Home > Store > Cisco > CCNA Security

31 Days Before Your CCNA Security Exam: A Day-By-Day Review Guide for the IINS 210-260 Certification Exam

Register your product to gain access to bonus material or receive a coupon.

31 Days Before Your CCNA Security Exam: A Day-By-Day Review Guide for the IINS 210-260 Certification Exam

Best Value Purchase

Book + eBook Bundle

  • Your Price: $37.79
  • List Price: $62.98
  • Includes EPUB, MOBI, and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    MOBI MOBI The eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

More Purchase Options

Book

  • Your Price: $27.99
  • List Price: $34.99
  • Usually ships in 24 hours.

eBook (Watermarked)

  • Your Price: $22.39
  • List Price: $27.99
  • Includes EPUB, MOBI, and PDF
  • About eBook Formats
  • This eBook includes the following formats, accessible from your Account page after purchase:

    ePub EPUB The open industry format known for its reflowable content and usability on supported mobile devices.

    MOBI MOBI The eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

    Adobe Reader PDF The popular standard, used most often with the free Adobe® Reader® software.

    This eBook requires no passwords or activation to read. We customize your eBook by discreetly watermarking it with your name, making it uniquely yours.

Related Products

About

Features

  • Commit to taking the CCNA Security/IINS exam in one month and understand the process
  • Review key points of the Networking Academy information with a specific focus on CCNA Security objectives
  • Provides instructors with a creative way to present relatively dry topics using the book and online companion as well as review at the end of the class
  • Empowers an individual to fit CCNA Security studies into an otherwise busy schedule with a daily timeline

Description

  • Copyright 2016
  • Dimensions: 6" x 9"
  • Pages: 350
  • Edition: 1st
  • Book
  • ISBN-10: 1-58720-578-5
  • ISBN-13: 978-1-58720-578-1

31 Days Before Your CCNA Security Exam


31 Days Before Your CCNA Security Exam offers you an engaging and practical way to understand the certification process, commit to taking the CCNA Security IINS 210-260 certification exam, and finish your preparation using a variety of Primary and Supplemental study resources.


The IINS 210-260 exam tests your knowledge of secure network infrastructure, core security concepts, secure access, VPN encryption, firewalls, intrusion prevention, web/email content security, and endpoint security. It also tests your skills for installing, troubleshooting, and monitoring secure networks to maintain the integrity, confidentiality, and availability of data and devices.


Sign up for the IINS 210-260 exam and use the book’s day-by-day guide and checklist to organize, prepare, and review. Each day in this guide breaks down an exam topic into a manageable bit of information to review using short summaries. A Study Resources section provides you with a quick reference for locating more in-depth treatment of a day’s topics within the Primary and Supplemental resources.


The features of the book empower you to fit exam preparation into a busy schedule:

·         A visual calendar summarizing each day’s study topic

·         A checklist providing advice for preparation activities leading up to the exam

·         A description of the CCNA Security IINS 210-260 exam organization and sign-up process

·         Strategies from the author to be mentally, organizationally, and physically prepared for exam day

·         A conversational tone, which makes your study time more enjoyable


Primary Resources:

CCNA Security 210-260 Official Cert Guide ISBN-13: 978-1-58720-566-8

CCNA Security Course Booklet Version 2 ISBN-13: 978-1-58713-351-0

CCNA Security Lab Manual Version 2 ISBN-13: 978-1-58713-350-3


Supplemental Resources:

CCNA Security 210-260 Complete Video Course ISBN-13: 978-0-13-449931-4

CCNA Security Portable Command Guide, Second Edition ISBN-13: 978-1-58720-575-0

Cisco ASA: All-in-One Next-Generation Firewall, IPS, and VPN Services, Third Edition ISBN-13: 978-1-58714-307-6

Category: Certification

Covers: CCNA Security

Sample Content

Sample Pages

Download the sample pages (includes Chapter 29 and Index)

