CCNP ISCW Official Exam Certification Guide (CCNP ISCW 官方考試認證指南)
Brian Morgan, Neil Lovering
- 出版商: Cisco Press
- 出版日期: 2007-07-28
- 定價: $1,950
- 售價: 2.0 折 $399
- 語言: 英文
- 頁數: 696
- 裝訂: Hardcover
- ISBN: 158720150X
- ISBN-13: 9781587201509
-
相關分類:
Cisco
立即出貨(限量) (庫存=6)
買這商品的人也買了...
-
$880$695 -
$880$695 -
$780$663 -
$550$468 -
$690$545 -
$780$663 -
$680$537 -
$860$731 -
$399CCNP BCMSN Official Exam Certification Guide, 4/e
-
$350$298 -
$700$686 -
$780$663 -
$1,560$1,326 -
$990CCNP ONT Official Exam Certification Guide (Hardcover)
-
$720$569 -
$550$468 -
$299$236 -
$600$480 -
$720$612 -
$399CCNP BSCI Official Exam Certification Guide, 4/e
-
$1,180$1,003 -
$490$387 -
$580$458 -
$620$490 -
$750$593
相關主題
商品描述
Description
CCNP ISCW Official Exam Certification Guide
- Master all 642-825 exam topics with the official study guide
- Assess your knowledge with chapter-opening quizzes
- Review key concepts with foundation summaries
- Practice with hundreds of exam questions on the CD-ROM
Brian Morgan, CCIE® No. 4865
Neil Lovering, CCIE No. 1772
CCNP ISCW Official Exam Certification Guide is a best of breed Cisco® exam study guide that focuses specifically on the objectives for the Implementing Secure Converged Wide Area Networks exam (642-825 ISCW). Successfully passing the ISCW 642-825 exam certifies that you have the knowledge and skills necessary to secure and expand the reach of an enterprise network to teleworkers and remote sites with focus on securing remote access and VPN client configuration.
CCNP ISCW Official Exam Certification Guide follows a logical organization of the CCNP® ISCW exam objectives. Material is presented in a concise manner, focusing on increasing your retention and recall of exam topics. You can organize your exam preparation through the use of the consistent features in these chapters. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists and concise Foundation Summary information make referencing easy and give you a quick refresher whenever you need it. Challenging chapter-ending review questions help you assess your knowledge and reinforce key concepts.
The companion CD-ROM contains a powerful testing engine that allows you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a topic-by-topic basis, presenting question-by-question remediation to the text. Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this book helps you master the concepts and techniques that can enable you to succeed on the exam the first time.
Brian Morgan, CCIE® No. 4865, is a consulting systems engineer for Cisco, specializing in Unified Communications technologies. He services a number of Fortune 500 companies in architectural, design, and support roles. With more than 15 years in the networking industry, he served as director of engineering for a large telecommunications company, is a certified Cisco instructor teaching at all levels, from basic routing and switching to CCIE lab preparation, and spent a number of years with IBM Network Services serving many of IBM’s largest clients. He is a former member of the ATM Forum and a long-time member of the IEEE.
Neil Lovering, CCIE No. 1772, works as a design consultant for Cisco. Neil has been with Cisco for more than three years and works on large-scale government networking solutions projects. Prior to Cisco, Neil was a network consultant and instructor for more than eight years and worked on various routing, switching, dialup, and security projects for many customers all over North America.
This official study guide helps you master all the topics on the CCNP ISCW exam, including
- The Cisco hierarchical network model as it pertains to the WAN
- Teleworker configuration and access with broadband technologies
- Frame mode MPLS
- IPsec VPN implementations
- Cisco device hardening
- Cisco IOS® Firewall features
- Cisco IOS Intrusion Prevention System (IPS) features
Companion CD-ROM
The CD-ROM contains an electronic copy of the book and more than 200 practice questions for the ISCW exam, which are all available in study mode, test mode, and flash card format.
This volume is part of the Exam Certification Guide Series from Cisco Press®. Books in this series provide officially developed exam preparation materials that offer assessment, review, and practice to help Cisco Career Certification candidates identify weaknesses, concentrate their study efforts, and enhance their confidence as exam day nears.
