دسترسی نامحدود
برای کاربرانی که ثبت نام کرده اند
دانلود کتاب CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide
دانلود کتاب راهنمای گواهی رسمی CCNP و CCIE Core SCOR 350-701
مشخصات کتاب
CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide
ویرایش:
نویسندگان: Omar Santos
سری:
ISBN (شابک) : 9780135971802, 9780135971970
ناشر: Cisco Press
سال نشر: 2020
تعداد صفحات: 0
زبان: English
فرمت فایل : EPUB (درصورت درخواست کاربر به PDF، EPUB یا AZW3 تبدیل می شود)
حجم فایل: 62 مگابایت
قیمت کتاب (تومان) : 46,000
در صورت ایرانی بودن نویسنده امکان دانلود وجود ندارد و مبلغ عودت داده خواهد شد
در صورت تبدیل فایل کتاب CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide به فرمت های PDF، EPUB، AZW3، MOBI و یا DJVU می توانید به پشتیبان اطلاع دهید تا فایل مورد نظر را تبدیل نمایند.
توجه داشته باشید کتاب راهنمای گواهی رسمی CCNP و CCIE Core SCOR 350-701 نسخه زبان اصلی می باشد و کتاب ترجمه شده به فارسی نمی باشد. وبسایت اینترنشنال لایبرری ارائه دهنده کتاب های زبان اصلی می باشد و هیچ گونه کتاب ترجمه شده یا نوشته شده به فارسی را ارائه نمی دهد.
توضیحاتی درمورد کتاب به خارجی
فهرست مطالب
Cover Title Page Copyright Page Credits Contents at a Glance Contents Introduction Chapter 1 Cybersecurity Fundamentals “Do I Know This Already?” Quiz Foundation Topics Introduction to Cybersecurity Cybersecurity vs. Information Security (InfoSec) The NIST Cybersecurity Framework Additional NIST Guidance and Documents The International Organization for Standardization (ISO) Defining What Are Threats, Vulnerabilities, and Exploits What Is a Threat? What Is a Vulnerability? What Is an Exploit? Risk, Assets, Threats, and Vulnerabilities Defining Threat Actors Understanding What Threat Intelligence Is Viruses and Worms Types and Transmission Methods Malware Payloads Trojans Trojan Types Trojan Ports and Communication Methods Trojan Goals Trojan Infection Mechanisms Effects of Trojans Distributing Malware Ransomware Covert Communication Keyloggers Spyware Analyzing Malware Static Analysis Dynamic Analysis Common Software and Hardware Vulnerabilities Injection Vulnerabilities SQL Injection HTML Injection Command Injection Authentication-based Vulnerabilities Credential Brute Force Attacks and Password Cracking Session Hijacking Default Credentials Insecure Direct Object Reference Vulnerabilities Cross-site Scripting (XSS) Cross-site Request Forgery Cookie Manipulation Attacks Race Conditions Unprotected APIs Return-to-LibC Attacks and Buffer Overflows OWASP Top 10 Security Vulnerabilities in Open Source Software Confidentiality, Integrity, and Availability What Is Confidentiality? What Is Integrity? What Is Availability? Talking About Availability, What Is a Denial-of-Service (DoS) Attack? Access Control Management Cloud Security Threats Cloud Computing Issues and Concerns Cloud Computing Attacks Cloud Computing Security IoT Security Threats IoT Protocols Hacking IoT Implementations An Introduction to Digital Forensics and Incident Response ISO/IEC 27002:2013 and NIST Incident Response Guidance What Is an Incident? False Positives, False Negatives, True Positives, and True Negatives Incident Severity Levels How Are Incidents Reported? What Is an Incident Response Program? The Incident Response Plan The Incident Response Process Tabletop Exercises and Playbooks Information Sharing and Coordination Computer Security Incident Response Teams Product Security Incident Response Teams (PSIRTs) The Common Vulnerability Scoring System (CVSS) National CSIRTs and Computer Emergency Response Teams (CERTs) Coordination Centers Incident Response Providers and Managed Security Service Providers (MSSPs) Key Incident Management Personnel Summary Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 2 Cryptography “Do I Know This Already?” Quiz Foundation Topics Introduction to Cryptography