Contents
Chapter 1 Fundamentals of Networking Protocols and Networking Devices
“Do I Know This Already?” Quiz
Networking Communication with the TCP/IP Model
Open System Interconnection Model
Layer 2 Fundamentals and Technologies
Ethernet LAN Fundamentals and Technologies
Ethernet Medium Access Control
Ethernet Devices and Frame-Forwarding Behavior
Link Layer Loop and Spanning Tree Protocols
Virtual LAN (VLAN) and VLAN Trunking
Inter-VLAN Traffic and Multilayer Switches
Wireless LAN Fundamentals and Technologies
802.11 Architecture and Basic Concepts
WLAN Access Point Types and Management
Internet Protocol and Layer 3 Technologies
IPv4 Addresses and Addressing Architecture
IP Network Subnetting and Classless Interdomain Routing (CIDR)
Variable-Length Subnet Mask (VLSM)
Public and Private IP Addresses
Special and Reserved IPv4 Addresses
IP Addresses Assignment and DHCP
IP Communication Within a Subnet and Address Resolution Protocol (ARP)
Routing Tables and IP Routing Protocols
Advanced Distance Vector or Hybrid
Using Multiple Routing Protocols
Internet Control Message Protocol (ICMP)
Special and Reserved IPv6 Addresses
IPv6 Addresses Assignment, Neighbor Discovery Protocol, and DHCPv6
Transport Layer Technologies and Protocols
Transmission Control Protocol (TCP)
TCP Connection Establishment and Termination
TCP Error Detection and Recovery
UDP Socket and Known UDP Application
Complete Tables and Lists from Memory
References and Further Reading
Chapter 2 Network Security Devices and Cloud Services
“Do I Know This Already?” Quiz
Firewalls Provide Network Segmentation
Cisco Firepower Threat Defense
Intrusion Detection Systems and Intrusion Prevention Systems
Pattern Matching and Stateful Pattern-Matching Recognition
Global Threat Correlation Capabilities
Next-Generation Intrusion Prevention Systems
Cisco Security Management Appliance
Cisco Identity Services Engine
Security Cloud-based Solutions
Cisco Threat Awareness Service
NetFlow vs. Full Packet Capture
Complete Tables and Lists from Memory
“Do I Know This Already?” Quiz
The Principles of the Defense-in-Depth Strategy
What Are Threats, Vulnerabilities, and Exploits?
Confidentiality, Integrity, and Availability: The CIA Triad
Personally Identifiable Information and Protected Health Information
Principle of Least Privilege and Separation of Duties
Chapter 4 Introduction to Access Controls
“Do I Know This Already?” Quiz
Information Security Principles
Authentication by Characteristic
Access Control Fundamentals: Summary
Information Security Roles and Responsibilities
Attribute-Based Access Control
Identity and Access Control Implementation
Authentication, Authorization, and Accounting Protocols
Network Access Control List and Firewalling
Identity Management and Profiling
Network Segmentation Through VLAN
Intrusion Detection and Prevention
Network-Based Intrusion Detection and Protection System
Host-Based Intrusion Detection and Prevention
Complete Tables and Lists from Memory
References and Additional Reading
Chapter 5 Introduction to Security Operations Management
“Do I Know This Already?” Quiz
Introduction to Identity and Access Management
Phases of the Identity and Access Lifecycle
Registration and Identity Validation
Password Storage and Transmission
Security Assertion Markup Language
Security Events and Logs Management
Logs Collection, Analysis, and Disposal
Security Information and Event Manager
Assets Acceptable Use and Return Policies
Assets and Information Handling
Introduction to Enterprise Mobility Management
Cisco Meraki Enterprise Mobility Management
Configuration and Change Management
Finding Information about a Vulnerability
Product Vulnerability Management
Vulnerability Analysis and Prioritization
References and Additional Readings
Complete Tables and Lists from Memory
Chapter 6 Fundamentals of Cryptography and Public Key Infrastructure (PKI)
“Do I Know This Already?” Quiz
Symmetric and Asymmetric Algorithms
Hashed Message Authentication Code
Next-Generation Encryption Protocols
RSA Algorithm, the Keys, and Digital Certificates
Root and Identity Certificates
X.500 and X.509v3 Certificates
Authenticating and Enrolling with the CA
Public Key Cryptography Standards
Simple Certificate Enrollment Protocol
Hierarchical CA with Subordinate CAs
Complete Tables and Lists from Memory
Chapter 7 Introduction to Virtual Private Networks (VPNs)
“Do I Know This Already?” Quiz
Site-to-site vs. Remote-Access VPNs
Complete Tables and Lists from Memory
Chapter 8 Windows-Based Analysis
“Do I Know This Already?” Quiz
Windows Management Instrumentation
References and Further Reading
Chapter 9 Linux- and Mac OS X–Based Analysis
“Do I Know This Already?” Quiz
Complete Tables and Lists from Memory
References and Further Reading
Chapter 10 Endpoint Security Technologies
“Do I Know This Already?” Quiz
Antimalware and Antivirus Software
Host-Based Firewalls and Host-Based Intrusion Prevention
Application-Level Whitelisting and Blacklisting
Complete Tables and Lists from Memory
Part V Security Monitoring and Attack Methods
Chapter 11 Network and Host Telemetry
“Do I Know This Already?” Quiz
Network Time Protocol and Why It Is Important
Configuring Syslog in a Cisco Router or Switch
Configuring Logging on the Cisco ASA
Syslog in Large Scale Environments
Elasticsearch, Logstash, and Kibana (ELK) Stack
Next-Generation Firewall and Next-Generation IPS Logs
Commercial NetFlow Analysis Tools
Open Source NetFlow Analysis Tools
Counting, Grouping, and Mating NetFlow Records with Silk
Big Data Analytics for Cyber Security Network Telemetry
Configuring Flexible NetFlow in Cisco IOS and Cisco IOS-XE Devices
Cisco Application Visibility and Control (AVC)
Complete Tables and Lists from Memory
Chapter 12 Security Monitoring Operational Challenges
“Do I Know This Already?” Quiz
Security Monitoring and Encryption
Security Monitoring and Network Address Translation
Security Monitoring and Event Correlation Time Synchronization
DNS Tunneling and Other Exfiltration Methods
Security Monitoring and Peer-to-Peer Communication
Chapter 13 Types of Attacks and Vulnerabilities
“Do I Know This Already?” Quiz
Botnets Participating in DDoS Attacks
Attack Methods for Data Exfiltration
Chapter 14 Security Evasion Techniques
“Do I Know This Already?” Quiz
Key Encryption and Tunneling Concepts
Protocol-Level Misinterpretation
Traffic Timing, Substitution, and Insertion
Complete Tables and Lists from Memory
References and Further Reading
Pearson Cert Practice Test Engine and Questions on the Website
Accessing the Pearson Test Prep Software Online
Accessing the Pearson Test Prep Software Offline
Suggested Plan for Final Review/Study
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Questions
Elements Available on the Book Website