My Account | View Cart | Wishlist | Checkout | About Us | Contact Us
Item Number:
           
 
CCIE Security Lab Workbook Volume I

Price : $249.00Stock Status: In Stock
Quantity:




 
 

Are you looking to isolate your CCIE lab preparation on an individual topic basis? Tired of spending hours setting up a lab topology? Are you weak on a specific topic like QoS, and want to see what the different variations of its configuration are? Look no further, Internetwork Expert's CCIE Security Lab Workbook Volume I is your key to success!
Internetwork Expert's CCIE Security Lab Workbook Volume I presents the topics covered in the CCIE Security Lab Exam in an easy to follow, goal-oriented step-by-step approach. By isolating each topic on its own you are able to see, firsthand, the various ways to configure each technology, and what the specific implications of a configuration are. By understanding these fundamental operations of the protocols you will be able to predict advanced and sometimes subtle interactions when the various technologies are configured together.

IEWB-SC-VOL1 Content

Below is a list of some of the topics covered in the CCIE Security Lab Workbook Volume I ( IEWB-SC-VOL1):

  • PIX/ASA Firewall
  • Basic Configuration
  • Configuring VLANs and IP Addressing
  • Configuring and Authenticating RIP
  • Configuring and Authenticating OSPF
  • Redistribution, Summarization and Route Filtering
  • Access Control
  • Common Configuration
  • Filtering with IP Access Lists
  • Using Object Groups
  • Administrative Access Management
  • ICMP Traffic Management
  • Configuring Filtering Services
  • Configuring NAT
  • Dynamic NAT and PAT
  • Static NAT and PAT
  • Dynamic Policy NAT
  • Static Policy NAT and PAT
  • Identity NAT and NAT Exemption
  • Outside Dynamic NAT
  • DNS Doctoring with Alias
  • DNS Doctoring with Static
  • Same-Security Traffic and NAT
  • Advanced Firewall
  • Firewall Contexts Configuration
  • Administrative Context and Resource Management
  • Active/Standby Stateful Failover with Failover Interface
  • Active/Active Stateful Failover with Failover Interface
  • Monitoring Interfaces with Active/Active Failover
  • Filtering with L2 Transparent Firewall
  • ARP Inspection with Transparent Firewall
  • Filtering Non-IP Traffic with L2 Transparent FW
  • Handling Fragmented Traffic
  • Handling Some Application Issues
  • BGP Through the PIX/ASA Firewall
  • Multicast Routing across the PIX/ASA Firewall
  • System Monitoring
  • DHCP Server
  • Modular Policy Framework
  • HTTP Inspection with MPF
  • Advanced FTP Inspection
  • Advanced ESMTP Inspection
  • Authenticating BGP Session Through the Firewall
  • Implementing Traffic Policing
  • Implementing Low Latency Queueing
  • TCP Normalization
  • Management Traffic and MPF
  • ICMP Inspection Engine
  • VPN
  • Common Configurations
  • IOS Router and the PIX/ASA
  • IOS Router and VPN3k
  • GRE and DMVPN
  • VPN3k Easy VPN/WebVPN
  • IOS Easy VPN
  • PIX/ASA Easy VPN/WebVPN
  • IPsec LAN-to-LAN
  • IOS and the PIX/ASA with PSK
  • IOS and the PIX/ASA with PSK and NAT on the Firewall
  • IOS and the PIX/ASA with Digital Certificates
  • IOS and the PIX/ASA: Matching Name in Certificate
  • IOS and IOS with PSK Across the PIX/ASA
  • IOS and IOS with PSK Across the PIX/ASA and NAT
  • IOS and IOS with PSK Across the PIX/ASA with Overlapping Subnets
  • IOS and IOS with PSK Across the PIX/ASA and NAT with IKE AM
  • IOS and IOS with Digital Certificates Across the PIX/ASA
  • IOS and VPN3k with PSK
  • IOS and VPN3k with PSK using CLI only
  • IOS and VPN3k with Digital Certificates
  • IOS and VPN3k with PSK: Tuning IPsec Parameters