Ciphers Keys Block and Stream Ciphers Symmetric and Asymmetric Algorithms Hashes Hashed Message Authentication Code Digital Signatures Key Management Next-Generation Encryption Protocols IPsec SSL and TLS Fundamentals of PKI Public and Private Key Pairs More About Keys and Digital Certificates Certificate Authorities Root Certificates Identity Certificates X.500 and X.509v3 Authenticating and Enrolling with the CA Public Key Cryptography Standards Simple Certificate Enrollment Protocol Revoking Digital Certificates Digital Certificates in Practice PKI Topologies Single Root CA Hierarchical CA with Subordinate CAs Cross-Certifying CAs Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 3 Software-Defined Networking Security and Network Programmability “Do I Know This Already?” Quiz Foundation Topics Introduction to Software-Defined Networking Traditional Networking Planes So What’s Different with SDN? Introduction to the Cisco ACI Solution VXLAN and Network Overlays Micro-Segmentation Open Source Initiatives More About Network Function Virtualization NFV MANO Contiv Cisco Digital Network Architecture (DNA) Cisco DNA Policies Cisco DNA Group-Based Access Control Policy Cisco DNA IP-Based Access Control Policy Cisco DNA Application Policies Cisco DNA Traffic Copy Policy Cisco DNA Center Assurance Solution Cisco DNA Center APIs Cisco DNA Security Solution Cisco DNA Multivendor Support Introduction to Network Programmability Modern Programming Languages and Tools DevNet Getting Started with APIs REST APIs Using Network Device APIs YANG Models NETCONF RESTCONF OpenConfig and gNMI Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 4 Authentication, Authorization, Accounting (AAA) and Identity Management “Do I Know This Already?” Quiz Foundation Topics Introduction to Authentication, Authorization, and Accounting The Principle of Least Privilege and Separation of Duties Authentication Authentication by Knowledge Authentication by Ownership or Possession Authentication by Characteristic Multifactor Authentication Duo Security Zero Trust and BeyondCorp Single Sign-On Authorization Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role-Based Access Control (RBAC) Rule-Based Access Control Attribute-Based Access Control Accounting Infrastructure Access Controls Access Control Mechanisms AAA Protocols RADIUS TACACS+ Diameter 802.1X Network Access Control List and Firewalling VLAN ACLs Security Group–Based ACL Downloadable ACL Cisco Identity Services Engine (ISE) Cisco Platform Exchange Grid (pxGrid) Cisco ISE Context and Identity Services Cisco ISE Profiling Services Cisco ISE Identity Services Cisco ISE Authorization Rules Cisco TrustSec Posture Assessment Change of Authorization (CoA) Configuring TACACS+ Access Configuring RADIUS Authentication Configuring 802.1X Authentication Additional Cisco ISE Design Tips Advice on Sizing a Cisco ISE Distributed Deployment Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 5 Network Visibility and Segmentation “Do I Know This Already?” Quiz Foundation Topics Introduction to Network Visibility NetFlow The Network as a Sensor and as an Enforcer What Is a Flow? NetFlow for Network Security and Visibility NetFlow for Anomaly Detection and DDoS Attack Mitigation Data Leak Detection and Prevention Incident Response, Threat Hunting, and Network Security Forensics Traffic Engineering and Network Planning NetFlow Versions IP Flow Information Export (IPFIX) IPFIX Architecture Understanding IPFIX Mediators IPFIX Templates Option Templates Understanding the Stream Control Transmission Protocol (SCTP) Exploring Application Visibility and Control and NetFlow Application Recognition Metrics Collection and Exporting NetFlow Deployment Scenarios NetFlow Deployment Scenario: User Access Layer NetFlow Deployment