C

calculating hosts per subnet, 37-38 CAM tables, 29

CBAC (Content-Based Access Control), 345 audit trail messages, enabling, 451 configuring, 346-347 cd command (DOS), 284 cd command (UNIX), 284 CERT/CC (Computer Emergency Response Team

Coordination Center), 366 certification exam objectives, 4-7 preparing for, 3, 7-8 characteristics of RIP, 57-58 of RIPv1, 58 of RIPv2, 59 chargen attacks, 371 chkdsk command (DOS), 284 chmod command (UNIX), 289 CIDR (classless interdomain routing), 39 Cisco IDS (Intrusion Detection System), 373. See also NetRanger sensors, 373

Signature Engines, 373-374 supported products, 373

Cisco IOS

configuration files, saving, 158 firewall features, 344-345 intrusion prevention methods core dumps, 379-380 disabling default services, 378 disabling DHCP, 377 disabling TCP/UDP small servers, 376 enabling sequence numbering, 378 enabling TCP intercept, 379 Nagle algorithm, 375-376 modes of operation, 157 password recovery, 174-179 Cisco Product Security Incident Response Team website, 367 Cisco Secure, 297, 299 AAA features, 298 features, 297 test topics, 297 Cisco Secure Scanner, 302-304 Cisco Security Manager, 299 Cisco Security Wheel, 304 Cisco TFTP, 113 classes of IP addresses, 36 classful addressing, 40 classful routing protocols, 40 clock sources, NTP configuration, 128-131 Cluster-List attribute (BGP), 78

collisions, jam signals, 27 command structure, UNIX, 285-287 commands

I (pipe) modifier, 174 alias, 167

copy running-config startup-config, 158 copy tftp flash, 114 debug all, 171

attrib, 285

ip helper-address, 292 ipconfig, 295-296 route, 296 ip host, 110

ip http authentication, 119 ip route-cache, 168 ip subnet-zero, 38 logging console debug, 168 service password-encryption, 181 service tcp-keepalives-in, 376 set vlan, 30

shortcuts, creating, 167 show accounting, 211-212 show debugging, 163 show interface, 156 show interfaces, 163-165 show ip access-lists, 163 show ip arp, 46 show ip route, 55-56, 162-163 show logging, 166 show process, 153 show route-map, 166 show startup-config, 178 show version, 155-156, 166 SMTP, 127-128

snmp-server enable traps config, 124 snmp-server host, 124-126 undebug all, 163

UNIX, correlated DOS commands, 284-285 community access strings, configuring on Cisco routers, 121 Community attribute (BGP), 78 comparing preshared keys and manual keys, 255 RADIUS and TACACS+, 224-225 components of Security Wheel, 304

configuration files loading, 158 saving, 158 Configuration mode (IOS), 157 configuration registers, 154-156

modifying, 177 configuring BGP, 79 CBAC, 346-347 Dynamic NAT, 326 HSRP, 50-51 IKE, 252-259 Kerberos, 228-229 Nagle algorithm, 375 NTP time sources, 128-131 OSPF

in a single area, 66, 69 in multiple areas, 69-70 PIX, 332-337 RADIUS, 215-217 RIP, 59-61 SGBP, 85

SNMP support on Cisco routers, 124 TACACAS+, 220-223 VPDNs, 231-235 VPNs, 350-351 connectionless protocols, 23 connection-oriented protocols, 23 TCP, 40

header format, 41 packets, 41-42 Telnet requests, 42, 45 copy command (DOS), 284

copy running-config startup-config commands, 158

copy tftp flash command, 114

copying IOS images from TFTP servers, 114

core dumps, performing, 379-380

cp command (UNIX), 284

CPU, 152

attacks, 371 creating command shortcuts, 167 extended access lists, 187-189 standard access lists, 182-187 VLANs, 30 credentials, 227 crypto map entries, 253 cryptography key exchange management, 246

IKE, 247-259 PKI, 348

CSACS (Cisco Secure Access Control Server), 218 CSMA/CD (carrier sense multiple access collision detection), 27 CSPM (Cisco Secure Policy Manager), 299 cut through switching, 30

Was this article helpful?

0 0

Post a comment