0
Cancel

    CCNA Cyber Ops SECFND #210-250 Official Cert Guide

    by Omar Santos, Joseph Muniz, Stefano De Crescenzo

    eBook

    $37.49
    $37.49
     $39.99 | Save 6%
    or

    Sign In to Checkout with Instant Purchase

    Customer Reviews

      ISBN-13: 9780134608990
    • Publisher: Pearson Education
    • Publication date: 04/04/2017
    • Series: Certification Guide
    • Sold by: Barnes & Noble
    • Format: eBook
    • Pages: 672
    • File size: 39 MB
    • Note: This product may take a few minutes to download.

    Omar Santos is an active member of the cyber security community, where he leads several industry-wide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.


    Omar is the author of over a dozen books and video courses, as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of cyber security vulnerabilities. Additional information about Omar’s current projects can be found at omarsantos.io, and you can follow Omar on Twitter @santosomar.


    Joseph Muniz is an architect at Cisco Systems and security researcher. He has extensive experience in designing security solutions and architectures for the top Fortune 500 corporations and the U.S. government. Joseph’s current role gives him visibility into the latest trends in cyber security, from both leading vendors and customers. Examples of Joseph’s research include his RSA talk titled “Social Media Deception,” which has been quoted by many sources (search for “Emily Williams Social Engineering”), as well as his articles in PenTest Magazine regarding various security topics.


    Joseph runs The Security Blogger website, a popular resource for security, hacking, and product implementation. He is the author and contributor of several publications covering various penetration testing and security topics.


    You can follow Joseph at www. thesecurityblogger.com and @SecureBlogger.


    Stefano De Crescenzo is a senior incident manager with the Cisco Product Security Incident Response Team (PSIRT), where he focuses on product vulnerability management and Cisco products forensics. He is the author of several blog posts and white papers about security best practices and forensics. He is an active member of the security community and has been a speaker at several security conferences.


    Stefano specializes in malware detection and integrity assurance in critical infrastructure devices, and he is the author of integrity assurance guidelines for Cisco IOS, IOS-XE, and ASA.


    Stefano holds a B.Sc. and M.Sc. in telecommunication engineering from Politecnico di Milano, Italy, and an M.Sc. in telecommunication from Danish Technical University, Denmark. He is currently pursuing an Executive MBA at Vlerick Business School in Belgium. He also holds a CCIE in Security #26025 and is CISSP and CISM certified.

