C

calculating hosts per subnet, 30-31 CAM tables, 22

overflow, 199-200 overflow attacks, 201-202 Catalyst 6500 Series Switch, IDSM-2, 312 CBAC (Content-Based Access Control), 378

audit trail messages, enabling, 505 configuring, 380-382 CEP (Certificate Enrollment Protocol), 272 CERT/CC (Computer Emergency Response

Team Coordination Center), 413-414 certification exam, objectives, 627 characteristics of RIP, 52 of RIPv1, 52 of RIPv2, 53

chargen attacks, 420

CIDR (classless inter-domain routing), 32 Cisco 7200 routers, switching methods website, 176 Cisco IDS, 422

RDEP, 138-139 sensors, 423

Signature Engines, 423-424 supported products, 422

Cisco IOS, 165

firewall features, 377-379 intrusion prevention methods core dumps, 430 disabling default services, 429 disabling DHCP, 427 disabling TCP/UDP small servers, 427 enabling sequence numbering, 428 enabling TCP intercept, 429 Nagle algorithm, 425-426 modes of operation, 164 password recovery, 182-187 Cisco IOS SSH, 135-138 Cisco Product Security Incident Response

Team, web site, 414 Cisco SDM (Security Device Manager), 328 Cisco Secure, 301

AAA features, 302 features, 301 test topics, 301 Cisco Secure IDS, 309 sensors, 309-310 Cisco Secure VPN Client, 326-328 Cisco TFTP, 114

Cisco VPN 3000 Series Concentrators,

314-316, 319-325 classful addressing, 33 classful routing protocols, 33 clear conduit command, 372 clock sources, 131-132

NTP configuration, 130-131 Cluster-List attribute (BGP), 73 collisions, jam signals, 20 commands

alias, 175

clear conduit, 372

conduit, options, 372

copy running-config startup-config, 165

copy tftp flash, 115

debug all, 179

global, options, 368

HSRP, 43

ip http authentication, 120 ip route-cache, 176 ip subnet-zero, 32 ip verify unicast reverse-path, 430 logging console debug, 175

service password-encryption, 189 service tcp-keepalives-in, 426 set vlan, 24

shortcuts, creating, 175 show accounting, 231-232 show debugging, 170 show interface, 163 show interfaces, 171-172 show ip access-lists, 170 show ip arp, 39

show ip route, 48-50, 169-170 show logging, 173 show process, 158-159 show route-map, 174 show startup-config, 185 show version, 162-163, 174 SMTP, 129

snmp-server enable traps config, 126 snmp-server host, 126-127 static, 371 undebug all, 171 write terminal, 157 community access strings, 122 Community attribute (BGP), 73 comparing

HIDS and NIDs, 305 preshared keys and manual keys, 268 RADIUS and TACACS+, 245-246 conduit command, options, 372 configuration files loading, 165 saving, 165 Configuration mode (IOS), 164 configuration registers, 160-161

modifying, 184 configuring, 54-56, 130-131 CBAC, 380-382 HSRP, 44 IPSec, 264-272 Nagle algorithm, 426 RADIUS, 236-238 SGBP, 81

SNMP support on Cisco routers, 125 SSH on Cisco IOS routers, 136-138 TACACAS+, 241-244 VPDNs, 278-281 VPNs, 385

connectionless protocols, 16

connection-oriented protocols, 16

TCP, 34

header format, 34 packets, 34-35 Telnet requests, 36-37 copy running-config startup-config commands, 165 copy tftp flash command, 115 copying IOS images from TFTP servers, 115 core dumps, performing, 430 CPU, 158-159 CPU-intensive attacks, 420 creating command shortcuts, 175 extended access lists, 196-198 standard access lists, 190-195 VLANs, 23 crypto map entries, 266 cryptography key exchange management, 264-272 PKI, 382-383 CSA (Cisco Security Agent), 422, 387 versus pattern-matching, 388

CSACS (Cisco Secure Access Control

Server), 239 CSMA/CD, 20

CSS (calling search spaces), 83 CTA (Cisco Trust Agent), 391 CTR (Cisco Threat Response), 391

IDS requirements, 392 IOS Authentication 802.1X, 392-393 cut through switching, 23

Was this article helpful?

0 0

Post a comment