간편결제, 신용카드 청구할인
인터파크 롯데카드 5% (31,850원)
(최대할인 10만원 / 전월실적 40만원)
북피니언 롯데카드 30% (23,470원)
(최대할인 3만원 / 3만원 이상 결제)
NH쇼핑&인터파크카드 20% (26,820원)
(최대할인 4만원 / 2만원 이상 결제)
Close

CCNA Security 640-554 Portable Command Guide (Paperback)

해외주문원서 소득공제

2013년 9월 9일 이후 누적수치입니다.

공유하기
정가

42,490원

  • 33,520 (21%할인)

    1,680P (5%적립)

할인혜택
적립혜택
  • I-Point 적립은 출고완료 후 14일 이내 마이페이지에서 적립받기한 경우만 적립됩니다.
  • 추가혜택
    배송정보
    주문수량
    감소 증가

    해외주문원서/일서는 고객의 요청에 의해 주문하는 '개인오더' 상품으로, 단순 변심/착오로 인한 취소, 반품, 교환이 불가합니다 더보기

    특이사항

    해외주문원서/일서는 고객의 요청에 의해 주문하는 '개인오더' 상품으로, 단순 변심/착오로 인한 취소, 반품, 교환이 불가합니다.
    단, 품절/절판인 경우와 결제완료 당일 24시까지는 마이페이지 > 취소/반품/교환/환불 에서 취소신청이 가능합니다.
    부득이한 사정으로 인터파크 직매입 해외주문양서/일서를 고객변심 사유로 반품 신청을 할 경우 '수입제반비용'을 환불금액에서 차감하고 환불합니다.
    또한, 해외 거래처 사정에 의하여 주문상품이 품절이나 입고 지연될 수도 있다는 점도 알려 드립니다.
    ※ 수입제반비용이란 판매가의 20% (반품/취소 수수료는, 수입제반비용(수송비용, 관세사비, 보세창고료, 내륙운송비, 통관비 등)과 재고리스크(미판매 리스크, 환차손)에 따른 비용을 포함하며, 판매가에 상관없이 일괄 20%가 적용됩니다.)

    출판사 서평

    All the CCNA Security 640-554 commands in one compact, portable resource

    Preparing for the latest CCNA® Security exam? Here are all the CCNA Security commands you need in one condensed, portable resource. Filled with valuable, easy-to-access information, the CCNA Security Portable Command Guide is portable enough for you to use whether you’re in the server room or the equipment closet.

    Completely updated to reflect the new CCNA Security 640-554 exam, this quick reference summarizes relevant Cisco IOS® Software commands, keywords, command arguments, and associated prompts, and offers tips and examples for applying these commands to real-world security challenges. Throughout, configuration examples provide an even deeper understanding of how to use IOS to protect networks.