    Read More

    Table of Contents

        Introduction xxv
    Part I Network Concepts
    Chapter 1 Fundamentals of Networking Protocols and Networking Devices 3
        “Do I Know This Already?” Quiz 3
        Foundation Topics 6
        TCP/IP and OSI Model 6
            TCP/IP Model 6
            Open System Interconnection Model 12
        Layer 2 Fundamentals and Technologies 16
            Ethernet LAN Fundamentals and Technologies 16
            Ethernet Devices and Frame-Forwarding Behavior 20
            Wireless LAN Fundamentals and Technologies 35
        Internet Protocol and Layer 3 Technologies 43
            IPv4 Header 45
            IPv4 Fragmentation 47
            IPv4 Addresses and Addressing Architecture 48
            IP Addresses Assignment and DHCP 57
            IP Communication Within a Subnet and Address Resolution Protocol (ARP) 60
            Intersubnet IP Packet Routing 61
            Routing Tables and IP Routing Protocols 64
        Internet Control Message Protocol (ICMP) 69
        Domain Name System (DNS) 71
        IPv6 Fundamentals 75
            IPv6 Header 78
            IPv6 Addressing and Subnets 79
            Special and Reserved IPv6 Addresses 82
            IPv6 Addresses Assignment, Neighbor Discovery Protocol, and
            DHCPv6 83
        Transport Layer Technologies and Protocols 89
            Transmission Control Protocol (TCP) 90
            User Datagram Protocol (UDP) 98
        Exam Preparation Tasks 100
        Review All Key Topics 100
        Complete Tables and Lists from Memory 103
        Define Key Terms 103
        Q&A 103
        References and Further Reading 106
    Chapter 2 Network Security Devices and Cloud Services 109
        “Do I Know This Already?” Quiz 109
        Foundation Topics 112
        Network Security Systems 112
            Traditional Firewalls 112
            Application Proxies 117
            Network Address Translation 117
            Stateful Inspection Firewalls 120
            Next-Generation Firewalls 126
            Personal Firewalls 128
            Intrusion Detection Systems and Intrusion Prevention Systems 128
            Next-Generation Intrusion Prevention Systems 133
            Advance Malware Protection 133
            Web Security Appliance 137
            Email Security Appliance 140
            Cisco Security Management Appliance 142
            Cisco Identity Services Engine 143
        Security Cloud-based Solutions 144
            Cisco Cloud Web Security 145
            Cisco Cloud Email Security 146
            Cisco AMP Threat Grid 147
            Cisco Threat Awareness Service 147
            OpenDNS 148
            CloudLock 148
        Cisco NetFlow 149
            What Is the Flow in NetFlow? 149
            NetFlow vs. Full Packet Capture 151
            The NetFlow Cache 151
        Data Loss Prevention 152
        Exam Preparation Tasks 153
        Review All Key Topics 153
        Complete Tables and Lists from Memory 154
        Define Key Terms 154
        Q&A 154
    Part II Security Concepts
    Chapter 3 Security Principles 159
        “Do I Know This Already?” Quiz 159
        Foundation Topics 162
        The Principles of the Defense-in-Depth Strategy 162
        What Are Threats, Vulnerabilities, and Exploits? 166
            Vulnerabilities 166
            Threats 167
            Exploits 170
        Confidentiality, Integrity, and Availability: The CIA Triad 171
            Confidentiality 171
            Integrity 171
            Availability 171
        Risk and Risk Analysis 171
        Personally Identifiable Information and Protected Health Information 173
            PII 173
            PHI 174
        Principle of Least Privilege and Separation of Duties 174
            Principle of Least Privilege 174
            Separation of Duties 175
        Security Operation Centers 175
            Runbook Automation 176
        Forensics 177
            Evidentiary Chain of Custody 177
            Reverse Engineering 178
        Exam Preparation Tasks 180
        Review All Key Topics 180
        Define Key Terms 180
        Q&A 181
    Chapter 4 Introduction to Access Controls 185
        “Do I Know This Already?” Quiz 185
        Foundation Topics 189
        Information Security Principles 189
        Subject and Object Definition 189
        Access Control Fundamentals 190
            Identification 190
            Authentication 191
            Authorization 193
            Accounting 193
            Access Control Fundamentals: Summary 194
        Access Control Process 195
            Asset Classification 195
            Asset Marking 196
            Access Control Policy 197
            Data Disposal 197
        Information Security Roles and Responsibilities 197
        Access Control Types 199
        Access Control Models 201
            Discretionary Access Control 203
            Mandatory Access Control 204
            Role-Based Access Control 205
            Attribute-Based Access Control 207
        Access Control Mechanisms 210
        Identity and Access Control Implementation 212
            Authentication, Authorization, and Accounting Protocols 212
            Port-Based Access Control 218
            Network Access Control List and Firewalling 221
            Identity Management and Profiling 223
        Network Segmentation 223
            Intrusion Detection and Prevention 227
            Antivirus and Antimalware 231
        Exam Preparation Tasks 233
        Review All Key Topics 233
        Complete Tables and Lists from Memory 234
        Define Key Terms 234
        Q&A 234
        References and Additional Reading 237
    Chapter 5 Introduction to Security Operations Management 241
        “Do I Know This Already?” Quiz 241
        Foundation Topics 244
        Introduction to Identity and Access Management 244
            Phases of the Identity and Access Lifecycle 244
            Password Management 246
            Directory Management 250
            Single Sign-On 252
            Federated SSO 255
        Security Events and Logs Management 260
            Logs Collection, Analysis, and Disposal 260
            Security Information and Event Manager 264
        Assets Management 265
            Assets Inventory 266
            Assets Ownership 267
            Assets Acceptable Use and Return Policies 267
            Assets Classification 268
            Assets Labeling 268
            Assets and Information Handling 268
            Media Management 269
        Introduction to Enterprise Mobility Management 269
            Mobile Device Management 271
        Configuration and Change Management 276
            Configuration Management 276
            Change Management 278
        Vulnerability Management 281
            Vulnerability Identification 281
            Vulnerability Analysis and Prioritization 290
            Vulnerability Remediation 294
        Patch Management 295
        References and Additional Readings 299
