Written Exam Topics v2.x
1.General Networking
· 1.Networking Basics
· 2.OSI Layers
· 3.TCP/IP Protocols
· 4.Switching (VTP, VLANs, Spanning Tree, Trunking, etc.)
· 5.Routing Protocols (RIP, EIGRP, OSPF, and BGP)
· 6.IP Multicast
2.Security Protocols, Ciphers and Hash Algorithms
· 1.RADIUS
· 2.TACACS+
· 3.Ciphers RSA, DSS, RC4
· 4.Message Digest 5 (MD5)
· 5.Secure Hash Algorithm (SHA)
· 6.EAP PEAP TKIP TLS
· 7.Data Encryption Standard (DES)
· 8.Triple DES (3DES)
· 9.Advanced Encryption Standard (AES)
· 10.IP Security (IPSec)
· 11.Authentication Header (AH)
· 12.Encapsulating Security Payload (ESP)
· 13.Internet Key Exchange (IKE)
· 14.Certificate Enrollment Protocol (CEP)
· 15.Transport Layer Security (TLS)
· 16.Secure Socket Layer (SSL)
· 17.Point to Point Tunneling Protocol (PPTP)
· 18.Layer 2 Tunneling Protocol (L2TP)
· 19.Generic Route Encapsulation (GRE)
· 20.Secure Shell (SSH)
· 21.Pretty Good Privacy (PGP)
3.Application Protocols
· 1.Hypertext Transfer Protocol (HTTP)
· 2.Simple Mail Transfer Protocol (SMTP)
· 3.File Transfer Protocol (FTP)
· 4.Domain Name System (DNS)
· 5.Trivial File Transfer Protocol (TFTP)
· 6.Network Time Protocol (NTP)
· 7.Lightweight Directory Access Protocol (LDAP)
· 8.Syslog
4.Security Technologies
· 1.Packet Filtering
· 2.Content Filtering
· 3.URL Filtering
· 4.Authentication Technologies
· 5.Authorization technologies
· 6.Proxy Authentication
· 7.Public Key Infrastructure (PKI)
· 8.IPSec VPN
· 9.SSL VPN
· 10.Network Intrusion Prevention Systems
· 11.Host Intrusion Prevention Systems
· 12.Event Correlation
· 13.Adaptive Threat Defense (ATD)
· 14.Network Admission Control (NAC)
· 15.802.1x
· 16.Endpoint Security
· 17.Network Address Translation
5.Cisco Security Appliances and Applications
· 1.Cisco Secure PIX Firewall
· 2.Cisco Intrusion Prevention System (IPS)
· 3.Cisco VPN 3000 Series Concentrators
· 4.Cisco EzVPN Software and Hardware Clients
· 5.Cisco Adaptive Security Appliance (ASA) Firewall
· 6.Cisco Security Monitoring, Analysis and Response System (MARS)
· 7.Cisco IOS Firewall
· 8.Cisco IOS Intrusion Prevention System
· 9.Cisco IOS IPSec VPN
· 10.Cisco IOS Trust and Identity
· 11.Cisco Secure ACS for Windows
· 12.Cisco Secure ACS Solution Engine
· 13.Cisco Traffic Anomaly Detectors
· 14.Cisco Guard DDoS Mitigation Appliance
· 15.Cisco Catalyst 6500 Series Security Modules (FWSM, IDSM, VPNSM, WebVPN, SSL modules)
· 16.Cisco Traffic Anomaly Detector Module & Cisco Guard Service Module
6.Cisco Security Management
· 1.Cisco Adaptive Security Device Manager (ASDM)
· 2.Cisco Router & Security Device Manager (SDM)
· 3.Cisco Security Manager (CSM)
7.Cisco Security General
· 1.IOS Specifics
· 2.Routing and Switching Security Features: IP & MAC Spoofing, MAC Address Controls, Port Security, DHCP Snoop, DNS Spoof.
