How To Understand And Understand Cisco Security Specialist 1.2.2 (For A Non-Profit)



Similar documents
Structured Threats 21 External Threats 22 Internal Threats 22 Network Attacks 22 Reconnaissance Attacks 22 Access Attacks 23 Data Retrieval 23 System

Security Threats VPNs and IPSec AAA and Security Servers PIX and IOS Router Firewalls. Intrusion Detection Systems

Lab Configure IOS Firewall IDS

Implementing Cisco Intrusion Prevention System 7.0 (IPS)

Architecture Overview

Classic IOS Firewall using CBACs Cisco and/or its affiliates. All rights reserved. 1

Syslog Server Configuration on Wireless LAN Controllers (WLCs)

Official Cert Guide. CCNP Security IPS Odunayo Adesina, CCIE No Keith Barker, CCIE No Cisco Press.

Upon completion of this chapter, you will be able to perform the following tasks: Define the major features of Cisco intrusion protection solution

Introduction of Intrusion Detection Systems

Securing Networks with PIX and ASA

Configuring NetFlow Secure Event Logging (NSEL)

Security and Access Control Lists (ACLs)

CISCO IOS NETWORK SECURITY (IINS)

Managing Enterprise Security with Cisco Security Manager

Securing Cisco Network Devices (SND)

SSECMGT: CManaging Enterprise Security with Cisco Security Manager v4.x

FIREWALLS & CBAC. philip.heimer@hh.se

Implementing Cisco IOS Network Security v2.0 (IINS)

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

SonicWALL Global Management System Reporting Guide Standard Edition

Network Security 2. Module 2 Configure Network Intrusion Detection and Prevention

Cisco Certified Security Professional (CCSP) 50 Cragwood Rd, Suite 350 South Plainfield, NJ 07080

Configuring Personal Firewalls and Understanding IDS. Securing Networks Chapter 3 Part 2 of 4 CA M S Mehta, FCA

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

Intrusion Detection Systems (IDS)

Virtual Fragmentation Reassembly

Lab Developing ACLs to Implement Firewall Rule Sets

Lab Configure Cisco IOS Firewall CBAC

nfx Cinxi One SIEM Partner Guide Revision: H2CY10

Testing Network Security Using OPNET

Configuration Guide. BES12 Cloud

Cisco ASA and NetFlow Using ASA NetFlow with LiveAction Flow Software

Cisco Intrusion Detection System Services Module (IDSM-2)

SonicWALL Global Management System Reporting Guide Standard Edition

McAfee Network Security Platform Administration Course

Lab Configure Intrusion Prevention on the PIX Security Appliance

Managing Enterprise Security with Cisco Security Manager

AlienVault Unified Security Management (USM) 4.x-5.x. Deployment Planning Guide

IP Filter/Firewall Setup

Cisco Firewall Technology

PIX/ASA: Allow Remote Desktop Protocol Connection through the Security Appliance Configuration Example

Implementing Cisco Secure AccessSolutions Exam

PIX/ASA 7.x with Syslog Configuration Example

Configuring NetFlow Secure Event Logging (NSEL)

SolarWinds Log & Event Manager

Lab Configure Cisco IOS Firewall CBAC on a Cisco Router

Vantage Report. User s Guide. Version /2006 Edition 1

IBM Proventia Management SiteProtector. Configuring Firewalls for SiteProtector Traffic Version 2.0, Service Pack 8.1

Log Analysis: Overall Issues p. 1 Introduction p. 2 IT Budgets and Results: Leveraging OSS Solutions at Little Cost p. 2 Reporting Security

Tim Bovles WILEY. Wiley Publishing, Inc.

CCNA Security 1.1 Instructional Resource

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

SECURE YOUR NETWORK WITH FIREWALL BUILDER

Troubleshooting Cisco Secure Intrusion Detection Systems

Network Security Administrator

NetFlow use cases. ICmyNet / NetVizura. Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o.

Table of Contents. Introduction

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD CCNA SECURITY. VERSION 1.0

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

PROFESSIONAL SECURITY SYSTEMS

Credit Card Secure Architecture for Interactive Voice Response (IVR) Applications

Cisco Certified Security Professional (CCSP)

IBM Security QRadar SIEM Version MR1. Log Sources User Guide

Cisco IPS Manager Express

Document Objective Audience

An Oracle Technical White Paper May How to Configure Kaspersky Anti-Virus Software for the Oracle ZFS Storage Appliance

IBM Security QRadar SIEM Version (MR1) Tuning Guide

CNS-200-1I Basic Administration for Citrix NetScaler 9.0

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Course Title: Penetration Testing: Security Analysis