        Exam Preparation Tasks 302
        Review All Key Topics 302
        Complete Tables and Lists from Memory 303
        Define Key Terms 303
        Q&A 303
    Part III Cryptography
    Chapter 6 Fundamentals of Cryptography and Public Key Infrastructure (PKI) 309
        “Do I Know This Already?” Quiz 309
        Foundation Topics 311
        Cryptography 311
            Ciphers and Keys 311
            Symmetric and Asymmetric Algorithms 313
            Hashes 314
            Hashed Message Authentication Code 316
            Digital Signatures 317
            Key Management 320
            Next-Generation Encryption Protocols 321
            IPsec and SSL 321
        Fundamentals of PKI 323
            Public and Private Key Pairs 323
            RSA Algorithm, the Keys, and Digital Certificates 324
            Certificate Authorities 324
            Root and Identity Certificates 326
            Authenticating and Enrolling with the CA 328
            Public Key Cryptography Standards 330
            Simple Certificate Enrollment Protocol 330
            Revoking Digital Certificates 330
            Using Digital Certificates 331
            PKI Topologies 331
        Exam Preparation Tasks 334
        Review All Key Topics 334
        Complete Tables and Lists from Memory 334
        Define Key Terms 335
        Q&A 335
    Chapter 7 Introduction to Virtual Private Networks (VPNs) 339
        “Do I Know This Already?” Quiz 339
        Foundation Topics 341
        What Are VPNs? 341
        Site-to-site vs. Remote-Access VPNs 341
        An Overview of IPsec 343
            IKEv1 Phase 1 343
            IKEv1 Phase 2 345
            IKEv2 348
        SSL VPNs 348
            SSL VPN Design Considerations 351
        Exam Preparation Tasks 353
        Review All Key Topics 353
        Complete Tables and Lists from Memory 353
        Define Key Terms 353
        Q&A 353
    Part IV Host-Based Analysis
    Chapter 8 Windows-Based Analysis 357
        “Do I Know This Already?” Quiz 357
        Foundation Topics 360
        Process and Threads 360
        Memory Allocation 362
        Windows Registration 364
        Windows Management Instrumentation 366
        Handles 368
        Services 369
        Windows Event Logs 372
        Exam Preparation Tasks 375
        Review All Key Topics 375
        Define Key Terms 375
        Q&A 375
        References and Further Reading 377
    Chapter 9 Linux- and Mac OS X–Based Analysis 379
        “Do I Know This Already?” Quiz 379
        Foundation Topics 382
        Processes 382
        Forks 384
        Permissions 385
        Symlinks 390
        Daemons 391
        UNIX-Based Syslog 392
        Apache Access Logs 396
        Exam Preparation Tasks 398
        Review All Key Topics 398
        Complete Tables and Lists from Memory 398
        Define Key Terms 398
        Q&A 399
        References and Further Reading 400
    Chapter 10 Endpoint Security Technologies 403
        “Do I Know This Already?” Quiz 403
        Foundation Topics 406
        Antimalware and Antivirus Software 406
        Host-Based Firewalls and Host-Based Intrusion Prevention 408
        Application-Level Whitelisting and Blacklisting 410
        System-Based Sandboxing 411
        Exam Preparation Tasks 414
        Review All Key Topics 414
        Complete Tables and Lists from Memory 414
        Define Key Terms 414
        Q&A 414
    Part V Security Monitoring and Attack Methods
    Chapter 11 Network and Host Telemetry 419
        “Do I Know This Already?” Quiz 419
        Foundation Topics 422
        Network Telemetry 422
            Network Infrastructure Logs 422
            Traditional Firewall Logs 426
            Syslog in Large Scale Environments 430
            Next-Generation Firewall and Next-Generation IPS Logs 437
            NetFlow Analysis 445
            Cisco Application Visibility and Control (AVC) 469
            Network Packet Capture 470
            Wireshark 473
            Cisco Prime Infrastructure 474
        Host Telemetry 477
            Logs from User Endpoints 477
            Logs from Servers 481
        Exam Preparation Tasks 483
        Review All Key Topics 483
        Complete Tables and Lists from Memory 483
        Define Key Terms 483
        Q&A 484
    Chapter 12 Security Monitoring Operational Challenges 487
        “Do I Know This Already?” Quiz 487
        Foundation Topics 490
        Security Monitoring and Encryption 490
        Security Monitoring and Network Address Translation 491
        Security Monitoring and Event Correlation Time Synchronization 491
        DNS Tunneling and Other Exfiltration Methods 491
        Security Monitoring and Tor 493
        Security Monitoring and Peer-to-Peer Communication 494
        Exam Preparation Tasks 495
        Review All Key Topics 495
        Define Key Terms 495
        Q&A 495
    Chapter 13 Types of Attacks and Vulnerabilities 499
        “Do I Know This Already?” Quiz 499
        Foundation Topics 502
        Types of Attacks 502
            Reconnaissance Attacks 502
            Social Engineering 504
            Privilege Escalation Attacks 506
            Backdoors 506
            Code Execution 506
            Man-in-the Middle Attacks 506
            Denial-of-Service Attacks 507
            Attack Methods for Data Exfiltration 510
            ARP Cache Poisoning 511
            Spoofing Attacks 512
            Route Manipulation Attacks 513
            Password Attacks 513
            Wireless Attacks 514
        Types of Vulnerabilities 514
        Exam Preparation Tasks 518
        Review All Key Topics 518
        Define Key Terms 518
        Q&A 518
    Chapter 14 Security Evasion Techniques 523
        “Do I Know This Already?” Quiz 523
        Foundation Topics 526
        Encryption and Tunneling 526
            Key Encryption and Tunneling Concepts 531
        Resource Exhaustion 531
        Traffic Fragmentation 532
        Protocol-Level Misinterpretation 533
        Traffic Timing, Substitution, and Insertion 535
        Pivoting 536
        Exam Preparation Tasks 541
        Review All Key Topics 541
        Complete Tables and Lists from Memory 541
        Define Key Terms 541
        Q&A 541
        References and Further Reading 543
    Part VI Final Preparation
    Chapter 15 Final Preparation 545
        Tools for Final Preparation 545
            Pearson Cert Practice Test Engine and Questions on the Website 545
            Customizing Your Exams 547
            Updating Your Exams 547
            The Cisco Learning Network 548
            Memory Tables 548
            Chapter-Ending Review Tools 549
        Suggested Plan for Final Review/Study 549
        Summary 549
    Part VII Appendixes
    Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A
    Questions 551
    Glossary 571
    Elements Available on the Book Website
    Appendix B Memory Tables
    Appendix C Memory Tables Answer Key
    Appendix D Study Planner
    9781587147029, TOC, 3/9/2017

