Network Security 1 and 2 Companion Guide
暫譯: 網路安全 1 與 2 伴隨指南
Antoon Rufi
- 出版商: Cisco Press
- 出版日期: 2006-10-15
- 定價: $2,600
- 售價: 1.5 折 $399
- 語言: 英文
- 頁數: 840
- 裝訂: Hardcover
- ISBN: 1587131625
- ISBN-13: 9781587131622
-
相關分類:
資訊安全
立即出貨 (庫存 < 3)
買這商品的人也買了...
-
計算機組織與設計 (Computer Organization and Design: The Hardware/Software Interface, 3/e)$680$646 -
Linear Algebra with Applications, 7/e (IE) (美國版ISBN:0131857851)$920$902 -
作業系統原理 (Silberschatz: Operating System Principles, 7/e)$780$741 -
鳥哥的 Linux 私房菜基礎學習篇, 2/e$780$663 -
Microsoft SharePoint Portal Server 2003 技術問答精選實錄$420$332 -
電腦病毒技術分析與防範$620$409 -
Oracle Database 10g OCP 專業認證指南 I (考試編號:1Z0-042) (Oracle Database 10g OCP Certification All-in-one Exam Guide)$650$553 -
Visual C# 2005 精要剖析$650$429 -
C++ Primer Plus, 5/e 中文豪華版$650$514 -
Microsoft Office SharePoint Server 2007 新一代企業表單與內容管理 (第二集)$720$569 -
C++ Primer, 4/e (中文版)$990$891 -
軟體測試實務講座─來自矽谷的技術經驗與心得分享$290$226 -
網頁設計 愛上 jQuery$550$435 -
程式之美-微軟技術面試心得$490$387 -
C++ 編程規範 (C++ Coding Standards: 101 Rules, Guidelines, and Best Practices)$580$406 -
AutoCAD 2009 特訓教材-基礎篇$630$498 -
Linux 裝置驅動程式之開發詳解$780$515 -
ASP.NET 3.5 應用系統專題實作$590$460 -
jQuery UI & Plugins$680$537 -
Visual C++ 2008 教學手冊 (Ivor Horton's Beginning Visual C++ 2008)$800$632 -
Linux Device Driver Programming 驅動程式設計$690$587 -
VMware 6.5 活用手札$330$218 -
XOOPS 2.3 架站王:快速架設、佈景主題、外掛模組$480$408 -
建構嵌入式 Linux 系統 (Building Embedded Linux Systems, 2/e)$780$616 -
2D/3D 遊戲程式設計入門─使用 XNA 3.0 與 C#$580$458
相關主題
商品描述
Description
The completely revised, updated and only authorized textbook for the Cisco Networking Academy Program Network Security 1 and 2 course
- A portable reference that supports the topics in the Cisco Networking Academy Network Security course aligning 1:1 with course modules
- Features improved readability, enhanced topic explanations, real-world examples, and all-new graphical presentations
- Written by leading Academy instructor, Antoon Rufi, who bring a fresh voice to the course material
Network Security 1 and 2 Companion Guide is the official supplemental textbook for version 2 of the Network Security 1 and 2 course of the Cisco Networking Academy Program. Completely revised and updated with new examples and explanations, this textbook includes original material developed by the author, yet it fully aligns with the Network Security curriculum. Written by an experienced author who presents material in a comprehensive manner--using his own voice and own examples--this new edition augments student understanding of course material. The new edition incorporates improved features to aid instructors and enhance student comprehension. For example, chapters align with course modules in both name and number, and chapter objectives are stated as questions to encourage students to think about and find answers as they read chapters. End-of-chapter questions and summaries align with chapter objectives to emphasize key topics, while key terms are listed in each chapter opener in the order of occurrence to alert students to upcoming vocabulary words. In addition, new features include "How To" quick references for step-by-step tasks; real-world examples and all-new illustrations; concise explanations with a focus on word usage and sentence structure for improved readability; and correlations to the CCNA exam in Chapter Objectives, Check Your Understanding questions, and new Challenge Activities.
