간편결제, 신용카드 청구할인
삼성카드 6% (29,430원)
(삼성카드 6% 청구할인)
인터파크 롯데카드 5% (29,740원)
(최대할인 10만원 / 전월실적 40만원)
북피니언 롯데카드 30% (21,910원)
(최대할인 3만원 / 3만원 이상 결제)
NH쇼핑&인터파크카드 20% (25,040원)
(최대할인 4만원 / 2만원 이상 결제)
Close

CCNA Security 640-554 Portable Command Guide (Paperback)

해외주문원서 소득공제

2013년 9월 9일 이후 누적수치입니다.

공유하기
정가

39,680원

  • 31,300 (21%할인)

    1,570P (5%적립)

할인혜택
적립혜택
  • I-Point 적립은 출고완료 후 14일 이내 마이페이지에서 적립받기한 경우만 적립됩니다.
추가혜택
배송정보
주문수량
감소 증가

※ 코로나19로 인한 항공편 감소로 해외주문원서의 배송이 평소보다 최대 일주일 정도 지연될 수 있으니 주문에 참고 부탁드립니 더보기

특이사항

※ 코로나19로 인한 항공편 감소로 해외주문원서의 배송이 평소보다 최대 일주일 정도 지연될 수 있으니 주문에 참고 부탁드립니다. 감사합니다.
※ 미국 내 코로나19 확산으로 특정 상품에 한해 추가 3주 정도 지연될 수 있으니 양해 부탁드립니다.

해외주문원서/일서는 고객의 요청에 의해 주문하는 '개인오더' 상품으로, 단순 변심/착오로 인한 취소, 반품, 교환이 불가합니다.
단, 품절/절판인 경우와 결제완료 당일 24시까지는 마이페이지 > 취소/반품/교환/환불 에서 취소신청이 가능합니다.
부득이한 사정으로 인터파크 직매입 해외주문양서/일서를 고객변심 사유로 반품 신청을 할 경우 '수입제반비용'을 환불금액에서 차감하고 환불합니다.
또한, 해외 거래처 사정에 의하여 주문상품이 품절이나 입고 지연될 수도 있다는 점도 알려 드립니다.
※ 수입제반비용이란 판매가의 20% (반품/취소 수수료는, 수입제반비용(수송비용, 관세사비, 보세창고료, 내륙운송비, 통관비 등)과 재고리스크(미판매 리스크, 환차손)에 따른 비용을 포함하며, 판매가에 상관없이 일괄 20%가 적용됩니다.)

출판사 서평

All the CCNA Security 640-554 commands in one compact, portable resource

Preparing for the latest CCNA® Security exam? Here are all the CCNA Security commands you need in one condensed, portable resource. Filled with valuable, easy-to-access information, the CCNA Security Portable Command Guide is portable enough for you to use whether you’re in the server room or the equipment closet.

Completely updated to reflect the new CCNA Security 640-554 exam, this quick reference summarizes relevant Cisco IOS® Software commands, keywords, command arguments, and associated prompts, and offers tips and examples for applying these commands to real-world security challenges. Throughout, configuration examples provide an even deeper understanding of how to use IOS to protect networks.

