Security Qualification Exam (350-018) Blueprint

Đây là đoạn trích từ web site của Cisco.

http://www.cisco.com/warp/public/625/ccie/certifications/security_qual_blueprint.html


Security Protocols

Remote Authentication Dial In User Service (RADIUS)
Terminal Access Controller Access Control System Plus (TACACS+)
Kerberos
Virtual Private Dial-up Networks (VPDN/Virtual Profiles)
Data Encryption Standard (DES)
Triple DES (DES3)
IP Secure (IPSec)
Internet Key Exchange (IKE)
Certificate Enrollment Protocol (CEP)
Point to Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)



Operating Systems
UNIX
Windows (NT/95/98/2000)



Application Protocols

Domain Name System (DNS)
Trivial File Transfer Protocol (TFTP)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP)
Secure Socket Layer (SSL)
Simple Mail Transfer Protocol (SMTP)
Network Time Protocol (NTP)
Secure Shell (SSH)
Lightweight Directory Access Protocol (LDAP)
Active Directory



General Networking

Networking Basics
TCP/IP
Switching and Bridging (including: VLANs, Spanning Tree, etc.)
Routed Protocols
Routing Protocols (including: RIP, EIGRP, OSPF, BGP)
Point to Point Protocol (PPP)
IP Multicast
Integrated Services Digital Network (ISDN)
Async
Access Devices (for example: Cisco AS 5300 series)



Security Technologies

Concepts
Packet Filtering
Proxies
Port Address Translation (PAT)
Network Address Translation (NAT)
Firewalls
Active Audit
Content Filters
Public Key Infrastructure (PKI)
Authentication Technologies
Virtual Private Networks (VPN)



Cisco Security Applications

Cisco Secure UNIX
Cisco Secure NT
Cisco Secure PIX Firewall
Cisco Secure Policy Manager (formerly Cisco Security Manager)
Cisco Secure Intrusion Detection System (formerly NetRanger)
Cisco Secure Scanner (formerly NetSonar)
IOS® Firewall Feature Set



Security General
Policies
Standards Bodies
Incident Response Teams
Vulnerability discussions
Attacks and Common Exploits
Intrusion Detection



Cisco General

IOS Specifics

Co`n dda^y la` list cu?a ca'c ta`i lie^.u ne^n ddo.c :

Security Exam Study Suggestions

Books

Cisco Security Architectures (Held/Hundley, McGraw Hill)
CCIE Security Written Exam Workbook (Kaberna, Freeland, and Ellis)
Firewalls and Internet Security Cheswick and Bellovin, Addison-Wesley
Interconnections: Bridges & Routers (Perlman, Addison Wesley)
Internetworking with TCP/IP: Volumes I-III Comer and Stevens, Prentice Hall
Internet Security Protocols : Protecting IP Traffic (Black, Prentice Hall)
IPSec: The New Security Standard for the Internet, Intranet and Virtual Private Networks. Doraswamy and Harkins, Prentice Hall
ISDN : Concepts, Facilities, and Services (Kessler/Southwick, McGraw Hill)
Routing In the Internet (Huitema, Prentice Hall)
TCP/IP Illustrated : Volumes 1, 2 and 3 (Stevens/Wright, Addison Wesley)
Also, many other commercially available reference guides and text books are available, and Cisco highly recommends that the candidate study native vendor text and reference guides, RFCs and other sources of pertinent technical information. (i.e. Microsoft, Sun, etc.).

Cisco Press Books

Advanced IP Network Design (White , Retana, Slice, Cisco Press)
Building Cisco Remote Access Networks (Paquet, Cisco Press)
CCIE Fundamentals: Network Design and Case Studies, 2nd Ed.(Cisco Press)
CCIE Professional Development, Routing TCP/IP Vol 1 (Doyle, Cisco Press)
Cisco LAN Switching (Clark, Hamilton, Cisco Press)
Cisco CCIE Fundamentals: Network Design and Case Studies (Cisco Press)
Cisco Internetwork Troubleshooting (Chappell, Farkas, Cisco Press)
Cisco IOS 12.0 Network Security (Cisco Press)
Cisco Secure Intrusion Detection System (Carter, Cisco Press)
Cisco Secure Internet Security Solutions (Mason, Newcomb, Cisco Press)
Designing Network Security (Kaeo, Cisco Press)
Enhanced IP Services for Cisco Networks (Lee, Cisco Press)
Inside Cisco IOS Software Architectures (Bollapragada, Murphy, White, Cisco Press)
Internet Routing Architectures (Halabi, Cisco Press)
Internetwork Troubleshooting Handbook, 2nd Ed. (Cisco Press)
Internetworking Technologies Handbook (Ford et.al.,Cisco Press)
IP Routing Primer (Wright, Cisco Press)
Large Scale IP Network Solutions (Raza, Turner, Cisco Press)
Managing Cisco Network Security (Wenstrom, Cisco Press)
MPLS and VPN Architectures (Pepelnjak, Jim Guichard, Cisco Press)
OSPF Network Design Solutions (Thomas, Cisco Press)
Routing TCP/IP, volume 2 (Doyle, DeHaven Carroll, Cisco Press)
Top Down Network Design (Oppenheimer, Cisco Press)
CIM Modules:

CIM CCIE Expert Labs: IP Routing (Cisco Press)
CIM CCIE Expert Labs: Multiprotocol Challenge (Cisco Press)
CIM LAN Switching (Cisco Press)
URLs

Cisco Documentation

Cisco - Internet Security Advisories

Increasing Security on IP Networks

Security Technologies

Security Technical Tips

Access & Security Technical Tips

Improving Security on Cisco Routers

Cisco Service & Support Technical Tips
LAN Technical Tips
Frame Relay
Routing Protocols
Configuring IP Routing Protocols
OSPF Design Guide
BGP Tech Tips
EIGRP
IGRP
Router Management
Request for Comments (RFC)

A full index of RFCs can be found on the web.

821 - Simple Mail Transfer Protocol (SMTP)
1122, 1123 - Host Requirements
1305 - Network Time Protocol (NTP)
1700 - Port Numbers
1812 - Requirements for IP version 4 routers
1858 - Security Considerations for IP Fragment Filtering
2138, 2139 - RADIUS
2196 - Site Security Handbook
2401 - 2412: IP Secure (IPSec) related RFCs
2663 - IP Network Address Translator (NAT) Terminology and Considerations
2725 - Routing Policy System Security