Table of Contents
Course 1
Chapter 1 Vulnerabilities, Threats, and Attacks
Key Terms
Introduction to Network Security
The Need for Network Security
Identifying Potential Risks to Network Security
Open Versus Closed Security Models
Trends Driving Network Security
Information Security Organizations
Introduction to Vulnerabilities, Threats, and Attacks
Vulnerabilities
Threats
Attacks
Attack Examples
Reconnaissance Attacks
Access Attacks
Denial-of-Service (DoS) Attacks
Masquerade/IP Spoofing Attacks
Distributed Denial-of-Service Attacks
Malicious Code
Vulnerability Analysis
Policy Identification
Network Analysis
Host Analysis
Analysis Tools
Summary
Check Your Understanding
Chapter 2 Security Planning and Policy
Key Terms
Discussing Network Security and Cisco
The Security Wheel
Network Security Policy
Endpoint Protection and Management
Host- and Server-Based Security Components and Technologies
PC Management
Network Protection and Management
Network-Based Security Components and Technologies
Network Security Management
Security Architecture
Security Architecture (SAFE)
The Cisco Self-Defending Network
Secure Connectivity
Threat Defense
Cisco Integrated Security
Plan, Design, Implement, Operate, Optimize (PDIOO)
Basic Router Security
Control Access to Network Devices
Remote Configuration Using SSH
Router Passwords
Router Privileges and Accounts
Cisco IOS Network Services
Routing, Proxy ARP, and ICMP
Routing Protocol Authentication and Update Filtering
NTP, SNMP, Router Name, DNS
Summary
Check Your Understanding
Chapter 3 Security Devices
Device Options
Cisco IOS Firewall Feature Set
Creating a Customized Firewall
PIX Security Appliance
Adaptive Security Appliance
Finesse Operating System
The Adaptive Security Algorithm
Firewall Services Module
Using Security Device Manager
Using the SDM Startup Wizard
SDM User Interface
SDM Wizards
Using SDM to Configure a WAN
Using the Factory Reset Wizard
Monitor Mode
Introduction to the Cisco Security Appliance Family
PIX 501 Security Appliance
PIX 506E Security Appliance
PIX 515E Security Appliance
PIX 525 Security Appliance
PIX 535 Security Appliance
Adaptive Security Appliance Models
PIX Security Appliance Licensing
PIX VPN Encryption License
Security Contexts
PIX Security Appliance Context Licensing
ASA Security Appliance Licensing
Expanding the Features of the PIX 515E
Expanding the Features of the PIX 525
Expanding the Features of the PIX 535
Expanding the Features of the Adaptive Security Appliance Family
Getting Started with the PIX Security Appliance
Configuring the PIX Security Appliance
The help Command
Security Levels
Basic PIX Security Appliance Configuration Commands
Additional PIX Security Appliance Configuration Commands
Examining the PIX Security Appliance Status
Time Setting and NTP Support
Syslog Configuration
Security Appliance Translations and Connections
Transport Protocols
NAT
Dynamic Inside NAT
Two Interfaces with NAT
Three Interfaces with NAT
PAT
Augmenting a Global Pool with PAT
The static Command
The nat 0 Command
Connections and Translations
Manage a PIX Security Appliance with Adaptive Security Device Manager
ASDM Operating Requirements
Prepare for ASDM
Using ASDM to Configure the PIX Security Appliance
PIX Security Appliance Routing Capabilities
Virtual LANs
Static and RIP Routing
OSPF
Multicast Routing
Firewall Services Module Operation
FWSM Requirements
Getting Started with the FWSM
Verify FWSM Installation
Configure the FWSM Access Lists
Using PDM with the FWSM
Resetting and Rebooting the FWSM
Summary
Check Your Understanding
Chapter 4 Trust and Identity Technology
Key Terms
AAA
TACACS
RADIUS
Comparing TACACS+ and RADIUS
Authentication Technologies
Static Passwords
One-Time Passwords
Token Cards
Token Card and Server Methods
Digital Certificates
Biometrics
Identity Based Networking Services (IBNS)
802.1x
Wired and Wireless Implementations
Network Admission Control (NAC)
NAC Components
NAC Phases
NAC Operation
NAC Vendor Participation
Summary
Check Your Understanding
Chapter 5 Cisco Secure Access Control Server
Key Terms
Cisco Secure Access Control Server Product Overview
