Website chia sẻ tài liệu, ebook tham khảo cho các bạn học sinh, sinh viên
Packet Tracer Tool To open the Packet Tracer, perform the following steps: Step 1. In the main Cisco ASDM application window, navigate to Tools > Packet Tracer. Step 2. The Cisco ASDM Packet Tracer dialog box opens. Step 3. Choose the source interface for the packet trace from the Interface drop-down list. Step 4. Specify the protocol type fo...
85 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1064 | Lượt tải: 0
Firewall Designs Best practices documents are a composite effort of security practitioners. This partial list of best practices is generic and serves only as a starting point for your own firewall security policy: • Position firewalls at key security boundaries, separating security domains with different levels of trust. • Firewalls are the prim...
29 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 907 | Lượt tải: 0
Advance IPv6 ACL Reflexive ACLs and time-based ACLs are also available in IPv6. An IPv6 ACL can match the following IPv6 headers: • routing: Matches any route header • mobility: Matches any mobility header • dest-option-type: Matches any destination option header • auth: Matches IPsec’s AH • undetermined-transport: Matches any packet whose La...
48 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 989 | Lượt tải: 0
The following are the main points conveyed in this chapter: • Threat control and containment should distribute security intelligence, improve incident analysis and correlation, and respond automatically. • Cisco threat control and containment solutions provide multiple deployment options: appliance, hardware module, software based, and virtualize...
18 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 1027 | Lượt tải: 0
By combining multiple techniques, attackers can accomplish stealth attacks that result in trust exploitation and information theft. Figure 6-14 illustrates an attack that combines dual-stacked hosts, which are subject to rogue router advertisements. This type of attack could exploit the routing header (RH) to pivot using multiple hops; and by using...
28 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 904 | Lượt tải: 0
MAC Address Notification The MAC Address Notification feature sends SNMP traps to the network management station (NMS) whenever a new MAC address is added to or an old address is deleted from the forwarding tables.
36 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 907 | Lượt tải: 0
Dynamic Access Policies on Cisco ASA For those readers familiar with Cisco ASA, you will relate Figure 4-24 to the dynamic access policies (DAP) used in VPN settings, where the ASA assigns a policy to an incoming connection based on many criteria, including not only the user’s identity, but also how the computer is used to connect, whether the com...
126 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 917 | Lượt tải: 0
Layer 2 Data Plane Protection Data plane protection mechanisms depend on feature availability for specific devices. In a switching infrastructure, these Cisco Catalyst integrated security capabilities provide data plane security on the Cisco Catalyst switches using integrated tools: • Port security prevents MAC flooding attacks. • DHCP snooping ...
20 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 907 | Lượt tải: 0
Summary In this chapter, you learned about the Cisco Borderless Network Architecture. This chapter examined the Cisco Security portfolio of products and, more specifically, reviewed the following: • Cisco SecureX Architecture (at a high level), highlighting its features and benefits and providing examples of Cisco products that fall within this c...
24 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 979 | Lượt tải: 0
Security Policies The three reasons for having a security policy are as follows: • To inform users, staff, and managers • To specify mechanisms for security • To provide a baseline A properly defined security policy does the following: • Protects people and information • Sets the rules for expected behavior • Authorizes staff to monitor, pr...
26 trang | Chia sẻ: vutrong32 | Ngày: 16/10/2018 | Lượt xem: 893 | Lượt tải: 0