larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

Network Security 1 and 2 Companion Guide (Cisco Networking Academy)

Book

  • Sorry, this book is no longer in print.
Not for Sale

Register your book and receive free supplemental content. Log in and enter the book's ISBN, then a link to the content will be listed on your Account page, under Registered Products.

  • About
  • Description
  • Sample Content
  • Updates

Features

The completely revised, updated and only authorized textbook for the Cisco Networking Academy Program Network Security 1 and 2 course

  • A portable reference that supports the topics in the Cisco Networking Academy Network Security course aligning 1:1 with course modules
  • Features improved readability, enhanced topic explanations, real-world examples, and all-new graphical presentations
  • Written by leading Academy instructor, Antoon Rufi, who bring a fresh voice to the course material

  • Copyright 2007
  • Edition: 1st
  • Book
  • ISBN-10: 1-58713-162-5
  • ISBN-13: 978-1-58713-162-2

The only authorized Companion Guide for the Cisco Networking Academy Program

The Network Security 1 and 2 Companion Guide is designed as a portable desk reference to be used with version 2.0 of the Cisco® Networking Academy® Program curriculum. The author reinforces the material in the two courses to help you to focus on important concepts and to organize your study time for exams. This book covers the overall security process based on security policy design and management, with an emphasis on security technologies, products, and solutions. The book also focuses on security appliance and secure router design, installation, configuration, and maintenance.

The first section of this book covers authentication, authorization, and accounting (AAA) implementation using routers and security appliances and securing the network at both Layer 2 and Layer 3 of the OSI reference model. The second section of this book covers intrusion prevention system (IPS) implementation using routers and security appliances and virtual private network (VPN) implementation using routers and security appliances.

New and improved features help you study and succeed in this course:

  • Chapter objectives—Review core concepts by answering the questions at the beginning of each chapter.
  • Key terms—Note the networking vocabulary to be introduced and refer to the highlighted terms in context in that chapter.
  • Scenarios and setup sequences—Visualize real-life situations with details about the problem and the solution.
  • Chapter Summaries—Review a synopsis of the chapter as a study aid.
  • Glossary—Consult the all-new glossary with more than 85 terms.
  • Check Your Understanding questions and answer key—Evaluate your readiness to move to the next chapter with the updated end-of-chapter questions. The answer appendix explains each answer.
  • Lab References—Stop when you see this icon and perform the related labs in the online curriculum.

Companion CD-ROM

The CD-ROM includes:

  • Interactive Media Elements—More than 95 activities that visually demonstrate some of the topics in the course
  • Additional Resources—Command reference and materials to enhance your experience with the curriculum

Downloadable Sample Chapter

Download - 1.27 MB -- Chapter 1: Vulnerabilities, Threats, and Attacks

Table of Contents

Course 1

Chapter 1          Vulnerabilities, Threats, and Attacks  

            Key Terms  

            Introduction to Network Security  

                         The Need for Network Security  

                         Identifying Potential Risks to Network Security  

                         Open Versus Closed Security Models  

                         Trends Driving Network Security  

                         Information Security Organizations  

            Introduction to Vulnerabilities, Threats, and Attacks  

                         Vulnerabilities  

                         Threats  

                         Attacks  

            Attack Examples  

                         Reconnaissance Attacks  

                         Access Attacks  

                         Denial-of-Service (DoS) Attacks  

                         Masquerade/IP Spoofing Attacks  

                         Distributed Denial-of-Service Attacks  

                         Malicious Code  

            Vulnerability Analysis  

                         Policy Identification  

                         Network Analysis  

                         Host Analysis  

                         Analysis Tools  

            Summary  

            Check Your Understanding  

Chapter 2          Security Planning and Policy  

            Key Terms  

            Discussing Network Security and Cisco  

                         The Security Wheel  

                         Network Security Policy  

            Endpoint Protection and Management  

                         Host- and Server-Based Security Components and Technologies  

                         PC Management  

            Network Protection and Management   

                         Network-Based Security Components and Technologies  

                         Network Security Management  

            Security Architecture  

                         Security Architecture (SAFE)  

                         The Cisco Self-Defending Network  

                         Secure Connectivity  

                         Threat Defense  

                         Cisco Integrated Security  

                         Plan, Design, Implement, Operate, Optimize (PDIOO)  

