Cisco Networking Academy Program Fundamentals of Network Security Companion Guid
暫譯: 思科網路學院計畫 網路安全基礎 伴隨指南

Cisco Systems Inc., Cisco Networking Academy Program

Cisco Networking Academy Program Fundamentals of Network Security Companion Guid
  • 出版商: Cisco Press
  • 出版日期: 2004-01-20
  • 售價: $3,050
  • 貴賓價: 9.5$2,898
  • 語言: 英文
  • 頁數: 912
  • 裝訂: Hardcover
  • ISBN: 1587131226
  • ISBN-13: 9781587131226
  • 相關分類: Cisco資訊安全

    • 已過版

買這商品的人也買了...

相關主題

商品描述

 

The only authorized textbook for the Cisco Networking Academy Program

Cisco Networking Academy Program Fundamentals of Network Security Companion Guide, along with the Fundamentals of Network Security Lab Companion and Workbook and the corresponding online course, provide a thorough introduction to network security.

This portable desk reference focuses on the overall security processes based on a security policy with an emphasis in the areas of secure perimeter, secure connectivity, security management, identity services, and intrusion detection. Along with the Cisco Networking Academy Program online course, this Companion Guide covers the installation, configuration, monitoring, and maintenance using Cisco command-line interface (CLI) and web-based device managers on both the Cisco IOS Firewall and the PIX Security Appliance. It also covers how to

  • Configure Network Address Translation, access lists, stateful traffic inspection, and application filtering
      Implement signature-based intrusion detection
    • Configure identity management using authentication, authorization, and accounting
    • Configure virtual private networks using industry-standard IPSec for both site-to-site and remote access connectivity

    This Companion Guide also includes security appendixes that cover several installation tutorials for various hardware and software products.

    This book and the course align with the new Cisco Firewall Specialist certification objectives. The Cisco Firewall Specialist encompasses the SECUR (formerly known as MCNS) and Cisco Secure PIX Firewall Advanced (CSPFA) exams. You can use this book and the course to begin certification preparation.

    Companion CD-ROM
    The CD-ROM contains 11 hi-res PhotoZoom Activities, 200+ exam- preparation questions in a practice Test Engine, more than 50 hands-on e-Lab Activities, 48 Demonstration Activities, plus 10 professional network security utilities, command references, and other resources for an enhanced learning experience.

    This book is part of the Cisco Networking Academy Program Series from Cisco Press. The products in this series support and complement the Cisco Networking Academy Program.

Table of Contents

Introduction.

I. IOS ROUTER SECURITY.

1. Overview of Network Security.

Rationale, Trends, and Goals of Network Security. Security Threats and Vulnerabilities. Security Framework and Policy. Security Products and Solutions. Summary. Key Terms. Check Your Understanding.

2. Basic Router and Switch Security.

General Router and Switch Security. Disabling Unneeded Services. Securing the Perimeter Router. Router Management. Securing Switches and LAN Access. Summary. Key Terms. Check Your Understanding.

3. Router ACLs and CBAC.

Access Control Lists. Types of IP ACLs. Content-Based Access Control. Summary. Key Terms. Check Your Understanding.

4. Router AAA Security.

AAA Secures Network Access. Network Access Server (NAS) AAA Authentication Process. Cisco Secure ACS. AAA Servers Overview and Configuration. The Cisco IOS Firewall Authentication Proxy. Summary. Key Terms. Check Your Understanding.

5. Router Intrusion Detection, Monitoring, and Management

IOS Firewall IDS. Setting up the Cisco IOS Firewall IDS. Monitoring with Logging and Syslog. SNMP. Managing the Router. Security Device Manager (SDM). Summary. Key Terms. Check Your Understanding.

6. Router Site-to-Site VPNs

Virtual Private Networks. IOS Cryptosystem. Symmetric Encryption. IPSec. Site-to-Site IPSec VPN Using Preshared Keys. Digital Certificates. Configuring Site-to-Site IPSec VPN Using Digital Certificates. Summary. Key Terms. Check Your Understanding.

7 Router Remote Access VPNs

Remote Access VPN. VPN Enterprise Management. Summary. Key Terms. Check Your Understanding.