    Available on NOOK devices and apps

    • NOOK eReaders
    • NOOK GlowLight 4 Plus
    • NOOK GlowLight 4e
    • NOOK GlowLight 4
    • NOOK GlowLight Plus 7.8"
    • NOOK GlowLight 3
    • NOOK GlowLight Plus 6"
    • NOOK Tablets
    • NOOK 9" Lenovo Tablet (Arctic Grey and Frost Blue)
    • NOOK 10" HD Lenovo Tablet
    • NOOK Tablet 7" & 10.1"
    • NOOK by Samsung Galaxy Tab 7.0 [Tab A and Tab 4]
    • NOOK by Samsung [Tab 4 10.1, S2 & E]
    • Free NOOK Reading Apps
    • NOOK for iOS
    • NOOK for Android

    Want a NOOK? Explore Now

    This is the eBook version of the print title. Note that the eBook does not provide access to the practice test software that accompanies the print book.


    Learn, prepare, and practice for CCNA Cyber Ops SECFND 210-250 exam success with this Cert Guide from Pearson IT Certification, a leader in IT Certification learning.

    • Master CCNA Cyber Ops SECFND 210-250 exam topics
    • Assess your knowledge with chapter-ending quizzes
    • Review key concepts with exam preparation tasks


    CCNA Cyber Ops SECFND 210-250 Official Cert Guide is a best-of-breed exam study guide. Cisco enterprise security experts Omar Santos, Joseph Muniz, and Stefano De Crescenzo share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

    The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge, and a final preparation chapter guides you through tools and resources to help you craft your final study plan.


    Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.


    The study guide helps you master all the topics on the CCNA Cyber Ops SECFND exam, including:


    • Fundamentals of networking protocols and networking device types
    • Network security devices and cloud services
    • Security principles
    • Access control models
    • Security management concepts and techniques
    • Fundamentals of cryptography and PKI
    • Essentials of Virtual Private Networks (VPNs)
    • Windows-based Analysis
    • Linux /MAC OS X-based Analysis
    • Endpoint security technologies
    • Network and host telemetry
    • Security monitoring operations and challenges
    • Types of attacks and vulnerabilities
    • Security evasion techniques

    Read More

    Recently Viewed 

    Related Subjects

    Computers
    Computer Certification & Training
    Other Computer Certification
    Computers
    Computer Certification & Training
    Other Computer Certification
    Sign In Create an Account
    Search Engine Error - Endeca File Not Found