Table of Contents

Introduction xxii

Digital Study Guide xxvi

Day 31: Common Security Principles 1

CCNA Security 210-260 IINS Exam Topics 1

Key Topics 1

Confidentiality, Integrity, and Availability (CIA) 1

SIEM 1

Common Network Security Terms 2

Security Zones 2

Study Resources 4

Day 30: Common Security Threats 5

CCNA Security 210-260 IINS Exam Topics 5

Key Topics 5

Network Attacks 5

    Reconnaissance Attacks 5

    Access Attacks 5

    DoS and DDoS Attacks 6

Social Engineering 7

    Types 7

    Defenses 8

Malware 8

Data Loss 9

Study Resources 10

Day 29: Cryptographic Technologies 11

CCNA Security 210-260 IINS Exam Topics 11

Key Topics 11

CIA Triad 11

Key Exchange and Management 11

Hash Algorithms 12

    Well-known Hash Functions 12

    Authentication Using Hashing 13

    Hashing in Cisco Products 14

Symmetric and Asymmetric Encryption 15

    Encryption Overview 15

    Symmetric Encryption Algorithms 15

    Asymmetric Encryption Algorithms 16

Digital Signatures and RSA Certificates 18

Study Resources 19

Day 28: PKI and Network Security Architectures 21

CCNA Security 210-260 IINS Exam Topics 21

Key Topics 21

Public Key Infrastructure 21

    PKI Terminology, Components, and Classes of Certificates 22

    PKI Topologies 23

    PKI Standards 24

    PKI Operations 25

    Enrollment and Revocation 27

Network Architectures and Topologies 28

    Campus-Area Network (CAN) 28

    WAN and Branch/SOHO 29

    Data Center 31

    Cloud and Virtual Networks 31

Study Resources 33

Day 27: Secure Management Systems 35

CCNA Security 210-260 IINS Exam Topics 35

Key Topics 35

In-band and Out-of-band Management 35

Management Plane Security 36

    Access Security 36

    SSH/HTTPS 38

    Syslog 38

Simple Network Management Protocol (SNMP) 39

Network Time Protocol (NTP) 42

Secure Copy Protocol (SCP) 43

Study Resources 44

Day 26: AAA Concepts 45

CCNA Security 210-260 IINS Exam Topics 45

Key Topics 45

AAA 45

RADIUS and TACACS+ 46

    RADIUS 46

    TACACS+ 47

ACS and ISE 48

    ACS 49

    ISE 49

Study Resources 50

Day 25: TACACS+ and RADIUS Implementation 51

CCNA Security 210-260 IINS Exam Topics 51

Key Topics 51

Server-based AAA Authentication 51

Server-based AAA Authorization 53

Server-based AAA Accounting 54

Server-based AAA Verification and Troubleshooting 55

Study Resources 58

Day 24: 802.1X 61

CCNA Security 210-260 IINS Exam Topics 61

Key Topics 61

802.1X 61

    Terminology and Concepts 61

    Configuration and Verification 63

Study Resources 65

Day 23: BYOD 67

CCNA Security 210-260 IINS Exam Topics 67

Key Topics 67

BYOD Architecture 67

BYOD Management 69

Study Resources 72

Day 22: IPsec Technologies 73

CCNA Security 210-260 IINS Exam Topics 73

Key Topics 73

VPNs 73

IPsec Framework 76

    IPsec Protocols 77

        AH 77

        ESP 78

        IPsec Modes of Operations 78

    Confidentiality 79

    Data Integrity 79

    Origin Authentication 80

    Key Management 80

    Suite B Cryptographic Standard 81

IKE 81

    IKEv1 Phase 1 82

    IKEv1 Phase 2 83

    IKEv2 83

Study Resources 84

Day 21: Clientless Remote-Access VPN 85

CCNA Security 210-260 IINS Exam Topics 85

Key Concepts 85

Clientless SSL VPN Concepts 85

Clientless SSL VPN Configuration 87

    Task 1: Launch Clientless SSL VPN Wizard from ASDM 88

    Task 2: Configure the SSL VPN URL and Interface 88

    Task 3: Configure User Authentication 89

    Task 4: Configure User Group Policy 90

    Task 5: Configure Bookmarks 90

Clientless SSL VPN Verification 95

Study Resources 97

Day 20: AnyConnect Remote Access VPN 99

CCNA Security 210-260 IINS Exam Topics 99

Key Topics 99

AnyConnect SSL VPN Concepts 99

    SSL VPN Server Authentication 100

    SSL VPN Client Authentication 100

    SSL VPN Client IP Address Assignment 100

AnyConnect SSL VPN Configuration and Verification 101

