Quản trị mạng - Chapter 9: Managing a secure networkThe security policy is an integral component of an organization’s network security design and implementation. It answers questions about what assets are to be protected and how to protect them. • A security policy typically consists of a goverming policy, a technical policy, and an end-user policy. • Standards, guidelines, and procedures cont...
82 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 787 | Lượt tải: 0
Quản trị mạng - Chapter 8: Implementing virtual private networksDescribe the purpose and operation of VPN types • Describe the purpose and operation of GRE VPNs • Describe the components and operations of IPsec VPNs • Configure and verify a site-to-site IPsec VPN with preshared key authentication using CLI • Configure and verify a site-to-site IPsec VPN with preshared key authentication using CCP • Configu...
124 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 921 | Lượt tải: 1
Quản trị mạng - Chapter 7: Cryptographic systemsTo authenticate each other, users have to obtain the certificate of the CA and their own certificate. These steps require the out-of-band verification of the processes. Public-key systems use asymmetric keys whe one is public and the other one is private. Key management is simplified because two users can freely exchange the certificates. Th...
104 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 1022 | Lượt tải: 0
Quản trị mạng - Chapter 6: Securing the local area networkModern enterprise networks deploy wireless, VoIP, and SAN devices that require specialized security solutions. • Wireless technologies are the most prone to network attacks. A number of technologies have evolved to miligate these attacks. • With the increased adoption of VoIP, serveral security considerations specific to VoIP technology have ...
143 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 859 | Lượt tải: 0
Quản trị mạng - Chapter 5: Implementing intrusion preventionSignatures may need to be tuned to a specifc netwok. • Continuously monitor an IPS solution to ensure that it is providing an adequate level of protection. • Implement Cisco IOS IPS using CLI or SDM • Modify IPS signatures using CLI or SDM • Use various CLI commends to verify and monitor a Cisco IOS IPS configuration. Học việ
83 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 847 | Lượt tải: 0
Quản trị mạng - Chapter 4: Implementing firewall technologiesZone-Based Policy Firewall (ZPF) , introduced in 2006, is the state of the art in modern firewalling. • ZPF operation centers around the creation of zones associated with various security levels. • Implementing ZPF with CLI is much more structured and easier to understand than CBAC . ZPF utilizes class maps and policy maps enabled by C3PL. •...
132 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 935 | Lượt tải: 0
Quản trị mạng - Chapter 3: Authentication, authorization, and accountingIn large or complex networks, AAA authentication can be implemented using server-based AAA. • AAA servers can use RADIUS or TACACS+ protocols to communicate with client routers. • The Cisco Access Control Server (ACS) can be used to provide AAA server services. • Server-based AAA authentication can be configured using CLI or SDM. • Server-b...
78 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 919 | Lượt tải: 0
Quản trị mạng - Chapter 2: Securing network devicesReleased in IOS version 12.3, Cisco AutoSecure is a feature that is initiated from the CLI and executes a script. • AutoSecure first makes recommendations for fixing security vulnerabilities and then modifies the security configuration of the router. • There are three forwarding plane services and functions: 1. Enables Cisco Express Forwardin...
175 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 914 | Lượt tải: 0
Quản trị mạng - Chapter 1: Modern network security threatsKeep patches up to date by installing them weekly or daily, if possible, to prevent buffer overflow and privilege escalation attacks. 2. Shut down unnecessary services and ports. 3. Use strong passwords and change them often 4. Control physical access to systems. 5. Mitigating Network Attacks Avoid unnecessary web page inputs. 6. Perform ba...
75 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 941 | Lượt tải: 0
Quản trị mạng - Chapter 8: Network troubleshootingThe difficulty in troubleshooting Layer 2 technologies, such as PPP and Frame Relay, is the unavailability of common Layer 3 troubleshooting tools, such as ping, to assist with anything but the identification that the network is down. • Most of the problems that occur with PPP involve link negotiation.
73 trang | Chia sẻ: nguyenlam99 | Ngày: 09/01/2019 | Lượt xem: 884 | Lượt tải: 0