Table of Contents
CCNP ISCW Official Exam Certification Guide
Part I Remote Connectivity Best Practices
Chapter 1 Describing Network Requirements
"Do I Know This Already?" Quiz 5
Foundation Topics 9
Describing Network Requirements 9
Intelligent Information Network 9
SONA
Networked Infrastructure Layer
Interactive Services Layer
Application Layer
Cisco Network Models
Cisco Hierarchical Network Model
Campus Network Architecture
Branch Network Architecture
Data Center Architecture
Enterprise Edge Architecture
Teleworker Architecture
WAN/MAN Architecture
Remote Connection Requirements in a Converged Network
Central Site
Branch Office
SOHO Site
Integrated Services for Secure Remote Access
Foundation Summary
Q&A
Chapter 2 Topologies for Teleworker Connectivity
"Do I Know This Already?" Quiz
Foundation Topics
Facilitating Remote Connections
IIN and the Teleworker
Enterprise Architecture Framework
Remote Connection Options
Challenges of Connecting Teleworkers
Infrastructure Options
Infrastructure Services
Teleworker Components
Traditional Teleworker versus Business-Ready Teleworker
Foundation Summary
Q&A
Chapter 3 Using Cable to Connect to a Central Site
"Do I Know This Already?" Quiz
Foundation Topics
Cable Access Technologies
Cable Technology Terminology
Cable System Standards
Cable System Components
Cable Features
Cable System Benefits
Radio Frequency Signals
Digital Signals over RF Channels
Data over Cable
Hybrid Fiber-Coaxial Networks
Data Transmission
Cable Technology Issues
Provisioning Cable Modems
Foundation Summary
Q&A
Chapter 4 Using DSL to Connect to a Central Site
"Do I Know This Already?" Quiz
Foundation Topics
DSL Features
POTS Coexistence
DSL Limitations
DSL Variants
Asymmetric DSL Types
Symmetric DSL Types
ADSL Basics
ADSL Modulation
CAP
DMT
Data Transmission over ADSL
RFC 1483/2684 Bridging
PPP Background
PPP over Ethernet
Discovery Phase
PPP Session Phase
Optimizing PPPoE MTU
PPP over ATM
Foundation Summary
Q&A
Chapter 5 Configuring DSL Access with PPPoE
"Do I Know This Already?" Quiz
Foundation Topics
Configure a Cisco Router as a PPPoE Client
Configure an Ethernet/ATM Interface for PPPoE
Configure the PPPoE DSL Dialer Interface
Configure Port Address Translation
Configure DHCP for DSL Router Users
Configure Static Default Route on a DSL Router
The Overall CPE Router Configuration
Foundation Summary
Q&A
Chapter 6 Configuring DSL Access with PPPoA
"Do I Know This Already?" Quiz
Foundation Topics
Configure a Cisco Router as a PPPoA Client
PPP over AAL5 Connections
Configure an ATM Interface for PPPoA
Configure the PPPoA DSL Dialer and Virtual-Template Interfaces
Configure Additional PPPoA Elements
The Overall CPE Router Configuration
Foundation Summary
Q&A
Chapter 7 Verifying and Troubleshooting ADSL Configurations
"Do I Know This Already?" Quiz
Foundation Topics
DSL Connection Troubleshooting
Layers of Trouble to Shoot
Isolating Physical Layer Issues
Layer 1 Anatomy
ADSL Physical Connectivity
Where to Begin
Playing with Colors
Tangled Wires
Keeping the Head on Straight
DSL Operating Mode
Isolating Data Link Layer Issues
PPP Negotiation
Foundation Summary
Q&A
Part II Implementing Frame Mode MPLS
Chapter 8 The MPLS Conceptual Model
"Do I Know This Already?" Quiz
Foundation Topics
Introducing MPLS Networks
Traditional WAN Connections
MPLS WAN Connectivity
Router Switching Mechanisms
Standard IP Switching
CEF Switching
Foundation Summary
Q&A
Chapter 9 MPLS Architecture
"Do I Know This Already?" Quiz
Foundation Topics
MPLS Components
MPLS Labels
Label Stacks
Frame Mode MPLS
Label Switching Routers
Label Allocation in Frame Mode MPLS Networks
LIB, LFIB, and FIB
Label Distribution
