O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CCNA Security Study Guide, 2nd Edition

Book Description

Lay the foundation for a successful career in network security

CCNA Security Study Guide offers comprehensive review for Exam 210-260. Packed with concise explanations of core security concepts, this book is designed to help you successfully prepare for the exam. Expert instruction guides you through critical concepts relating to secure network infrastructure, access management, VPN encryption, Firewalls, intrusion prevention and more, with complete coverage of the CCNA exam objectives. Practical examples allow you to apply your skills in real-world scenarios, helping you transition effectively from "learning" to "doing". You also get access to the Sybex online learning environment, featuring the tools you need to maximize your study time: key terminology and flash cards allow you to study anytime, anywhere, while chapter tests and practice exams help you track your progress and gauge your readiness along the way.

The CCNA Security certification tests your knowledge of secure network installation, monitoring, and troubleshooting using Cisco security hardware and software solutions. When you're ready to get serious about preparing for the exam, this book gives you the advantage of complete coverage, real-world application, and extensive learning aids to help you pass with confidence.

  • Master Cisco security essentials, standards, and core technologies
  • Work through practical examples drawn from real-world examples
  • Track your progress with online study aids and self-tests
  • Develop critical competencies in maintaining data integrity, confidentiality, and availability

Earning your CCNA Security certification validates your abilities in areas that define careers including network security, administrator, and network security support engineer. With data threats continuing to mount, the demand for this skill set will only continue to grow—and in an employer's eyes, a CCNA certification makes you a true professional. CCNA Security Study Guide is the ideal preparation resource for candidates looking to not only pass the exam, but also succeed in the field.

