Book description
Become a Cisco security specialist by developing your skills in network security and explore advanced security technologies
About This Book- Enhance your skills in network security by learning about Cisco's device configuration and installation
- Unlock the practical aspects of CCNA security to secure your devices
- Explore tips and tricks to help you achieve the CCNA Security 210-260 Certification
CCNA Security 210-260 Certification Guide can help you become a network security engineer, a cyber security professional, or a security administrator. You should have valid CCENT or CCNA Routing and Switching certification before taking your CCNA Security exam.
What You Will Learn- Grasp the fundamentals of network security
- Configure routing protocols to secure network devices
- Mitigate different styles of security attacks using Cisco devices
- Explore the different types of firewall technologies
- Discover the Cisco ASA functionality and gain insights into some advanced ASA configurations
- Implement IPS on a Cisco device and understand the concept of endpoint security
With CCNA Security certification, a network professional can demonstrate the skills required to develop security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats. The CCNA Security 210-260 Certification Guide will help you grasp the fundamentals of network security and prepare you for the Cisco CCNA Security Certification exam.
You'll begin by getting a grip on the fundamentals of network security and exploring the different tools available. Then, you'll see how to securely manage your network devices by implementing the AAA framework and configuring different management plane protocols.
Next, you'll learn about security on the data link layer by implementing various security toolkits. You'll be introduced to various firewall technologies and will understand how to configure a zone-based firewall on a Cisco IOS device. You'll configure a site-to-site VPN on a Cisco device and get familiar with different types of VPNs and configurations. Finally, you'll delve into the concepts of IPS and endpoint security to secure your organization's network infrastructure.
By the end of this book, you'll be ready to take the CCNA Security Exam (210-260).
Style and approachThis book is a step-by-step certification guide that ensures you secure organization's network and also helps you in clearing this certification. The practical aspects covered in this book will a great starting point for those who wish to start their careers in the field of Cyber Security.
Downloading the example code for this book You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the files e-mailed directly to you.
Publisher resources
Table of contents
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Exploring Security Threats
- Delving into Security Toolkits
- Understanding Security Policies
- Deep Diving into Cryptography
-
Implementing the AAA Framework
- Components of AAA
- Implementing Cisco AAA - authentication
- Issues with authentication 
- Implementing Cisco AAA - authorization
- Implementing Cisco AAA - accounting
- Summary
-
Securing the Control and Management Planes
- Introducing the security policy
- Technologies to implement secure management network
- Planning considerations for secure management
- Log messaging implementation for security
- Control Plane Policing
- Summary
-
Protecting Layer 2 Protocols
- Layer 2 attack mitigation
-
Features of the Virtual Local Area Network
- VLAN tagging
- Features of trunking
- VLAN Trunking Protocol
-
Spanning Tree Protocol fundamentals
- Port states
- Steps in implementing STP
- Cisco Discovery Protocol
- Layer 2 protection toolkit
- Protecting with a BPDU guard
- Protecting with root guard
- Combating DHCP server spoofing
- Mitigating CAM-table overflow attacks
- MAC spoofing attack
- Port security configuration
- LAB: securing Layer 2 switches
- Lab-port security
- Summary
- Protecting the Switch Infrastructure
- Exploring Firewall Technologies
-
Cisco ASA
- Cisco ASA portfolio
- ASA features
-
Basic ASA configuration
- Viewing the filesystem
- Setting a hostname
- Setting the clock
- Assigning a domain name to the ASA
- Securing access to the privilege exec mode
- Saving the configurations
- Setting a banner
- Assigning IP addresses on the interfaces
- Setting a default static route
- Creating a local user account
- Remote access
- Configuring Port Address Translation
- Setting up the Adaptive Security Device Manager
- Getting familiar with the ASDM
- Summary
-
Advanced ASA Configuration
- Routing on the ASA
- Device name, passwords, and domain name
- Setting banners using the ASDM
- Configuring interfaces
- System time and Network Time Protocol
- Dynamic Host Configuration Protocol
- Access control list on the ASA
- Object groups
- Creating policies on the ASA
- Advanced NAT configurations
- Summary
-
Configuring Zone-Based Firewalls
- Zone-Based Firewall terminologies
- Overview of Cisco Common Classification Policy Language
-
Configuring a Zone-Based Firewall
- Configuring a Cisco IOS router to use Cisco Configuration Professional (CCP)
- Using Cisco Configuration Professional (CCP) to configure the Zone-Based Firewall
-
Using the command-line interface to configure the Zone-Based Firewall
- Step 1 – Creating the zones
- Step 2 – Identifying traffic by using Class Maps
- Step 3 – Defining an action using policy maps
- Step 4 – Identifying a zone-pair and creating match to a policy
- Step 5 – Assigning the zones to the interfaces
- Step 6 – Creating an ACL for access into the DMZ from any source
- Summary
- IPSec – The Protocol that Drives VPN
- Configuring a Site-to-Site VPN
- Configuring a Remote-Access VPN
- Working with IPS
- Application and Endpoint Security
- Other Books You May Enjoy
Product information
- Title: CCNA Security 210-260 Certification Guide
- Author(s):
- Release date: June 2018
- Publisher(s): Packt Publishing
- ISBN: 9781787128873
You might also like
book
Automate the Boring Stuff with Python, 2nd Edition
If you’ve ever spent hours renaming files or updating hundreds of spreadsheet cells, you know how …
book
TCP/IP Guide
The TCP/IP Guide is both an encyclopedic and comprehensible guide to the TCP/IP protocol suite that …
book
Certified Ethical Hacker (CEH) Version 10 Cert Guide, 3rd Edition
In this best-of-breed study guide, leading experts Michael Gregg and Omar Santos help you master all …
book
CEH Certified Ethical Hacker All-in-One Exam Guide, Fourth Edition, 4th Edition
Publisher's Note: Products purchased from Third Party sellers are not guaranteed by the publisher for quality, …