Scenario: Wireless LAN NetFlow Deployment Scenario: Internet Edge NetFlow Deployment Scenario: Data Center NetFlow Deployment Scenario: NetFlow in Site-to-Site and Remote VPNs Cisco Stealthwatch Stealthwatch Cloud On-Premises Monitoring with Cisco Stealthwatch Cloud Cisco Stealthwatch Cloud Integration with Meraki and Cisco Umbrella Exploring the Cisco Stealthwatch On-Premises Appliances Threat Hunting with Cisco Stealthwatch Cisco Cognitive Threat Analytics (CTA) and Encrypted Traffic Analytics (ETA) What Is Cisco ETA? What Is Cisco Cognitive Threat Analytics? NetFlow Collection Considerations and Best Practices Determining the Flows per Second and Scalability Configuring NetFlow in Cisco IOS and Cisco IOS-XE Simultaneous Application Tracking Flexible NetFlow Records Flexible NetFlow Key Fields Flexible NetFlow Non-Key Fields NetFlow Predefined Records User-Defined Records Flow Monitors Flow Exporters Flow Samplers Flexible NetFlow Configuration Configure a Flow Record Configure a Flow Monitor for IPv4 or IPv6 Configure a Flow Exporter for the Flow Monitor Apply a Flow Monitor to an Interface Flexible NetFlow IPFIX Export Format Configuring NetFlow in NX-OS Introduction to Network Segmentation Data-Driven Segmentation Application-Based Segmentation Micro-Segmentation with Cisco ACI Segmentation with Cisco ISE The Scalable Group Tag Exchange Protocol (SXP) SGT Assignment and Deployment Initially Deploying 802.1X and/or TrustSec in Monitor Mode Active Policy Enforcement Cisco ISE TrustSec and Cisco ACI Integration Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 6 Infrastructure Security “Do I Know This Already?” Quiz Foundation Topics Securing Layer 2 Technologies VLAN and Trunking Fundamentals What Is a VLAN? Trunking with 802.1Q Let’s Follow the Frame, Step by Step What Is the Native VLAN on a Trunk? So, What Do You Want to Be? (Asks the Port) Understanding Inter-VLAN Routing What Is the Challenge of Only Using Physical Interfaces? Using Virtual “Sub” Interfaces Spanning Tree Fundamentals The Solution to the Layer 2 Loop STP Is Wary of New Ports Improving the Time Until Forwarding Common Layer 2 Threats and How to Mitigate Them Do Not Allow Negotiations Layer 2 Security Toolkit BPDU Guard Root Guard Port Security CDP and LLDP DHCP Snooping Dynamic ARP Inspection Network Foundation Protection The Importance of the Network Infrastructure The Network Foundation Protection Framework Interdependence Implementing NFP Understanding and Securing the Management Plane Best Practices for Securing the Management Plane Understanding the Control Plane Best Practices for Securing the Control Plane Understanding and Securing the Data Plane Best Practices for Protecting the Data Plane Additional Data Plane Protection Mechanisms Securing Management Traffic What Is Management Traffic and the Management Plane? Beyond the Console Cable Management Plane Best Practices Password Recommendations Using AAA to Verify Users Router Access Authentication The AAA Method List Role-Based Access Control Custom Privilege Levels Limiting the Administrator by Assigning a View Encrypted Management Protocols Using Logging Files Understanding NTP Protecting Cisco IOS, Cisco IOS-XE, Cisco IOS-XR, and Cisco NX-OS Files Implementing Security Measures to Protect the Management Plane Implementing Strong Passwords User Authentication with AAA Using the CLI to Troubleshoot AAA for Cisco Routers RBAC Privilege Level/Parser View Implementing Parser Views SSH and HTTPS Implementing Logging Features Configuring Syslog Support Configuring NTP Securing the Network Infrastructure Device Image and Configuration Files Securing the Data Plane in IPv6 Understanding and Configuring IPv6 The Format of an IPv6 Address Understanding the Shortcuts Did We Get an Extra Address? IPv6 