CCNP Security IPS 642-627 Official Cert Guide, Rough Cuts

Rough Cuts

  • Available to Safari Subscribers
  • About Rough Cuts

    • Rough Cuts are manuscripts that are developed but not yet published, available through Safari. Rough Cuts provide you access to the very latest information on a given topic and offer you the opportunity to interact with the author to influence the final publication.

Not for Sale
  • Description
  • Sample Content
  • Updates
  • Copyright 2011
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 704
  • Edition: 1st
  • Rough Cuts
  • ISBN-10: 0-13-237211-8
  • ISBN-13: 978-0-13-237211-4

This is the Rough Cut version of the printed book.

CCNP Security IPS 642-627 Official Cert Guide

David Burns

Odunayo Adesina, CCIE® No. 26695

Keith Barker, CCIE No. 6783

     .    Master CCNP Security IPS 642-627 exam topics

     .    Assess your knowledge with chapter-opening quizzes

     .    Review key concepts with exam preparation tasks

     .    Practice with realistic exam questions on the CD-ROM

Learn, prepare, and practice for exam success

CCNP Security IPS 642-627 Official Cert Guide is a best-of-breed Cisco exam study guide that focuses specifically on the objectives for the CCNP Security IPS exam. Senior security engineers David Burns, Odunayo Adesina, and Keith Barker share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

CCNP Security IPS 642-627 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

The companion CD-ROM contains the powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take a complete, timed exam. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

CCNP Security IPS 642-627 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

The official study guide helps you master all the topics on the CCNP Security IPS exam, including

  • Cisco IPS software, hardware, and supporting applications
  • Network IPS and IDS deployment architecture
  • Installing and maintaining Cisco IPS physical and virtual sensors
  • Traffic analysis
  • IPS signatures and responses
  • Anomaly-based operations
  • Improving alarm response and quality
  • Managing and analyzing events
  • High availability and performance
  • IPS modules for ASAs, routers, and switches

Companion CD-ROM

Table of Contents

Introduction xxviii

Part I Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices 3

Chapter 1 Intrusion Prevention and Intrusion Detection Systems 5

“Do I Know This Already?” Quiz 5

Foundation Topics 8

Intrusion Prevention Overview 8

Intrusion Detection Versus Intrusion Prevention 8

Intrusion Prevention Terminology 9

Intrusion Prevention Systems 12

    Features of Network Intrusion Prevention Systems 13

    Limitations of Network Intrusion Prevention Systems 14

Network Intrusion Prevention Approaches 14

Endpoint Security Controls 16

    Host-Based Firewalls 17

    API and System Call Interception 17

    Cisco Security Agent 17

    Antimalware Agents 18

    Data Loss Prevention Agents 19

    Cryptographic Data Protection 19

A Systems Approach to Security 20

Exam Preparation Tasks 21

Review All the Key Topics 21

Complete the Tables and Lists from Memory 21

Define Key Terms 21

Chapter 2 Cisco IPS Software, Hardware, and Supporting Applications 23

Overview 23

“Do I Know This Already?” Quiz 23

Foundation Topics 26

Cisco IPS Network Sensors 26

Cisco IPS 4200 Series Sensors 27

    Cisco IPS 4240 Sensor 28

    Cisco IPS 4255 Sensor 29

    Cisco IPS 4260 Sensor 30

    Cisco IPS 4270 Sensor 32

    Sensing Interface Details 33

        10GE Interface Card 33

        4GE Bypass Interface Card 33

        2SX Interface Card 34

    Cisco ASA AIP SSM and AIP SSC-5 Modules 34

    Cisco Catalyst 6500 Series IDSM-2 Module 35

    Cisco AIM-IPS and NME-IPS Supported on Cisco ISR Routers 36

Cisco IPS Software Architecture 38

Cisco IPS Management Products 41

    Cisco IPS Device Manager 42

    Cisco IPS Manager Express 42

    Cisco Security Manager 43

    Cisco Security MARS 43

Cisco Security Intelligence Operations and Cisco Security IntelliShield Alert Manager Service 45

    Cisco Security IntelliShield Alert Manager Service 47

Summary 48

References 48

Exam Preparation Tasks 49

Review All the Key Topics 49

Definitions of Key Terms 49

Chapter 3<