Tweet
Ngày 31/5, Cisco đã ra thông báo về việc đưa ra nội dung thi mới cho cả kỳ thi CCIE Security Written và Lab. Phiên bản mới này (phiên bản 2.0) sẽ có hiệu lực kể từ ngày 2 tháng 1 năm 2007.
Nguồn:http://www.cisco.com/web/learning/le...itychanges2006
Written Exam Blueprint v2.0
The Security written exam (350-018) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam effective January 2, 2007. Please note, however, that other relevant or related topic areas may also appear. Candidates prior to January 2 should continue using the prior blueprints (now known as v1.0).
General Networking
Networking Basics
OSI Layers
TCP/IP Protocols
Switching (VTP, VLANs, Spanning Tree, Trunking, etc.)
Routing Protocols (RIP, EIGRP, OSPF, and BGP)
IP Multicast
Security Protocols, Ciphers and Hash Algorithms
RADIUS
TACACS+
Ciphers RSA, DSS, RC4
Message Digest 5 (MD5)
Secure Hash Algorithm (SHA)
EAP PEAP TKIP TLS
Data Encryption Standard (DES)
Triple DES (3DES)
Advanced Encryption Standard (AES)
IP Security (IPSec)
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Internet Key Exchange (IKE)
Certificate Enrollment Protocol (CEP)
Transport Layer Security (TLS)
Secure Socket Layer (SSL)
Point to Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Generic Route Encapsulation (GRE)
Secure Shell (SSH)
Pretty Good Privacy (PGP)
Application Protocols
Hypertext Transfer Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP)
File Transfer Protocol (FTP)
Domain Name System (DNS)
Trivial File Transfer Protocol (TFTP)
Network Time Protocol (NTP)
Lightweight Directory Access Protocol (LDAP)
Syslog
Security Technologies
Packet Filtering
Content Filtering
URL Filtering
Authentication Technologies
Authorization technologies
Proxy Authentication
Public Key Infrastructure (PKI)
IPSec VPN
SSL VPN
Network Intrusion Prevention Systems
Host Intrusion Prevention Systems
Event Correlation
Adaptive Threat Defense (ATD)
Network Admission Control (NAC)
802.1x
Endpoint Security
Network Address Translation
Cisco Security Appliances and Applications
Cisco Secure PIX Firewall
Cisco Intrusion Prevention System (IPS)
Cisco VPN 3000 Series Concentrators
Cisco EzVPN Software and Hardware Clients
Cisco Adaptive Security Appliance (ASA) Firewall
Cisco Security Monitoring, Analysis and Response System (MARS)
Cisco IOS Firewall
Cisco IOS Intrusion Prevention System
Cisco IOS IPSec VPN
Cisco IOS Trust and Identity
Cisco Secure ACS for Windows
Cisco Secure ACS Solution Engine
Cisco Traffic Anomaly Detectors
Cisco Guard DDoS Mitigation Appliance
Cisco Catalyst 6500 Series Security Modules (FWSM, IDSM, VPNSM, WebVPN, SSL modules)
Cisco Traffic Anomaly Detector Module & Cisco Guard Service Module
Cisco Security Management
Cisco Adaptive Security Device Manager (ASDM)
Cisco Router & Security Device Manager (SDM)
Cisco Security Manager (CSM)
Cisco Security General
IOS Specifics
Routing and Switching Security Features: IP & MAC Spoofing, MAC Address Controls, Port Security, DHCP Snoop, DNS Spoof.
NetFlow
Layer 2 Security Features
Layer 3 Security Features
Wireless Security
IPv6 Security
Security Solutions
Network Attack Mitigation
Virus and Worms Outbreaks
Theft of Information
DoS/DDoS Attacks
Web Server & Web Application Security
Security General
Policies - Security Policy Best Practices
Information Security Standards (ISO 17799, ISO 27001, BS7799)
Standards Bodies
Common RFCs (e.g. RFC1918, RFC2827, RFC2401)
BCP 38
Attacks, Vulnerabilities and Common Exploits - recon, scan, priv escalation, penetration, cleanup, backdoor
Security Audit & Validation
Risk Assessment
Change Management Process
Incident Response Framework
Computer Security Forensics
và thay đổi lớn về mặt thiết bị:
Troubleshooting techniques will now be integrated into the lab exam. In addition, the following changes--shown in the posted blueprint--will be introduced in the lab effective January 2, 2007:
Upgrade of Cisco PIX Firewall Appliance to Software Version 7.x.
Addition of two ASA-5510 Firewall Appliances running v7.x.
Upgrade of Cisco Intrusion Prevention System to Software Release 5.x.
Upgrade of Cisco VPN3000 Concentrator Series to Software Release 4.7.x.
Upgrade of Cisco Catalyst 3550 switches to Software Release 12.2SEE.
Upgrade of CiscoSecure ACS to Software Version 4.0.
Addition of PC to test Remote Access VPN, admission control, packet capturing and various other applications.
Eliminate preconfigured ACS and require candidates to configure.
