当前位置:主页   - 电脑 - 认证考试 - Cisco
摘录:cciesecurity辅导教材
来源:linux宝库,设计前沿收集   作者:未知   更新时间:2008-11-20
收藏此页】    【字号    】    【打印】    【关闭
  CCIE Security
  Overview
  Required Evaluations
  Security Qualification Exam
  Format
  Blueprint
  Recommended Reading
  Security Lab Exam
  Format
  IOS Versions
  Equipment List
  Suggested Training Courses
  Recertification
  For More Information
  
  Overview
  The CCIE Security exam covers IP and IP routing as well as specific security components. It is recommended that you read the section on Preparing for your CCIE Exam before reading this page. You can also find information on test policies in the Policies Section.
  
  Required Evaluations
  The two requirements to become a CCIE are a passing grade on the Security qualification exam and a passing grade on the Security lab exam . The qualification exam is a prerequisite for attempting and scheduling the lab exam.
  Security Qualification Exam
  Format
  
  The two-hour, multiple choice exam is computerized and administered at Cisco authorized testing centers. The exam is closed book and contains 100 questions. No reference materials are allowed in the exam room. Find out more about scheduling your Security Qualification exam (#350-018) and an authorized testing center near you.
  
  Blueprint
  
  Please see the Security Blueprint for details.
  Recommended Reading
  
  Cisco Network Security (Cisco Press)
  Cisco IOS Dial Solutions (Cisco Press)
  Enhanced IP Services for Cisco Networks (Cisco Press)
  Cisco Internetwork Troubleshooting (Cisco Press)
  Designing Network Security (Cisco Press)
  Internetworking Troubleshooting Handbook (Cisco Press)
  Top Down Network Design (Cisco Press)
  Building Cisco Remote Access Networks (Cisco Press)
  MPLS and VPN Architectures (Cisco Press)
  IPSec : The New Security Standard for the Internet, Intranets, and Virtual Private Networks (Doraswamy/Harkins, Prentice Hall)
  Digital Certificates : Applied Internet Security (Feghhi/Williams, Addison Wesley)
  Big Book of IPsec RFCs : Internet Security Architecture (Loshin, Morgan Kaufmann Publishers Inc.)
  Internet Security Protocols : Protecting IP Traffic (Black, Prentice Hall)
  Firewalls and Internet Security : Repelling the Wily Hacker (Cheswick/Bellovin, Addison-Wesley Professional Computing)
  Maximum Security : A Hacker's Guide to Protecting Your Internet Site and Network with CD ROM (Anonymous, Sams)
  Inside Internet Security : What Hackers Don't Want You to Know (Crume, Addison-Wesley)
  Internet and TCP / IP Network Security : Securing Protocols and Applications (Pabrai/Gurbani, McGraw Hill)
  Internet Cryptography (Smith, Addison Wesley)
  Network Security: Private Communication in a Public World (Kaufman/Perlman/Spenciner, Prentice Hall)
  Applied Cryptography: Protocols, Algorithms, and Source Code in C, 2nd Edition (Schneier, John Wiley & Sons)
  Strategies to Protect Against Distributed Denial of Service
  Characterizing and Tracing Packet Floods Using Cisco Routers
  Defining Strategies to Protect Against UDP Diagnostic Port Denial of Service Attacks
  Strategies to Protect Against TCP SYN Denial of Service Attacks
  
  
  Security Lab Exam
  Format
  
  The Security Lab exam physical rack layout is similar to the Routing & Switching exam with the exception of a few equipment additions: the pix and security server. Server applications are listed below. Because this is a CCIE lab, candidates should expect to be tested on core ip routing and switching as well as specific security components. There are no desktop protocols, ie. IPX, DLSW etc. Security topics that may be tested are listed in the Security exam blueprint. Candidates may refer to the Routing & Switching exam blueprint for information for more specifics on IP routing and switching test content.
  
  The CCIE candidate will be presented with a complex design to implement from the physical layer up. Candidates are not required to configure any end-user systems, but are responsible for any device residing in the internetwork, including hubs, etc. Network specifics, point values and testing criteria used to assess correctness of the individual configurations are provided.
  
  Each configuration scenario and problem has pre-assigned point values. The candidate must obtain a minimum mark of 80% to pass. Find out more about scheduling your CCIE lab exam and testing sites near you.
  
  IOS Versions
  
  IOS Features up to and including version 12.0 will be tested on the exam until November 14, 2001. IOS "T" trains will be used to provide security specific IPSEC/IOS Firewall features.
  
  To keep pace with the evolution of new technologies in the industry, all CCIE labs worldwide will change to IOS version 12.1, effective November 15, 2001 . Specific features new to IOS version 12.1 can appear on CCIE lab exams starting on this date.
  
  Equipment List
  
  Candidates make inquiries wanting to know the specific Security Applications or specific Servers. It is important to bear in mind that the Security Lab utilizes various servers based upon the version of exam the candidate encounters. Any device used in the lab, outside of the Cisco Router and Switch types listed below are pre-configured. Although a Security Lab exam may interact with one or more of these applications, every effort is made to keep candidate's focus on the routers and switches not on servers. Candidates should dedicate their study to a knowledge of how Cisco Routers and Switches interact with various servers, and the configuration of those routers and switches. Therefore, please consider the equipment list provided as sufficient for the purposes of lab preparation.
  
  
  2500 series routers
  2600 series routers
  3600 series routers
  4000 and 4500 series routers
  3900 series token ring switches
  Catalyst 5000 series switches
  PIX - running Pix software version 5.2
  Services / Applications
  
  Certificate Authority Support
  Cisco Secure Access Control System
  Cisco Secure Intrusion Detection System
  
  Suggested Training Courses
  
  Cisco Training Classes are RECOMMENDED, and are NOT REQUIRED for completion of the CCIE Program. For more information on these Cisco training classes and our training partners, go to the Cisco Training page. Here is the list of classes we recommend for the CCIE Security certification:
  
  TRN-MCNS-Managing Cisco Network Security
  
  TRN-CSIDS-Cisco Secure Intrusion Detection System
  
  TRN-CSPFF -Cisco Secure PIX Firewall Fundamentals
  
  TRN-CSVPN-Cisco Secure Virtual Private Network
  
  TRN-CSPFA -Cisco Secure PIX Firewall Advanced
  
  TRN-BCRAN-Building Cisco Remote Access Networks
  
  Recertification
  All CCIE professionals are required to recertify. For further information please read the recertification section.
  
  For More Information
  If you need more information on the Security exam, or the CCIE program in general, contact the CCIE Program Coordinator for your region:
  
  North and South America: ccie_ucsa@cisco.com
  Europe, Middle East and Africa: ccie_emea@cisco.com
  Asia and the Pacific Rim: ccie_apt@cisco.com
  
  
  
其它资源
来源声明

版权与免责声明
1、本站所发布的文章仅供技术交流参考,本站不主张将其做为决策的依据,浏览者可自愿选择采信与否,本站不对因采信这些信息所产生的任何问题负责。
2、本站部分文章来源于网络,其版权为原权利人所有。由于来源之故,有的文章未能获得作者姓名,署“未知”或“佚名”。对于这些文章,有知悉作者姓名的请告知本站,以便及时署名。如果作者要求删除,我们将予以删除。除此之外本站不再承担其它责任。
3、本站部分文章来源于本站原创,本站拥有所有权利。
4、如对本站发布的信息有异议,请联系我们,经本站确认后,将在三个工作日内做出修改或删除处理。
请参阅权责声明