· 3.NetFlow
· 4.Layer 2 Security Features
· 5.Layer 3 Security Features
· 6.Wireless Security
· 7.IPv6 Security
8.Security Solutions
· 1.Network Attack Mitigation
· 2.Virus and Worms Outbreaks
· 3.Theft of Information
· 4.DoS/DDoS Attacks
· 5.Web Server & Web Application Security
9.Security General
· 1.Policies - Security Policy Best Practices
· 2.Information Security Standards (ISO 17799, ISO 27001, BS7799)
· 3.Standards Bodies
· 4.Common RFCs (e.g. RFC1918, RFC2827, RFC2401)
· 5.BCP 38
· 6.Attacks, Vulnerabilities and Common Exploits - recon, scan, priv escalation, penetration, cleanup, backdoor
· 7.Security Audit & Validation
· 8.Risk Assessment
· 9.Change Management Process
· 10.Incident Response Framework
· 11.Computer Security Forensics
Lab Exam Topics v3.0
1.Implement secure networks using Cisco ASA Firewalls
· 1.Perform basic firewall Initialization
· 2.Configure device management
· 3.Configure address translation (nat, global, static)
· 4.Configure ACLs
· 5.Configure IP routing
· 6.Configure object groups
· 7.Configure VLANs
· 8.Configure filtering
· 9.Configure failover
· 10.Configure Layer 2 Transparent Firewall
· 11.Configure security contexts (virtual firewall)
· 12.Configure Modular Policy Framework
· 13.Configure Application-Aware Inspection
· 14.Configure high availability solutions
· 15.Configure QoS policies
2.Implement secure networks using Cisco IOS Firewalls
· 1.Configure CBAC
· 2.Configure Zone-Based Firewall
· 3.Configure Audit
· 4.Configure Auth Proxy
· 5.Configure PAM
· 6.Configure access control
· 7.Configure performance tuning
· 8.Configure advanced IOS Firewall features
3.Implement secure networks using Cisco VPN solutions
· 1.Configure IPsec LAN-to-LAN (IOS/ASA)
· 2.Configure SSL VPN (IOS/ASA)
· 3.Configure Dynamic Multipoint VPN (DMVPN)
· 4.Configure Group Encrypted Transport (GET) VPN
· 5.Configure Easy VPN (IOS/ASA)
· 6.Configure CA (PKI)
· 7.Configure Remote Access VPN
· 8.Configure Cisco Unity Client
· 9.Configure Clientless WebVPN
· 10.Configure AnyConnect VPN
· 11.Configure XAuth, Split-Tunnel, RRI, NAT-T
· 12.Configure High Availability
· 13.Configure QoS for VPN
· 14.Configure GRE, mGRE
· 15.Configure L2TP
· 16.Configure advanced Cisco VPN features
4.Configure Cisco IPS to mitigate network threats
· 1.Configure IPS 4200 Series Sensor Appliance
· 2.Initialize the Sensor Appliance
· 3.Configure Sensor Appliance management
· 4.Configure virtual Sensors on the Sensor Appliance
· 5.Configure security policies
· 6.Configure promiscuous and inline monitoring on the Sensor Appliance
· 7.Configure and tune signatures on the Sensor Appliance
· 8.Configure custom signatures on the Sensor Appliance
· 9.Configure blocking on the Sensor Appliance
· 10.Configure TCP resets on the Sensor Appliance
· 11.Configure rate limiting on the Sensor Appliance
· 12.Configure signature engines on the Sensor Appliance
· 13.Use IDM to configure the Sensor Appliance
· 14.Configure event action on the Sensor Appliance
· 15.Configure event monitoring on the Sensor Appliance
· 16.Configure advanced features on the Sensor Appliance
· 17.Configure and tune Cisco IOS IPS
· 18.Configure SPAN & RSPAN on Cisco switches
5.Implement Identity Management
· 1.Configure RADIUS and TACACS+ security protocols
· 2.Configure LDAP
· 3.Configure Cisco Secure ACS
· 4.Configure certificate-based authentication
· 5.Configure proxy authentication
· 6.Configure 802.1x
· 7.Configure advanced identity management features
· 8.Configure Cisco NAC Framework
6.Implement Control Plane and Management Plane Security
· 1.Implement routing plane security features (protocol authentication, route filtering)
· 2.Configure Control Plane Policing
· 3.Configure CP protection and management protection
· 4.Configure broadcast control and switchport security
· 5.Configure additional CPU protection mechanisms (options drop, logging interval)
· 6.Disable unnecessary services
· 7.Control device access (Telnet, HTTP, SSH, Privilege levels)
· 8.Configure SNMP, Syslog, AAA, NTP
· 9.Configure service authentication (FTP, Telnet, HTTP, other)
· 10.Configure RADIUS and TACACS+ security protocols
· 11.Configure device management and security
7.Configure Advanced Security
· 1.Configure mitigation techniques to respond to network attacks
· 2.Configure packet marking techniques
· 3.Implement security RFCs (RFC1918/3330, RFC2827/3704)
· 4.Configure Black Hole and Sink Hole solutions
· 5.Configure RTBH filtering (Remote Triggered Black Hole)
· 6.Configure Traffic Filtering using Access-Lists
· 7.Configure IOS NAT
· 8.Configure TCP Intercept
· 9.Configure uRPF
· 10.Configure CAR
· 11.Configure NBAR
· 12.Configure NetFlow
· 13.Configure Anti-Spoofing solutions
· 14.Configure Policing
· 15.Capture and utilize packet captures
· 16.Configure Transit Traffic Control and Congestion Management
· 17.Configure Cisco Catalyst advanced security features
8.Identify and Mitigate Network Attacks
· 1.Identify and protect against fragmentation attacks
· 2.Identify and protect against malicious IP option usage
· 3.Identify and protect against network reconnaissance attacks
· 4.Identify and protect against IP spoofing attacks
· 5.Identify and protect against MAC spoofing attacks
· 6.Identify and protect against ARP spoofing attacks
· 7.Identify and protect against Denial of Service (DoS) attacks
· 8.Identify and protect against Distributed Denial of Service (DDoS) attacks
· 9.Identify and protect against Man-in-the-Middle (MiM) attacks
· 10.Identify and protect against port redirection attacks
· 11.Identify and protect against DHCP attacks
· 12.Identify and protect against DNS attacks
· 13.Identify and protect against Smurf attacks
· 14.Identify and protect against SYN attacks
· 15.Identify and protect against MAC Flooding attacks
· 16.Identify and protect against VLAN hopping attacks
· 17.Identify and protect against various Layer2 and Layer3 attacks