Authentication and User Databases
The Cisco Secure ACS User Database
Keeping Databases Current
Cisco Secure ACS for Windows Architecture
How Cisco Secure ACS Authenticates Users
User-Changeable Passwords
Configuring RADIUS and TACACS+ with Cisco Secure ACS
Installation Steps
Administering Cisco Secure ACS for Windows
Troubleshooting
Enabling TACACS+
Verifying TACACS+
Failure
Pass
Configuring RADIUS
Summary
Check Your Understanding
Chapter 6 Configure Trust and Identity at Layer 3
Key Terms
Cisco IOS Firewall Authentication Proxy
Authentication Proxy Operation
Supported AAA Servers
AAA Server Configuration
AAA Configuration
Allow AAA Traffic to the Router
Authentication Proxy Configuration
Test and Verify Authentication Proxy
Introduction to PIX Security Appliance AAA Features
PIX Security Appliance Authentication
PIX Security Appliance Authorization
PIX Security Appliance Accounting
AAA Server Support
Configure AAA on the PIX Security Appliance
PIX Security Appliance Access Authentication
Interactive User Authentication
The Local User Database
Authentication Prompts and Timeout
Cut-Through Proxy Authentication
Authentication of Non-Telnet, -FTP, or -HTTP Traffic
Tunnel User Authentication
Authorization Configuration
Downloadable ACLs
Accounting Configuration
Console Session Accounting
Command Accounting
Troubleshooting the AAA Configuration
Summary
Check Your Understanding
Chapter 7 Configure Trust and Identity at Layer 2
Key Terms
Identity Based Networking Services (IBNS)
Features and Benefits
IEEE 802.1x
Selecting the Correct EAP
Cisco LEAP
IBNS and Cisco Secure ACS
ACS Deployment Considerations
Cisco Secure ACS RADIUS Profile Configuration
Configuring 802.1x Port-Based Authentication
Enabling 802.1x Authentication
Configuring the Switch-to-RADIUS Server Communication
Enabling Periodic Reauthentication
Manually Reauthenticating a Client Connected to a Port
Enabling Multiple Hosts
Resetting the 802.1x Configuration to the Default Values
Displaying 802.1x Statistics and Status
Summary
Check Your Understanding 3
Chapter 8 Configure Filtering on a Router
Key Terms
Filtering and Access Lists
Packet Filtering
Stateful Filtering
URL Filtering
Cisco IOS Firewall Context-Based Access Control
CBAC Packets
Cisco IOS ACLs
How CBAC Works
CBAC-Supported Protocols
Configuring Cisco IOS Firewall Context-Based Access Control
CBAC Configuration Tasks
Prepare for CBAC
Setting Audit Trails and Alerts
Setting Global Timeouts
Setting Global Thresholds
Half-Open Connection Limits by Host
System-Defined Port-to-Application Mapping
User-Defined PAM
Defining Inspection Rules for Applications
Defining Inspection Rules for IP Fragmentation
Defining Inspection Rules for ICMP
Applying Inspection Rules and ACLs to Interfaces
Testing and Verifying CBAC
Configuring a Cisco IOS Firewall Using SDM
Summary
Check Your Understanding
Chapter 9 Configure Filtering on a PIX Security Appliance
Key Terms
Configuring ACLs and Content Filters
PIX Security Appliance ACLs
Configuring ACLs
ACL Line Numbers
The icmp Command
nat 0 ACLs
Turbo ACLs
Using ACLs
Malicious Code Filtering
URL Filtering
Object Grouping
Getting Started with Object Groups
&n
商品描述(中文翻譯)
**描述**
這是完全修訂、更新且唯一授權的教科書,適用於思科網路學院計畫的網路安全 1 和 2 課程。
- 一本便攜式參考書,支持思科網路學院網路安全課程的主題,與課程模組一對一對應。
- 具備改善的可讀性、增強的主題解釋、實際案例以及全新的圖形呈現。
- 由領先的學院講師 Antoon Rufi 撰寫,為課程材料帶來新鮮的聲音。
《網路安全 1 和 2 伴隨指南》是思科網路學院計畫網路安全 1 和 2 課程第 2 版的官方補充教科書。這本教科書經過完全修訂和更新,包含新的範例和解釋,並包括作者開發的原創材料,完全符合網路安全課程大綱。由一位經驗豐富的作者撰寫,以全面的方式呈現材料——使用他自己的聲音和範例——這一新版增強了學生對課程材料的理解。新版本包含改進的功能,以幫助講師並增強學生的理解。例如,章節名稱和編號與課程模組對應,章節目標以問題形式陳述,以鼓勵學生在閱讀章節時思考並尋找答案。章末問題和摘要與章節目標對應,以強調關鍵主題,同時每章開頭列出關鍵術語,按出現順序提醒學生即將出現的詞彙。此外,新功能包括「如何做」的快速參考,提供逐步任務;實際案例和全新的插圖;簡明的解釋,重點在於詞彙使用和句子結構,以提高可讀性;以及與 CCNA 考試的關聯,包括章節目標、理解檢查問題和新的挑戰活動。
**目錄**
課程 1
第 1 章 漏洞、威脅與攻擊
- 關鍵術語
- 網路安全簡介
- 網路安全的必要性
- 識別潛在的網路安全風險
- 開放與封閉的安全模型
- 驅動網路安全的趨勢
- 資訊安全組織
- 漏洞、威脅與攻擊簡介
- 漏洞
- 威脅
- 攻擊
- 攻擊範例
- 偵查攻擊
- 存取攻擊
- 拒絕服務 (DoS) 攻擊
- 偽裝/IP 偽造攻擊
- 分散式拒絕服務攻擊
- 惡意程式碼
- 漏洞分析
- 政策識別
- 網路分析
- 主機分析
- 分析工具
- 總結
- 檢查你的理解
第 2 章 安全規劃與政策
- 關鍵術語
- 討論網路安全與思科
- 安全輪
- 網路安全政策
- 端點保護與管理
- 主機和伺服器安全組件與技術
- PC 管理
- 網路保護與管理
- 基於網路的安全組件與技術
- 網路安全管理
- 安全架構
- 安全架構 (SAFE)