II. PIX SECURITY APPLIANCE SECURITY.

8. PIX Security Appliance.

Introduction to Firewalls. Cisco PIX Security Appliance. Getting Started with the PIX Security Appliance. Routing and Multicast Configuration. PIX Dynamic Host Control Configuration. Summary. Key Terms. Check Your Understanding.

9. PIX Security Appliance Translations and Connections.

Transport Protocols. Network Address Translation. DNS Doctoring, Destination NAT, and DNS Record Translation on the PIX. Connections. Port Address Translation. Multiple Interfaces on a PIX Security Appliance. Summary. Key Terms. Check Your Understanding.

10. PIX Security Appliance ACLs.

ACLs and the PIX Security Appliance. Using ACLs. Filtering. Object Grouping. Nested Object Groups. Summary. Key Terms. Check Your Understanding.

11. PIX Security Appliance AAA

AAA. Authentication Configuration on the PIX. Authorization Configuration on the PIX Security Appliance. Accounting Configuration on the PIX Security Appliance. Defining Traffic to Utilize AAA Services. Monitoring the AAA Configuration. PPPoE and the PIX Security Appliance. Appendix 11-A: How to Add Users to CSACS-NT. Appendix 11-B: CSACS and Authorization. Appendix 11-C: CSACS and ACLs. Appendix 11-D: How to View Accounting Information in CSACS......... Summary. Key Terms. Check Your Understanding.

12. PIX Advanced Protocols and Intrusion.

Detection. Advanced Protocol Handling. Multimedia Support and the PIX Security Appliance. Attack Guards. Intrusion Detection and the PIX Security Appliance. Shunning. PIX Security Appliance Syslog Logging. SNMP. Summary. Key Terms. Check Your Understanding.

13. PIX Failover and System Maintenance.

Understanding PIX Security Appliance Failover. Serial Cable Failover Configuration. LAN-Based Failover Configuration. System Maintenance via Remote Access. Command Authorization. PIX Security Appliance Password Recovery. Upgrading the PIX Security Appliance Image and the Activation Key. Summary. Key Terms. Check Your Understanding.

14. PIX Security Appliance VPNs.

PIX Security Appliance Enables a Secure VPN. Tasks to Configure VPN. Cisco VPN Client. Scaling PIX VPNs Using CAs. Summary. Key Terms. Check Your Understanding.

15. PIX Security Appliance Management.

PIX Management Tools. Cisco PIX Device Manager. Enterprise PIX Management. Summary. Check Your Understanding.

III. APPENDIXES.

Appendix A. Glossary of Key Terms.


 

Appendix B. Check Your Understanding Answer Key.


 

Appendix C. Physical Layer Security.


 

Appendix D. Operating System Security.


 

Index.

商品描述(中文翻譯)

《思科網路學院計畫網路安全基礎伴隨指南》是思科網路學院計畫的唯一授權教科書,與《網路安全基礎實驗伴隨指南》和工作手冊以及相應的線上課程一起,提供了網路安全的全面介紹。

這本便攜式桌面參考書專注於基於安全政策的整體安全流程,強調安全邊界、安全連接、安全管理、身份服務和入侵檢測等領域。與思科網路學院計畫的線上課程一起,這本伴隨指南涵蓋了使用思科命令行介面(CLI)和基於網頁的設備管理器在思科IOS防火牆和PIX安全設備上的安裝、配置、監控和維護。它還涵蓋了如何:
- 配置網路地址轉換、存取清單、有狀態流量檢查和應用過濾
- 實施基於簽名的入侵檢測
- 使用身份驗證、授權和會計配置身份管理
- 使用行業標準IPSec配置虛擬私人網路,支持站點到站點和遠端訪問連接

這本伴隨指南還包括安全附錄,涵蓋各種硬體和軟體產品的多個安裝教程。

這本書和課程與新的思科防火牆專家認證目標相符。思科防火牆專家涵蓋SECUR(前稱MCNS)和思科安全PIX防火牆高級(CSPFA)考試。您可以使用這本書和課程開始認證準備。

