Network Security 1 and 2 Companion Guide
Antoon Rufi
- 出版商: Cisco Press
- 出版日期: 2006-10-15
- 定價: $2,600
- 售價: 1.5 折 $399
- 語言: 英文
- 頁數: 840
- 裝訂: Hardcover
- ISBN: 1587131625
- ISBN-13: 9781587131622
-
相關分類:
資訊安全
立即出貨 (庫存 < 3)
買這商品的人也買了...
-
$680$646 -
$920$902 -
$780$741 -
$780$702 -
$420$332 -
$620$527 -
$650$553 -
$650$553 -
$650$514 -
$720$569 -
$990$891 -
$290$226 -
$550$435 -
$490$387 -
$580$493 -
$630$498 -
$780$663 -
$590$460 -
$680$537 -
$800$632 -
$690$587 -
$330$281 -
$480$408 -
$780$616 -
$580$458
相關主題
商品描述
Description
The completely revised, updated and only authorized textbook for the Cisco Networking Academy Program Network Security 1 and 2 course
- A portable reference that supports the topics in the Cisco Networking Academy Network Security course aligning 1:1 with course modules
- Features improved readability, enhanced topic explanations, real-world examples, and all-new graphical presentations
- Written by leading Academy instructor, Antoon Rufi, who bring a fresh voice to the course material
Network Security 1 and 2 Companion Guide is the official supplemental textbook for version 2 of the Network Security 1 and 2 course of the Cisco Networking Academy Program. Completely revised and updated with new examples and explanations, this textbook includes original material developed by the author, yet it fully aligns with the Network Security curriculum. Written by an experienced author who presents material in a comprehensive manner--using his own voice and own examples--this new edition augments student understanding of course material. The new edition incorporates improved features to aid instructors and enhance student comprehension. For example, chapters align with course modules in both name and number, and chapter objectives are stated as questions to encourage students to think about and find answers as they read chapters. End-of-chapter questions and summaries align with chapter objectives to emphasize key topics, while key terms are listed in each chapter opener in the order of occurrence to alert students to upcoming vocabulary words. In addition, new features include "How To" quick references for step-by-step tasks; real-world examples and all-new illustrations; concise explanations with a focus on word usage and sentence structure for improved readability; and correlations to the CCNA exam in Chapter Objectives, Check Your Understanding questions, and new Challenge Activities.
Table of Contents
Course 1
Chapter 1 Vulnerabilities, Threats, and Attacks
Key Terms
Introduction to Network Security
The Need for Network Security
Identifying Potential Risks to Network Security
Open Versus Closed Security Models
Trends Driving Network Security
Information Security Organizations
Introduction to Vulnerabilities, Threats, and Attacks
Vulnerabilities
Threats
Attacks
Attack Examples
Reconnaissance Attacks
Access Attacks
Denial-of-Service (DoS) Attacks
Masquerade/IP Spoofing Attacks
Distributed Denial-of-Service Attacks
Malicious Code
Vulnerability Analysis
Policy Identification
Network Analysis
Host Analysis
Analysis Tools
Summary
Check Your Understanding
Chapter 2 Security Planning and Policy
Key Terms
Discussing Network Security and Cisco
The Security Wheel
Network Security Policy
Endpoint Protection and Management
Host- and Server-Based Security Components and Technologies
PC Management
Network Protection and Management
Network-Based Security Components and Technologies
Network Security Management