LAB BLUEPRINT version 2.0:
Firewall
PIX and ASA Firewall
Basic initialization
Access Management
Address translation
ACLs
IP Routing
Object groups
VLANs
AAA
VPNs
Filtering
Failover
Layer 2 Transparent Firewall
Security Contexts (Virtual Firewall)
Modular Policy Framework
Application-Aware Inspection
High Availability Scenarios
QoS Policies
Other advanced features
IOS Firewall
CBAC
Audit
Auth Proxy
PAM
Access control
Performance tuning
Advanced features
VPN
IPSec LAN-to-LAN
SSL VPN
DMVPN
CA (PKI)
Remote access VPN
VPN3000 Concentrator
VPN3000 IP Routing
Unity client
WebVPN
EzVPN Hardware Client
XAuth, Split-tunnel, RRI, NAT-T
High Availability
QoS for VPN
GRE, mGRE
L2TP
PPTP
Advanced VPN features
Intrusion Prevention System (IPS)
IPS 4200 Series Sensor Appliance
Basic initialization
Sensor configuration
Sensor Management
Promiscuous and Inline Monitoring
Signature Tuning
Custom Signatures
Blocking
TCP Resets
Rate Limiting
Signature Engines
IDM
Event Action
Event Monitoring
IOS IPS
PIX IDS
SPAN, RSPAN
Advanced Features
Identity Management
Security Protocols (Radius, Tacacs+)
Cisco Secure ACS Configuration
Access Management (Telnet, SSH, Pwds, Priv Levels)
Proxy Authentication
Service Authentication (FTP, Telnet, HTTP, other)
Network Admission Control (NAC Framework solution)
802.1x
Advanced features
Advanced Security
Mitigation techniques
Packet marking techniques
Security RFCs (RFC1918, RFC2827, RFC2401)
Service Provider Security
Black Holes, Sink Holes
RTBH Filtering (Remote Triggered Black Hole)
Traffic Filtering using Access-lists
NAT
TCP Intercept
uRPF
CAR
NBAR
NetFlow
Flooding
Spoofing
Policing
Fragmentation
Sniffer Traces
Catalyst Management and Security
Traffic Control and Congestion Management
Catalyst Features and Advanced configuration
IOS Security Features
Network Attacks
Network Reconnaissance
IP Spoofing Attacks
MAC Spoofing Attacks
ARP Spoofing Attacks
Denial of Service (DoS)
Distributed Denial of Service (DDoS)
Man-in-the-Middle (MiM) Attacks
Port Redirection Attacks
DHCP Attacks
DNS Attacks
Fragment Attacks
Smurf attacks
SYN Attacks
MAC Attacks
VLAN Hoping Attacks
Other Layer2 and Layer3 Attacks
Nguồn:http://www.cisco.com/web/learning/le...itychanges2006
Written Exam Blueprint v2.0
The Security written exam (350-018) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam effective January 2, 2007. Please note, however, that other relevant or related topic areas may also appear. Candidates prior to January 2 should continue using the prior blueprints (now known as v1.0).
General Networking
Networking Basics
OSI Layers
TCP/IP Protocols
Switching (VTP, VLANs, Spanning Tree, Trunking, etc.)
Routing Protocols (RIP, EIGRP, OSPF, and BGP)
IP Multicast
Security Protocols, Ciphers and Hash Algorithms
RADIUS
TACACS+
Ciphers RSA, DSS, RC4
Message Digest 5 (MD5)
Secure Hash Algorithm (SHA)
EAP PEAP TKIP TLS
Data Encryption Standard (DES)
Triple DES (3DES)
Advanced Encryption Standard (AES)
IP Security (IPSec)
Authentication Header (AH)
Encapsulating Security Payload (ESP)
Internet Key Exchange (IKE)
Certificate Enrollment Protocol (CEP)
Transport Layer Security (TLS)
Secure Socket Layer (SSL)
Point to Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
Generic Route Encapsulation (GRE)
Secure Shell (SSH)
Pretty Good Privacy (PGP)
Application Protocols
Hypertext Transfer Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP)
File Transfer Protocol (FTP)
Domain Name System (DNS)
Trivial File Transfer Protocol (TFTP)
Network Time Protocol (NTP)
Lightweight Directory Access Protocol (LDAP)
Syslog
Security Technologies
Packet Filtering
Content Filtering
URL Filtering
Authentication Technologies
Authorization technologies
Proxy Authentication
Public Key Infrastructure (PKI)
IPSec VPN
SSL VPN
Network Intrusion Prevention Systems
Host Intrusion Prevention Systems
Event Correlation
Adaptive Threat Defense (ATD)
Network Admission Control (NAC)
802.1x
Endpoint Security
Network Address Translation
Cisco Security Appliances and Applications
Cisco Secure PIX Firewall
Cisco Intrusion Prevention System (IPS)
Cisco VPN 3000 Series Concentrators
Cisco EzVPN Software and Hardware Clients
Cisco Adaptive Security Appliance (ASA) Firewall
Cisco Security Monitoring, Analysis and Response System (MARS)
Cisco IOS Firewall
Cisco IOS Intrusion Prevention System
Cisco IOS IPSec VPN
Cisco IOS Trust and Identity
Cisco Secure ACS for Windows
Cisco Secure ACS Solution Engine
Cisco Traffic Anomaly Detectors
Cisco Guard DDoS Mitigation Appliance
Cisco Catalyst 6500 Series Security Modules (FWSM, IDSM, VPNSM, WebVPN, SSL modules)
Cisco Traffic Anomaly Detector Module & Cisco Guard Service Module
Cisco Security Management
Cisco Adaptive Security Device Manager (ASDM)
Cisco Router & Security Device Manager (SDM)
Cisco Security Manager (CSM)
Cisco Security General
IOS Specifics
Routing and Switching Security Features: IP & MAC Spoofing, MAC Address Controls, Port Security, DHCP Snoop, DNS Spoof.