    Phase 1: Configure Cisco ASA for Cisco AnyConnect 101

        Task 1: Connection Profile Identification 101

        Task 2: VPN Protocols and Device Certificate 102

        Task 3: Client Image 102

        Task 4: Authentication Methods 103

        Task 5: Client Address Assignment 103

        Task 6: Network Name Resolution Servers 104

        Task 7: Network Address Translation Exemption 104

        Task 8: AnyConnect Client Deployment and Summary 105

    Phase 2: Configure the Cisco AnyConnect VPN Client 106

    Phase 3: Verify AnyConnect Configuration and Connection 108

Study Resources 111

Day 19: Site-to-Site VPN 113

CCNA Security 210-260 IINS Exam Topics 113

Key Topics 113

IPsec Negotiation 113

Cisco IOS CLI-based Site-to-Site IPsec VPN 114

    Configuration 115

        Step 1: ACL Compatibility 115

        Step 2: IKE Phase 1–ISAKMP Policy 115

        Step 3: IKE Phase 2–IPsec Transform Set 117

        Step 4: Crypto ACLs 117

        Step 5: IPsec Crypto Map 118

    Verification 119

Cisco ASA Site-to-Site IPsec VPN 122

    Configuration 123

        Step 1: Launch the ASDM Site-to-Site VPN Wizard 123

        Step 2: Peer Device Identification 123

        Step 3: Traffic to Protect 124

        Step 4: Security 124

        Step 5: NAT Exempt 125

    Verification 125

Study Resources 128

Day 18: VPN Advanced Topics 131

CCNA Security 210-260 IINS Exam Topics 131

Key Topics 131

Hairpinning and Client U-Turn 131

Split Tunneling 132

Always-on VPN 134

NAT Traversal 134

Endpoint Posture Assessment 135

Study Resources 136

Day 17: Secure Device Access 137

CCNA Security 210-260 IINS Exam Topics 137

Key Topics 137

Cisco IOS Authorization with Privilege Levels 137

Authorization with Role-Based CLI 138

Cisco IOS Resilient Configuration 139

Cisco IOS File Authenticity 140

Study Resources 142

Day 16: Secure Routing Protocols 143

CCNA Security 210-260 IINS Exam Topics 143

Key Topics 143

Routing Protocol Authentication 143

OSPF MD5 Authentication 144

    MD5 Authentication with Key Chain 144

    MD5 Authentication Without Key Chain 145

OSPF SHA Authentication 146

Study Resources 148

Day 15: Control Plane Security 149

CCNA Security 210-260 IINS Exam Topics 149

Key Topics 149

Functional Planes of the Network 149

Control Plane Policing 150

Control Plane Protection 151

Study Resources 152

Day 14: Layer 2 Infrastructure Security 153

CCNA Security 210-260 IINS Exam Topics 153

Key Topics 153

Common Layer 2 Attacks 153

    STP Attacks 153

    ARP Spoofing 155

    MAC Spoofing 156

    CAM Table Overflows 157

    CDP/LLDP Reconnaissance 157

    VLAN Hopping 157

    DHCP Spoofing 158

Study Resources 159

Day 13: Layer 2 Protocols Security 161

CCNA Security 210-260 IINS Exam Topics 161

Key Topics 161

DHCP Snooping 161

Dynamic ARP Inspection 163

IP Source Guard 164

Port Security 165

STP Security Mechanisms 167

    PortFast 167

    BPDU Guard 168

    Root Guard 168

    Loop Guard 168

Study Resources 169

Day 12: VLAN Security 171

CCNA Security 210-260 IINS Exam Topics 171

Key Topics 171

Private VLANs 171

PVLAN Edge 174

ACLs on Switches 175

    PACL Configuration 176

    VACL Configuration 177

Native VLAN 178

Study Resources 180

Day 11: Firewall Technologies 181

CCNA Security 210-260 IINS Exam Topics 181

Key Topics 181

Firewall Overview 181

Packet Filtering 183

Proxy and Application Firewalls 185

Stateful Firewalls 187

Next-Generation Firewalls 188

Personal Firewall 189

Study Resources 189

Day 10: Cisco ASA NAT Implementation 191

CCNA Security 210-260 IINS Exam Topics 191

Key Topics 191

NAT Fundamentals 191

NAT on Cisco ASA 193

Static NAT 195

Dynamic NAT 198

Dynamic PAT 201

Policy NAT 203

Study Resources 208

Day 9: Cisco IOS Zone-Based Policy Firewall 209

CCNA Security 210-260 IINS Exam Topics 209