Security Architecture
Security Architecture (SAFE)
The Cisco Self-Defending Network
Secure Connectivity
Threat Defense
Cisco Integrated Security
Plan, Design, Implement, Operate, Optimize (PDIOO)
Basic Router Security
Control Access to Network Devices
Remote Configuration Using SSH
Router Passwords
Router Privileges and Accounts
Cisco IOS Network Services
Routing, Proxy ARP, and ICMP
Routing Protocol Authentication and Update Filtering
NTP, SNMP, Router Name, DNS
Summary
Check Your Understanding
Chapter 3 Security Devices
Device Options
Cisco IOS Firewall Feature Set
Creating a Customized Firewall
PIX Security Appliance
Adaptive Security Appliance
Finesse Operating System
The Adaptive Security Algorithm
Firewall Services Module
Using Security Device Manager
Using the SDM Startup Wizard
SDM User Interface
SDM Wizards
Using SDM to Configure a WAN
Using the Factory Reset Wizard
Monitor Mode
Introduction to the Cisco Security Appliance Family
PIX 501 Security Appliance
PIX 506E Security Appliance
PIX 515E Security Appliance
PIX 525 Security Appliance
PIX 535 Security Appliance
Adaptive Security Appliance Models
PIX Security Appliance Licensing
PIX VPN Encryption License
Security Contexts
PIX Security Appliance Context Licensing
ASA Security Appliance Licensing
Expanding the Features of the PIX 515E
Expanding the Features of the PIX 525
Expanding the Features of the PIX 535
Expanding the Features of the Adaptive Security Appliance Family
Getting Started with the PIX Security Appliance
Configuring the PIX Security Appliance
The help Command
Security Levels
Basic PIX Security Appliance Configuration Commands
Additional PIX Security Appliance Configuration Commands
Examining the PIX Security Appliance Status
Time Setting and NTP Support
Syslog Configuration
Security Appliance Translations and Connections
Transport Protocols
NAT
Dynamic Inside NAT
Two Interfaces with NAT
Three Interfaces with NAT
PAT
Augmenting a Global Pool with PAT
The static Command
The nat 0 Command
Connections and Translations
Manage a PIX Security Appliance with Adaptive Security Device Manager
ASDM Operating Requirements
Prepare for ASDM
Using ASDM to Configure the PIX Security Appliance
PIX Security Appliance Routing Capabilities
Virtual LANs
Static and RIP Routing
OSPF
Multicast Routing
Firewall Services Module Operation
FWSM Requirements
Getting Started with the FWSM
Verify FWSM Installation
Configure the FWSM Access Lists
Using PDM with the FWSM
Resetting and Rebooting the FWSM
Summary
Check Your Understanding
Chapter 4 Trust and Identity Technology
Key Terms
AAA
TACACS
RADIUS
Comparing TACACS+ and RADIUS
Authentication Technologies
Static Passwords
One-Time Passwords
Token Cards
Token Card and Server Methods
Digital Certificates
Biometrics
Identity Based Networking Services (IBNS)
802.1x
Wired and Wireless Implementations
Network Admission Control (NAC)
NAC Components
NAC Phases
NAC Operation
NAC Vendor Participation
Summary
Check Your Understanding
Chapter 5 Cisco Secure Access Control Server
Key Terms
Cisco Secure Access Control Server Product Overview
Authentication and User Databases
The Cisco Secure ACS User Database
Keeping Databases Current
Cisco Secure ACS for Windows Architecture
How Cisco Secure ACS Authenticates Users
User-Changeable Passwords
Configuring RADIUS and TACACS+ with Cisco Secure ACS
Installation Steps
Administering Cisco Secure ACS for Windows
Troubleshooting
Enabling TACACS+
Verifying TACACS+
Failure
Pass
Configuring RADIUS
Summary
