SECUR Exam Cram™ 2 (Exam 642-501)

SECUR Exam Cram™ 2 (Exam 642-501)

by Raman Sud, Ken Edelman
Released December 2003
Publisher(s): Pearson IT Certification
ISBN: 9780789730251

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Your resource to passing the Cisco CCSP SECUR Certification Exam!

Join the ranks of readers who have trusted Exam Cram 2 to their certification preparation needs! The CCSP SECUR Exam Cram 2 (Exam 642-501) is focused on what you need to know to pass the CCSP CSI exam. The Exam Cram 2 Method of Study provides you with a concise method to learn the exam topics. The book includes tips, exam notes, acronyms and memory joggers in order to help you pass the exam.

Included in the CCSP SECUR Exam Cram 2:

  • A tear-out "Cram Sheet" for last minute test preparation.

  • Covers the current exam objectives for the 642-501 exam.

  • The PrepLogic Practice Tests, test engine to simulate the testing environment and test your knowledge.

    • Trust in the series that has helped many others achieve certification success - Exam Cram 2.

    Table of contents

    1. Copyright
    2. The SECUR Cram Sheet
    3. A Note from Series Editor Ed Tittel
    4. About the Authors
    5. Acknowledgments
    6. We Want to Hear from You!
    7. Introduction
    8. Self-Assessment
    9. Cisco Certification Exams
      1. Assessing Exam-Readiness
      2. The Exam Situation
      3. Exam Layout and Design
      4. Exam Basics
      5. Mastering the Inner Game
      6. Additional Resources
    10. Network Security and Cisco IOS Routers
      1. Fundamentals of Network Security
        1. Introduction
        2. Why Implement Network Security?
        3. Classification of Network Attacks
        4. Vulnerabilities Within Various Management Protocols
        5. Summary
        6. Exam Prep Questions
        7. Need to Know More?
      2. Securing Cisco Routers
        1. Introduction
        2. Assessing the Risk
        3. Securing the Network Using Cisco Routers
        4. Securing Administrative Access to a Cisco Router
        5. Securing Routers by Disabling Unused Router Services and Interfaces
        6. Cisco Access Lists
        7. Mitigating Security Threats Using ACLs
        8. Summary
        9. Exam Prep Questions
        10. Need to Know More?
    11. Cisco IOS Firewall Feature Set
      1. Configuring Context-based Access Control on a Cisco Router
        1. Introduction
        2. Introduction to the Cisco IOS Firewall Feature Set
        3. What Is CBAC?
        4. CBAC Operation
        5. What Does CBAC Inspect?
        6. Event Tracking
        7. Configuring Syslog
        8. Configuring CBAC
        9. Global Parameters
        10. Identifying Traffic Using Inspection Rules
        11. Guidelines for Applying CBAC and ACLs
        12. Nonstandard Application Port Implementation
        13. PAM
        14. Verifying and Testing CBAC
        15. Removing CBAC
        16. Summary
        17. Exam Prep Questions
        18. Need to Know More?
      2. Securing Cisco Network Routers Using AAA
        1. Introduction
        2. What Is AAA?
        3. Components of AAA
        4. Understanding AAA
        5. Types of Authentication Methods
        6. Implementing AAA Using Local Authentication
        7. Implementing AAA Using External Servers
        8. Defining AAA
        9. TACACS+
        10. RADIUS
        11. TACACS+ Versus RADIUS
        12. Configuring Edge Routers Using AAA
        13. Overview of CiscoSecure Access Control Server
        14. CSACS for Windows NT/2000
        15. CSACS Services
        16. Using the ACS Database
        17. Using a Windows Database
        18. Token Card Support
        19. Features
        20. CSACS Appliance
        21. Troubleshooting CSACS for Windows
        22. What Is Kerberos?
        23. Summary
        24. Exam Prep Questions
        25. Need to Know More?
      3. Configuring the Intrusion Detection System on a Cisco Router
        1. Introduction
        2. What Is the Cisco IOS Firewall IDS?
        3. What Is a Signature Type?
        4. Configuring the IDS
        5. Spam—The Other White Meat
        6. Creating an IDS Inspection Rule
        7. Disabling and Excluding Signatures
        8. Verifying and Testing the Cisco IOS Firewall IDS
        9. Summary
        10. Exam Prep Questions
        11. Need to Know More?
      4. Configuring Authentication Proxy on a Cisco Router
        1. Introduction
        2. Defining Authentication Proxy
        3. Configuring Authentication Proxy
        4. Configuring Authentication Proxy Rules
        5. Applying Authentication Proxy Rules
        6. Verifying and Testing Authentication Proxy
        7. Summary
        8. Exam Prep Questions
        9. Need to Know More?
    12. Virtual Private Networks Using Cisco IOS Routers
      1. Understanding IPSec VPNs on Cisco Routers
        1. Overview and Objectives
        2. What Are VPNs?
        3. Introduction to IPSec
        4. What Does IPSec Provide?
        5. Types of Encryption
        6. Symmetric Key Algorithms
        7. Asymmetric Key Algorithms
        8. Integrity
        9. Hash Algorithms
        10. Origin Authentication
        11. Antireplay Protection
        12. Framework of IPSec
        13. Tunneling Protocols
        14. AH
        15. ESP
        16. Tunnel Versus Transport Mode
