CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide
- By Omar Santos
- Published Apr 14, 2020 by Cisco Press.
EPUB (Watermarked)
- Your Price: $66.99
- About Watermarked eBooks
This EPUB will be accessible from your Account page after purchase.
This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.
Also available in other formats.
Features
- Revised edition of the #1 selling CCNP and CCIE preparation self-study guide
- Book content is fully updated to align to the new CCNP and CCIE Security Core SCOR 350-701 exam objectives
- Book and online materials are packed with features to help candidates master difficult testing methods on actual exams
- Practice tests contain exam-realistic questions that closely mimic the difficulty of the actual exam
- In-depth expert explanations of all protocols, commands, and technologies on the CCNP and CCIE Security Core SCOR 350-701 exam
- Copyright 2020
- Pages: 700
- Edition: 1st
- EPUB (Watermarked)
- ISBN-10: 0-13-597192-6
- ISBN-13: 978-0-13-597192-5
Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.
- Master Cisco CCNP and CCIE Security Core SCOR 350-701 exam topics
- Assess your knowledge with chapter-opening quizzes
- Review key concepts with exam preparation tasks
This is the eBook edition of the CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide. This eBook does not include access to the companion website with practice exam that comes with the print edition.
CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide, focuses specifically on the objectives for the Cisco CCNP and CCIE Security SCOR exam. Best-selling author and leading security engineer Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
Well regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.
The official study guide helps you master all the topics on the CCNP and CCIE Security SCOR 350-701 exam, including:
- Cybersecurity fundamentals
- Cryptography
- Software-Defined Networking security and network programmability
- Authentication, Authorization, Accounting (AAA) and Identity Management
- Network visibility and segmentation
- Infrastructure security
- Cisco next-generation firewalls and intrusion prevention systems
- Virtual Private Networks (VPNs)
- Securing the cloud
- Content security
- Endpoint protection and detection
CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/web/learning/index.html
Table of Contents
Introduction xxv
Chapter 1 Cybersecurity Fundamentals 2
“Do I Know This Already?” Quiz 3
Foundation Topics 6
Introduction to Cybersecurity 6
Defining What Are Threats, Vulnerabilities, and Exploits 8
Common Software and Hardware Vulnerabilities 30
Confidentiality, Integrity, and Availability 40
Cloud Security Threats 47
IoT Security Threats 51
An Introduction to Digital Forensics and Incident Response 55
Summary 74
Exam Preparation Tasks 74
Review All Key Topics 74
Define Key Terms 76
Review Questions 76
Chapter 2 Cryptography 78
“Do I Know This Already?” Quiz 78
Foundation Topics 80
Introduction to Cryptography 80
Fundamentals of PKI 93
Exam Preparation Tasks 102
Review All Key Topics 102
Define Key Terms 103
Review Questions 103
Chapter 3 Software-Defined Networking Security and Network Programmability 106
“Do I Know This Already?” Quiz 106
Foundation Topics 108
Introduction to Software-Defined Networking 108
Introduction to Network Programmability 132
Exam Preparation Tasks 146
Review All Key Topics 146
Define Key Terms 147
Review Questions 147
Chapter 4 Authentication, Authorization, Accounting (AAA) and Identity Management 150
“Do I Know This Already?” Quiz 151
Foundation Topics 154
Introduction to Authentication, Authorization, and Accounting 154
Authentication 155
Authorization 167
Accounting 169
Infrastructure Access Controls 170
AAA Protocols 172
Cisco Identity Services Engine (ISE) 181
Configuring TACACS+ Access 196
Configuring RADIUS Authentication 202
Additional Cisco ISE Design Tips 211
Exam Preparation Tasks 214
Review All Key Topics 214
Define Key Terms 216
Review Questions 216
Chapter 5 Network Visibility and Segmentation 220
“Do I Know This Already?” Quiz 221
Foundation Topics 224
Introduction to Network Visibility 224
NetFlow 225
IP Flow Information Export (IPFIX) 237
NetFlow Deployment Scenarios 242