    목차

    Introduction xvii

    Part I: Networking Security Fundamentals

    CHAPTER 1 Networking Security Concepts 1

    Basic Security Concepts 2

    Assets, Vulnerabilities, Threats, and Countermeasures 2

    Confidentiality, Integrity, and Availability 2

    Data Classification Criteria 2

    Data Classification Levels 2

    Classification Roles 3

    Threat Classification 3

    Preventive, Detective, and Corrective Controls 3

    Risk Avoidance, Transfer, and Retention 4

    Drivers for Network Security 4

    Evolution of Threats 4

    Tracking Threats 5

    Malicious Code: Viruses, Worms, and Trojan Horses 5

    Anatomy of a Worm 6

    Mitigating Malware and Worms 6

    Threats in Borderless Networks 7

    Hacker Titles 7

    Thinking Like a Hacker 8

    Reconnaissance Attacks 8

    Access Attacks 9

    Password Cracking 10

    Denial-of-Service Attacks 10

    Principles of Secure Network Design 11

    Defense in Depth 11

    CHAPTER 2 Implementing Security Policies Using a Lifecycle Approach 13

    Risk Analysis 13

    Quantitative Risk Analysis Formula 14

    Quantitative Risk Analysis Example 15

    Regulatory Compliance 15

    Security Policy 17

    Standards, Guidelines, and Procedures 18

    Security Policy Audience Responsibilities 19

    Security Awareness 19

    Secure Network Lifecycle Management 19

    Models and Frameworks 21

    Assessing and Monitoring the Network Security Posture 21

    Testing the Security Architecture 22

    Incident Response 22

    Incident Response Phases 22

    Computer Crime Investigation 23

    Collection of Evidence and Forensics 23

    Law Enforcement and Liability 23

    Ethics 23

    Disaster-Recovery and Business-Continuity Planning 23

    CHAPTER 3 Building a Security Strategy for Borderless Networks 25

    Cisco Borderless Network Architecture 25

    Borderless Security Products 26

    Cisco SecureX Architecture and Context-Aware Security 26

    Cisco TrustSec 28

    TrustSec Confidentiality 28

    Cisco AnyConnect 29

    Cisco Security Intelligence Operations 29

    Threat Control and Containment 29

    Cloud Security and Data-Loss Prevention 30

    Secure Connectivity Through VPNs 31

    Security Management 31

    Part II: Protecting the Network Infrastructure

    CHAPTER 4 Network Foundation Protection 33

    Threats Against the Network Infrastructure 33

    Cisco Network Foundation Protection Framework 34

    Control Plane Security 35

    Control Plane Policing 36

    Management Plane Security 36

    Role-Based Access Control 37

    Secure Management and Reporting 37

    Data Plane Security 37

    ACLs 37

    Antispoofing 38

    Layer 2 Data Plane Protection 38

    CHAPTER 5 Protecting the Network Infrastructure Using CCP 39

    Cisco Configuration Professional 39

    Cisco Configuration Professional Express 40

    Connecting to Cisco CP Express Using the GUI 41

    Cisco Configuration Professional 44

    Configuring an ISR for CCP Support 44

    Installing CCP on a Windows PC 45

    Connecting to an ISR Using CCP 45

    CCP Features and User Interface 47

    Application Menu Options 48

    Toolbar Menu Options 48

    Toolbar Configure Options 49

    Toolbar Monitor Options 49

    Using CCP to Configure IOS Device-Hardening Features 49

    CCP Security Audit 49

    CCP One-Step Lockdown 50

    Using the Cisco IOS AutoSecure CLI Feature 51

    Configuring AutoSecure via the CLI 51

    CHAPTER 6 Securing the Management Plane 53

    Planning a Secure Management and Reporting Strategy 54

    Securing the Management Plane 54

    Securing Passwords 55

    Securing the Console Line and Disabling the Auxiliary Line 55

    Securing VTY Access with SSH 56

    Securing VTY Access with SSH Example 57

    Securing VTY Access with SSH Using CCP Example 58

    Securing Configuration and IOS Files 60

    Restoring Bootset Files 61

    Implementing Role-Based Access Control on Cisco Routers 62

    Configuring Privilege Levels 62

    Configuring Privilege Levels Example 62

    Configuring RBAC via the CLI 62

    Configuring RBAC via the CLI Example 63