목차

Introduction xvii

Part I: Networking Security Fundamentals

CHAPTER 1 Networking Security Concepts 1

Basic Security Concepts 2

Assets, Vulnerabilities, Threats, and Countermeasures 2

Confidentiality, Integrity, and Availability 2

Data Classification Criteria 2

Data Classification Levels 2

Classification Roles 3

Threat Classification 3

Preventive, Detective, and Corrective Controls 3

Risk Avoidance, Transfer, and Retention 4

Drivers for Network Security 4

Evolution of Threats 4

Tracking Threats 5

Malicious Code: Viruses, Worms, and Trojan Horses 5

Anatomy of a Worm 6

Mitigating Malware and Worms 6

Threats in Borderless Networks 7

Hacker Titles 7

Thinking Like a Hacker 8

Reconnaissance Attacks 8

Access Attacks 9

Password Cracking 10

Denial-of-Service Attacks 10

Principles of Secure Network Design 11

Defense in Depth 11

CHAPTER 2 Implementing Security Policies Using a Lifecycle Approach 13

Risk Analysis 13

Quantitative Risk Analysis Formula 14

Quantitative Risk Analysis Example 15

Regulatory Compliance 15

Security Policy 17

Standards, Guidelines, and Procedures 18

Security Policy Audience Responsibilities 19

Security Awareness 19

Secure Network Lifecycle Management 19

Models and Frameworks 21

Assessing and Monitoring the Network Security Posture 21

Testing the Security Architecture 22

Incident Response 22

Incident Response Phases 22

Computer Crime Investigation 23

Collection of Evidence and Forensics 23

Law Enforcement and Liability 23

Ethics 23

Disaster-Recovery and Business-Continuity Planning 23

CHAPTER 3 Building a Security Strategy for Borderless Networks 25

Cisco Borderless Network Architecture 25

Borderless Security Products 26

Cisco SecureX Architecture and Context-Aware Security 26

Cisco TrustSec 28

TrustSec Confidentiality 28

Cisco AnyConnect 29

Cisco Security Intelligence Operations 29

Threat Control and Containment 29

Cloud Security and Data-Loss Prevention 30

Secure Connectivity Through VPNs 31

Security Management 31

Part II: Protecting the Network Infrastructure

CHAPTER 4 Network Foundation Protection 33

Threats Against the Network Infrastructure 33

Cisco Network Foundation Protection Framework 34

Control Plane Security 35

Control Plane Policing 36

Management Plane Security 36

Role-Based Access Control 37

Secure Management and Reporting 37

Data Plane Security 37

ACLs 37

Antispoofing 38

Layer 2 Data Plane Protection 38

CHAPTER 5 Protecting the Network Infrastructure Using CCP 39

Cisco Configuration Professional 39

Cisco Configuration Professional Express 40

Connecting to Cisco CP Express Using the GUI 41

Cisco Configuration Professional 44

Configuring an ISR for CCP Support 44

Installing CCP on a Windows PC 45

Connecting to an ISR Using CCP 45

CCP Features and User Interface 47

Application Menu Options 48

Toolbar Menu Options 48

Toolbar Configure Options 49

Toolbar Monitor Options 49

Using CCP to Configure IOS Device-Hardening Features 49

CCP Security Audit 49

CCP One-Step Lockdown 50

Using the Cisco IOS AutoSecure CLI Feature 51

Configuring AutoSecure via the CLI 51

CHAPTER 6 Securing the Management Plane 53

Planning a Secure Management and Reporting Strategy 54

Securing the Management Plane 54

Securing Passwords 55

Securing the Console Line and Disabling the Auxiliary Line 55

Securing VTY Access with SSH 56

Securing VTY Access with SSH Example 57

Securing VTY Access with SSH Using CCP Example 58

Securing Configuration and IOS Files 60

Restoring Bootset Files 61

Implementing Role-Based Access Control on Cisco Routers 62

Configuring Privilege Levels 62

Configuring Privilege Levels Example 62

Configuring RBAC via the CLI 62

Configuring RBAC via the CLI Example 63