            Basic Router Security  

                         Control Access to Network Devices  

                         Remote Configuration Using SSH  

                         Router Passwords  

                         Router Privileges and Accounts  

                         Cisco IOS Network Services  

                         Routing, Proxy ARP, and ICMP  

                         Routing Protocol Authentication and Update Filtering  

                         NTP, SNMP, Router Name, DNS   

            Summary  

            Check Your Understanding  

Chapter 3          Security Devices  

            Device Options  

                         Cisco IOS Firewall Feature Set  

                         Creating a Customized Firewall  

                         PIX Security Appliance  

                         Adaptive Security Appliance  

                         Finesse Operating System  

                         The Adaptive Security Algorithm  

                         Firewall Services Module  

            Using Security Device Manager  

                         Using the SDM Startup Wizard  

                         SDM User Interface  

                         SDM Wizards  

                         Using SDM to Configure a WAN  

                         Using the Factory Reset Wizard  

                         Monitor Mode  

            Introduction to the Cisco Security Appliance Family  

                         PIX 501 Security Appliance  

                         PIX 506E Security Appliance  

                         PIX 515E Security Appliance  

                         PIX 525 Security Appliance  

                         PIX 535 Security Appliance  

                         Adaptive Security Appliance Models  

                         PIX Security Appliance Licensing  

                         PIX VPN Encryption License  

                         Security Contexts   

                         PIX Security Appliance Context Licensing   

                         ASA Security Appliance Licensing   

                         Expanding the Features of the PIX 515E  

                         Expanding the Features of the PIX 525   

                         Expanding the Features of the PIX 535  

                         Expanding the Features of the Adaptive Security Appliance Family  

            Getting Started with the PIX Security Appliance  

                         Configuring the PIX Security Appliance  

                         The help Command  

                         Security Levels  

                         Basic PIX Security Appliance Configuration Commands  

                         Additional PIX Security Appliance Configuration Commands  

                         Examining the PIX Security Appliance Status  

                         Time Setting and NTP Support  

                         Syslog Configuration  

            Security Appliance Translations and Connections  

                         Transport Protocols  

                         NAT  

                         Dynamic Inside NAT  

                         Two Interfaces with NAT  

                         Three Interfaces with NAT  

                         PAT   

                         Augmenting a Global Pool with PAT  

                         The static Command  

                         The nat 0 Command  

                         Connections and Translations  

            Manage a PIX Security Appliance with Adaptive Security Device Manager  

                         ASDM Operating Requirements  

                         Prepare for ASDM  

                         Using ASDM to Configure the PIX Security Appliance  

            PIX Security Appliance Routing Capabilities  

                         Virtual LANs  

                         Static and RIP Routing   

                         OSPF  

                         Multicast Routing  

            Firewall Services Module Operation  

                         FWSM Requirements  

                         Getting Started with the FWSM  

                         Verify FWSM Installation  

                         Configure the FWSM Access Lists  

                         Using PDM with the FWSM  

                         Resetting and Rebooting the FWSM  

            Summary  

            Check Your Understanding  

Chapter 4          Trust and Identity Technology  

            Key Terms  

            AAA  

                         TACACS  

                         RADIUS   

                         Comparing TACACS+ and RADIUS  

            Authentication Technologies  

                         Static Passwords  

                         One-Time Passwords   

                         Token Cards  

                         Token Card and Server Methods  

                         Digital Certificates  

                         Biometrics   

            Identity Based Networking Services (IBNS)  

                         802.1x  

            Wired and Wireless Implementations  

            Network Admission Control (NAC)  