    Configuring Superviews 63

    Configuring a Superview Example 64

    Configuring RBAC Using CCP Example 64

    Network Monitoring 67

    Configuring a Network Time Protocol Master Clock 67

    Configuring an NTP Client 67

    Configuring an NTP Master and Client Example 67

    Configuring an NTP Client Using CCP Example 68

    Configuring Syslog 69

    Configuring Syslog Example 71

    Configuring Syslog Using CCP Example 71

    Configuring SNMP 74

    Configuring SNMP Using CCP 74

    CHAPTER 7 Securing Management Access with AAA 77

    Authenticating Administrative Access 78

    Local Authentication 78

    Server-Based Authentication 78

    Authentication, Authorization, and Accounting Framework 79

    Local AAA Authentication 79

    Configuring Local AAA Authentication Example 80

    Configuring Local AAA Authentication Using CCP Example 81

    Server-Based AAA Authentication 86

    TACACS+ Versus RADIUS 86

    Configuring Server-Based AAA Authentication 87

    Configuring Server-Based AAA Authentication Example 88

    Configuring Server-Based AAA Authentication Using CCP Example 89

    AAA Authorization 94

    Configuring AAA Authorization Example 94

    Configuring AAA Authorization Using CCP 94

    AAA Accounting 98

    Configuring AAA Accounting Example 98

    Cisco Secure ACS 98

    Adding a Router as a AAA Client 99

    Configuring Identity Groups and an Identity Store 99

    Configuring Access Service to Process Requests 100

    Creating Identity and Authorization Policies 101

    CHAPTER 8 Securing the Data Plane on Catalyst Switches 103

    Common Threats to the Switching Infrastructure 104

    Layer 2 Attacks 104

    Layer 2 Security Guidelines 104

    MAC Address Attacks 105

    Configuring Port Security 105

    Fine-Tuning Port Security 106

    Configuring Optional Port Security Settings 107

    Configuring Port Security Example 108

    Spanning Tree Protocol Attacks 109

    STP Enhancement Features 109

    Configuring STP Enhancement Features 110

    Configuring STP Enhancements Example 111

    LAN Storm Attacks 112

    Configuring Storm Control 112

    Configuring Storm Control Example 113

    VLAN Hopping Attacks 113

    Mitigating VLAN Attacks 114

    Mitigating VLAN Attacks Example 114

    Advanced Layer 2 Security Features 115

    ACLs and Private VLANs 116

    Cisco Integrated Security Features 116

    Secure the Switch Management Plane 117

    CHAPTER 9 Securing the Data Plane in IPv6 Environments 119

    Overview of IPv6 119

    Comparison Between IPv4 and IPv6 119

    The IPv6 Header 120

    ICMPv6 121

    Stateless Autoconfiguration 122

    IPv4-to-IPv6 Transition Solutions 122

    IPv6 Routing Solutions 122

    IPv6 Threats 123

    IPv6 Vulnerabilities 124

    IPv6 Security Strategy 124

    Configuring Ingress Filtering 124

    Secure Transition Mechanisms 125

    Future Security Enhancements 125

    Part III: Threat Control and Containment

    CHAPTER 10 Planning a Threat Control Strategy 127

    Threats 127

    Trends in Information Security Threats 127

    Threat Control Guidelines 128

    Threat Control Design Guidelines 128

    Integrated Threat Control Strategy 129

    Cisco Security Intelligence Operations 130

    CHAPTER 11 Confi guring ACLs for Threat Mitigation 131

    Access Control List 131

    Mitigating Threats Using ACLs 132

    ACL Design Guidelines 132

    ACL Operation 132

    Configuring ACLs 134

    ACL Configuration Guidelines 134

    Filtering with Numbered Extended ACLs 134

    Configuring a Numbered Extended ACL Example 135

    Filtering with Named Extended ACLs 135

    Configuring a Named Extended ACL Example 136

    Configuring an Extended ACL Using CCP Example 136

    Enhancing ACL Protection with Object Groups 140

    Network Object Groups 140

    Service Object Groups 140

    Using Object Groups in Extended ACLs 141

    Configuring Object Groups in ACLs Example 142

    Configuring Object Groups in ACLs Using CCP Example 144

    ACLs in IPv6 149

    Mitigating IPv6 Attacks Using ACLs 149

    IPv6 ACLs Implicit Entries 149