Configuring Superviews 63

Configuring a Superview Example 64

Configuring RBAC Using CCP Example 64

Network Monitoring 67

Configuring a Network Time Protocol Master Clock 67

Configuring an NTP Client 67

Configuring an NTP Master and Client Example 67

Configuring an NTP Client Using CCP Example 68

Configuring Syslog 69

Configuring Syslog Example 71

Configuring Syslog Using CCP Example 71

Configuring SNMP 74

Configuring SNMP Using CCP 74

CHAPTER 7 Securing Management Access with AAA 77

Authenticating Administrative Access 78

Local Authentication 78

Server-Based Authentication 78

Authentication, Authorization, and Accounting Framework 79

Local AAA Authentication 79

Configuring Local AAA Authentication Example 80

Configuring Local AAA Authentication Using CCP Example 81

Server-Based AAA Authentication 86

TACACS+ Versus RADIUS 86

Configuring Server-Based AAA Authentication 87

Configuring Server-Based AAA Authentication Example 88

Configuring Server-Based AAA Authentication Using CCP Example 89

AAA Authorization 94

Configuring AAA Authorization Example 94

Configuring AAA Authorization Using CCP 94

AAA Accounting 98

Configuring AAA Accounting Example 98

Cisco Secure ACS 98

Adding a Router as a AAA Client 99

Configuring Identity Groups and an Identity Store 99

Configuring Access Service to Process Requests 100

Creating Identity and Authorization Policies 101

CHAPTER 8 Securing the Data Plane on Catalyst Switches 103

Common Threats to the Switching Infrastructure 104

Layer 2 Attacks 104

Layer 2 Security Guidelines 104

MAC Address Attacks 105

Configuring Port Security 105

Fine-Tuning Port Security 106

Configuring Optional Port Security Settings 107

Configuring Port Security Example 108

Spanning Tree Protocol Attacks 109

STP Enhancement Features 109

Configuring STP Enhancement Features 110

Configuring STP Enhancements Example 111

LAN Storm Attacks 112

Configuring Storm Control 112

Configuring Storm Control Example 113

VLAN Hopping Attacks 113

Mitigating VLAN Attacks 114

Mitigating VLAN Attacks Example 114

Advanced Layer 2 Security Features 115

ACLs and Private VLANs 116

Cisco Integrated Security Features 116

Secure the Switch Management Plane 117

CHAPTER 9 Securing the Data Plane in IPv6 Environments 119

Overview of IPv6 119

Comparison Between IPv4 and IPv6 119

The IPv6 Header 120

ICMPv6 121

Stateless Autoconfiguration 122

IPv4-to-IPv6 Transition Solutions 122

IPv6 Routing Solutions 122

IPv6 Threats 123

IPv6 Vulnerabilities 124

IPv6 Security Strategy 124

Configuring Ingress Filtering 124

Secure Transition Mechanisms 125

Future Security Enhancements 125

Part III: Threat Control and Containment

CHAPTER 10 Planning a Threat Control Strategy 127

Threats 127

Trends in Information Security Threats 127

Threat Control Guidelines 128

Threat Control Design Guidelines 128

Integrated Threat Control Strategy 129

Cisco Security Intelligence Operations 130

CHAPTER 11 Confi guring ACLs for Threat Mitigation 131

Access Control List 131

Mitigating Threats Using ACLs 132

ACL Design Guidelines 132

ACL Operation 132

Configuring ACLs 134

ACL Configuration Guidelines 134

Filtering with Numbered Extended ACLs 134

Configuring a Numbered Extended ACL Example 135

Filtering with Named Extended ACLs 135

Configuring a Named Extended ACL Example 136

Configuring an Extended ACL Using CCP Example 136

Enhancing ACL Protection with Object Groups 140

Network Object Groups 140

Service Object Groups 140

Using Object Groups in Extended ACLs 141

Configuring Object Groups in ACLs Example 142

Configuring Object Groups in ACLs Using CCP Example 144

ACLs in IPv6 149

Mitigating IPv6 Attacks Using ACLs 149