                         NAC Components  

                         NAC Phases  

                         NAC Operation  

                         NAC Vendor Participation  

            Summary  

            Check Your Understanding  

Chapter 5          Cisco Secure Access Control Server  

            Key Terms  

            Cisco Secure Access Control Server Product Overview  

                         Authentication and User Databases  

                         The Cisco Secure ACS User Database  

                         Keeping Databases Current  

                         Cisco Secure ACS for Windows Architecture  

                         How Cisco Secure ACS Authenticates Users  

                         User-Changeable Passwords  

                Configuring RADIUS and TACACS+ with Cisco Secure ACS  

                         Installation Steps  

                         Administering Cisco Secure ACS for Windows  

                         Troubleshooting  

            Enabling TACACS+  

            Verifying TACACS+  

                         Failure   

                         Pass   

            Configuring RADIUS  

            Summary  

            Check Your Understanding  

Chapter 6          Configure Trust and Identity at Layer 3  

            Key Terms  

            Cisco IOS Firewall Authentication Proxy  

                         Authentication Proxy Operation  

                         Supported AAA Servers    

                         AAA Server Configuration   

                         AAA Configuration  

                         Allow AAA Traffic to the Router  

                         Authentication Proxy Configuration  

                         Test and Verify Authentication Proxy  

            Introduction to PIX Security Appliance AAA Features  

                         PIX Security Appliance Authentication  

                         PIX Security Appliance Authorization  

                         PIX Security Appliance Accounting  

                         AAA Server Support  

            Configure AAA on the PIX Security Appliance   

                         PIX Security Appliance Access Authentication  

                         Interactive User Authentication  

                         The Local User Database  

                         Authentication Prompts and Timeout  

                         Cut-Through Proxy Authentication  

                         Authentication of Non-Telnet, -FTP, or -HTTP Traffic  

                         Tunnel User Authentication  

                         Authorization Configuration  

                         Downloadable ACLs  

                         Accounting Configuration  

                         Console Session Accounting   

                         Command Accounting   

                         Troubleshooting the AAA Configuration  

            Summary  

            Check Your Understanding  

Chapter 7          Configure Trust and Identity at Layer 2  

            Key Terms  

            Identity Based Networking Services (IBNS)  

                         Features and Benefits  

                         IEEE 802.1x  

                         Selecting the Correct EAP  

                         Cisco LEAP   

                         IBNS and Cisco Secure ACS  

                         ACS Deployment Considerations  

                         Cisco Secure ACS RADIUS Profile Configuration  

            Configuring 802.1x Port-Based Authentication  

                         Enabling 802.1x Authentication  

                         Configuring the Switch-to-RADIUS Server Communication  

                         Enabling Periodic Reauthentication  

                         Manually Reauthenticating a Client Connected to a Port  

                         Enabling Multiple Hosts  

                         Resetting the 802.1x Configuration to the Default Values  

                         Displaying 802.1x Statistics and Status  

            Summary  

            Check Your Understanding  3

Chapter 8          Configure Filtering on a Router  

            Key Terms  

            Filtering and Access Lists  

                         Packet Filtering  

                         Stateful Filtering  

                         URL Filtering  

            Cisco IOS Firewall Context-Based Access Control  

                         CBAC Packets  

                         Cisco IOS ACLs  

                         How CBAC Works  

                         CBAC-Supported Protocols  

            Configuring Cisco IOS Firewall Context-Based Access Control  

                         CBAC Configuration Tasks  

                         Prepare for CBAC  

                         Setting Audit Trails and Alerts  

                         Setting Global Timeouts  

                         Setting Global Thresholds  

                         Half-Open Connection Limits by Host  

                         System-Defined Port-to-Application Mapping  

                         User-Defined PAM  

                         Defining Inspection Rules for Applications  

                         Defining Inspection Rules for IP Fragmentation  

                         Defining Inspection Rules for ICMP  

                         Applying Inspection Rules and ACLs to Interfaces  

                         Testing and Verifying CBAC  

                         Configuring a Cisco IOS Firewall Using SDM  

            Summary  

            Check Your Understanding  

Chapter 9          Configure Filtering on a PIX Security Appliance  

            Key Terms  

            Configuring ACLs and Content Filters  

                         PIX Security Appliance ACLs  

                         Configuring ACLs  

                         ACL Line Numbers  

                         The icmp Command  

                         nat 0 ACLs  

                         Turbo ACLs  

                         Using ACLs  

                         Malicious Code Filtering   

                         URL Filtering  

            Object Grouping  

                         Getting Started with Object Groups  

                         Configuring Object Groups  

                         Nested Object Groups  

                         Managing Object Groups  

            Configure a Security Appliance Modular Policy  

                         Configuring a Class Map  

                         Configure a Policy Map  

                         Configuring a Service Policy  

            Configuring Advanced Protocol Inspection  

                         Default Traffic Inspection and Port Numbers  

                         FTP Inspection  

                         FTP Deep Packet Inspection  

                         HTTP Inspection  

                         Protocol Application Inspection  

                         Multimedia Support  

                         Real-Time Streaming Protocol (RTSP)  

