The Securing Networks with PIX and ASA exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco
Install and configure a security appliance for basic network connectivity
* Describe the Security Appliance hardware and software architecture
* Determine the Security Appliance hardware and software configuration and verify if it is correct
* Use setup or the CLI to configure basic network settings, including interface configurations
* Use appropriate show commands to verify initial configurations
* Configure NAT and global addressing to meet user requirements
* Configure DHCP client option
* Set default route
* Configure logging options
* Describe the firewall technology
* Explain the information contained in syslog files
* Configure static address translations
* Configure Network Address Translations: PAT
* Configure static port redirection
* Configure a net static
* Set embryonic and connection limits on the security appliance
* Verify network address translation operation
Configure a security appliance to restrict inbound traffic from untrusted sources
* Configure access-lists to filter traffic based on address, time, and protocols
* Configure object-groups to optimize access-list processing
* Configure Network Address Translations: Nat0
* Configure Network Address Translations: Policy NAT
* Configure java/activeX filtering
* Configure URL filtering
* Verify inbound traffic restrictions
Configure a security appliance to provide secure connectivity using site-to-site VPNs
* Explain certificates, certificate authorities and how they are used
* Explain the basic functionality of IPSec
* Configure IKE with preshared keys
* Configure IKE to use certificates
* Differentiate between the types of encryption
* Configure IPSec parameters
* Configure crypto-maps and ACLs
Configure a security appliance to provide secure connectivity using remote access VPNs
* Explain the functions of EasyVPN
* Configure IPSec using EasyVPN Server/Client
* Configure the Cisco Secure VPN client
* Explain the purpose of WebVPN
* Configure WebVPN services: Server/Client
* Verify VPN operations
Configure transparent firewall, virtual firewall, and high availability firewall features on a security appliance
* Explain differences between L2 and L3 operating modes
* Configure security appliance for transparent mode (L2)
* Explain purpose of virtual firewalls
* Configure security appliance to support virtual firewall
* Monitor and maintain virtual firewall
* Explain the types, purpose and operation of fail-over
* Install appropriate topology to support cable-based or LAN-based fail-over
* Explain the hardware, software and licensing requirements for high-availability
* Configure the SA for active/standby fail-over
* Configure the SA for stateful fail-over
* Configure the SA for active-active fail-over
* Verify fail-over operation
* Recover from a fail-over
Configure AAA services for access through a security appliance
* Configure ACS for security appliance support
* Configure security appliance to use AAA feature
* Configure authentication using both local and external databases
* Configure authorization using an external database
* Configure the ACS server for downloadable ACLs
* Configure accounting of connection start/stop
* Verify AAA operation
Configure routing and switching on a security appliance
* Enable DHCP server and relay functionality
* Configure VLANs on a security appliance interface
* Configure routing functionality of security appliance including OSPF, RIP
* Configure security appliance to pass multi-cast traffic
* Configure ICMP on the security appliance
Configure a modular policy on a security appliance
* Configure a class-map
* Configure a policy-map
* Configure a service-policy
* Configure a ftp-map
* Configure a http-map
* Configure an inspection protocol
* Explain the function of protocol inspection
* Explain DNS guard feature
* Describe the AIP-SSM HW and SW
* Load IPS SW on the AIP-SSM
* Verify AIP-SSM
* Configure an IPS modular policy
Monitor and manage an installed security appliance
* Obtain and apply OS updates
* Backup and restore configurations and software
* Explain the security appliance file management system
* Perform password/lockout recovery procedures
* Obtain and upgrade license keys
* Configure passwords for various access methods: Telnet, serial, enable, SSH
* Configure various access methods: Telnet, SSH, PDM
* Configure command authorization and privilege levels
* Configure local username database
* Verify access control methods
* Enable ASDM functionality
* Verify a security appliance configuration via ASDM
* Verify the licensing available on a security appliance
http://rapidshare.com/files/16774852/642-522_SNPA.part1.rar
http://rapidshare.com/files/16785143/642-522_SNPA.part2.rar
No comments:
Post a Comment