Address Types Configuring IPv6 Routing Moving to IPv6 Developing a Security Plan for IPv6 Best Practices Common to Both IPv4 and IPv6 Threats Common to Both IPv4 and IPv6 The Focus on IPv6 Security New Potential Risks with IPv6 IPv6 Best Practices IPv6 Access Control Lists Securing Routing Protocols and the Control Plane Minimizing the Impact of Control Plane Traffic on the CPU Details about CoPP Details about CPPr Securing Routing Protocols Implementing Routing Update Authentication on OSPF Implementing Routing Update Authentication on EIGRP Implementing Routing Update Authentication on RIP Implementing Routing Update Authentication on BGP Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 7 Cisco Next-Generation Firewalls and Cisco Next-Generation Intrusion Prevention Systems “Do I Know This Already?” Quiz Foundation Topics Introduction to Cisco Next-Generation Firewalls (NGFW) and Next-Generation Intrusion Prevention Systems (NGIPS) Cisco Firewall History and Legacy Introducing the Cisco ASA The Cisco ASA FirePOWER Module Cisco Firepower Threat Defense (FTD) Cisco Firepower 1000 Series Cisco Firepower 2100 Series Cisco Firepower 4100 Series Cisco Firepower 9300 Series Cisco FTD for Cisco Integrated Services Routers (ISRs) Introduction to Cisco’s NGIPS Surveying the Cisco Firepower Management Center (FMC) Exploring the Cisco Firepower Device Manager (FDM) Cisco Defense Orchestrator Comparing Network Security Solutions That Provide Firewall Capabilities Deployment Modes of Network Security Solutions and Architectures That Provide Firewall Capabilities Routed vs. Transparent Firewalls Security Contexts Single-Mode Transparent Firewalls Surveying the Cisco FTD Deployment Modes Cisco FTD Interface Modes Inline Pair Inline Pair with Tap Passive Mode Passive with ERSPAN Mode Additional Cisco FTD Deployment Design Considerations High Availability and Clustering Clustering Implementing Access Control Implementing Access Control Lists in Cisco ASA Cisco ASA Application Inspection To-the-Box Traffic Filtering in the Cisco ASA Object Grouping and Other ACL Features Standard ACLs Time-Based ACLs ICMP Filtering in the Cisco ASA Network Address Translation in Cisco ASA Cisco ASA Auto NAT Implementing Access Control Policies in the Cisco Firepower Threat Defense Cisco Firepower Intrusion Policies Variables Platform Settings Policy Cisco NGIPS Preprocessors Cisco Advanced Malware Protection (AMP) Security Intelligence, Security Updates, and Keeping Firepower Software Up to Date Security Intelligence Updates Keeping Software Up to Date Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 8 Virtual Private Networks (VPNs) “Do I Know This Already?” Quiz Foundation Topics Virtual Private Network (VPN) Fundamentals An Overview of IPsec IKEv1 Phase 1 IKEv1 Phase 2 NAT Traversal (NAT-T) IKEv2 SSL VPNs Cisco AnyConnect Secure Mobility Deploying and Configuring Site-to-Site VPNs in Cisco Routers Traditional Site-to-Site VPNs in Cisco IOS and Cisco IOS-XE Devices Tunnel Interfaces GRE over IPsec More About Tunnel Interfaces Multipoint GRE (mGRE) Tunnels DMVPN GETVPN FlexVPN Debug and Show Commands to Verify and Troubleshoot IPsec Tunnels Configuring Site-to-Site VPNs in Cisco ASA Firewalls Step 1: Enable ISAKMP in the Cisco ASA Step 2: Create the ISAKMP Policy Step 3: Set Up the Tunnel Groups Step 4: Define the IPsec Policy Step 5: Create the Crypto Map in the Cisco ASA Step 6: Configure Traffic Filtering (Optional) Step 7: Bypass NAT (Optional) Step 8: Enable Perfect Forward Secrecy (Optional) Additional Attributes in Cisco Site-to-Site VPN Configurations Configuring Remote Access VPNs in the Cisco ASA Configuring IPsec Remote Access VPN in the Cisco ASA Configuring Clientless Remote Access SSL VPNs in the Cisco ASA Cisco ASA Remote-Access VPN Design