en CCNAS v11 ch02 securing network devices

... server Network attached storage (NAS) makes storage available through a special network appliance Finally, storage area networks (SAN) provide a network of storage devices ■ Backup devices: A network ... can be shared include both input devices, such as cameras, and output devices, such as printers Chapter 1: Building a Simple Network ■ Network storage: Today the network ma...

Ngày tải lên: 13/12/2013, 05:15

... Guide Interconnecting Cisco Network Devices, Part (ICND1) Second Edition Steve McQuerry, CCIE No 6108 Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA ii Interconnecting Cisco Network ... and Devices 443 Managing Cisco IOS Images 445 Managing Device Configuration Files 448 Cisco IOS copy Command 449 Using show and debug Commands on Cisco Devices 452 Su...

Ngày tải lên: 13/12/2013, 05:15

... VLAN 22 10 .2. 2.0 /24 For future growth Table 2- 4 10 .2. 3.0–10 .2. 255.0 Building C: VLANs and IP Subnets Department VLAN IP Subnet Address Finance VLAN 31 10.3.1.0 /24 Accounting VLAN 32 10.3 .2. 0 /24 ... Enterprise Network Example: Network Design 18 Considering Traffic Source to Destination Paths 20 Voice VLAN Essentials 22 VLAN Operation 23 Understanding Trunking with 8 02. 1...

Ngày tải lên: 22/12/2013, 16:15

... cautions are also spread throughout the text In addition, you can find many references to standards, documents, books, and websites to help you understand networking concepts At the end of each chapter, ... ■ Difficulty in management and support: A poorly designed network may be disorganized and poorly documented and lack easily identified traffic flows, which can make support, maintenance, and pr...

Ngày tải lên: 27/01/2014, 13:20

... Numbers 11 3 Summary of Understanding Ethernet 11 4 Connecting to an Ethernet LAN 11 5 Ethernet Network Interface Cards 11 5 Ethernet Media and Connection Requirements 11 6 Connection Media 11 6 Unshielded ... 10 7 Ethernet 10 8 Ethernet LAN Standards 10 8 LLC Sublayer 10 9 MAC Sublayer 10 9 The Role of CSMA/CD in Ethernet 10 9 Ethernet Frames 11 1 Ethernet Frame Addressing 11...

Ngày tải lên: 27/06/2014, 02:20

... wide-open world of the Internet, the networks of today are more open © 2012 Cisco and/or its affiliates All rights reserved Threats • There are four primary classes of threats to network security: ... affiliates All rights reserved 31 Trends Driving Network Security • Increase of network attacks • Increased sophistication of attacks • Increased dependence on the network • Wirel...

Ngày tải lên: 12/10/2015, 02:40

... be utilized: – Enforce minimum password length: security passwords min-length – Disable unattended connections: exec-timeout – Encrypt config file passwords: service password-encryption © 2012 ... occurs and when Authenticate access – Ensure that access is granted only to authenticated users, groups, and services – Limit the number of failed login attempts and the time between logins © ... re...

Ngày tải lên: 12/10/2015, 02:43

... auxiliary, and console login, exec, and enable commands Packet (interface mode) Dial-up and VPN access including asynchronous and ISDN (BRI and PRI) ppp and network commands © 2012 Cisco and/ or its ... AAA Accounting Remote Client Cisco Secure ACS Server AAA Router 1.When a user has been authenticated, the AAA accounting process generates a start message to begin the accoun...

Ngày tải lên: 12/10/2015, 02:46

... statement is added to the end Without sequence numbers the only way to add a statement between existing entries was to delete the ACL and recreate it • • Likewise, the only way to delete an entry ... to fully implement a security policy Order of statements: – ACLs have a policy of first match; when a statement is matched, the list is no longer examined – Ensure that statements at the top ......

Ngày tải lên: 12/10/2015, 02:52

... Event Monitoring and Management There are two key functions of event monitoring and management: Real-time event monitoring and management Analysis based on archived information (reporting) Event ... Features Sensors are connected to network segments A single sensor can monitor many hosts Sensors are network appliances tuned for intrusion detection analysis The operating system is “hardened....

Ngày tải lên: 12/10/2015, 02:54

... the frames to the wrong VLAN – The first switch strips the first tag off the frame and forwards the frame – The second switch then forwards the packet to the destination based on the VLAN identifier ... managing online users The Cisco NAM manages the Cisco NAS, which is the enforcement component of the Cisco NAC Appliance Cisco NAC Appliance Agent (NAA) – – Optiona...

Ngày tải lên: 12/10/2015, 02:56

... reserved Authentication • Data nonrepudiation is a similar service that allows the sender of a message to be uniquely identified • This means that a sender / device cannot deny having been the source ... Cipher • When Julius Caesar sent messages to his generals, he didn't trust his messengers • He encrypted his messages by replacing every letter: – A with a D – B with an E – and so on • His g...

Ngày tải lên: 12/10/2015, 02:58

... Conventional Private Networks © 2012 Cisco and/or its affiliates All rights reserved 15 Virtual Private Networks © 2012 Cisco and/or its affiliates All rights reserved 16 VPNs • A Virtual Private Network ... does not provide confidentiality (encryption) – It is appropriate to use when confidentiality is not required or permitted – All text is transported unencrypted • It only en...

Ngày tải lên: 12/10/2015, 03:02

... username scpADMIN privilege 15 password scpPa55W04D ip domain-name scp.cisco.com crypto key generate rsa general-keys modulus 1024 aaa new-model aaa authentication login default local aaa authorization ... steps: – Step Enable AAA with the aaa new-model global configuration command – Step Define a named list of authentication methods, with the aaa authentication login {default |list-name} m...

Ngày tải lên: 12/10/2015, 03:06

... the pre-installed licenses creates a permanent license – – The permanent license is activated by installing a permanent activation key using the activation-key command Only one permanent license ... conf t ciscoasa(config)# hostname CCNAS- ASA CCNAS- ASA(config)# domain-name ccnasecurity.com CCNAS- ASA(config)# enable password class CCNAS- ASA(config)# passwd cisco CCNAS- ASA(con...

Ngày tải lên: 12/10/2015, 03:09