SolarWinds Certified Professional. Exam Preparation Guide

Symantec Event Collector 4.3 for Cisco PIX Quick Reference

IBM. Vulnerability scanning and best practices

Appendix A: Configuring Firewalls for a VPN Server Running Windows Server 2003

Managing Latency in IPS Networks

IBM Security SiteProtector System Configuration Guide

Firewall Stateful Inspection of ICMP

Configuration Guide BES12. Version 12.3

OfficeScan 10 Enterprise Client Firewall Updated: March 9, 2010

Implementing Secured Converged Wide Area Networks (ISCW) Version 1.0

Barracuda Networks Web Application Firewall

Network Agent Quick Start

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Windows Firewall Configuration with Group Policy for SyAM System Client Installation

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Vmware VSphere 6.0 Private Cloud Administration

vshield Administration Guide

Multi-Domain Security Management

disect Systems Logging Snort alerts to Syslog and Splunk PRAVEEN DARSHANAM

Integrating LANGuardian with Active Directory

Configuration Guide BES12. Version 12.2

Cisco Wide Area Application Services (WAAS) Software Version 4.0

Monitoring System Status

TABLE OF CONTENTS NETWORK SECURITY 2...1

Troubleshooting and Maintaining Cisco IP Networks Volume 1

8. Firewall Design & Implementation

Configuring Static and Dynamic NAT Simultaneously

Transcription:

Foreword p. xxvi Introduction p. xxvii Audience p. xxvii Organization p. xxvii Cisco Security Specialist 1 p. xxx Introduction to Network Security p. 3 Need for Network Security p. 5 Security Threats p. 6 Security Concepts p. 10 The Phases of an Attack p. 11 Attack Methodologies p. 15 Network Attack Points p. 16 Hacking Tools and Techniques p. 19 Summary p. 29 Review Questions p. 30 Cisco Security Wheel p. 33 Securing the Network p. 34 Monitoring Network Security p. 42 Testing Network Security p. 43 Improving Network Security p. 44 Summary p. 46 Review Questions p. 48 Intrusion Detection and the CSIDS Environment p. 51 Intrusion Detection Systems p. 53 IDS Triggers p. 54 IDS Monitoring Locations p. 61 Hybrid Characteristics p. 66 Summary p. 67 Review Questions p. 68 Cisco Secure IDS Overview p. 71 System Function and Features p. 72 Sensor Platforms and Modules p. 77 Director Platforms p. 80 Cisco Secure IDS and the PostOffice Protocol p. 84 Summary p. 90 Review Questions p. 91 CSIDS Installation p. 95 Cisco Secure IDS Sensor Deployment p. 97 Preparing for Deployment: Analyzing Your Network Topology p. 97 Executing the Deployment: Sensor Installation Considerations p. 103 Summary p. 112

Review Questions p. 112 Cisco Secure Policy Manager Installation p. 117 CSPM Overview p. 117 CSPM Installation Requirements p. 121 CSPM Installation Settings and Options p. 124 Starting CSMP p. 136 Summary p. 139 Review Questions p. 140 4200 Series Sensor Installation Within CSPM p. 145 Understanding the Sensor Appliance p. 145 Configuring the Sensor Bootstrap p. 151 Adding a Sensor to a CSPM Director p. 158 Summary p. 170 Review Questions p. 171 Alarm Management and Intrusion Detection Signatures p. 175 Working with Cisco Secure IDS Alarms in CSPM p. 177 Managing Alarms p. 178 Customizing the Event Viewer p. 201 Preference Settings p. 208 Connection Status Pane p. 214 Summary p. 221 Review Questions p. 225 Understanding Cisco Secure IDS Signatures p. 231 Signature Definition p. 231 Signature Classes p. 234 Signature Types p. 235 Signature Severity p. 237 Summary p. 239 Review Questions p. 241 Signature Series p. 245 IP Signatures (1000 Series) p. 245 ICMP Signatures (2000 Series) p. 257 TCP Signatures (3000 Series) p. 268 UDP Signatures (4000 Series) p. 316 Web/HTTP Signatures (5000 Series) p. 321 Cross-Protocol Signatures (6000 Series) p. 349 String-Matching Signatures (8000 Series) p. 374 Policy-Violation Signatures (10000 Series) p. 378 Summary p. 378 Review Questions p. 379 CSIDS Configuration p. 383

