思科认证CCIE安全笔试考试大纲
思科CCIE安全笔试考试(400-251)v5.0,考试时间为2小时,考试题目90-110道,验证专业人士是否具备阐释,设计,实施,操作和故障排除的复合网络安全技能及解决方案。考生必须理解网络安全所需,以及网络安全部件之间如何互相操作,并将其翻译成设备配置语言。闭卷考试,考场中不允许带任何参考资料。 1.0 Perimeter Security and Intrusion Prevention 21% 23%
1.1 Describe, implement, and troubleshoot HA features on Cisco ASA and Cisco FirePOWER Threat Defense (FTD)
1.2 Describe, implement, and troubleshoot clustering on Cisco ASA and Cisco FTD
1.3 Describe, implement, troubleshoot, and secure routing protocols on Cisco ASA and Cisco FTD
1.4 Describe, implement, and troubleshoot different deployment modes such as routed, transparent, single, and multicontext on Cisco ASA and Cisco FTD
1.5 Describe, implement, and troubleshoot firewall features such as NAT (v4,v6), PAT, application inspection, traffic zones, policy-based routing, traffic redirection to service modules, and identity firewall on Cisco ASA and Cisco FTD
1.6 Describe, implement, and troubleshoot IOS security features such as Zone-Based Firewall (ZBF), application layer inspection, NAT (v4,v6), PAT and TCP intercept on Cisco IOS/IOS-XE
1.7 Describe, implement, optimize, and troubleshoot policies and rules for traffic control on Cisco ASA, Cisco FirePOWER and Cisco FTD
1.8 Describe, implement, and troubleshoot Cisco Firepower Management Center (FMC) features such as alerting, logging, and reporting
1.9 Describe, implement, and troubleshoot correlation and remediation rules on Cisco FM
C
1.10 Describe, implement, and troubleshoot Cisco FirePOWER and Cisco FTD deployment such as in-line, passive, and TAP modes
大鼠解剖
1.11 Describe, implement, and troubleshoot Next Generation Firewall (NGFW) features such as SSL inspection, user identity, geolocation, and AVC (Firepower appliance)
1.12 Describe, detect, and mitigate common types of attacks such as DoS/DDoS, evasion techniques, spoofing, man-in-the-middle, and botnet
2.0 Advanced Threat Protection and Content Security 17% 19%
2.1 Compare and contrast different AMP solutions including public and private cloud deployment models汽车座套广告
2.2 Describe, implement, and troubleshoot AMP for networks, AMP for endpoints, and AMP for content security (CWS, ESA, and WSA)
pp附着力促进剂>网络游戏防沉迷系统2.3 Detect, analyze, and mitigate malware incidents
2.4 Describe the benefit of threat intelligence provided by AMP Threat GRID
2.5 Perform packet capture and analysis using Wireshark, tcpdump, SPAN, and RSPAN
2.6 Describe, implement, and troubleshoot web filtering, user identification, and Application Visibility and Control (AVC)
2.7 Describe, implement, and troubleshoot mail policies, DLP, email quarantines, and SenderBase on ESA
止动环
2.8 Describe, implement, and troubleshoot SMTP authentication such as SPF and DKIM on ESA
rna测序2.9 Describe, implement, and troubleshoot SMTP encryption on ESA
2.10 Compare and contrast different LDAP query types on ESA
2.11 Describe, implement, and troubleshoot WCCP redirection
2.12 Compare and contrast different proxy methods such as SOCKS, Auto proxy/WPAD, and transparent
2.13 Describe, implement, and troubleshoot HTTPS decryption and DLP
2.14 Describe, implement, and troubleshoot CWS connectors on Cisco IOS routers, Cisco ASA, Cisco AnyConnect, and WSA
2.15 Describe the security benefits of leveraging the OpenDNS solution.
2.16 Describe, implement, and troubleshoot SMA for centralized content security management
2.17 Describe the security benefits of leveraging Lancope
3.0 Secure Connectivity and Segmentation 17% 19%
3.1 Compare and contrast cryptographic and hash algorithms such as AES, DES, 3DES, ECC, SHA, and MD5
3.2 Compare and contrast security protocols such as ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, and MKA
3.3 Describe, implementc and troubleshoot remote access VPN using technologies such as FLEXVPN, SSL-VPN between Cisco firewalls, routers, and end hosts
3.4 Describe, implement, and troubleshoot the Cisco IOS CA for VPN authentication
3.5 Describe, implement, and troubleshoot clientless SSL VPN technologies with DAP and smart tunnels on Cisco ASA and Cisco FTD
3.6 Describe, implement, and troubleshoot site-to-site VPNs such as GETVPN, DMVPN and IPsec
3.7 Describe, implement, and troubleshoot uplink and downlink MACsec (802.1AE)
3.8 Describe, implement, and troubleshoot VPN high availability using Cisco ASA VPN clustering and dual-hub DMVPN deployments