        17. Steps Involved in Setting Up IPSec
        18. Tasks Involved in Configuring IPSec
        19. Planning for IKE and IPSec
        20. Defining IKE Phase 1 Policy
        21. Overview of CA Support
        22. Configuring CA Support
        23. Maintaining and Monitoring the CA
        24. Available Authentication Methods
        25. Identifying IPSec Peers
        26. Associating an ISAKMP Policy to Peers
        27. Various Policy Parameters for IKE Phase 1
        28. Defining IKE Phase 2 (IPSec) Policy
        29. Defining IPSec Peers
        30. Checking for Compatible Policies
        31. Ensuring Network Connectivity
        32. Required Protocols for IPSec
        33. Summary
        34. Exam Prep Questions
        35. Need to Know More?
      2. Configuring IPSec VPNs on Cisco Routers
        1. Introduction
        2. Configuring IKE Phase 1
        3. Enabling IKE
        4. Configuring ISAKMP Identity
        5. Creating IKE Policies
        6. Configure Preshared Keys
        7. Digital Certificate Support Introduction
        8. Hostname and Domain Name
        9. Digital Certificate Support Summary
        10. Verifying IKE Configuration
        11. Configuring IKE Phase 2 (IPSec)
        12. Crypto Access Lists
        13. Symmetrical ACLs
        14. Configuring the IPSec SA Lifetime
        15. Transform Sets
        16. Crypto Maps
        17. Configuring Crypto Maps
        18. Applying Crypto Maps to Interfaces
        19. Verifying and Testing IPSec
        20. IKE Show Commands
        21. Digital Certificate Show Commands
        22. IPSec Show Commands
        23. Debug Commands
        24. Summary
        25. Exam Prep Questions
        26. Need to Know More?
      3. Cisco Easy VPN
        1. Introduction
        2. Understanding Cisco Easy VPN
        3. Components of Easy VPN
        4. Features of Easy VPN Server
        5. Elements and Options Supported by Cisco Easy VPN Server
        6. Elements and Options Not Supported by Cisco Easy VPN Server
        7. Supported Easy VPN Servers
        8. Features of Easy VPN Remote
        9. Understanding Easy VPN Remote Phase 2
        10. Supported Hardware and Software Easy VPN Devices
        11. Limitations of Easy VPN Remote Phase 2
        12. Establishing VPN Using Easy VPN Remote
        13. Configuring the Easy VPN Server
        14. Adding XAUTH to the Easy VPN Server Configuration
        15. Overview of Cisco VPN Software Client 3.x
        16. Accessing Cisco VPN 3.5 Client
        17. Cisco VPN Client Log Viewer
        18. Modifying MTU Size
        19. VPN Client Connection Status
        20. Summary
        21. Exam Prep Questions
        22. Need to Know More?
      4. Management Center for VPN Routers
        1. Introduction
        2. Introduction to the Router Management Center
        3. Tunneling Technology Support
        4. Router MC Requirements
        5. Introduction to CiscoWorks 2000
        6. Basic VPN Configuration
        7. Creating an Activity
        8. Cisco Devices Supported by Router MC
        9. Configurable VPN Settings on Router MC
        10. Configuring IKE Policy
        11. Building Blocks
        12. Configuring Tunnel Policy
        13. Traffic Filter
        14. Existing Configuration Management Using Router MC
        15. Deployment Jobs
        16. Deployment Reports
        17. Summary
        18. Exam Prep Questions
        19. Need to Know More?
    13. Practice Exams
      1. Practice Exam 1
        1. Questions, Questions, Questions
        2. Picking Proper Answers
        3. Decoding Ambiguity
        4. Working Within the Framework
        5. Deciding What to Memorize
        6. Preparing for the Test
        7. Taking the Test
      2. Answer Key 1
      3. Practice Exam 2
      4. Answer Key 2
    14. Appendixes
      1. Resources
        1. Cisco Secure Access Control Server 3.2
        2. Overview of Authentication, Authorization, and Accounting
        3. Authentication Servers
        4. Configuring Context-based Access Control
        5. Troubleshooting Context-based Access Control
        6. Configuring Authentication Proxy
        7. Troubleshooting Authentication Proxy
        8. Configuring Cisco IOS Intrusion Detection System
        9. IP Security (IPSec)
        10. RFC for Internet Key Exchange
        11. RFC for Encapsulating Security Payload
        12. Cisco Easy VPN
        13. Management Center for Virtual Private Network Routers
      2. What's on the CD-ROM
        1. The PrepLogic Practice Exams, Preview Edition Software
        2. An Exclusive Electronic Version of the Text
      3. Using the PrepLogic Practice Exams, Preview Edition Software
        1. The Exam Simulation
        2. Question Quality
        3. The Interface Design
        4. The Effective Learning Environment
        5. Software Requirements
        6. Installing PrepLogic Practice Exams, Preview Edition
        7. Removing PrepLogic Practice Exams, Preview Edition from Your Computer
        8. How to Use the Software
        9. Contacting PrepLogic
        10. License Agreement
      4. Glossary
    15. Index

    Product information

    • Title: SECUR Exam Cram™ 2 (Exam 642-501)
    • Author(s): Raman Sud, Ken Edelman
    • Release date: December 2003
    • Publisher(s): Pearson IT Certification
    • ISBN: 9780789730251