                         Protocols Required to Support IP Telephony  

                         DNS Inspection  

            Summary  

            Check Your Understanding  

Chapter 10        Configure Filtering on a Switch  

            Key Terms  

            Introduction to Layer 2 Attacks  

            MAC Address, ARP, and DHCP Vulnerabilities  

                         Mitigating CAM Table Overflow Attacks  

                         MAC Spoofing: Man-in-the-Middle Attacks  

                         ARP Spoofing  

                         DHCP Snooping   

                         Dynamic ARP Inspection   

                         DHCP Starvation Attacks  

            VLAN Vulnerabilities  

                         VLAN Hopping Attacks  

                         Private VLAN Vulnerabilities  

                         Defending Private VLANs  

            Spanning Tree Protocol Vulnerabilities  

                         Preventing Spanning Tree Protocol Manipulation  

            Summary  

            Check Your Understanding  

Cours

Chapter 1          Intrusion Detection and Prevention Technology  

            Key Terms  

            Introduction to Intrusion Detection and Prevention  

                         Network Based Versus Host Based  

                         Types of Alarms  

            Inspection Engines  

                         Signature-Based Detection  

                         Types of Signatures  

                         Anomaly-Based Detection  

            Cisco IDS and IPS Devices  

                         Cisco Integrated Solutions  

                         Cisco IPS 4200 Series Sensors  

            Summary  

            Check Your Understanding  

Chapter 2          Configure Network Intrusion Detection and Prevention  

            Key Terms  

            Cisco IOS Intrusion Prevention System (IPS)  

                         Origin of Cisco IOS IPS   

                         Router Performance   

                         Cisco IOS IPS Signatures  

                         Cisco IOS IPS Configuration Tasks  

            Configure Attack Guards on the PIX Security Appliance  

                         Mail Guard  

                         DNS Guard  

                         FragGuard and Virtual Reassembly  

                         AAA Flood Guard  

                         SYN Flood Guard  

                         TCP Intercept   

                         SYN Cookies   

                         Connection Limits   

            Configuring Intrusion Prevention on the PIX Security Appliance  

                         Intrusion Detection and the PIX Security Appliance  

                         Configuring Intrusion Detection  

                         Configuring IDS Policies  

            Configure Shunning on the PIX Security Appliance  

            Summary  

            Check Your Understanding  

Chapter 3          Encryption and VPN Technology  

            Key Terms  

            Encryption Basics  

                         Symmetrical Encryption  

                         Asymmetrical Encryption  

                         Diffie-Hellman  

            Integrity Basics  

                         Hashing  

                         Hashed Method Authentication Code (HMAC)  

                         Digital Signatures and Certificates  

            Implementing Digital Certificates  

                         Certificate Authority Support  

                         Simple Certificate Enrollment Protocol (SCEP)  

                         CA Servers  

                         Enroll a Device with a CA  

            VPN Topologies  

                         Site-to-Site VPNs  

                         Remote-Access VPNs  

            VPN Technologies  

                         WebVPN  

                         Tunneling Protocols  

                         Tunnel Interfaces  

            IPsec  

                         Authentication Header (AH)  

                         Encapsulating Security Payload (ESP)  

                         Tunnel and Transport Modes  

                         Security Associations  

                         Five Steps of IPsec  

                         Internet Key Exchange (IKE)  