Packet Propagation
Interim Packet Propagation
Further Label Allocation
Foundation Summary
Q&A
Chapter 10 Configuring Frame Mode MPLS
"Do I Know This Already?" Quiz
Foundation Topics
Configuring CEF
Configuring MPLS on a Frame Mode Interface
Configuring MTU Size
Foundation Summary
Q&A
Chapter 11 MPLS VPN Technologies
"Do I Know This Already?" Quiz
Foundation Topics
MPLS VPN Architecture
Traditional VPNs
Layer 1 Overlay
Layer 2 Overlay
Layer 3 Overlay
Peer-to-Peer VPNs
VPN Benefits
VPN Drawbacks
MPLS VPNs
MPLS VPN Terminology
CE Router Architecture
PE Router Architecture
P Router Architecture
Route Distinguishers
Route Targets
End-to-End Routing Update Flow
MPLS VPN Packet Forwarding
MPLS VPN PHP
Foundation Summary
Q&A
Part III IPsec VPNs
Chapter 12 IPsec Overview
"Do I Know This Already?" Quiz
Foundation Topics
IPsec
IPsec Features
IPsec Protocols
IPsec Modes
IPsec Headers
Peer Authentication
Internet Key Exchange (IKE)
IKE Protocols
IKE Phases
IKE Modes
Other IKE Functions
Encryption Algorithms
Symmetric Encryption
Asymmetric Encryption
Public Key Infrastructure
Foundation Summary
Q&A
Chapter 13 Site-to-Site VPN Operations
"Do I Know This Already?" Quiz
Foundation Topics
Site-to-Site VPN Overview
Creating a Site-to-Site IPsec VPN
Step 1: Specify Interesting Traffic
Step 2: IKE Phase 1
Step 3: IKE Phase 2
Step 4: Secure Data Transfer
Step 5: IPsec Tunnel Termination
Site-to-Site IPsec Configuration Steps
Step 1: Configure the ISAKMP Policy
Step 2: Configure the IPsec Transform Sets
Step 3: Configure the Crypto ACL
Step 4: Configure the Crypto Map
Step 5: Apply the Crypto Map to the Interface
Step 6: Configure the Interface ACL
Security Device Manager Features and Interface
Configuring a Site-to-Site VPN in SDM
Site-to-Site VPN Wizard
Testing the IPsec VPN Tunnel
Monitoring the IPsec VPN Tunnel
Foundation Summary
Q&A
Chapter 14 GRE Tunneling over IPsec
"Do I Know This Already?" Quiz
Foundation Topics
GRE Characteristics
GRE Header
Basic GRE Configuration
Secure GRE Tunnels
Configure GRE over IPsec Using SDM
Launch the GRE over IPsec Wizard
Step 1: Create the GRE Tunnel
Step 2: Create a Backup GRE Tunnel
Steps 3–5: IPsec VPN Information
Step 6: Routing Information
Step 7: Validate the GRE over IPsec Configuration
Foundation Summary
Q&A
Chapter 15 IPsec High Availability Options
"Do I Know This Already?" Quiz
Foundation Topics
Sources of Failures
Failure Mitigation
Failover Strategies
IPsec Stateless Failover
IPsec Stateful Failover
WAN Backed Up by an IPsec VPN
Foundation Summary
Q&A
Chapter 16 Configuring Cisco Easy VPN
"Do I Know This Already?" Quiz
Foundation Topics
Cisco Easy VPN Components
Easy VPN Remote
Easy VPN Server Requirements
Easy VPN Connection Establishment
IKE Phase 1
Establishing an ISAKMP SA
SA Proposal Acceptance
Easy VPN User Authentication
Mode Configuration
Reverse Route Injection
IPsec Quick Mode
Easy VPN Server Configuration
User Configuration
Easy VPN Server Wizard
Monitoring the Easy VPN Server
Troubleshooting the Easy VPN Server
Foundation Summary
Q&A
Chapter 17 Implementing the Cisco VPN Client
"Do I Know This Already?" Quiz
Foundation Topics
Cisco VPN Client Installation and Configuration Overview
Cisco VPN Client Installation
Cisco VPN Client Configuration
Connection Entries
Authentication Tab
Transport Tab
Backup Servers Tab
Dial-Up Tab
Finish the Connection Configuration
Foundation Summary
Q&A
Part IV Device Hardening
Chapter 18 Cisco Device Hardening
"Do I Know This Already?" Quiz
Foundation Topics
Router Vulnerability
Vulnerable Router Services
Unnecessary Services and Interfaces
Common Management Services
Path Integrity Mechanisms
Probes and Scans