    Filtering with IPv6 ACLs 149

    Configuring an IPv6 ACL Example 151

    CHAPTER 12 Confi guring Zone-Based Firewalls 153

    Firewall Fundamentals 153

    Types of Firewalls 154

    Firewall Design 154

    Firewall Policies 154

    Firewall Rule Design Guidelines 155

    Cisco IOS Firewall Evolution 155

    Cisco IOS Zone-Based Policy Firewall 156

    Cisco Common Classification Policy Language 156

    ZFW Design Considerations 156

    Default Policies, Traffic Flows, and Zone Interaction 157

    Configuring an IOS ZFW 157

    Configuring an IOS ZFW Using the CLI Example 160

    Configuring an IOS ZFW Using CCP Example 161

    Configuring NAT Services for ZFWs Using CCP Example 167

    CHAPTER 13 Confi guring Cisco IOS IPS 171

    IDS and IPS Fundamentals 171

    Types of IPS Sensors 172

    Types of Signatures 172

    Types of Alarms 172

    Intrusion Prevention Technologies 173

    IPS Attack Responses 174

    IPS Anti-Evasion Techniques 175

    Managing Signatures 175

    Cisco IOS IPS Signature Files 176

    Implementing Alarms in Signatures 176

    IOS IPS Severity Levels 177

    Event Monitoring and Management 177

    IPS Recommended Practices 178

    Configuring IOS IPS 178

    Creating an IOS IPS Rule and Specifying the IPS Signature File Location 179

    Tuning Signatures per Category 180

    Configuring IOS IPS Example 183

    Configuring IOS IPS Using CCP Example 185

    Signature Tuning Using CCP 193

    Part IV: Secure Connectivity

    CHAPTER 14 VPNs and Cryptology 195

    Virtual Private Networks 195

    VPN Deployment Modes 196

    Cryptology = Cryptography + Cryptanalysis 197

    Historical Cryptographic Ciphers 197

    Modern Substitution Ciphers 198

    Encryption Algorithms 198

    Cryptanalysis 199

    Cryptographic Processes in VPNs 200

    Classes of Encryption Algorithms 201

    Symmetric Encryption Algorithms 201

    Asymmetric Encryption Algorithm 202

    Choosing an Encryption Algorithm 202

    Choosing an Adequate Keyspace 202

    Cryptographic Hashes 203

    Well-Known Hashing Algorithms 203

    Hash-Based Message Authentication Codes 203

    Digital Signatures 204

    CHAPTER 15 Asymmetric Encryption and PKI 207

    Asymmetric Encryption 207

    Public Key Confidentiality and Authentication 207

    RSA Functions 208

    Public Key Infrastructure 208

    PKI Terminology 209

    PKI Standards 209

    PKI Topologies 210

    PKI Characteristics 211

    CHAPTER 16 IPsec VPNs 213

    IPsec Protocol 213

    IPsec Protocol Framework 214

    Encapsulating IPsec Packets 215

    Transport Versus Tunnel Mode 215

    Confidentiality Using Encryption Algorithms 216

    Data Integrity Using Hashing Algorithms 216

    Peer Authentication Methods 217

    Key Exchange Algorithms 217

    NSA Suite B Standard 218

    Internet Key Exchange 218

    IKE Negotiation Phases 219

    IKEv1 Phase 1 (Main Mode and Aggressive Mode) 219

    IKEv1 Phase 2 (Quick Mode) 220

    IKEv2 Phase 1 and 2 220

    IKEv1 Versus IKEv2 221

    IPv6 VPNs 221

    CHAPTER 17 Confi guring Site-to-Site VPNs 223

    Site-to-Site IPsec VPNs 223

    IPsec VPN Negotiation Steps 223

    Planning an IPsec VPN 224

    Cipher Suite Options 225

    Configuring IOS Site-to-Site VPNs 225

    Verifying the VPN Tunnel 229

    Configuring a Site-to-Site IPsec VPN Using IOS Example 230

    Configuring a Site-to-Site IPsec VPN Using CCP Example 232

    Generating a Mirror Configuration Using CCP 241

    Testing and Monitoring IPsec VPNs 242

    Monitoring Established IPsec VPN Connections Using CCP 244

    Part V: Securing the Network Using the ASA

    CHAPTER 18 Introduction to the ASA 247

    Adaptive Security Appliance 247

    ASA Models 248

    Routed and Transparent Firewall Modes 249

    ASA Licensing 249

    Basic ASA Configuration 251

    ASA 5505 Front and Back Panel 251

    ASA 5510 Front and Back Panel 252

    ASA Security Levels 253

    ASA 5505 Port Configuration 255

    ASA 5505 Deployment Scenarios 255

    ASA 5505 Configuration Options 255

    CHAPTER 19 Introduction to ASDM 257