IPv6 ACLs Implicit Entries 149

Filtering with IPv6 ACLs 149

Configuring an IPv6 ACL Example 151

CHAPTER 12 Confi guring Zone-Based Firewalls 153

Firewall Fundamentals 153

Types of Firewalls 154

Firewall Design 154

Firewall Policies 154

Firewall Rule Design Guidelines 155

Cisco IOS Firewall Evolution 155

Cisco IOS Zone-Based Policy Firewall 156

Cisco Common Classification Policy Language 156

ZFW Design Considerations 156

Default Policies, Traffic Flows, and Zone Interaction 157

Configuring an IOS ZFW 157

Configuring an IOS ZFW Using the CLI Example 160

Configuring an IOS ZFW Using CCP Example 161

Configuring NAT Services for ZFWs Using CCP Example 167

CHAPTER 13 Confi guring Cisco IOS IPS 171

IDS and IPS Fundamentals 171

Types of IPS Sensors 172

Types of Signatures 172

Types of Alarms 172

Intrusion Prevention Technologies 173

IPS Attack Responses 174

IPS Anti-Evasion Techniques 175

Managing Signatures 175

Cisco IOS IPS Signature Files 176

Implementing Alarms in Signatures 176

IOS IPS Severity Levels 177

Event Monitoring and Management 177

IPS Recommended Practices 178

Configuring IOS IPS 178

Creating an IOS IPS Rule and Specifying the IPS Signature File Location 179

Tuning Signatures per Category 180

Configuring IOS IPS Example 183

Configuring IOS IPS Using CCP Example 185

Signature Tuning Using CCP 193

Part IV: Secure Connectivity

CHAPTER 14 VPNs and Cryptology 195

Virtual Private Networks 195

VPN Deployment Modes 196

Cryptology = Cryptography + Cryptanalysis 197

Historical Cryptographic Ciphers 197

Modern Substitution Ciphers 198

Encryption Algorithms 198

Cryptanalysis 199

Cryptographic Processes in VPNs 200

Classes of Encryption Algorithms 201

Symmetric Encryption Algorithms 201

Asymmetric Encryption Algorithm 202

Choosing an Encryption Algorithm 202

Choosing an Adequate Keyspace 202

Cryptographic Hashes 203

Well-Known Hashing Algorithms 203

Hash-Based Message Authentication Codes 203

Digital Signatures 204

CHAPTER 15 Asymmetric Encryption and PKI 207

Asymmetric Encryption 207

Public Key Confidentiality and Authentication 207

RSA Functions 208

Public Key Infrastructure 208

PKI Terminology 209

PKI Standards 209

PKI Topologies 210

PKI Characteristics 211

CHAPTER 16 IPsec VPNs 213

IPsec Protocol 213

IPsec Protocol Framework 214

Encapsulating IPsec Packets 215

Transport Versus Tunnel Mode 215

Confidentiality Using Encryption Algorithms 216

Data Integrity Using Hashing Algorithms 216

Peer Authentication Methods 217

Key Exchange Algorithms 217

NSA Suite B Standard 218

Internet Key Exchange 218

IKE Negotiation Phases 219

IKEv1 Phase 1 (Main Mode and Aggressive Mode) 219

IKEv1 Phase 2 (Quick Mode) 220

IKEv2 Phase 1 and 2 220

IKEv1 Versus IKEv2 221

IPv6 VPNs 221

CHAPTER 17 Confi guring Site-to-Site VPNs 223

Site-to-Site IPsec VPNs 223

IPsec VPN Negotiation Steps 223

Planning an IPsec VPN 224

Cipher Suite Options 225

Configuring IOS Site-to-Site VPNs 225

Verifying the VPN Tunnel 229

Configuring a Site-to-Site IPsec VPN Using IOS Example 230

Configuring a Site-to-Site IPsec VPN Using CCP Example 232

Generating a Mirror Configuration Using CCP 241

Testing and Monitoring IPsec VPNs 242

Monitoring Established IPsec VPN Connections Using CCP 244

Part V: Securing the Network Using the ASA

CHAPTER 18 Introduction to the ASA 247

Adaptive Security Appliance 247

ASA Models 248

Routed and Transparent Firewall Modes 249

ASA Licensing 249

Basic ASA Configuration 251

ASA 5505 Front and Back Panel 251

ASA 5510 Front and Back Panel 252

ASA Security Levels 253

ASA 5505 Port Configuration 255

ASA 5505 Deployment Scenarios 255

ASA 5505 Configuration Options 255

CHAPTER 19 Introduction to ASDM 257

