Librería Portfolio

CCNA Security 210-260 Official Cert Guide is a best-of-breed Cisco exam study guide that focuses specifically on the objectives for the CCNA Security Implementing Cisco Network Security (IINS) 210-260 exam. Cisco Security experts Omar Santos and John Stuppi share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.



CCNA Security 210-260 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. "Do I Know This Already?ö quizzes open each chapter and enable you to decide how much time you need to spend on each section. A list of official exam topics makes referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.



The companion CD-ROM contains the powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take complete, timed exams. The assessment engine also tracks your performance and provides feedback on a chapter-by-chapter basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most. The CD also contains 90 minutes of video training on CCP, NAT, object groups, ACLs, port security on a Layer 2 switch, CP3L, and zone-based firewalls.



Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.



CCNA Security 210-260 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit http://www.cisco.com/web/learning/index.html.



The official study guide helps you master all the topics on the CCNA Security Implementing Cisco Network Security (IINS) 210-260 exam, including

· Security concepts and threats

· Implementing AAA using IOS and ISE

· Bring Your Own Device (BYOD)

· VPN technology and cryptography

· IP security

· Implementing IPsec site-to-site VPNs

· Implementing SSL remote-access VPNs using Cisco ASA

· Securing Layer 2 technologies

· Network Foundation Protection (NFP)

· Securing the management, data, and control planes

· Understand, implement, and configure Cisco firewall technologies

· Cisco IPS fundamentals

· Mitigation technologies for e-mail, web-based, and endpoint threats

The CD-ROM contains two free, complete practice exams and 90 minutes of video training.

Includes Exclusive Offer for 70% Off Premium Edition eBook and Practice Test



Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), Windows 7, or Windows 8; Microsoft .NET Framework 4.0 Client; Pentium class 1GHz processor (or equivalent); 512MB RAM; 650MB disk space plus 50MB for each downloaded practice exam; access to the Internet to register and download the exam databases



Introduction xxvi

Part I Fundamentals of Network Security

Chapter 1 Networking Security Concepts 3

"Do I Know This Already?ö Quiz 3

Foundation Topics 6

Understanding Network and Information Security Basics 6

Network Security Objectives 6

Confidentiality, Integrity, and Availability 6

Cost-Benefit Analysis of Security 7

Classifying Assets 8

Classifying Vulnerabilities 10

Classifying Countermeasures 10

What Do We Do with the Risk? 11

Recognizing Current Network Threats 12

Potential Attackers 12

Attack Methods 13

Attack Vectors 14

Man-in-the-Middle Attacks 14

Other Miscellaneous Attack Methods 15

Applying Fundamental Security Principles to Network Design 16

Guidelines 16

Network Topologies 17

Network Security for a Virtual Environment 20

How It All Fits Together 22

Exam Preparation Tasks 23

Review All the Key Topics 23

Complete the Tables and Lists from Memory 23

Define Key Terms 23

Chapter 2 Common Security Threats 25

"Do I Know This Already?ö Quiz 25

Foundation Topics 27

Network Security Threat Landscape 27

Distributed Denial-of-Service Attacks 27

Social Engineering Methods 28

Social Engineering Tactics 29

Defenses Against Social Engineering 29

Malware Identification Tools 30

Methods Available for Malware Identification 30

Data Loss and Exfiltration Methods 31

Summary 32

Exam Preparation Tasks 33

Review All the Key Topics 33

Complete the Tables and Lists from Memory 33

Define Key Terms 33

Part II Secure Access

Chapter 3 Implementing AAA in Cisco IOS 35

"Do I Know This Already?ö Quiz 35

Foundation Topics 38

Cisco Secure ACS, RADIUS, and TACACS 38

Why Use Cisco ACS? 38

On What Platform Does ACS Run? 38

What Is ISE? 39

Protocols Used Between the ACS and the Router 39

Protocol Choices Between the ACS Server and the Client (the Router) 40

Configuring Routers to Interoperate with an ACS Server 41

Configuring the ACS Server to Interoperate with a Router 51

Verifying and Troubleshooting Router-to-ACS Server Interactions 60

Exam Preparation Tasks 67

Review All the Key Topics 67

Complete the Tables and Lists from Memory 67

Define Key Terms 67

Command Reference to Check Your Memory 67

Chapter 4 Bring Your Own Device (BYOD) 71

"Do I Know This Already?ö Quiz 71

Foundation Topics 73

Bring Your Own Device Fundamentals 73

BYOD Architecture Framework 74

BYOD Solution Components 74

Mobile Device Management 76

MDM Deployment Options 76

On-Premise MDM Deployment 77

Cloud-Based MDM Deployment 78

Exam Preparation Tasks 80

Review All the Key Topics 80

Complete the Tables and Lists from Memory 80

Define Key Terms 80

Part III Virtual Private Networks (VPN)

Chapter 5 Fundamentals of VPN Technology and Cryptography 83

"Do I Know This Already?ö Quiz 83

Foundation Topics 87

Understanding VPNs and Why We Use Them 87

What Is a VPN? 87

Types of VPNs 88

Two Main Types of VPNs 88

Main Benefits of VPNs 89

Confidentiality 89

Data Integrity 90

Authentication 90

Antireplay Protection 90

Cryptography Basic Components 91

Ciphers and Keys 91

Ciphers 91

Keys 92

Block and Stream Ciphers 92

Block Ciphers 92

Stream Ciphers 92

Symmetric and Asymmetric Algorithms 92

Symmetric 93

Asymmetric 93

Hashes 94

Hashed Message Authentication Code 95

Digital Signatures 95

Digital Signatures in Action 95

Key Management 96

Next-Generation Encryption Prot