Scribd Logo
Upload

Welcome to Scribd!

  • CCIE Security V4

    Uploaded by

    fshahzad79
    71 views6 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    XLSX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    71 views6 pages

    CCIE Security V4

    Uploaded by

    fshahzad79

    Copyright:

    © All Rights Reserved
    Download as XLSX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    S.No.

    Topics Include

    Status

    S.No.

    1- IOS Firewall
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18

    Access-Lists
    Basic and Time-Based
    Dynamic and Reflexive
    Context Based Access Control
    Transparent and Routed Modes
    Advanced Inspection and Firewall Tuning
    High Availability
    Zone-Based Policy Firewall
    Transparent and Routed Modes
    Advanced Inspection and Firewall Tuning
    High Availability and Asymmetric Routing
    User-Based Firewall
    Secure Group Firewall
    Network Address Translation
    Inside-Outside NAT
    NVI NAT
    Policy Routing

    S.No.

    Topics Include

    Status

    S.No.

    3- Virtual Private Networks


    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13

    IKEv1 and IKEv2


    IPv4 and IPv6
    ASA and IOS PKI
    IPsec LAN-to-LAN on ASA and IOS
    IPsec EzVPN Server on ASA and IOS
    IPsec EzVPN Client SW and HW
    Crypto Map-Based VPN
    Static Crypto Map
    Dynamic Crypto Map
    IPsec Profile-Based VPN
    GRE over IPsec
    Static VTI
    Dynamic VTI

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13

    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24

    14
    15
    16
    17
    18
    19
    20
    21
    22

    IPsec VRF Aware


    ISAKMP Profiles
    IKEv1 DMVPN
    IKEv1 GET VPN
    Client-Based SSL VPN on ASA and IOS
    Clientless SSL VPN on ASA and IOS
    IKEv2 FlexVPN
    LAN-to-LAN
    Remote Access
    VPN High Availability
    Advanced VPN Features

    S.No.

    Topics Include

    Status

    S.No.

    5- Wireless Security
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14

    Cisco UWN Architecture


    LWAPP and CAPWAP
    LAP Local Mode
    LAP FlexConnect Mode
    TACACS and RADIUS Integration
    Control-Plane Security
    LAP Authentication/Authorization
    Rogue Management
    Layer2 vs. Layer3 Security
    MAB and 802.1x
    WPA/WPA2
    LWA/CWA
    ISE Integration

    S.No.

    Topics Include

    Status

    S.No.

    7- Content Security
    1
    2
    3
    4
    5
    6

    WSA Architecture
    Proxy Deployments
    Explicit Forward Mode
    Transparent Mode
    WCCP on ASA and IOS
    Layer2 Mode

    1
    2
    3
    4
    5
    6

    7
    8
    9
    10
    11
    12

    7
    8
    9
    10
    11
    12

    Layer3 Mode
    Identities and Access Policies
    Decryption Policies
    URL Filtering and WBRS
    Application Visibility and Control
    WSA Active Directory Integration

    S.No.

    Topics Include
    9- Network Attacks

    1
    2
    3
    4
    5
    6
    7

    Layer2 Attacks: MAC Flooding, ARP/MAC Spoofing, VLAN Hopping, Storm


    IPv6 First Hop Security
    Layer 3 Attacks: Fragmentation, IP Spoofing, IP Options, ICMP, Smurf
    Layer 4 Attacks: SYN Flooding, TCP Hijacking, Port Redirection, MitM
    Layer7 Attacks: DNS poisoning, Vulnerability Exploitation
    Network Reconnaissance
    DoS and DDoS Attacks: RTBH Mitigation

    Status

    S.No.

    Topics Include

    Status

    2- ASA Firewall
    Interfaces and VLANs
    Access-Lists Before and After 8.3
    Routing
    Static and Dynamic Routing
    Multicast Routing
    Network Address Translation
    Old NAT before 8.3
    New NAT after 8.3
    Firewall Functional Modes
    Transparent and Routed
    Single and Multiple Context
    High Availability and Failover
    Interface Level
    Active-Standby and Active-Active
    Asymmetric Routing
    Modular Policy Framework and Advanced Inspection
    Other Advanced Features
    Quality of Service

    Topics Include
    4- Identity Management
    AAA Protocols and Attributes
    RADIUS
    TACACS+
    LDAP
    ACS vs. ISE Architecture
    LDAP and AD Integration
    Certificate Services
    IOS and ASA Local AAA
    IOS and ASA Remote AAA
    IOS Authentication Proxy
    ASA Cut-Through Proxy
    MAB and 802.1x
    EAP Types

    Status

    Local Web Authentication


    Central Web Authentication
    NEAT
    ISE Specific
    Device Profiling
    IOS Sensor
    CPP and Posture Assessment
    Guest Services
    MACsec

    Topics Include

    Status

    6- Intrusion Prevention System


    IPS Architecture
    Promiscuous Mode
    SPAN and RSPAN
    VLAN-Groups
    Inline Mode
    Inline Interfaces
    Inline VLAN Pair
    Inline VLAN-Group
    Device Blocking, Rate Limiting, TCP Resets
    Virtual Sensors
    Signature Tuning
    Custom Signatures
    Event Processing and Summarization
    Other Advanced Features

    Topics Include
    8- Advanced Security
    Routing Protocol Security
    Control-Plane Security
    Management-Plane Security
    Private VLANs and Port Security
    MAC ACL, VLAN ACL and Port ACL
    DHCP Security

    Status

    Protecting STP: BPDU Guard, BPDU Filter, Root Guard, Loop Guard
    Packet Classification and Marking
    Rate-Limiting
    Policing
    Shaping

    Topics Include

    Status

    You might also like