CCNP Security Secure 642-637 Official Cert Guide, Rough Cuts

Rough Cuts

  • Available to Safari Subscribers
  • About Rough Cuts
  • Rough Cuts are manuscripts that are developed but not yet published, available through Safari. Rough Cuts provide you access to the very latest information on a given topic and offer you the opportunity to interact with the author to influence the final publication.

Not for Sale
  • Description
  • Sample Content
  • Updates
  • Copyright 2011
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 800
  • Edition: 1st
  • Rough Cuts
  • ISBN-10: 0-13-237859-0
  • ISBN-13: 978-0-13-237859-8

This is the Rough Cut version of the printed book.

Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

CCNP Security SECURE 642-637 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

  • Master CCNP Security SECURE 642-637 exam topics
  • Assess your knowledge with chapter-opening quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions on the CD-ROM

CCNP Security SECURE 642-637 Official Cert Guide focuses specifically on the objectives for the CCNP Security SECURE exam. Senior networking consultants Sean Wilkins and Trey Smith share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The companion CD-ROM contains a powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take a complete, timed exam. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The official study guide helps you master all the topics on the CCNP Security SECURE exam, including:

  • Network security threats and foundation protection
  • Switched data plane security
  • 802.1X and identity-based networking services
  • Cisco IOS routed data plane security
  • Cisco IOS control plane security
  • Cisco IOS management plane security
  • NAT
  • Zone-based firewalls
  • IOS intrusion prevention system
  • Cisco IOS site-to-site security solutions
  • IPsec VPNs, dynamic multipoint VPNs, and GET VPNs
  • SSL VPNs and EZVPN

CCNP Security SECURE 642-637 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

Table of Contents

    Introduction xxxiii

Part I Network Security Technologies Overview

Chapter 1 Network Security Fundamentals 3

        “Do I Know This Already?” Quiz 3

    Foundation Topics 7

        Defining Network Security 7

        Building Secure Networks 7

        Cisco SAFE 9

        SCF Basics 9

        SAFE/SCF Architecture Principles 12

        SAFE/SCF Network Foundation Protection (NFP) 14

        SAFE/SCF Design Blueprints 14

        SAFE Usage 15

        Exam Preparation 17

Chapter 2 Network Security Threats 21

        “Do I Know This Already?” Quiz 21

    Foundation Topics 24

        Vulnerabilities 24

        Self-Imposed Network Vulnerabilities 24

        Intruder Motivations 29

        Lack of Understanding of Computers or Networks 30

        Intruding for Curiosity 30

        Intruding for Fun and Pride 30

        Intruding for Revenge 30

        Intruding for Profit 31

        Intruding for Political Purposes 31

        Types of Network Attacks 31

        Reconnaissance Attacks 32

        Access Attacks 33

        DoS Attacks 35

        Exam Preparation 36

Chapter 3 Network Foundation Protection (NFP) Overview 39

        “Do I Know This Already?” Quiz 39

    Foundation Topics 42

        Overview of Device Functionality Planes 42

        Control Plane 43

        Data Plane 44

        Management Plane 45

        Identifying Network Foundation Protection Deployment Models 45

        Identifying Network Foundation Protection Feature Availability 48

 &nbs