Adaptive Security Device Manager 257

Accessing ASDM 258

Factory Default Settings 258

Resetting the ASA 5505 to Factory Default Settings 259

Erasing the Factory Default Settings 259

Setup Initialization Wizard 259

Installing and Running ASDM 260

Running ASDM 262

ASDM Wizards 264

The Startup Wizard 264

VPN Wizards 265

Advanced Wizards 266

CHAPTER 20 Confi guring Cisco ASA Basic Settings 267

ASA Command-Line Interface 267

Differences Between IOS and ASA OS 268

Configuring Basic Settings 268

Configuring Basic Management Settings 269

Enabling the Master Passphrase 269

Configuring Interfaces 270

Configuring the Inside and Outside SVIs 270

Assigning Layer 2 Ports to VLANs 271

Configuring a Third SVI 272

Configuring the Management Plane 272

Enabling Telnet, SSH, and HTTPS Access 272

Configuring Time Services 274

Configuring the Control Plane 274

Configuring a Default Route 274

Basic Settings Example 274

Configuring Basic Settings Example Using the CLI 275

Configuring Basic Settings Example Using ASDM 277

CHAPTER 21 Confi guring Cisco ASA Advanced Settings 283

ASA DHCP Services 284

DHCP Client 284

DHCP Server Services 284

Configuring DHCP Server Example Using the CLI 285

Configuring DHCP Server Example Using ASDM 287

ASA Objects and Object Groups 289

Network and Service Objects 289

Network, Protocol, ICMP, and Service Object Groups 291

Configuring Objects and Object Groups Example Using ASDM 293

ASA ACLs 295

ACL Syntax 296

Configuring ACLs Example Using the CLI 297

Configuring ACLs with Object Groups Example Using the CLI 299

Configuring ACLs with Object Groups Example Using ASDM 300

ASA NAT Services 301

Auto-NAT 302

Dynamic NAT, Dynamic PAT, and Static NAT 302

Configuring Dynamic and Static NAT Example Using the CLI 304

Configuring Dynamic NAT Example Using ASDM 306

AAA Access Control 308

Local AAA Authentication 308

Server-Based AAA Authentication 309

Configuring AAA Server-Based Authentication Example Using the CLI 309

Configuring AAA Server-Based Authentication Example Using ASDM 310

Modular Policy Framework Service Policies 313

Class Maps, Policy Maps, and Service Policies 314

Default Global Policies 317

Configure Service Policy Example Using ASDM 318

CHAPTER 22 Confi guring Cisco ASA SSL VPNs 319

Remote-Access VPNs 319

Types of Remote-Access VPNs 319

ASA SSL VPN 320

Client-Based SSL VPN Example Using ASDM 321

Clientless SSL VPN Example Using ASDM 328

APPENDIX Create Your Own Journal Here 335

저자소개

생년월일 -
출생지 -
출간도서 0종
판매수 0권

해당작가에 대한 소개가 없습니다.

컴퓨터 분야에서 많은 회원이 구매한 책

    리뷰

    0.0 (총 0건)

    구매 후 리뷰 작성 시, 북피니언 지수 최대 600점

    리뷰쓰기

    기대평

    작성시 유의사항

    평점
    0/200자
    등록하기

    기대평

    0.0

    교환/환불

    교환/환불 방법

    ‘마이페이지 > 취소/반품/교환/환불’ 에서 신청함, 1:1 문의 게시판 또는 고객센터(1577-2555) 이용 가능

    교환/환불 가능 기간

    고객변심은 출고완료 다음날부터 14일 까지만 교환/환불이 가능함

    교환/환불 비용

    고객변심 또는 구매착오의 경우에만 2,500원 택배비를 고객님이 부담함

    교환/환불 불가사유

    반품접수 없이 반송하거나, 우편으로 보낼 경우 상품 확인이 어려워 환불이 불가할 수 있음
    배송된 상품의 분실, 상품포장이 훼손된 경우, 비닐랩핑된 상품의 비닐 개봉시 교환/반품이 불가능함

    소비자 피해보상

    소비자 피해보상의 분쟁처리 등에 관한 사항은 소비자분쟁해결기준(공정거래위원회 고시)에 따라 비해 보상 받을 수 있음
    교환/반품/보증조건 및 품질보증 기준은 소비자기본법에 따른 소비자 분쟁 해결 기준에 따라 피해를 보상 받을 수 있음

    기타

    도매상 및 제작사 사정에 따라 품절/절판 등의 사유로 주문이 취소될 수 있음(이 경우 인터파크도서에서 고객님께 별도로 연락하여 고지함)

    배송안내

    • 인터파크 도서 상품은 택배로 배송되며, 출고완료 1~2일내 상품을 받아 보실 수 있습니다

    • 출고가능 시간이 서로 다른 상품을 함께 주문할 경우 출고가능 시간이 가장 긴 상품을 기준으로 배송됩니다.

    • 군부대, 교도소 등 특정기관은 우체국 택배만 배송가능하여, 인터파크 외 타업체 배송상품인 경우 발송되지 않을 수 있습니다.

    • 배송비

    도서(중고도서 포함) 구매

    2,000원 (1만원이상 구매 시 무료배송)

    음반/DVD/잡지/만화 구매

    2,000원 (2만원이상 구매 시 무료배송)

    도서와 음반/DVD/잡지/만화/
    중고직배송상품을 함께 구매

    2,000원 (1만원이상 구매 시 무료배송)

    업체직접배송상품 구매

    업체별 상이한 배송비 적용