伴隨CD-ROM
CD-ROM包含11個高解析度PhotoZoom活動、200多個考試準備問題的練習測試引擎、50多個實作e-Lab活動、48個示範活動,以及10個專業網路安全工具、命令參考和其他資源,以增強學習體驗。

這本書是思科出版社的思科網路學院計畫系列的一部分。該系列的產品支持並補充思科網路學院計畫。

目錄
引言
I. IOS路由器安全
1. 網路安全概述
網路安全的理由、趨勢和目標。安全威脅和漏洞。安全框架和政策。安全產品和解決方案。總結。關鍵術語。檢查您的理解。

2. 基本路由器和交換機安全
一般路由器和交換機安全。禁用不必要的服務。保護邊界路由器。路由器管理。保護交換機和LAN訪問。總結。關鍵術語。檢查您的理解。

3. 路由器ACL和CBAC
存取控制清單。IP ACL的類型。基於內容的存取控制。總結。關鍵術語。檢查您的理解。

4. 路由器AAA安全
AAA保護網路訪問。網路訪問伺服器(NAS)AAA身份驗證過程。思科安全ACS。AAA伺服器概述和配置。思科IOS防火牆身份驗證代理。總結。關鍵術語。檢查您的理解。

5. 路由器入侵檢測、監控和管理
IOS防火牆IDS。設置思科IOS防火牆IDS。使用日誌和Syslog進行監控。SNMP。管理路由器。安全設備管理器(SDM)。總結。關鍵術語。檢查您的理解。

6. 路由器站點到站點VPN
虛擬私人網路。IOS加密系統。對稱加密。IPSec。使用預共享金鑰的站點到站點IPSec VPN。數位證書。使用數位證書配置站點到站點IPSec VPN。總結。關鍵術語。檢查您的理解。

7. 路由器遠端訪問VPN
遠端訪問VPN。VPN企業管理。總結。關鍵術語。檢查您的理解。

II. PIX安全設備安全
8. PIX安全設備
防火牆介紹。思科PIX安全設備。開始使用PIX安全設備。路由和多播配置。PIX動態主機控制配置。總結。關鍵術語。檢查您的理解。

9. PIX安全設備翻譯和連接
傳輸協議。網路地址轉換。DNS修正、目的地NAT和PIX上的DNS記錄翻譯。連接。端口地址轉換。PIX安全設備上的多個介面。總結。關鍵術語。檢查您的理解。

10. PIX安全設備ACL
ACL和PIX安全設備。使用ACL。過濾。物件分組。嵌套物件組。總結。關鍵術語。檢查您的理解。

11. PIX安全設備AAA
AAA。PIX上的身份驗證配置。PIX安全設備上的授權配置。PIX安全設備上的會計配置。定義利用AAA服務的流量。監控AAA配置。PPPoE和PIX安全設備。附錄11-A:如何將用戶添加到CSACS-NT。附錄11-B:CSACS和授權。附錄11-C:CSACS和ACL。附錄11-D:如何查看CSACS中的會計信息。總結。關鍵術語。檢查您的理解。

12. PIX高級協議和入侵檢測
高級協議處理。多媒體支持和PIX安全設備。攻擊防護。入侵檢測和PIX安全設備。排斥。PIX安全設備Syslog日誌。SNMP。總結。關鍵術語。檢查您的理解。

13. PIX故障轉移和系統維護
理解PIX安全設備故障轉移。串行電纜故障轉移配置。基於LAN的故障轉移配置。通過遠端訪問進行系統維護。命令授權。PIX安全設備密碼恢復。升級PIX安全設備映像和啟用金鑰。總結。關鍵術語。檢查您的理解。

14. PIX安全設備VPN
PIX安全設備啟用安全VPN。配置VPN的任務。思科VPN客戶端。使用CA擴展PIX VPN。總結。關鍵術語。檢查您的理解。

15. PIX安全設備管理
PIX管理工具。思科PIX設備管理器。企業PIX管理。總結。檢查您的理解。

III. 附錄
附錄A. 關鍵術語詞彙表
附錄B. 檢查您的理解答案鍵
附錄C. 物理層安全
附錄D. 作業系統安全
索引

類似商品