TIENE EN SU CESTA DE LA COMPRA
en total 0,00 €
CCNP Security SISAS 300-208 Official Cert Guide
CCNP Security SISAS 300-208 Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Cisco security experts Aaron Woland and Kevin Redmon share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.
This complete study package includes
A test-preparation routine proven to help you pass the exam
"Do I Know This Already?ö quizzes, which enable you to decide how much time you need to spend on each section
The powerful Pearson IT Certification Practice Testsoftware, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
Study plan suggestions and templates to help you organize and optimize your study time
Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, video instruction, and hands-on labs, this official study guide helps you master the concepts and techniques that ensure your exam success.
Aaron T. Woland, CCIE No. 20113, is a Principal Engineer and works with the largest Cisco customers all over the world. His primary job responsibilities include Secure Access and Identity deployments with ISE, solution enhancements, standards development, and futures. Aaron is the author of Cisco ISE for BYOD and Secure Unified Access (Cisco Press) and many published white papers and design guides. He is one of the first six members of the Hall of Fame for Distinguished Speakers at Cisco Live, and is a security columnist for Network World, where he blogs on all things related to Identity.
Kevin Redmon is a Systems Test Engineer with the Cisco IoT Vertical Solutions Group, specializing in all things security. Previously with the Cisco Systems Development Unit, Kevin supported several iterations of the Cisco Validated Design Guide for BYOD and is the author of Cisco Bring Your Own Device (BYOD) Networking Live Lessons (Cisco Press). Since joining Cisco in October 2000, he has worked closely with several Cisco design organizations, and as Firewall/VPN Customer Support Engineer with the Cisco Technical Assistance Center (TAC). He holds several Cisco certifications and has an issued patent with the U.S. Patent and Trademark Office.
The official study guide helps you master topics on the CCNP Security SISAS 300-208 exam, including the following:
Identity management/secure access
Threat defense
Troubleshooting, monitoring and reporting tools
Threat defense architectures
Identity management architectures
The CD contains 150 practice questions for the exam and a study planner tool.
Contents
Introduction xxxi
Part I The CCNP Certification
Chapter 1 CCNP Security Certification 3
CCNP Security Certification Overview 3
Contents of the CCNP-Security SISAS Exam 4
How to Take the SISAS Exam 5
Who Should Take This Exam and Read This Book? 6
Format of the CCNP-Security SISAS Exam 9
CCNP-Security SISAS 300-208 Official Certification Guide 10
Book Features and Exam Preparation Methods 13
Part II "The Triple Aö (Authentication, Authorization, and Accounting)
Chapter 2 Fundamentals of AAA 17
"Do I Know This Already?ö Quiz 18
Foundation Topics 21
Triple-A 21
Compare and Select AAA Options 21
Device Administration 21
Network Access 22
TACACS+ 23
TACACS+ Authentication Messages 25
TACACS+ Authorization and Accounting Messages 26
RADIUS 28
AV-Pairs 31
Change of Authorization 31
Comparing RADIUS and TACACS+ 32
Exam Preparation Tasks 33
Review All Key Topics 33
Define Key Terms 33
Chapter 3 Identity Management 35
"Do I Know This Already?ö Quiz 35
Foundation Topics 38
What Is an Identity? 38
Identity Stores 38
Internal Identity Stores 39
External Identity Stores 41
Active Directory 42
LDAP 42
Two-Factor Authentication 43
One-Time Password Services 44
Smart Cards 45
Certificate Authorities 46
Has the Certificate Expired? 47
Has the Certificate Been Revoked? 48
Exam Preparation Tasks 51
Review All Key Topics 51
Define Key Terms 51
Chapter 4 EAP Over LAN (Also Known As 802.1X) 53
"Do I Know This Already?ö Quiz 53
Foundation Topics 56
Extensible Authentication Protocol 56
EAP over LAN (802.1X) 56
EAP Types 58
Native EAP Types (Nontunneled EAP) 58
Tunneled EAP Types 59
Summary of EAP Authentication Types 62
EAP Authentication Type Identity Store Comparison Chart 62
Network Access Devices 63
Supplicant Options 63
Windows Native Supplicant 64
Cisco AnyConnect NAM Supplicant 75
EAP Chaining 89
Exam Preparation Tasks 90
Review All Key Topics 90
Define Key Terms 90
Chapter 5 Non-802.1X Authentications 93
"Do I Know This Already?ö Quiz 93
Foundation Topics 97
Devices Without a Supplicant 97
MAC Authentication Bypass 98
Web Authentication 100
Local Web Authentication 101
Local Web Authentication with a Centralized Portal 102
Centralized Web Authentication 104
Remote Access Connections 106
Exam Preparation Tasks 107
Review All Key Topics 107
Define Key Terms 107
Chapter 6 Introduction to Advanced Concepts 109
"Do I Know This Already?ö Quiz 109
Foundation Topics 113
Change of Authorization 113
Automating MAC Authentication Bypass 113
Posture Assessments 117
Mobile Device Managers 118
Exam Preparation Tasks 120
Review All Key Topics 120
Define Key Terms 120
Part III Cisco Identity Services Engine
Chapter 7 Cisco Identity Services Engine Architecture 123
"Do I Know This Already?ö Quiz 123
Foundation Topics 127
What Is Cisco ISE? 127
Personas 129
Administration Node 129
Policy Service Node 129
Monitoring and Troubleshooting Node 130
Inline Posture Node 130
Physical or Virtual Appliance 131
ISE Deployment Scenarios 133
Single-Node Deployment 133
Two-Node Deployment 135
Four-Node Deployment 136
Fully Distributed Deployment 137
Communication Between Nodes 138
Exam Preparation Tasks 148
Review All Key Topics 148
Define Key Terms 148
Chapter 8 A Guided Tour of the Cisco ISE Graphical User Interface 151
"Do I Know This Already?ö Quiz 151
Foundation Topics 155
Logging In to ISE 155
Initial Login 155
Administration Dashboard 161
Administration Home Page 162
Server Information 162
Setup Assistant 163
Help 163
Organization of the ISE GUI 164
Operations 165
Authentications 165
Reports 169
Endpoint Protection Service 170
Troubleshoot 171
Policy 173
Authentication 173
Authorization 173
Profiling 174
Posture 175
Client Provisioning 175
Security G