                         IKE and IPsec  

                         Cisco VPN Solutions  

            Summary  

            Check Your Understanding  

Chapter 4          Configure Site-to-Site VPN Using Pre-Shared Keys  

            Key Terms  

                         IPsec Encryption with Pre-Shared Keys  

                         Planning the IKE and IPsec Policy  

                         Step 1: Determine ISAKMP (IKE Phase 1) Policy  

                         Step 2: Determine IPsec (IKE Phase 2) Policy  

                         Step 3: Check the Current Configuration  

                         Step 4: Ensure the Network Works Without Encryption  

                         Step 5: Ensure ACLs Are Compatible with IPsec  

            Configure a Router for IKE Using Pre-Shared Keys  

                         Step 1: Enable or Disable IKE  

                         Step 2: Create IKE Policies  

                         Step 3: Configure Pre-Shared Keys  

                         Step 4: Verify the IKE Configuration  

            Configure a Router with IPsec Using Pre-Shared Keys  

                         Step 1: Configure Transform Set Suites  

                         Step 2: Determine the IPsec (IKE Phase 2) Policy  

                         Step 3: Create Crypto ACLs  

                         Step 4: Create Crypto Maps  

                         Step 5: Apply Crypto Maps to Interfaces  

            Test and Verify the IPsec Configuration of the Router  

                         Display the Configured ISAKMP Policies  

                         Display the Configured Transform Sets  

                         Display the Current State of IPsec SAs  

                         Display the Configured Crypto Maps  

                         Enable debug Output for IPsec Events  

                         Enable debug Output for ISAKMP Events  

                         Configure a VPN Using SDM  

            Configure a PIX Security Appliance Site-to-Site VPN Using Pre-Shared Keys  

                         Task 1: Prepare to Configure VPN Support  

                         Task 2: Configure IKE parameters  

                         Task 3: Configure IPsec Parameters  

                         Task 4: Test and Verify the IPsec Configuration  

            Summary  

            Check Your Understanding  

Chapter 5          Configure Site-to-Site VPN Using Digital Certificates  

            Key Terms  

            Configure CA Support on a Cisco Router  

                         Step 1: Manage the NVRAM  

                         Step 2: Set the Router Time and Date  

                         Step 3: Add a CA Server Entry to the Router Host Table  

                         Step 4: Generate an RSA Key Pair  

                         Step 5: Declare a CA  

                         Step 6: Authenticate the CA  

                         Step 7: Request a Certificate for the Router  

                         Step 8: Save the Configuration  

                         Step 9: Monitor and Maintain CA Interoperability  

                         Step 10: Verify the CA Support Configuration  

            Configure a Cisco IOS Router Site-to-Site VPN Using Digital Certificates  

                         Task 1: Prepare for IKE and IPsec  

                         Task 2: Configure CA Support  

                         Task 3: Configure IKE  

                         Task 4: Configure IPsec  

                         Task 5: Test and Verify IPsec  

                                    Configure a PIX Security Appliance Site-to-Site VPN Using Digital Certificates  

                         Enroll the PIX Security Appliance with a CA  

            Summary   

            Check Your Understanding  

Chapter 6          Configure Remote Access VPN  

            Key Terms  

            Introduction to Cisco Easy VPN  

                         Overview of the Easy VPN Server  

                         Overview of Cisco Easy VPN Remote  

                         How Cisco Easy VPN Works  

            Cisco Easy VPN Server Configuration Tasks  

                         Task 1: Create an IP Address Pool  

                         Task 2: Configure Group Policy Lookup  

                         Task 3: Create ISAKMP Policy for Remote VPN Access  

                         Task 4: Define a Group Policy for a Mode Configuration Push  

                         Task 5: Create a Transform Set  

                         Task 6: Create a Dynamic Crypto Map with RRI  

                         Task 7: Apply Mode Configuration to the Dynamic Crypto Map  

                         Task 8: Apply a Dynamic Crypto Map to the Router Interface  

                         Task 9: Enable IKE Dead Peer Detection  

                         Task 10: (Optional) Configure XAUTH  

                         Task 11: (Optional) Enable the XAUTH Save Password Feature  

            Cisco Easy VPN Client 4.x Configuration Tasks  

                         Task 1: Install the Cisco VPN Client 4.x on the Remote PC  

                         Task 2: Create a New Client Connection Entry  

                         Task 3: Choose an Authentication Method  

                         Task 4: Configure Transparent Tunneling  

                         Task 5: Enable and Add Backup Servers  

                         Task 6: Configure Connection to the Internet Through Dialup Networking  

            Configure Cisco Easy VPN Remote for Access Routers  

                         Easy VPN Remote Modes of Operation  

    Configuration Tasks for Cisco Easy VPN Remote for Access Routers  

    Configure the PIX Security Appliance as an Easy VPN Server

                         Task 1: Create an ISAKMP Policy for Remote VPN Client Access  

                         Task 2: Create an IP Address Pool  

                         Task 3: Define a Group Policy for Mode Configuration Push  

                         Task 4: Create a Transform Set  