NetFlow
Layer 2 Security Features
Layer 3 Security Features
Wireless Security
IPv6 Security
Security Solutions
Network Attack Mitigation
Virus and Worms Outbreaks
Theft of Information
DoS/DDoS Attacks
Web Server & Web Application Security
Security General
Policies - Security Policy Best Practices
Information Security Standards (ISO 17799, ISO 27001, BS7799)
Standards Bodies
Common RFCs (e.g. RFC1918, RFC2827, RFC2401)
BCP 38
Attacks, Vulnerabilities and Common Exploits - recon, scan, priv escalation, penetration, cleanup, backdoor
Security Audit & Validation
Risk Assessment
Change Management Process
Incident Response Framework
Computer Security Forensics
và thay đổi lớn về mặt thiết bị:
Troubleshooting techniques will now be integrated into the lab exam. In addition, the following changes--shown in the posted blueprint--will be introduced in the lab effective January 2, 2007:
Upgrade of Cisco PIX Firewall Appliance to Software Version 7.x.
Addition of two ASA-5510 Firewall Appliances running v7.x.
Upgrade of Cisco Intrusion Prevention System to Software Release 5.x.
Upgrade of Cisco VPN3000 Concentrator Series to Software Release 4.7.x.
Upgrade of Cisco Catalyst 3550 switches to Software Release 12.2SEE.
Upgrade of CiscoSecure ACS to Software Version 4.0.
Addition of PC to test Remote Access VPN, admission control, packet capturing and various other applications.
Eliminate preconfigured ACS and require candidates to configure.
LAB BLUEPRINT version 2.0:
Firewall
PIX and ASA Firewall
Basic initialization
Access Management
Address translation
ACLs
IP Routing
Object groups
VLANs
AAA
VPNs
Filtering
Failover
Layer 2 Transparent Firewall
Security Contexts (Virtual Firewall)
Modular Policy Framework
Application-Aware Inspection
High Availability Scenarios
QoS Policies
Other advanced features
IOS Firewall
CBAC
Audit
Auth Proxy
PAM
Access control
Performance tuning
Advanced features
VPN
IPSec LAN-to-LAN
SSL VPN
DMVPN
CA (PKI)
Remote access VPN
VPN3000 Concentrator
VPN3000 IP Routing
Unity client
WebVPN
EzVPN Hardware Client
XAuth, Split-tunnel, RRI, NAT-T
High Availability
QoS for VPN
GRE, mGRE
L2TP
PPTP
Advanced VPN features
Intrusion Prevention System (IPS)
IPS 4200 Series Sensor Appliance
Basic initialization
Sensor configuration
Sensor Management
Promiscuous and Inline Monitoring
Signature Tuning
Custom Signatures
Blocking
TCP Resets
Rate Limiting
Signature Engines
IDM
Event Action
Event Monitoring
IOS IPS
PIX IDS
SPAN, RSPAN
Advanced Features
Identity Management
Security Protocols (Radius, Tacacs+)
Cisco Secure ACS Configuration
Access Management (Telnet, SSH, Pwds, Priv Levels)
Proxy Authentication
Service Authentication (FTP, Telnet, HTTP, other)
Network Admission Control (NAC Framework solution)
802.1x
Advanced features
Advanced Security
Mitigation techniques
Packet marking techniques
Security RFCs (RFC1918, RFC2827, RFC2401)
Service Provider Security
Black Holes, Sink Holes
RTBH Filtering (Remote Triggered Black Hole)
Traffic Filtering using Access-lists
NAT
TCP Intercept
uRPF
CAR
NBAR
NetFlow
Flooding
Spoofing
Policing
Fragmentation
Sniffer Traces
Catalyst Management and Security
Traffic Control and Congestion Management
Catalyst Features and Advanced configuration
IOS Security Features
Network Attacks
Network Reconnaissance
IP Spoofing Attacks
MAC Spoofing Attacks
ARP Spoofing Attacks
Denial of Service (DoS)
Distributed Denial of Service (DDoS)
Man-in-the-Middle (MiM) Attacks
Port Redirection Attacks
DHCP Attacks
DNS Attacks
Fragment Attacks
Smurf attacks
SYN Attacks
MAC Attacks
VLAN Hoping Attacks
Other Layer2 and Layer3 Attacks