Terminal Access Security
Gratuitous and Proxy ARP
Using AutoSecure to Secure a Router
Using SDM to Secure a Router
SDM Security Audit Wizard
SDM One-Step Lockdown Wizard
AutoSecure Default Configurations
SDM One-Step Lockdown Default Configurations
Foundation Summary
Q&A
Chapter 19 Securing Administrative Access
"Do I Know This Already?" Quiz
Foundation Topics
Router Access
Password Considerations
Set Login Limitations
Setup Mode
CLI Passwords
Additional Line Protections
Password Length Restrictions
Password Encryption
Create Banners
Provide Individual Logins
Create Multiple Privilege Levels
Role-Based CLI
Prevent Physical Router Compromise
Foundation Summary
Q&A
Chapter 20 Using AAA to Scale Access Control
"Do I Know This Already?" Quiz
Foundation Topics
AAA Components
AAA Access Modes
Understanding the TACACS+ and RADIUS Protocols
UDP Versus TCP
Packet Encryption
Authentication and Authorization
Multiprotocol Support
Router Management
Interoperability
Configuring AAA Using the CLI
RADIUS Configuration
TACACS+ Configuration
AAA-Related Commands
Configuring AAA Using SDM
Using Debugging for AAA
debug aaa authentication Command
debug aaa authorization Command
debug aaa accounting Command
debug radius Command
debug tacacs Command
Foundation Summary
Q&A
Chapter 21 Cisco IOS Threat Defense Features
"Do I Know This Already?" Quiz
Foundation Topics
Layered Device Structure
Firewall Technology Basics
Packet Filtering
Application Layer Gateway
Stateful Packet Filtering
Cisco IOS Firewall Feature Set
Cisco IOS Firewall
Authentication Proxy
Cisco IOS IPS
Cisco IOS Firewall Operation
Cisco IOS Firewall Packet Inspection and Proxy Firewalls
Foundation Summary
Q&A
Chapter 22 Implementing Cisco IOS Firewalls
"Do I Know This Already?" Quiz
Foundation Topics
Configure a Cisco IOS Firewall Using the CLI
Step 1: Choose an Interface and Packet Direction to Inspect
Step 2: Configure an IP ACL for the Interface
Step 3: Define the Inspection Rules
Step 4: Apply the Inspection Rules and the ACL to the Interface
Step 5: Verify the Configuration
Configure a Basic Firewall Using SDM
Configure an Advanced Firewall Using SDM
Foundation Summary
Q&A
Chapter 23 Implementing Cisco IDS and IPS
"Do I Know This Already?" Quiz
Foundation Topics
IDS and IPS Functions and Operations
Categories of IDS and IPS
IDS and IPS Signatures
Signature Reaction
Cisco IOS IPS Configuration
SDM Configuration
Foundation Summary
Q&A
Appendix A Answers to the "Do I Know This Already?" Quizzes and Q&A Sections
158720150x TOC 6/18/2007
商品描述(中文翻譯)
Description
CCNP ISCW Official Exam Certification Guide
- 掌握642-825考試的所有主題,使用官方學習指南
- 通過章節開頭的測驗評估您的知識
- 通過基礎摘要回顧關鍵概念
- 在CD-ROM上練習數百道考試題目
Brian Morgan, CCIE® No. 4865
Neil Lovering, CCIE No. 1772
CCNP ISCW Official Exam Certification Guide是一本最佳的思科考試學習指南,專注於實施安全的廣域網路(ISCW)考試(642-825)。成功通過ISCW 642-825考試證明您具備保護和擴展企業網路以適應遠程工作者和遠程站點的知識和技能,重點是保護遠程訪問和VPN客戶端配置。
CCNP ISCW Official Exam Certification Guide按照CCNP® ISCW考試目標的邏輯組織。材料以簡潔的方式呈現,重點是增加您對考試主題的記憶和回憶。您可以通過使用這些章節中的一致特點來組織您的考試準備。每章的“我已經知道這個了嗎?”測驗讓您決定需要花多少時間在每個部分上。考試主題列表和簡潔的基礎摘要信息使得參考變得容易,並在您需要時快速複習。具有挑戰性的章節結束的回顧問題幫助您評估自己的知識並鞏固關鍵概念。
附帶的CD-ROM包含一個強大的測試引擎,使您可以專注於個別主題領域或進行完整的定時考試。評估引擎還會根據主題提供您的表現和反饋,並提供逐個問題的補救措施。這本書以其詳細程度、評估功能和具有挑戰性的回顧問題和練習而受到好評,它可以幫助您掌握可以使您在第一次考試中成功的概念和技巧。
Brian Morgan, CCIE® No. 4865,是思科的咨詢系統工程師,專門從事統一通信技術。他為多家財富500強公司提供架構、設計和支持角色的服務。在網絡行業擁有15年以上的經驗,他曾擔任大型電信公司的工程總監,是一位經過認證的思科講師,教授從基礎路由和交換到CCIE實驗室準備的所有級別,並在IBM網絡服務部門工作了多年,為IBM的許多大客戶提供服務。他曾是ATM論壇的成員,也是IEEE的長期成員。
Neil Lovering, CCIE No. 1772,是思科的設計顧問。Neil在思科工作超過三年,從事大型政府網絡解決方案項目。在加入思科之前,Neil是一位網絡顧問和講師,擁有超過八年的網絡顧問和講師經驗,並為北美各地的許多客戶參與了各種路由、交換、撥號和安全項目。
這本書的目的是幫助您準備並成功通過CCNP ISCW考試,並成為一名合格的思科專業人士。