    Adaptive Security Device Manager 257

    Accessing ASDM 258

    Factory Default Settings 258

    Resetting the ASA 5505 to Factory Default Settings 259

    Erasing the Factory Default Settings 259

    Setup Initialization Wizard 259

    Installing and Running ASDM 260

    Running ASDM 262

    ASDM Wizards 264

    The Startup Wizard 264

    VPN Wizards 265

    Advanced Wizards 266

    CHAPTER 20 Confi guring Cisco ASA Basic Settings 267

    ASA Command-Line Interface 267

    Differences Between IOS and ASA OS 268

    Configuring Basic Settings 268

    Configuring Basic Management Settings 269

    Enabling the Master Passphrase 269

    Configuring Interfaces 270

    Configuring the Inside and Outside SVIs 270

    Assigning Layer 2 Ports to VLANs 271

    Configuring a Third SVI 272

    Configuring the Management Plane 272

    Enabling Telnet, SSH, and HTTPS Access 272

    Configuring Time Services 274

    Configuring the Control Plane 274

    Configuring a Default Route 274

    Basic Settings Example 274

    Configuring Basic Settings Example Using the CLI 275

    Configuring Basic Settings Example Using ASDM 277

    CHAPTER 21 Confi guring Cisco ASA Advanced Settings 283

    ASA DHCP Services 284

    DHCP Client 284

    DHCP Server Services 284

    Configuring DHCP Server Example Using the CLI 285

    Configuring DHCP Server Example Using ASDM 287

    ASA Objects and Object Groups 289

    Network and Service Objects 289

    Network, Protocol, ICMP, and Service Object Groups 291

    Configuring Objects and Object Groups Example Using ASDM 293

    ASA ACLs 295

    ACL Syntax 296

    Configuring ACLs Example Using the CLI 297

    Configuring ACLs with Object Groups Example Using the CLI 299

    Configuring ACLs with Object Groups Example Using ASDM 300

    ASA NAT Services 301

    Auto-NAT 302

    Dynamic NAT, Dynamic PAT, and Static NAT 302

    Configuring Dynamic and Static NAT Example Using the CLI 304

    Configuring Dynamic NAT Example Using ASDM 306

    AAA Access Control 308

    Local AAA Authentication 308

    Server-Based AAA Authentication 309

    Configuring AAA Server-Based Authentication Example Using the CLI 309

    Configuring AAA Server-Based Authentication Example Using ASDM 310

    Modular Policy Framework Service Policies 313

    Class Maps, Policy Maps, and Service Policies 314

    Default Global Policies 317

    Configure Service Policy Example Using ASDM 318

    CHAPTER 22 Confi guring Cisco ASA SSL VPNs 319

    Remote-Access VPNs 319

    Types of Remote-Access VPNs 319

    ASA SSL VPN 320

    Client-Based SSL VPN Example Using ASDM 321

    Clientless SSL VPN Example Using ASDM 328

    APPENDIX Create Your Own Journal Here 335

    저자소개

    생년월일 -
    출생지 -
    출간도서 0종
    판매수 0권

    해당작가에 대한 소개가 없습니다.

    이 책과 내용이 비슷한 책 ? 내용 유사도란? 이 도서가 가진 내용을 분석하여 기준 도서와 얼마나 많이 유사한 콘텐츠를 많이 가지고 있는가에 대한 비율입니다.

      리뷰

      0.0 (총 0건)

      구매 후 리뷰 작성 시, 북피니언 지수 최대 600점

      리뷰쓰기

      기대평

      작성시 유의사항

      평점
      0/200자
      등록하기

      기대평

      0.0

      교환/환불

      교환/환불 방법

      ‘마이페이지 > 취소/반품/교환/환불’ 에서 신청함, 1:1 문의 게시판 또는 고객센터(1577-2555) 이용 가능

      교환/환불 가능 기간

      고객변심은 출고완료 다음날부터 14일 까지만 교환/환불이 가능함

      교환/환불 비용

      고객변심 또는 구매착오의 경우에만 2,500원 택배비를 고객님이 부담함

      교환/환불 불가사유

      반품접수 없이 반송하거나, 우편으로 보낼 경우 상품 확인이 어려워 환불이 불가할 수 있음
      배송된 상품의 분실, 상품포장이 훼손된 경우, 비닐랩핑된 상품의 비닐 개봉시 교환/반품이 불가능함

      소비자 피해보상

      소비자 피해보상의 분쟁처리 등에 관한 사항은 소비자분쟁해결기준(공정거래위원회 고시)에 따라 비해 보상 받을 수 있음
      교환/반품/보증조건 및 품질보증 기준은 소비자기본법에 따른 소비자 분쟁 해결 기준에 따라 피해를 보상 받을 수 있음

      기타

      도매상 및 제작사 사정에 따라 품절/절판 등의 사유로 주문이 취소될 수 있음(이 경우 인터파크도서에서 고객님께 별도로 연락하여 고지함)

      배송안내

      • 인터파크 도서 상품은 택배로 배송되며, 출고완료 1~2일내 상품을 받아 보실 수 있습니다

      • 출고가능 시간이 서로 다른 상품을 함께 주문할 경우 출고가능 시간이 가장 긴 상품을 기준으로 배송됩니다.

      • 군부대, 교도소 등 특정기관은 우체국 택배만 배송가능하여, 인터파크 외 타업체 배송상품인 경우 발송되지 않을 수 있습니다.

      • 배송비

      도서(중고도서 포함) 구매

      2,000원 (1만원이상 구매 시 무료배송)

      음반/DVD/잡지/만화 구매

      2,000원 (2만원이상 구매 시 무료배송)

      도서와 음반/DVD/잡지/만화/
      중고직배송상품을 함께 구매

      2,000원 (1만원이상 구매 시 무료배송)

      업체직접배송상품 구매

      업체별 상이한 배송비 적용