CCNP Security VPN 642-647 Official Cert Guide, Rough Cuts

Rough Cuts

  • Available to Safari Subscribers
  • About Rough Cuts

    • Rough Cuts are manuscripts that are developed but not yet published, available through Safari. Rough Cuts provide you access to the very latest information on a given topic and offer you the opportunity to interact with the author to influence the final publication.

Not for Sale
  • Description
  • Sample Content
  • Updates
  • Copyright 2011
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 800
  • Edition: 1st
  • Rough Cuts
  • ISBN-10: 0-13-237205-3
  • ISBN-13: 978-0-13-237205-3

This is the Rough Cut version of the printed book.

Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

CCNP Security VPN 642-647 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

  • Master Cisco CCNP Security VPN 642-647 exam topics
  • Assess your knowledge with chapter-opening quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions on the CD-ROM

CCNP Security VPN 642-647 Official Cert Guide, focuses specifically on the objectives for the CCNP Security VPN exam. Cisco Certified Internetwork Expert (CCIE) Howard Hooper share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The companion CD-ROM contains a powerful Pearson IT Certification Practice Test engine that enables you to focus on individual topic areas or take a complete, timed exam. The assessment engine also tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.

Well-regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.

The official study guide helps you master all the topics on the CCNP Security VPN exam, including:

  • Configuring policies, inheritance, and attributes
  • AnyConnect Remote Access VPN solution
  • AAA and Dynamic Access Policies (DAP)
  • High availability and performance
  • Clientless VPN solutions
  • SSL VPN with Cisco Secure Desktop
  • Easy VPN solutions
  • IPsec VPN clients and site-to-site VPNs

CCNP Security VPN 642-647 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

The print edition of the CCNP Security VPN 642-647 Official Cert Guide contains a free, complete practice exam.

Pearson IT Certification Practice Test minimum system requirements:

Windows XP (SP3), Windows Vista (SP2), or Windows 7;

Microsoft .NET Framework 4.0 Client;

Microsoft SQL Server Compact 4.0;

Table of Contents

Introduction xxiv

Part I ASA Architecture and Technologies Overview

Chapter 1 Evaluation of the ASA Architecture 3

“Do I Know This Already?” Quiz 3

Foundation Topics 6

Examining ASA Control Fundamentals 6

    Interfaces, Security Levels, and EtherChannels 6

        Security Levels 9

        Same Security Interface and Intra-Interface Communication 10

        EtherChannels 11

    Access Control Lists 12

    Modular Policy Framework 15

Routing the Environment 16

Address Translations and Your ASA 18

AAA for Network-Based Access 21

ASA VPN Technology Comparison 24

Managing Your ASA Device 27

Packet Processing 28

Controlling VPN Access 29

The Good, the Bad, and the Licensing 32

    Time-Based Licenses 41

        When Time-Based and Permanent Licenses Combine 42

    Shared SSL VPN Licenses 43

        Failover Licensing 43

Exam Preparation Tasks 44

    Review All Key Topics 44

    Complete Tables and Lists from Memory 44

    Define Key Terms 44

Chapter 2 Configuring Policies, Inheritance, and Attributes 47

“Do I Know This Already?” Quiz 47

Foundation Topics 49

Policies and Their Relationships 49

Understanding Connection Profiles 50

    Group URL 52

    Group Alias 52

    Certificate to Connection Profile Mapping 53

    Per-User Connection Profile Lock 54

    Default Connection Profiles 55

Understanding Group Policies 56

Configure User Attributes 59

Using External Servers for AAA and Policies 60

Exam Preparation Tasks 70

    Review All Key Topics 70

    Complete Tables and Lists from Memory 70

    Define Key Terms 70

Part II Cisco AnyConnect Remote-Access VPN Solutions

Chapter 3 Deploying an AnyConnect Remote-Access VPN Solution 73

“Do I Know This Already?” Quiz 73

Foundation Topics 76

Full SSL VPN Technology Overview 76

    SSL/TLS 76

    DTLS 80

    IKEv2 81

Configuration Procedures, Deployment Strategies, and Information Gathering 83

    AnyConnect Secure Mobility Client Installation 84