CCNA Security 210-260 Official Cert Guide

Omar Santos is the technical leader for the Cisco Product Security Incident Response Team (PSIRT). He mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products. Omar has been working with information technology and cybersecurity since the mid-1990s. Omar has designed, implemented, and supported numerous secure networks for Fortune 100 and 500 companies and for the U.S. government. Prior to his current role, he was a technical leader within the World Wide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations. Omar is an active member of the security community, where he leads several industrywide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar is the author of several books and numerous white papers, articles, and security configuration guidelines and best practices. Omar has also delivered numerous technical presentations at many conferences and to Cisco customers and partners, in addition to many C-level executive presentations to many organizations. John Stuppi, CCIE No. 11154 (Security), is a technical leader in the Cisco Security Solutions (CSS) organization at Cisco, where he consults Cisco customers on protecting their network against existing and emerging cybersecurity threats. In this role, John is responsible for providing effective techniques using Cisco product capabilities to provide identification and mitigation solutions for Cisco customers who are concerned with current or expected security threats to their network environments. Current projects include helping customers leverage DNS and NetFlow data to identify and subsequently mitigate network-based threats. John has presented multiple times on various network security topics at Cisco Live, Black Hat, and other customer-facing cybersecurity conferences. In addition, John contributes to the Cisco Security Portal through the publication of white papers, security blog posts, and cyber risk report articles. Before joining Cisco, John worked as a network engineer for JPMorgan and then as a network security engineer at Time, Inc., with both positions based in New York City. John is also a CISSP (#25525) and holds an Information Systems Security (INFOSEC) professional certification. In addition, John has a BSEE from Lehigh University and an MBA from Rutgers University. John lives in Ocean Township, New Jersey (a.k.a. the "Jersey Shore") with his wife, two kids, and dog.

Introduction xxvi

Part I Fundamentals of Network Security

Chapter 1 Networking Security Concepts 3

Do I Know This Already? Quiz 3

Foundation Topics 6

Understanding Network and Information Security Basics 6

Network Security Objectives 6

Confidentiality, Integrity, and Availability 6

Cost-Benefit Analysis of Security 7

Classifying Assets 8

Classifying Vulnerabilities 10

Classifying Countermeasures 10

What Do We Do with the Risk? 11

Recognizing Current Network Threats 12

Potential Attackers 12

Attack Methods 13

Attack Vectors 14

Man-in-the-Middle Attacks 14

Other Miscellaneous Attack Methods 15

Applying Fundamental Security Principles to Network Design 16

Guidelines 16

Network Topologies 17

Network Security for a Virtual Environment 20

How It All Fits Together 22

Exam Preparation Tasks 23

Review All the Key Topics 23

Complete the Tables and Lists from Memory 23

Define Key Terms 23

Chapter 2 Common Security Threats 25

Do I Know This Already? Quiz 25

Foundation Topics 27

Network Security Threat Landscape 27

Distributed Denial-of-Service Attacks 27

Social Engineering Methods 28

Social Engineering Tactics 29

Defenses Against Social Engineering 29

Malware Identification Tools 30

Methods Available for Malware Identification 30

Data Loss and Exfiltration Methods 31

Summary 32

Exam Preparation Tasks 33

Review All the Key Topics 33

Complete the Tables and Lists from Memory 33

Define Key Terms 33

Part II Secure Access

Chapter 3 Implementing AAA in Cisco IOS 35

Do I Know This Already? Quiz 35

Foundation Topics 38

Cisco Secure ACS, RADIUS, and TACACS 38

Why Use Cisco ACS? 38

On What Platform Does ACS Run? 38

What Is ISE? 39

Protocols Used Between the ACS and the Router 39

Protocol Choices Between the ACS Server and the Client (the Router) 40

Configuring Routers to Interoperate with an ACS Server 41

Configuring the ACS Server to Interoperate with a Router 51

Verifying and Troubleshooting Router-to-ACS Server Interactions 60

Exam Preparation Tasks 67

Review All the Key Topics 67

Complete the Tables and Lists from Memory 67

Define Key Terms 67

Command Reference to Check Your Memory 67

Chapter 4 Bring Your Own Device (BYOD) 71

Do I Know This Already? Quiz 71

Foundation Topics 73

Bring Your Own Device Fundamentals 73

BYOD Architecture Framework 74

BYOD Solution Components 74

Mobile Device Management 76

MDM Deployment Options 76

  On-Premise MDM Deployment 77

  Cloud-Based MDM Deployment 78

Exam Preparation Ta...