Do I Know This Already Quiz

The purpose of the Do I Know This Already quiz is to help you decide if you really need to read the entire chapter. If you already intend to read the entire chapter, you do not necessarily need to answer these questions now. The 10-question quiz, derived from the major sections in Foundation Topics portion of the chapter, helps you determine how to spend your limited study time. Table 8-1 outlines the major topics discussed in this chapter and the Do I Know This Already quiz questions that...

All About the Cisco Certified Security Professional Certification

The Cisco Certified Security Professional (CCSP) certification is the newest midlevel certification from Cisco Systems. This certification is on a par with CCNP and CCDP. The aim of this certification is to provide professional-level recognition to network engineers in the design and implementation of Cisco secure networks. This certification provides validation of knowledge and skills in key areas of security, including firewalls, intrusion detection, VPNs, identity, and security management....

Design Guidelines for the Corporate Internet Module

The small network model represents a scaled-down security-centric network design with all the security and VPN functionality that is found within a single device. As described earlier and shown in Figure 13-2, two options are available within this design model The first option uses a Cisco IOS router with firewall and VPN functionality. This option provides the greatest flexibility within the small network design because the router is capable of supporting not only the firewall and VPN...

Key Corporate Internet Module Devices

There are several key devices in the Corporate Internet module that are common between the medium-sized network design and the small network design. The key devices in both the small and medium-sized network designs are summarized in Table 4-3. This table also indicates in which network these devices can be found. Table 4-3 Key Devices in Corporate Internet Module Table 4-3 Key Devices in Corporate Internet Module DNS Server Provides authoritative external DNS resolution relays internal...

CatOS Switches

The generic security configuration used within Cisco CatOS switches is described in the following steps Step 1 Shut down all unneeded services by issuing the following commands set ip http server disable set cdp disable Step 2 Set passwords and access restrictions. Enable AAA. To set passwords, use the following Set access restrictions with the following commands set ip permit enable telnet set ip permit management-host-address 255.255.255.255 telnet set tacacs server tacacs-server-address set...