. Kerberos Overview. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

4. Cisco Router Threat Mitigation.

Using Routers to Secure the Network. Securing Router Services and Interfaces. Disabling Unused Router Interfaces. Implementing Cisco Access Control Lists. Mitigating Security Threats by Using ACLs. Filtering Router Service Traffic. Filtering Network Traffic. DDoS Mitigation. Sample Router Configuration. Implementing Syslog Logging. Designing Secure Management and Reporting for Enterprise Networks. Using AutoSecure to Secure Cisco Routers. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

5. Cisco IOS Firewall Context-Based Access Control Configuration.

Cisco IOS Firewall Introduction. Using CBAC to Protect Users from Attack. Configuring CBAC. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

6. Cisco IOS Firewall Authentication Proxy.

Introduction to the Cisco IOS Firewall Authentication Proxy. Configuring the AAA Server. Configuring the Cisco IOS Firewall with an AAA Server. Configuring the Authentication Proxy. Testing and Verifying the Configuration. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

7. Cisco IOS Firewall Intrusion Detection System.

Cisco IOS IDS Introduction. Configuring Cisco IOS IDS. Chapter Summary. Signatures Used By Cisco IOS IDS. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

8. Building IPSec VPNs Using Cisco Routers and Pre-Shared Keys.

Cisco Routers Enable Secure VPNs. What Is IPSec? IPSec Protocol Framework. Five Steps of IPSec. IPSec and Dynamic Virtual Private Networks. Configuring IPSec for IKE Pre-Shared Keys. Configuring IPSec Manually. Configuring IPSec for RSA-Encrypted Nonces. Using NAT with IPSec. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

9. Building Advanced IPSec VPNs Using Cisco Routers and Certificate Authorities.

Certificate Authorities. Configuring CA Support Tasks. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

10. Configuring IOS Remote Access Using Cisco Easy VPN.

Cisco Easy VPN Introduction. Cisco Easy VPN Server Overview. Cisco Easy VPN Remote Overview. Configuring Cisco Easy VPN Server for XAUTH. RADIUS Authentication for Group Profiles. Cisco VPN Client 3.5 Installation and Configuration Tasks. Working with Cisco VPN Client 3.5. Upcoming Cisco VPN Client Changes. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

11. Securing Cisco Routers Using Security Device Manager.

Understanding Security Device Manager. Understanding SDM Software. Using the SDM Startup Wizard. Introducing the SDM User Interface. Configuring a WAN Using the WAN Wizard. Using SDM to Configure a Firewall. Using SDM to Configure a VPN. Using SDM to Perform Security Audits. Using the Factory Reset Wizard. Using SDM Advanced Mode. Understanding Monitor Mode. Chapter Summary. Cisco IOS Commands Presented in This Chapter. Chapter Review Questions. Case Study.

12. Managing Enterprise VPN Routers.

Router MC 1.2.1 Introduction. Installing Router MC. Using Router MC. Creating Workflows and Activities. Configuring General Cisco IOS Firewall Settings. Building Access Rules. Using Building Blocks. Network Address Translation Rules. Managing Configurations. Administration. Chapter Summary. Chapter Review Questions. Case Study.

13. Case Study.

Introduction. Requirements. Solutions.

Appendix A: Answers to Chapter Review Questions.
Appendix B: Sample Network Security Policy.
Appendix C: Configuring Standard and Extended Access Lists.
Glossary.
Index.

商品描述(中文翻譯)

Cisco 認可的 CCSP 642-501 基礎學習自學書籍

- 確認 Cisco 系統網路安全產品的系列,並列舉完整安全政策的組成部分
- 使用 Cisco Secure ACS for Windows 和 Cisco Secure ACS for UNIX 在 Cisco 路由器網路中實現 TACACS+ 和 RADIUS AAA 支援
- 在邊界 Cisco 路由器和 Cisco IOS 防火牆上配置 AAA 支援
- 實施標準做法以保護管理存取並禁用未使用的路由器協定、服務和介面
- 使用 AutoSecure 配置 Cisco 路由器上的安全參數
- 配置 Cisco IOS 防火牆以支援 CBAC、身份驗證代理和 AAA
- 配置和管理 Cisco IOS IDS 路由器的簽名和審核規則
- 使用安全監控器或 Syslog 伺服器監控 Cisco IOS IDS 路由器
- 使用預共享金鑰或 RSA 簽名在 Cisco 路由器上配置 IPSec VPN 隧道
- 配置 Cisco 路由器以使用帶有網路地址轉換的 IPSec
- 使用 Security Device Manager 和 Router Management Center 配置和管理 Cisco IOS VPN 和 Cisco IOS 防火牆政策
- 使用存取控制列表 (ACLs) 減輕常見的路由器安全威脅

《CCSP 自學:保護 Cisco IOS 網路 (SECUR)》是針對安全實踐、協定、軟體和設備的完整參考,這些內容在或與 Cisco IOS 設備一起運作,以為網路提供多層安全性。除了作為 CCSP SECUR 642-501 考試的關鍵學習輔助工具外,本書將成為未來幾年的寶貴理論和配置指南。

