Computer Network Security

Cover
Half-Title Page
Title Page
Copyright Page
Contents
Preface
Introduction
	Introduction to CCNA Security
	Prerequisites
	Conventions for command syntax
1. Fundamentals of Network Security
	1.1. Introduction
		1.1.1. The main objectives of securing a network
		1.1.2. Information security terminology
	1.2. Types of network security
		1.2.1. Physical security
		1.2.2. Logical security
		1.2.3. Administrative security
	1.3. The main risks related to the logical security of the network
		1.3.1. Different kinds of network attacks
		1.3.2. Network security measures
		1.3.3. Vulnerability audit measures
	1.4. Exercises to test learning
2. Securing Network Devices
	2.1. Types of network traffic
	2.2. Securing the management plan
	2.3. Securing passwords
	2.4. Implementing connection restrictions
		2.4.1. Configuring a login banner
		2.4.2. Configuring connection parameters
	2.5. Securing access through console lines, VTY and auxiliaries
		2.5.1. Securing access through the console line and deactivating the
auxiliary line
		2.5.2. Securing VTY access with ssh
	2.6. Allocation of administrative roles
		2.6.1. Privilege levels of the IOS system
		2.6.2. Configuring a privilege level
		2.6.3. Setting a privilege level per user
		2.6.4. Setting a privilege level for console, VTY, and auxiliary line access
		2.6.5. Securing access with the management of “views” and “super-views
		2.6.6. Securing configuration files and the IOS system
		2.6.7. Using automated security features
	2.7. Securing the control plane
		2.7.1. Introduction
		2.7.2. MD5 authentication
		2.7.3. Configuring OSPF protocol authentication
		2.7.4. Configuring EIGRP protocol authentication
		2.7.5. Configuring RIP authentication
	2.8. Exercises for application
3. Supervising a Computer Network
	3.1. Introduction
	3.2. Implementing an NTP server
		3.2.1. Introduction to the NTP
		3.2.2. How the NTP works
		3.2.3. NTP configuration
	3.3. Implementing a Syslog server
		3.3.1. Introduction to the Syslog
		3.3.2. How Syslog works
		3.3.3. Configuring a Syslog client
	3.4. Implementing the Simple Network Management Protocol (SNMP)
		3.4.1. Introducing the SNMP
		3.4.2. How SNMP works
		3.4.3. SNMP configuration
	3.5. Exercises for application
4. Securing Access Using AAA
	4.1. Introduction
	4.2. AAA authentication
		4.2.1. Local AAA authentication
		4.2.2. AAA authentication based on a server
	4.3. AAA authorizations
	4.4. AAA traceability
	4.5. Exercises for application
5. Using Firewalls
	5.1. Introducing firewalls
	5.2. Types of firewalls
	5.3. Setting up a firewall
	5.4. Different firewall strategies
	5.5. ACL-based firewalls
		5.5.1. Introduction
		5.5.2. The location of ACLs
		5.5.3. IPv4 ACLs
		5.5.4. IPv6 ACLs
		5.5.5. ACL recommendation
	5.6. Zone-based firewalls
		5.6.1. Introduction
		5.6.2. Types of security zones in a network
		5.6.3. Rules applied to interzone traffic
		5.6.4. Terminology
		5.6.5. Configuring a ZFW
	5.7. Creating zones
	5.8. Creating Class-Maps
	5.9. Creating the Policy-Map to apply the Class-Maps
	5.10. Defining the zone pairs
	5.11. Applying the policy maps to the zone pairs
	5.12. Assigning interfaces to zones
	5.13. Exercises for application
6. Putting in Place an Intrusion Prevention System (IPS)
	6.1. Introduction to a detector
	6.2. The differences between an IDS and an IPS
	6.3. Types of IPS
	6.4. Cisco IP solutions
	6.5. Modes of deploying IPS
	6.6. Types of alarms
	6.7. Detecting malicious traffic
		6.7.1. Modes of detection
		6.7.2. Signature-based detection
		6.7.3. Other modes of detecting malicious traffic
	6.8. Signature micro-engines
	6.9. Severity levels of the signatures
	6.10. Monitoring and managing alarms and alerts
	6.11. List of actions to be taken during an attack
	6.12. Configuration of an IOS IPS
	6.13. Recommended practices
	6.14. Exercises for application
7. Securing a Local Network
	7.1. Introduction
	7.2. Types of attacks on Layer 2
		7.2.1. MAC address flooding attacks
		7.2.2. MAC spoofing attack
		7.2.3. The DHCP starvation attack
		7.2.4. VLAN hopping attacks
		7.2.5. STP-based attacks
	7.3. The best security practices for protecting Layer 2
	7.4. Exercises for application
8. Cryptography
	8.1. Basic concepts in cryptography
		8.1.1. Definition
		8.1.2. Terminology
	8.2. The different classifications of cryptology
		8.2.1. Traditional cryptography
		8.2.2. Modern cryptography
		8.2.3. Symmetric and asymmetric encryption
	8.3. Key management
		8.3.1. Introduction
		8.3.2. Diffie-Hellman key exchange
	8.4. Hash functions
	8.5. HMAC codes
	8.6. Asymmetric cryptography
		8.6.1. Introduction
		8.6.2. How it works
		8.6.3. Digital signatures
		8.6.4. Public key infrastructure
	8.7. Exercises for application
9. IPsec VPNs
	9.1. The IPsec protocol
		9.1.1. Objectives of IPsec
		9.1.2. Basic IPsec protocols
		9.1.3. The IPsec framework
		9.1.4. The IPsec security association
		9.1.5. IPsec modes
	9.2. IKE protocol
		9.2.1. Introduction
		9.2.2. Components of IKE
		9.2.3. IKE phases
	9.3. The site-to-site VPN configuration
		9.3.1. Introduction
		9.3.2. Configuration of IPsec VPN
	9.4. Exercises for application
10. Studying Advanced Firewalls
	10.1. Cisco ASA firewalls
		10.1.1. Introduction
		10.1.2. ASA models
		10.1.3. Modes for using ASA devices
		10.1.4. An overview of ASA 5505
		10.1.5. ASA levels of security
		10.1.6. Configuring an ASA with CLI
	10.2. Exercises for application
	10.3. Configuring Cisco elements with graphical tools
		10.3.1. An overview of the CCP
		10.3.2. An overview of the ASDM
		10.3.3. Using CCP and ASDM
	10.4. The TMG 2010 firewall
		10.4.1. Introduction
		10.4.2. Installation and configuration
References
Index
Other titles from iSTE in Computer Engineering
EULA