P

packet filtering, 321 CBAC, 345

configuring, 346-347 extended access lists, 187-189

options, 188-189 standard access lists, 182-187 packets

AH, 245-246 Hello

debugging, 171-172 rerouting, 369 TCP, 41-42 partitioning System Flash, 151 Passive FTP, 117-118 passwd file (UNIX), 290 password recovery, 174, 176-179 passwords authentication, 210

method lists, 217 enable passwords, setting, 180

encrypting, 181

virtual terminal passwords, setting, 182 PAT (Port Address Translation), 324 path vector protocols, BGP, 76 attributes, 77-78 configuring, 79 messages, 76 PDM (PIX Device Manager), 299 peer-to-peer communication, 26 performing core dumps, 379-380 perimeter routers, 321

permissions

UNIX, 288-289 Windows NT, 293-294 PFS (perfect forward secrecy), 249 physical layer (OSI model), 21 ping command, 285 ping of death attack, 371 ping requests, test characters, 52-53 PIX (Private Internet Exchange), 328 commands, 339-341 configuring, 332-337 DMZs, 330

software features, 342-344 stateful packet screening, 330-331 static routing, 337-338 PKI (Public Key Infrastructure), 348 Poison Reverse updates, 59 policy routes, displaying, 166 portfast, enabling, 31 PPP (Point-to-Point Protocol), 81 preparing for exam, 3, 7-8, 573-575 FAQs, 576 objectives, 4-7

sample lab, 583-584, 586-597 presentation layer (OSI model), 24 preshared keys versus manual keys, 255, 453

preventing Cisco IOS from attacks disabling default services, 378 disabling DHCP, 377 disabling TCP/UDP small servers, 376 enabling sequence numbering, 378 enabling TCP intercept, 379 Nagle algorithm, 375-376 performing core dumps, 379-380 PRI (Primary Rate Interface), 80 primary domain controllers, 290 principal (Kerberos), 228 privilege levels, authorization, 210-211 Privileged EXEC mode (IOS), 158 proxy servers, 321

0 0

Post a comment