Table of Contents

  1. Acknowledgments
  2. About the Author
  3. Introduction
    1. What Does This Book Cover?
    2. Interactive Online Learning Environment and Test Bank
    3. Who Should Read This Book
    4. How to Use This Book
    5. How Do You Go About Taking the Exam?
    6. Certification Exam Policies
  4. Assessment Test
  5. Answers to Assessment Test
  6. Chapter 1 Understanding Security Fundamentals
    1. Goals of Security
    2. Network Topologies
    3. Common Network Security Zones
    4. Summary
    5. Exam Essentials
    6. Review Questions
  7. Chapter 2 Understanding Security Threats
    1. Common Network Attacks
    2. Social Engineering
    3. Malware
    4. Data Loss and Exfiltration
    5. Summary
    6. Exam Essentials
    7. Review Questions
  8. Chapter 3 Understanding Cryptography
    1. Symmetric and Asymmetric Encryption
    2. Hashing Algorithms
    3. Key Exchange
    4. Public Key Infrastructure
    5. Summary
    6. Exam Essentials
    7. Review Questions
  9. Chapter 4 Securing the Routing Process
    1. Securing Router Access
    2. Implementing OSPF Routing Update Authentication
    3. Securing the Control Plane
    4. Summary
    5. Exam Essentials
    6. Review Questions
  10. Chapter 5 Understanding Layer 2 Attacks
    1. Understanding STP Attacks
    2. Understanding ARP Attacks
    3. Understanding MAC Attacks
    4. Understanding CAM Overflows
    5. Understanding CDP/LLDP Reconnaissance
    6. Understanding VLAN Hopping
    7. Understanding DHCP Spoofing
    8. Summary
    9. Exam Essentials
    10. Review Questions
  11. Chapter 6 Preventing Layer 2 Attacks
    1. Configuring DHCP Snooping
    2. Configuring Dynamic ARP Inspection
    3. Configuring Port Security
    4. Configuring STP Security Features
    5. Disabling DTP
    6. Verifying Mitigations
    7. Summary
    8. Exam Essentials
    9. Review Questions
  12. Chapter 7 VLAN Security
    1. Native VLANs
    2. PVLANs
    3. ACLs on Switches
    4. Summary
    5. Exam Essentials
    6. Review Questions
  13. Chapter 8 Securing Management Traffic
    1. In-Band and Out-of-Band Management
    2. Securing Network Management
    3. Securing Access through SNMP v3
    4. Securing NTP
    5. Using SCP for File Transfer
    6. Summary
    7. Exam Essentials
    8. Review Questions
  14. Chapter 9 Understanding 802.1x and AAA
    1. 802.1x Components
    2. RADIUS and TACACS+ Technologies
    3. Configuring Administrative Access with TACACS+
    4. Understanding Authentication and Authorization Using ACS and ISE
    5. Understanding the Integration of Active Directory with AAA
    6. Summary
    7. Exam Essentials
    8. Review Questions
  15. Chapter 10 Securing a BYOD Initiative
    1. The BYOD Architecture Framework
    2. The Function of Mobile Device Management
    3. Summary
    4. Exam Essentials
    5. Review Questions
  16. Chapter 11 Understanding VPNs
    1. Understanding IPsec
    2. Understanding Advanced VPN Concepts
    3. Summary
    4. Exam Essentials
    5. Review Questions
  17. Chapter 12 Configuring VPNs
    1. Configuring Remote Access VPNs
    2. Configuring Site-to-Site VPNs
    3. Summary
    4. Exam Essentials
    5. Review Questions
  18. Chapter 13 Understanding Firewalls
    1. Understanding Firewall Technologies
    2. Stateful vs. Stateless Firewalls
    3. Summary
    4. Exam Essentials
    5. Review Questions
  19. Chapter 14 Configuring NAT and Zone-Based Firewalls
    1. Implementing NAT on ASA 9.x
    2. Configuring Zone-Based Firewalls
    3. Summary
    4. Exam Essentials
    5. Review Questions
  20. Chapter 15 Configuring the Firewall on an ASA
    1. Understanding Firewall Services
    2. Understanding Modes of Deployment
    3. Understanding Methods of Implementing High Availability
    4. Understanding Security Contexts
    5. Configuring ASA Management Access
    6. Configuring Cisco ASA Interface Security Levels
    7. Configuring Security Access Policies
    8. Configuring Default Cisco Modular Policy Framework (MPF)
    9. Summary
    10. Exam Essentials
    11. Review Questions
  21. Chapter 16 Intrusion Prevention
    1. IPS Terminology
    2. Evasion Techniques
    3. Introducing Cisco FireSIGHT
    4. Understanding Modes of Deployment
    5. Positioning of the IPS within the Network
    6. Understanding False Positives, False Negatives, True Positives, and True Negatives
    7. Summary
    8. Exam Essentials
    9. Review Questions
  22. Chapter 17 Content and Endpoint Security
    1. Mitigating Email Threats
    2. Mitigating Web-Based Threats
    3. Mitigating Endpoint Threats
    4. Summary
    5. Exam Essentials
    6. Review Questions
  23. Appendix Answers to Review Questions
    1. Chapter 1: Understanding Security Fundamentals
    2. Chapter 2: Understanding Security Threats
    3. Chapter 3: Understanding Cryptography
    4. Chapter 4: Securing the Routing Process
    5. Chapter 5: Understanding Layer 2 Attacks
    6. Chapter 6: Preventing Layer 2 Attacks
    7. Chapter 7: VLAN Security
    8. Chapter 8: Securing Management Traffic
    9. Chapter 9: Understanding 802.1x and AAA
    10. Chapter 10: Securing a BYOD Initiative
    11. Chapter 11: Understanding VPNs
    12. Chapter 12: Configuring VPNs
    13. Chapter 13: Understanding Firewalls
    14. Chapter 14: Configuring NAT and Zone-Based Firewalls
    15. Chapter 15: Configuring the Firewall on an ASA
    16. Chapter 16: Intrusion Prevention
    17. Chapter 17: Content and Endpoint Security
  24. Advert
  25. EULA