Considerations Pre-SSL VPN Configuration Steps Understanding the Remote Access VPN Attributes and Policy Inheritance Model Configuring Clientless SSL VPN Group Policies Configuring the Tunnel Group for Clientless SSL VPN Configuring User Authentication for Clientless SSL VPN Enabling Clientless SSL VPN Configuring WebType ACLs Configuring Application Access in Clientless SSL VPNs Configuring Client-Based Remote-Access SSL VPNs in the Cisco ASA Setting Up Tunnel and Group Policies Deploying the AnyConnect Client Understanding Split Tunneling Understanding DTLS Configuring Remote Access VPNs in FTD Using the Remote Access VPN Policy Wizard Troubleshooting Cisco FTD Remote Access VPN Implementations Configuring Site-to-Site VPNs in FTD Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 9 Securing the Cloud “Do I Know This Already?” Quiz Foundation Topics What Is Cloud and What Are the Cloud Service Models? DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps The Waterfall Development Methodology The Agile Methodology DevOps CI/CD Pipelines The Serverless Buzzword Container Orchestration A Quick Introduction to Containers and Docker Kubernetes Microservices and Micro-Segmentation DevSecOps Describing the Customer vs. Provider Security Responsibility for the Different Cloud Service Models Patch Management in the Cloud Security Assessment in the Cloud and Questions to Ask Your Cloud Service Provider Cisco Umbrella The Cisco Umbrella Architecture Secure Internet Gateway Cisco Umbrella Investigate Cisco Email Security in the Cloud Forged Email Detection Sender Policy Framework Email Encryption Cisco Email Security for Office 365 Cisco Cloudlock Stealthwatch Cloud AppDynamics Cloud Monitoring Cisco Tetration Tetration Agents Application Dependency Mapping Tetration Forensics Feature Tetration Security Dashboard Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 10 Content Security “Do I Know This Already?” Quiz Foundation Topics Content Security Fundamentals Cisco Async Operating System (AsyncOS) Cisco WSA The Cisco WSA Proxy Cisco WSA in Explicit Forward Mode Cisco WSA in Transparent Mode Configuring WCCP in a Cisco ASA to Redirect Web Traffic to a Cisco WSA Configuring WCCP on a Cisco Switch Configuring the Cisco WSA to Accept WCCP Redirection Traffic Redirection with Policy-Based Routing Cisco WSA Security Services Deploying Web Proxy IP Spoofing Configuring Policies in the Cisco WSA Cisco WSA Reports Cisco ESA Reviewing a Few Email Concepts Cisco ESA Deployment Cisco ESA Listeners SenderBase The Recipient Access Table (RAT) Cisco ESA Data Loss Prevention SMTP Authentication and Encryption Domain Keys Identified Mail (DKIM) Cisco Content Security Management Appliance (SMA) Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 11 Endpoint Protection and Detection “Do I Know This Already?” Quiz Foundation Topics Introduction to Endpoint Protection and Detection Endpoint Threat Detection and Response (ETDR) and Endpoint Detection and Response (EDR) Cisco AMP for Endpoints Outbreak Control IP Blacklists and Whitelists AMP for Endpoints Application Control Exclusion Sets AMP for Endpoints Connectors AMP for Endpoints Policies AnyConnect AMP Enabler AMP for Endpoints Engines AMP for Endpoints Reporting Cisco Threat Response Exam Preparation Tasks Review All Key Topics Define Key Terms Review Questions Chapter 12 Final Preparation Hands-on Activities Suggested Plan for Final Review and Study Summary Glossary of Key Terms A B C D E F G H I K-M N O P R S T U-W Y-Z Appendix A: Answers to the “Do I Know This Already?” Quizzes and Q&A Sections Appendix B: CCNP Security Core SCOR (350-701) Exam Updates Index A B C D E F G H I J-K L M N O P Q R S T U V W X Y-Z Online Appendixes Appendix C: Study Planner Where are the companion content files?
