【课程简介】
CCIESecurity简介
欲在2012年11月19日之后参加考试的考生,请参照CCIE安全笔试要点v4.0和CCIE安全实验考试要点v4.0备考。
CCIESecurity课程大纲
1.00Infrastructure,Connectivity,munications,workSecurity
1.1workAddressingBasics
1.20SILayers
1.3TCP/UDP/IP
1.4LANSwitching(e.g.VTP,VLANs,SpanningTree,Trunking)
1.5RoutingProtocols(RIP,EIGRP,0SPF,andBGP)
1.6TunnelingProtocols
1.7IPMulticast
1.8Wireless
1.9Authentication/AuthorizationTechnologies
1.10VPNs
1.11MobileIPworks
2.00SecurityProtocols
2.1Rivest,ShamirandAdleman(RSA)
2.2RivestCipher4(RC4)
2.3MessageDigest5(MD5)
2.4SecureHashAlgorithm(SHA)
2.5DataEncryptionStandard(DES)
2.6TripleDES(3DES)
2.7AdvancedEncryptionStandard(AES)
2.8IPSecurity(IPsec)
2.9InterSecurityAssociationandKeyManagementProtocol(ISAKMP)
2.10InterKeyExchangeIKE/IKEv2
2.11GroupDomainofInterpretation(GD0I)
2.12AuthenticationHeader(AH)
2.13EncapsulatingSecurityPayload(ESP)
2.14CertificateEnrollmentProtocol(CEP)
2.15TransportLayerSecurityTLS/DTLS
2.16SecureSocketsLayer(SSL)
2.17SecureShell(SSH)Protocol
2.18RemoteAuthenticationDialInUserService(RADIUS)
2.19TerminalAccessControllerAccess-ControlSystemPlus(TACACS+)
2.20LightweightDirectoryAccessProtocol(LDAP)
2.21EAPMethods(e.g.EAP-MD5,EAP-TLS,EAP-TTLS,EAP-FAST,PEAP,LEAP)
2.22PublicKeyInfrastructure(PKI)/PKIX/PKCS
2.23802.1X
2.24WEP/WPA/WPA2
2.25WebCachemunicationProtocol(WCCP)
2.26SecureGroupTaggingExchangeProtocol(SXP)
2.27MacSec
2.28DNSSec
3.00ApplicationandInfrastructureSecurity
3.1HypertextTransferProtocol()
3.2HypertextTransferProtocolSecure(S)
3.3SimpleMailTransferProtocol(SMTP)
3.4DynamicHostConfigurationProtocol(DHCP)
3.5DomainNameSystem(DNS)
3.6FileTransferProtocol(FTP/SFTP)
3.7TrivialFileTransferProtocol(TFTP)
3.8workTimeProtocol(NTP)
3.9SimpleworkManagementProtocol(SNMP)
3.10Syslog
3.11logon,bios,SMB
3.12RPCs
3.13RDP/VNC
3.14PCoIP
3.150WASP
3.16BasicUnnecessaryServices
4.00Threats,VulnerabilityAnalysisandMitigation
4.1RecognizingandMitigatingmonAttacks
4.2Software/0SExploits
4.3Security/AttackTools
4.4GenericworkIntrusionPreventionConcepts
4.5PacketFiltering
4.6ContentFiltering/PacketInspection
4.7Endpoint/PostureAssessment
4.8QoSMarkingAttacks
5.00CiscoSecurityProducts,Features,andManagement
5.1CiscoAdaptiveSecurityAppliance(ASA)
5.2CiscoI0SFirewallsandNAT
5.3CiscoIntrusionPreventionSystems(IPSs)
5.4CiscoI0SIPS
5.5CiscoAAAProtocolsandApplication
5.6CiscoIdentityServicesEngine
5.7CiscoSecureACSSolutionEngine
5.8CiscoworkAdmissionControl(NAC)ApplianceServer
5.9Endpoint/Client
5.10SecureAccessGateways(CiscoI0SRouter/ASA)
5.11VirtualSecurityGateway
5.12CiscoCatalyst6500SeriesSecurityServicesModules
5.13ScansafeFunctionalityandponents
5.14IronPortProducts
5.15SecurityManagement
6.00CiscoSecurityTechnologiesandSolutions
6.1RouterHardeningFeatures(e.g.CoPP,MPP,uRPF,PBR)
6.2SwitchSecurityFeatures(e.g.anti-spoofing,port,STP,MacSec,NDAC,NEAT)
6.3Flow
6.4WirelessSecurity
6.5workSegregation
6.6VPNSolutions
6.7ContentandPacketFiltering
6.8QoSapplicationforsecurity
6.9LoadBalancingandFailover
7.00SecurityPoliciesandProcedures,BestPractices,Standards
7.1SecurityPolicyElements
7.2InformationSecurityStandards(e.g.IS0/IEC27001,IS0/IEC27002)
7.3StandardsBodies(e.g.IS0,IEC,ITU,IS0C,IETF,IAB,IANA,ICANN)
7.4IndustryBestPractices(e.g.S0X,PCIDSS)
7.5monRFC/BCP(e.g.RFC2827/BCP38,RFC3704/BCP84,RFC5735)
7.6SecurityAuditandValidation
7.7RiskAssessment
7.8ChangeManagementProcess
7.9IncidentResponseFramework
7.10puterSecurityForensics
7.11DesktopSecurityRiskAssessment/DesktopSecurityRiskManagement
更多详细课程请参考课程大纲详解页面
认证步骤
步:CCIE安全笔试
您必须通过两小时的资格笔试,以获取参加实践考试的资格,笔试内容涵盖了网络概念和一些设备命令。
笔试概述()
参加考试
第二步:CCIE安全实验考试
CCIE安全实验考试总长8小时,将测试您在限时的测试情况下,运行一个安全网络的能力。您必须在通过笔试后的3年内通过实验考试,以获取CCIE安全认证,且次尝试实验考试必须在18个月内。
实验考试概述
参加考试