Cisco Stealthwatch 250
Cisco Cognitive Threat Analytics (CTA) and Encrypted Traffic Analytics (ETA) 262
NetFlow Collection Considerations and Best Practices 268
Configuring NetFlow in Cisco IOS and Cisco IOS-XE 269
Configuring NetFlow in NX-OS 283
Introduction to Network Segmentation 285
Micro-Segmentation with Cisco ACI 289
Segmentation with Cisco ISE 290
Exam Preparation Tasks 301
Review All Key Topics 301
Define Key Terms 302
Review Questions 302
Chapter 6 Infrastructure Security 306
“Do I Know This Already?” Quiz 307
Foundation Topics 310
Securing Layer 2 Technologies 310
Common Layer 2 Threats and How to Mitigate Them 322
Network Foundation Protection 332
Understanding and Securing the Management Plane 334
Understanding the Control Plane 336
Understanding and Securing the Data Plane 337
Securing Management Traffic 338
Implementing Logging Features 362
Configuring NTP 363
Securing the Network Infrastructure Device Image and Configuration Files 364
Securing the Data Plane in IPv6 365
Securing Routing Protocols and the Control Plane 379
Exam Preparation Tasks 387
Review All Key Topics 387
Define Key Terms 389
Review Questions 389
Chapter 7 Cisco Next-Generation Firewalls and Cisco Next-Generation Intrusion Prevention Systems 392
“Do I Know This Already?” Quiz 392
Foundation Topics 395
Introduction to Cisco Next-Generation Firewalls (NGFW) and
Comparing Network Security Solutions That Provide Firewall Capabilities 411
Deployment Modes of Network Security Solutions and Architectures That
High Availability and Clustering 423
Implementing Access Control 427
Cisco Firepower Intrusion Policies 446
Variables 449
Platform Settings Policy 450
Cisco NGIPS Preprocessors 450
Cisco Advanced Malware Protection (AMP) 452
Security Intelligence, Security Updates, and Keeping Firepower Software Up to Date 457
Exam Preparation Tasks 458
Review All Key Topics 458
Define Key Terms 460
Review Questions 460
Chapter 8 Virtual Private Networks (VPNs) 464
“Do I Know This Already?” Quiz 464
Foundation Topics 467
Virtual Private Network (VPN) Fundamentals 467
Deploying and Configuring Site-to-Site VPNs in Cisco Routers 479
Configuring Site-to-Site VPNs in Cisco ASA Firewalls 502
Configuring Remote Access VPNs in the Cisco ASA 511
Configuring Clientless Remote Access SSL VPNs in the Cisco ASA 514
Configuring Client-Based Remote-Access SSL VPNs in the Cisco ASA 525
Configuring Remote Access VPNs in FTD 530
Configuring Site-to-Site VPNs in FTD 541
Exam Preparation Tasks 543
Review All Key Topics 543
Define Key Terms 544
Review Questions 544
Chapter 9 Securing the Cloud 548
“Do I Know This Already?” Quiz 549
Foundation Topics 551
What Is Cloud and What Are the Cloud Service Models? 551
DevOps, Continuous Integration (CI), Continuous Delivery (CD), and
Describing the Customer vs. Provider Security Responsibility for the Different Cloud Service Models 573
Cisco Umbrella 577
Cisco Email Security in the Cloud 582
Cisco Cloudlock 584
Stealthwatch Cloud 590
AppDynamics Cloud Monitoring 590
Cisco Tetration 593
Exam Preparation Tasks 596
Review All Key Topics 596
Define Key Terms 597
Review Questions 598
Chapter 10 Content Security 600
“Do I Know This Already?” Quiz 600
Foundation Topics 603
Content Security Fundamentals 603
Cisco WSA 604
Cisco ESA 619
Cisco Content Security Management Appliance (SMA) 624
Exam Preparation Tasks 629
Review All Key Topics 629
Define Key Terms 630
Review Questions 630
Chapter 11 Endpoint Protection and Detection 634
“Do I Know This Already?” Quiz 634
Foundation Topics 636
Introduction to Endpoint Protection and Detection 636
Cisco AMP for Endpoints 638
Cisco Threat Response 654
Exam Preparation Tasks 655
Review All Key Topics 655
Define Key Terms 655
Review Questions 656
Chapter 12 Final Preparation 658
Hands-on Activities 658
Suggested Plan for Final Review and Study 658
Summary 659
Glossary of Key Terms 660
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 678
Appendix B CCNP Security Core SCOR (350-701) Exam Updates 686Online Element
Appendix C Study Planner
9780135971970, TOC, 3/18/2020
Other Things You Might Like
- Securing Enterprise Networks with Cisco Meraki
- eBook $55.99
- Securing Enterprise Networks with Cisco Meraki
- Book $55.99