Implementing Cisco IOS Network Security (IINS)

Implementing Cisco IOS Network Security (IINS) is a Cisco-authorized, self-paced learning tool for CCNA(R) Security foundation learning. This book provides you with the knowledge needed to secure Cisco(R) routers and switches and their associated networks. By reading this book, you will gain a thorough understanding of how to troubleshoot and monitor network devices to maintain integrity, confidentiality, and availability of data and devices, as well as the technologies that Cisco uses in its security infrastructure. This book focuses on the necessity of a comprehensive security policy and how it affects the posture of the network. You will learn how to perform basic tasks to secure a small branch type office network using Cisco IOS(R) security features available through the Cisco Router and Security Device Manager (SDM) web-based graphical user interface (GUI) and through the command-line interface (CLI) on Cisco routers and switches. The author also provides, when appropriate, parallels with Cisco ASA appliances. Whether you are preparing for CCNA Security certification or simply want to gain a better understanding of Cisco IOS security fundamentals, you will benefit from the information provided in this book. Implementing Cisco IOS Network Security (IINS) is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining. * Develop a comprehensive network security policy to counter threats against information security * Configure routers on the network perimeter with Cisco IOS Software security features * Configure firewall features including ACLs and Cisco IOS zone-based policy firewalls to perform basic security operations on a network * Configure site-to-site VPNs using Cisco IOS features * Configure IPS on Cisco network routers * Configure LAN devices to control access, resist attacks, shield other network devices and systems, and protect the integrity and confidentiality of network traffic This volume is in the Certification Self-Study Series offered by Cisco Press(R). Books in this series provide officially developed self-study solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

ISBN 1587058154   Pages 624 ISBN13 9781587058158 (What's this?)   Part volume Authorized Self-study Guide Publisher Pearson Education (US)   Volumes 1 Imprint Cisco Press   Weight (grammes) 1158 Format Hardback   Published in Indianapolis Publication date 17 Apr 2009   Height (mm) 232 Library of Congress 2009008780   Width (mm) 187 DEWEY 005.8   Spine width (mm) 38 DEWEY edition DC22   Academic level Revision/study guides

Chapter 1 Introduction to Network Security Principles Examining Network Security Fundamentals The Need for Network Security Network Security Objectives Data Classification Security Controls Response to a Security Breach Laws and Ethics Examining Network Attack Methodologies Adversaries, Motivations, and Classes of Attack Classes of Attack and Methodology The Principles of Defense in Depth IP Spoofing Attacks Confidentiality Attacks Integrity Attacks Availability Attacks Best Practices to Defeat Network Attacks Examining Operations Security Secure Network Life Cycle Management Principles of Operations Security Network Security Testing Disaster Recovery and Business Continuity Planning Understanding and Developing a Comprehensive Network Security Policy Security Policy Overview Security Policy Components Standards, Guidelines, and Procedures Security Policy Roles and Responsibilities Risk Analysis and Management Principles of Secure Network Design Security Awareness Cisco Self-Defending Networks Changing Threats and Challenges Building a Cisco Self-Defending Network Cisco Integrated Security Portfolio Summary References Review Questions Chapter 2 Perimeter Security Securing Administrative Access to Cisco Routers General Router Security Guidelines Introduction to the Cisco Integrated Services Router Family Configuring Secure Administration Access Configuring Multiple Privilege Levels Configuring Role-Based Command-Line Interface Access Securing the Cisco IOS Image and Configuration Files Configuring Enhanced Support for Virtual Logins Delays Between Successive Login Attempts Login Shutdown if DoS Attacks Are Suspected Generation of System Logging Messages for Login Detection Configuring Banner Messages Introducing Cisco SDM Supporting Cisco SDM and Cisco SDM Express Launching Cisco SDM Express Launching Cisco SDM Navigating the Cisco SDM Interface Cisco SDM Wizards in Configure Mode Configuring AAA on a Cisco Router Using the Local Database Authentication, Authorization, and Accounting Introduction to AAA for Cisco Routers Using Local Services to Authenticate Router Access Configuring AAA on a Cisco Router to Use Cisco Secure ACS Cisco Secure ACS Overview TACACS+ and RADIUS Protocols Installing Cisco Secure ACS for Windows Configuring the Server Configuring TACACS+ Support on a Cisco Router Troubleshooting TACACS+ Implementing Secure Management and Reporting Planning Considerations for Secure Management and Reporting Secure Management and Reporting Architecture Using Syslog Logging for Network Security Using Logs to Monitor Network Security Using SNMP to Manage Network Devices Configuring an SSH Daemon for Secure Management and Reporting Enabling Time Features Locking Down the Router Vulnerable Router Services and Interfaces Management Service Vulnerabilities Performing a Security Audit Cisco AutoSecure Chapter Summary References Review Questions Chapter 3 Network Security Using Cisco IOS Firewalls Introducing Firewall Technologies Firewall Fundamentals Firewalls in a Layered Defense Strategy Static Packet-Filtering Firewalls Application Layer Gateways Dynamic or Stateful Packet-Filtering Firewalls Other Types of Firewalls Cisco Family of Firewalls Developing an Effective Firewall Policy ACL Fundamentals ACL Wildcard Masking Using ACLs to Control Traffic ACL Considerations Configuring ACLs Using SDM Using ACLs to Permit and Deny Network Services Configuring a Cisco IOS Zone-Based Policy Firewall Zone-Based Policy Firewall Overview Configuring Zone-Based Policy Firewalls Using the Basic Firewall Wizard Manually Configuring Zone-Based Policy Firewalls Using Cisco SDM Monitoring a Zone-Based-Firewall Summary References Review Questions Chapter 4 Fundamentals of Cryptography Examining Cryptographic Services Cryptology Overview Symmetric and Asymmetric Encryption Algorithms Block and Stream Ciphers Encryption Algorithm Selection Cryptograp

 Be the first to write a customer review