《CCSP 自學:保護 Cisco IOS 網路 (SECUR)》是 Cisco 認可的自學工具,幫助您掌握所有安全技術和技術,包括 Cisco Easy VPN 和 Security Device Manager (SDM) 等新主題。章節概述讓您快速了解可用於保護網路的技術。配置範例旨在展示如何使 Cisco IOS 設備安全,獨特的章節結尾回顧問題測試您的知識。

無論您是尋找有關 Cisco IOS 安全的參考指南,還是 642-501 考試的學習指南,《CCSP 自學:保護 Cisco IOS 網路 (SECUR)》都是您所尋找的參考資料。

《CCSP 自學:保護 Cisco IOS 網路 (SECUR)》是 Cisco 系統推薦的學習路徑的一部分,包括來自授權 Cisco 學習夥伴的模擬和實作訓練,以及來自 Cisco Press 的自學產品。要了解更多有關授權 Cisco 學習夥伴在全球提供的講師主導訓練、電子學習和實作教學,請訪問 www.cisco.com/go/authorizedtraining。

本書是 Cisco Press 提供的認證自學系列的一部分。該系列的書籍提供官方開發的訓練解決方案,幫助網路專業人員理解技術實施並為 Cisco 職業認證考試做準備。

目錄:
前言
序言
介紹
1. 網路安全概論
目標。Cisco SAFE 藍圖。網路攻擊分類。網路安全政策。Cisco 網路安全產品。Cisco 管理軟體。管理協定和功能。網路地址轉換和 NAT 穿越。章節摘要。章節回顧問題。
2. 基本 Cisco 路由器安全
Cisco IOS 防火牆功能。保護 Cisco 路由器安裝。保護 Cisco 路由器管理存取。Cisco 路由器的 AAA 介紹。為 Cisco 邊界路由器配置 AAA。故障排除 AAA。章節摘要。Cisco IOS 命令回顧。章節回顧問題。案例研究。
3. Cisco 路由器網路的進階 AAA 安全
Cisco Secure ACS 介紹。為 Windows 2000/NT 伺服器安裝 Cisco Secure ACS 3.0。管理和故障排除 Cisco Secure ACS for Windows。TACACS+ 概述。RADIUS 概述。Kerberos 概述。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
4. Cisco 路由器威脅緩解
使用路由器保護網路。保護路由器服務和介面。禁用未使用的路由器介面。實施 Cisco 存取控制列表。使用 ACL 減輕安全威脅。過濾路由器服務流量。過濾網路流量。DDoS 緩解。範例路由器配置。實施 Syslog 記錄。為企業網路設計安全管理和報告。使用 AutoSecure 保護 Cisco 路由器。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
5. Cisco IOS 防火牆基於上下文的存取控制配置
Cisco IOS 防火牆介紹。使用 CBAC 保護用戶免受攻擊。配置 CBAC。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
6. Cisco IOS 防火牆身份驗證代理
Cisco IOS 防火牆身份驗證代理介紹。配置 AAA 伺服器。使用 AAA 伺服器配置 Cisco IOS 防火牆。配置身份驗證代理。測試和驗證配置。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
7. Cisco IOS 防火牆入侵檢測系統
Cisco IOS IDS 介紹。配置 Cisco IOS IDS。章節摘要。Cisco IOS IDS 使用的簽名。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
8. 使用 Cisco 路由器和預共享金鑰建立 IPSec VPN
Cisco 路由器啟用安全 VPN。什麼是 IPSec?IPSec 協定框架。IPSec 的五個步驟。IPSec 和動態虛擬私人網路。為 IKE 預共享金鑰配置 IPSec。手動配置 IPSec。為 RSA 加密的隨機數配置 IPSec。與 IPSec 一起使用 NAT。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
9. 使用 Cisco 路由器和證書授權機構建立進階 IPSec VPN
證書授權機構。配置 CA 支援任務。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
10. 使用 Cisco Easy VPN 配置 IOS 遠端存取
Cisco Easy VPN 介紹。Cisco Easy VPN 伺服器概述。Cisco Easy VPN 遠端概述。為 XAUTH 配置 Cisco Easy VPN 伺服器。群組配置的 RADIUS 身份驗證。Cisco VPN 客戶端 3.5 安裝和配置任務。使用 Cisco VPN 客戶端 3.5。即將到來的 Cisco VPN 客戶端變更。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
11. 使用 Security Device Manager 保護 Cisco 路由器
了解 Security Device Manager。了解 SDM 軟體。使用 SDM 啟動精靈。介紹 SDM 使用者介面。使用 WAN 精靈配置 WAN。使用 SDM 配置防火牆。使用 SDM 配置 VPN。使用 SDM 進行安全審核。使用出廠重置精靈。使用 SDM 進階模式。了解監控模式。章節摘要。本章中介紹的 Cisco IOS 命令。章節回顧問題。案例研究。
12. 管理企業 VPN 路由器
路由器 MC 1.2.1 介紹。安裝 Router MC。使用 Router MC。創建工作流程和活動。配置一般 Cisco IOS 防火牆設置。建立存取規則。使用建構模組。網路地址轉換規則。管理配置。管理。章節摘要。章節回顧問題。案例研究。
13. 案例研究
介紹。需求。解決方案。
附錄 A:章節回顧問題的答案。
附錄 B:範例網路安全政策。
附錄 C:配置標準和擴展存取列表。
詞彙表。
索引。

類似商品

最後瀏覽商品 (20)