Key Topics 209

ZPF Concepts 209

ZPF Zones and Zone Pairs 210

Introduction to C3PL 211

    Class Maps 212

    Policy Maps 212

    Service Policy 213

Default Policies and Traffic Flows 213

ZPF Configuration and Verification 214

    Configuring Class Maps 214

    Configuring Policy Maps 215

    Configuration and Verification 216

Study Resources 218

Day 8: Cisco ASA Firewall Concepts 219

CCNA Security 210-260 IINS Exam Topics 219

Key Topics 219

Cisco ASA Family 219

ASA Features and Services 221

ASA Deployments 222

ASA High Availability 223

ASA Contexts 225

Study Resources 226

Day 7: ASA Firewall Configuration 227

CCNA Security 210-260 IINS Exam Topics 227

Key Topics 227

ASA Default Configuration 227

ASA Management Access 229

ASA Interfaces 230

ASA Access Rules 232

ASA Objects and Object Groups 234

ASA Modular Policy Framework 240

Study Resources 244

Day 6: IDS/IPS Concepts 245

CCNA Security 210-260 IINS Exam Topics 245

Key Topics 245

IDS vs. IPS 245

Host-based vs. Network-based IPS 247

IPS Deployment Options 248

IPS Placement 249

IPS Terminology 250

Study Resources 251

Day 5: IDS/IPS Technologies 253

CCNA Security 210-260 IINS Exam Topics 253

Key Topics 253

Detection Technologies 253

Signatures 254

Trigger Actions 255

Blacklisting 256

Next-Generation IPS with FirePOWER 256

Study Resources 257

Day 4: Email-based Threat Mitigation 259

CCNA Security 210-260 IINS Exam Topics 259

Key Topics 259

ESA Overview 259

ESA Deployment 260

ESA Features 263

    Filtering Spam 263

    Fighting Viruses and Malware 264

    Email Data Loss Prevention 264

    Advanced Malware Protection 264

ESA Mail Processing 265

    Incoming Mail Processing 265

    Outgoing Mail Processing 266

Study Resources 267

Day 3: Web-based Threat Mitigation 269

CCNA Security 210-260 IINS Exam Topics 269

Key Topics 269

Cisco WSA 269

Cisco CWS 272

Study Resources 274

Day 2: Endpoint Protection 275

CCNA Security 210-260 IINS Exam Topics 275

Key Topics 275

Endpoint Security Overview 275

Personal Firewalls 276

Antivirus 276

Antispyware 277

Antimalware 278

Data Encryption 279

Study Resources 280

Day 1: CCNA Security Skills Review and Practice 281

CCNA Security 210-260 IINS Exam Topics 281

Key Topics 281

CCNA Security Skills Practice 281

    Introduction 281

    Topology Diagram 281

    Addressing Table 282

    ISP Configuration 283

    Implementation 283

        Step 1: Cable the Network As Shown in the Topology 283

        Step 2: Configure Initial Settings for R1_BRANCH 283

        Step 3: Configure Initial Settings for HQ_SW 284

        Step 4: Configure Initial Settings for HQ-ASA 285

        Step 5: Configure Clientless SSL VPN 286

        Step 6: Configure Site-to-Site IPsec VPN 286

        Step 7: Configure a Zone-Based Policy Firewall 288

Answers to CCNA Security Skills Practice 289

    Step 1: Cable the Network As Shown in the Topology 289

    Step 2: Configure Initial Settings for R1_BRANCH 289

    Step 3: Configure Initial Settings for HQ_SW 290

    Step 4: Configure Initial Settings for HQ-ASA 291

    Step 5: Configure Clientless SSL VPN 293

    Step 6: Configure Site-to-Site IPsec VPN 294

    Step 7: Configure a Zone-Based Policy Firewall 295

Exam Day 299

What You Need for the Exam 299

What You Should Receive After Completion 299

Summary 300

Post-Exam Information 301

Receiving Your Certificate 301

U.S. Government Recognition 301

Examining Certification Options 302

If You Failed the Exam 302

Summary 302

9781587205781   TOC   5/24/2016

Updates

Errata

We've made every effort to ensure the accuracy of this book and its companion content. Any errors that have been confirmed since this book was published can be downloaded below.

Download the errata

Submit Errata

More Information

Unlimited one-month access with your purchase
Free Safari Membership