                         Tasks 5 Through 7: Dynamic Crypto Map  

                         Task 8: Configure XAUTH  

                         Task 9: Configure NAT and NAT 0  

                         Task 10: Enable IKE DPD  

            Configure a PIX 501 or 506E as an Easy VPN Client  

                         PIX Security Appliance Easy VPN Remote Feature Overview  

                         Easy VPN Remote Configuration  

                         Easy VPN Client Device Mode and Enabling Easy VPN Remote Clients  

                         Easy VPN Remote Authentication  

            Configure the Adaptive Security Appliance to Support WebVPN  

                         WebVPN End-User Interface  

                         Configure WebVPN General Parameters  

                         Configure WebVPN Servers and URLs  

                         Configure WebVPN Port Forwarding  

                         Configure WebVPN E-Mail Proxy  

                         Configure WebVPN Content Filters and ACLs  

            Summary  

            Check Your Understanding  

Chapter 7          Secure Network Architecture and Management  

Key Terms  

            Factors Affecting Layer 2 Mitigation Techniques  

                         Single Security Zone, One User Group, and One Physical Switch  

                         Single Security Zone, One User Group, and Multiple Physical Switches

                         Single Security Zone, Multiple User Groups, and One Physical Swithc

                         Single Security Zone, Multiple User Groups, Multiple Physical Switches

                         Multiple Security Zones, One User Group, and One Physical Switch

                         Multiple Security Zones, One User Group, Multiple Physical Switches

                         Multiple Security Zones, Multiple User Groups, Single Physical Switch

                         Multiple Security Zones, Multiple User Groups, Multiple Physical Switches  

                         Layer 2 Security Best Practices   

            SDM Security Audit  

            Router Management Center (MC)  

                         Hub-and-Spoke Topology   

                         VPN Settings and Policies   

                         Device Hierarchy and Inheritance   

                         Activities   

                         Jobs   

                         Building Blocks   

                         Supported Tunneling Technologies  

                         Router MC Installation  

                         Getting Started with the Router MC    

                         Router MC interface  

                         Router MC Tabs  

                         Basic Workflow and Tasks  

            Simple Network Management Protocol (SNMP)  

                         SNMP Introduction  

                         SNMP Security  

                         SNMP Version 3 (SNMPv3)  

                         SNMP Management Applications  

                         Configure SNMP Support on a Cisco IOS Router  

                         Configure SNMP Support on a PIX Security Appliance  

            Summary  

            Check Your Understanding  

Chapter 8                PIX Security Appliance Contexts, Failover, and Management  

            Key Terms  

                         Configure a PIX Security Appliance to Perform in Multiple Context Mode  

                         Enabling Multiple Context Mode  

                         Configuring a Security Context  

                         Managing Security Contexts  

            Configure PIX Security Appliance Failover  

                         Understanding Failover  

                         Failover Requirements  

                         Serial Cable-Based Failover Configuration  

                         Active/Standby LAN-Based Failover Configuration  

                         Active/Active Failover  

            Configure Transparent Firewall Mode  

                         Transparent Firewall Mode Overview  

                         Enable Transparent Firewall Mode  

                         Monitor and Maintain a Transparent Firewall  

            PIX Security Appliance Management  

                         Managing Telnet Access  

                         Managing SSH Access  

                         Command Authorization  

                         PIX Security Appliance Password Recovery  

                         Adaptive Security Appliance Password Recovery  

                         File Management  

                         Image Upgrade and Activation Keys  

            Summary  

            Check Your Understanding  

Appendix A       Check Your Understanding Answer Key  

Glossary          

Index

Download - 154 KB -- Index

Errata

Errata -- 33 KB

Chapter 8 is available for download with corrected figures.

Submit Errata

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.

Overview

Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security

Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children

This site is not directed to children under the age of 13.

Marketing

Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out

Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links

This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020


Other Things You Might Like

Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide
Cisco Certified Support Technician (CCST) Cybersecurity 100-160 Official Cert Guide
By Shane Sexton, Raymond Lacoste
Book   $39.99
Networking Essentials Companion Guide v3: Cisco Certified Support Technician (CCST) Networking 100-150
Networking Essentials Companion Guide v3: Cisco Certified Support Technician (CCST) Networking 100-150, 2nd Edition
By Cisco Networking Academy
eBook (Watermarked)   $77.39
Networking Essentials Companion Guide v3: Cisco Certified Support Technician (CCST) Networking 100-150
Networking Essentials Companion Guide v3: Cisco Certified Support Technician (CCST) Networking 100-150, 2nd Edition
By Cisco Networking Academy
Book   $81.00