Check Your Understanding
Chapter 6 Configure Trust and Identity at Layer 3
Key Terms
Cisco IOS Firewall Authentication Proxy
Authentication Proxy Operation
Supported AAA Servers
AAA Server Configuration
AAA Configuration
Allow AAA Traffic to the Router
Authentication Proxy Configuration
Test and Verify Authentication Proxy
Introduction to PIX Security Appliance AAA Features
PIX Security Appliance Authentication
PIX Security Appliance Authorization
PIX Security Appliance Accounting
AAA Server Support
Configure AAA on the PIX Security Appliance
PIX Security Appliance Access Authentication
Interactive User Authentication
The Local User Database
Authentication Prompts and Timeout
Cut-Through Proxy Authentication
Authentication of Non-Telnet, -FTP, or -HTTP Traffic
Tunnel User Authentication
Authorization Configuration
Downloadable ACLs
Accounting Configuration
Console Session Accounting
Command Accounting
Troubleshooting the AAA Configuration
Summary
Check Your Understanding
Chapter 7 Configure Trust and Identity at Layer 2
Key Terms
Identity Based Networking Services (IBNS)
Features and Benefits
IEEE 802.1x
Selecting the Correct EAP
Cisco LEAP
IBNS and Cisco Secure ACS
ACS Deployment Considerations
Cisco Secure ACS RADIUS Profile Configuration
Configuring 802.1x Port-Based Authentication
Enabling 802.1x Authentication
Configuring the Switch-to-RADIUS Server Communication
Enabling Periodic Reauthentication
Manually Reauthenticating a Client Connected to a Port
Enabling Multiple Hosts
Resetting the 802.1x Configuration to the Default Values
Displaying 802.1x Statistics and Status
Summary
Check Your Understanding 3
Chapter 8 Configure Filtering on a Router
Key Terms
Filtering and Access Lists
Packet Filtering
Stateful Filtering
URL Filtering
Cisco IOS Firewall Context-Based Access Control
CBAC Packets
Cisco IOS ACLs
How CBAC Works
CBAC-Supported Protocols
Configuring Cisco IOS Firewall Context-Based Access Control
CBAC Configuration Tasks
Prepare for CBAC
Setting Audit Trails and Alerts
Setting Global Timeouts
Setting Global Thresholds
Half-Open Connection Limits by Host
System-Defined Port-to-Application Mapping
User-Defined PAM
Defining Inspection Rules for Applications
Defining Inspection Rules for IP Fragmentation
Defining Inspection Rules for ICMP
Applying Inspection Rules and ACLs to Interfaces
Testing and Verifying CBAC
Configuring a Cisco IOS Firewall Using SDM
Summary
Check Your Understanding
Chapter 9 Configure Filtering on a PIX Security Appliance
Key Terms
Configuring ACLs and Content Filters
PIX Security Appliance ACLs
Configuring ACLs
ACL Line Numbers
The icmp Command
nat 0 ACLs
Turbo ACLs
Using ACLs
Malicious Code Filtering
URL Filtering
Object Grouping
Getting Started with Object Groups
&n
商品描述(中文翻譯)
描述
這是Cisco Networking Academy Program Network Security 1和2課程的完全修訂、更新且唯一授權的教科書。
特點包括:
- 支援Cisco Networking Academy Network Security課程主題的便攜參考書,與課程模組1:1對應。
- 改進的可讀性、增強的主題解釋、實際世界的例子和全新的圖形呈現。
- 由領先的學院講師Antoon Rufi撰寫,為課程材料帶來新鮮的聲音。
《Network Security 1和2 Companion Guide》是Cisco Networking Academy Program Network Security 1和2課程版本2的官方補充教科書。這本教科書經過完全修訂和更新,包含了作者開發的原創材料,完全符合Network Security課程。這本新版教科書由一位經驗豐富的作者撰寫,以全面的方式呈現材料,使用自己的聲音和例子,增強學生對課程材料的理解。新版教科書增加了一些改進功能,以幫助教師和提高學生的理解能力。例如,章節的名稱和編號與課程模組對應,章節目標以問題的形式陳述,鼓勵學生在閱讀章節時思考和尋找答案。章節結尾的問題和摘要與章節目標相一致,強調關鍵主題,而關鍵詞則按照出現的順序列在每個章節開頭,提醒學生即將出現的詞彙。此外,新功能還包括“如何”快速參考步驟指南;實際世界的例子和全新的插圖;簡潔的解釋,重點關注詞彙使用和句子結構,以提高可讀性;以及與CCNA考試的相關性,包括章節目標、檢查您的理解問題和新的挑戰活動。
目錄
課程1
章節1:漏洞、威脅和攻擊
- 關鍵詞
- 網絡安全簡介
- 網絡安全的需求
- 確定網絡潛在風險