  • IOS and VPN3k: Filtering Tunneled Traffic
  • GRE and DMVPN
  • GRE Tunnels over IPsec with Static Crypto Maps
  • GRE Tunnels over IPsec with Crypto Profiles
  • DMVPN with PSK
  • Easy VPN
  • VPN3k and Cisco VPN Client
  • VPN3k and Cisco VPN Client with Split-Tunneling
  • VPN3k and Cisco VPN Client with HoId-Down Route
  • VPN3k and Cisco VPN Client with RRI
  • VPN3k and Cisco VPN Client with DHCP Server
  • VPN3k and Cisco VPN Client with RADIUS Authentication
  • VPN3k and Cisco VPN Client with External Group
  • VPN3k and Cisco VPN Client with Digital Certificates
  • VPN3k and IOS ezVPN Remote Client Mode with Split-Tunneling
  • VPN3k and IOS ezVPN Remote NW Extension Mode with RRI
  • IOS and IOS ezVPN Remote Client Mode with Xauth/RRI
  • IOS and IOS ezVPN Remote NW Extension Mode with Xuath/RRI
  • PIX/ASA and Cisco VPN Client with Split-Tunneling/Xauth/RRI
  • The PIX/ASA and Cisco VPN Client with External Policy
  • The PIX/ASA and Cisco VPN Client with RADIUS Auth/ACL
  • The PIX/ASA and Cisco VPN Client with Digital Certificates
  • The PIX/ASA and IOS ezVPN Remote NW Extension Mode
  • WebVPN and SSL VPN
  • ASA and WebVPN Client
  • ASA and WebVPN Port Forwarding
  • ASA and SSL VPN Client
  • VPN3k and WebVPN Client
  • VPN3k and WebVPN Port Forwarding
  • VPN QoS
  • IOS and the PIX/ASA: Policing the L2L IPsec tunnel
  • IOS and VPN3k: QoS for L2L Tunnel
  • The PIX/ASA and Cisco VPN Client: Per-Flow Policing
  • QoS Pre-Classify for IPsec Tunnel
  • Advanced VPN Topics
  • Decoding IPsec Debugging Output on VPN3k
  • IPsec and Fragmentation Issues
  • ISAKMP Pre-Shared Keys via AAA
  • IPsec NAT-T: L2L Tunnel with VPN3k and IOS Box
  • IKE Tunnel Endpoint Discovery (TED)
  • IPsec VPN High-Availability with HSRP
  • IPsec High Availability with NAT and HSRP
  • IPsec Pass-Through Inspection on the PIX/ASA
  • L2TP over IPsec between the ASA and Windows 2000 PC
  • VPN3k and PPTP Client
  • Using ISAKMP Profiles
  • IOS Firewall
  • Common Configuration
  • Basic Access-Lists
  • Reflexive Access-Lists
  • Dynamic Access-Lists
  • Stateful Inspection with CBAC
  • CBAC Port-to-Application Mapping
  • Preventing DoS Attacks with CBAC
  • CBAC Performance Tuning
  • Authentication Proxy with RADIUS
  • Content Filtering with IOS Firewall
  • Identity Management
  • Network Admission Control
  • ACS Setup for NAC
  • NAC L3 IP With the ASA and Cisco VPN Client
  • NAC L3 IP with VPN3k and Cisco VPN Client
  • Intrusion Prevention
  • Basic Configuration
  • IPS Initial Setup
  • Configuring Inline VLAN Pair
  • Promiscuous Mode Monitoring with RSPAN
  • Monitoring IPS with IPS Event Viewer
  • Event Processing
  • Configuring Event Summarization
  • Creating Custom Signature
  • Event Counting
  • Inline Blocking
  • Event Action Override
  • Event Action Filtering
  • IPS Network Access Control (Shunning)
  • Rate Limiting with IPS
  • Network Attacks
  • Layer 2/3 Attacks
  • Mitigating ARP Spoofing Attack with PIX/ASA
  • Mitigating DHCP Attacks with DHCP Snooping
  • Mitigating ARP Attacks in DHCP Environment
  • Mitigating MAC/IP Spoofing in DHCP Environment
  • Protecting Spanning-Tree Protocol
  • Protecting Against Broadcast Storms
  • Mitigating VLAN Hopping Attacks
  • Protecting Against Network Mapping
  • Blackhole Routing using PBR
  • Intrusion Prevention with PIX/ASA

Topology

The physical topology used in the Security Lab Workbook Volume I is identical to that of Internetwork Expert's CCIE Security Lab Workbook Volume II (IEWB-SC-VOL2), and remains the same throughout all labs in the series. This topology can be easily replicated in your home lab with minimal cost