Sensor Configuration Within CSPM p. 385 CSPM Sensor Configuration Screens p. 386 Basic Configuration Changes p. 410 Log File Configuration p. 414 Advanced Configuration Changes p. 416 Pushing a New Configuration to Your Sensor p. 420 Summary p. 421 Review Questions p. 422 Signature and Intrusion Detection Configuration p. 427 Basic Signature Configuration p. 428 Signature Templates p. 439 Signature Filtering p. 444 Advanced Signature Configuration p. 451 Creating ACL Signatures p. 455 Summary p. 457 Review Questions p. 458 IP Blocking Configurations p. 463 Understanding ACLs p. 464 ACL Placement Considerations p. 471 Configuring the Sensor for IP Blocking p. 474 Summary p. 485 Review Questions p. 486 Catalyst 6000 IDS Module Configuration p. 489 Understanding the Catalyst 6000 IDS Module p. 489 IDSM Ports and Traffic Flow p. 493 Capturing Traffic p. 495 Configuration Tasks p. 498 Updating IDSM Components p. 514 Troubleshooting p. 519 Summary p. 523 Review Questions p. 524 Cisco Secure Intrusion Detection Director (CSIDD) p. 529 Cisco Secure ID Director Installation p. 531 Director Software Installation p. 531 Starting the Director p. 536 Sensor Configuration p. 540 Summary p. 549 Review Questions p. 550 The Configuration File Management Utility (nrconfigure) p. 555 Working with nrconfigure p. 556 Host Types for Add Host Wizard p. 560

Connecting to a Previously Configured Sensor p. 561 Verifying That the Sensor Is Added to nrconfigure p. 565 Verifying That the Sensor Is Added to the Cisco Secure IDS Submap p. 566 Deleting a Sensor p. 566 Removing the Sensor Icon p. 567 Working with the Configuration Library p. 568 Summary p. 572 Review Questions p. 573 Cisco IOS Firewall Intrusion Detection System p. 577 Cisco IOS Firewall IDS and Intrusion Detection p. 578 Supported Router Platforms p. 580 Deployment Issues p. 580 Signatures p. 581 Configuration Tasks p. 582 Summary p. 605 Review Questions p. 606 Cisco Secure IDS Upcoming Releases p. 611 Planned Cisco Secure IDS Enhancements p. 613 Version 3.0 p. 614 Version 4.0 p. 620 Sensor Enhancements p. 625 Cisco Secure IDS-User-Defined Signatures p. 628 Summary p. 634 Appendixes p. 637 Deploying Intrusion Detection: Case Studies p. 639 Using Cisco IOS Firewall IDS p. 639 Sending SYSLOG Data to a Cisco Secure IDS Sensor p. 650 Managing a Router with a Cisco Secure IDS Sensor p. 657 Cisco Secure IDS Tiered Director Hierarchy p. 669 Setting Up Multiple IDSM Blades in the Same Chassis p. 678 Cisco Secure IDS Architecture p. 687 Cisco Secure IDS Software Architecture p. 687 Cisco Secure IDS Communications p. 693 Cisco Secure IDS Commands p. 693 Cisco Secure IDS Directory Structure p. 696 Cisco Secure IDS Configuration Files p. 699 Communications p. 712 Cisco Secure ID Director Basic Troubleshooting p. 721 Director Problems p. 721 Sensor Problems p. 727 Oracle Problems p. 728

Data Management Package Problems p. 731 nrconfigure Problems p. 733 Online Help and NSDB p. 734 Cisco Secure IDS Log Files p. 737 Levels of Logging p. 737 Log File Naming Conventions p. 738 Log File Locations p. 740 Closing Active Files p. 740 Archived Log Files p. 740 Event Record Fields p. 740 Advanced Tips p. 749 Correcting a Sensor That Does Not Sniff p. 749 Using the Sensor COM Port for Console Access p. 757 Excluding False-Positive Alarms p. 759 Cisco Secure IDS Signature Structures and Implementations p. 765 Cisco Secure IDS Signatures and Recommended Alarm Levels p. 779 General Signatures p. 780 Connection Signatures p. 790 String Signatures p. 793 ACL Signatures p. 794 Cisco IOS Firewall IDS Signature List p. 797 Information Signatures p. 798 Attack Signatures p. 799 Cisco Secure Communications Deployment Worksheet p. 803 Glossary p. 807 Answers to Review Questions p. 815 Chapter 1 Answers p. 815 Chapter 2 Answers p. 816 Chapter 3 Answers p. 817 Chapter 4 Answers p. 818 Chapter 5 Answers p. 819 Chapter 6 Answers p. 820 Chapter 7 Answers p. 821 Chapter 8 Answers p. 823 Chapter 9 Answers p. 825 Chapter 10 Answers p. 826 Chapter 11 Answers p. 827 Chapter 12 Answers p. 828 Chapter 13 Answers p. 830 Chapter 14 Answers p. 831 Chapter 15 Answers p. 833

Chapter 16 Answers p. 834 Chapter 17 Answers p. 834 Index p. 837 Table of Contents provided by Blackwell's Book Services and R.R. Bowker. Used with permission.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information