windecember

Written Exam Blueprint v2.0

The Security written exam (350-018) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam effective January 2, 2007. Please note, however, that other relevant or related topic areas may also appear. Candidates prior to January 2 should continue using the prior blueprints (now known as v1.0).

1. General Networking
   1. Networking Basics
   2. OSI Layers
   3. TCP/IP Protocols
   4. Switching (VTP, VLANs, Spanning Tree, Trunking, etc.)
   5. Routing Protocols (RIP, EIGRP, OSPF, and BGP)
   6. IP Multicast
   
   
2. Security Protocols, Ciphers and Hash Algorithms
   1. RADIUS
   2. TACACS+
   3. Ciphers RSA, DSS, RC4
   4. Message Digest 5 (MD5)
   5. Secure Hash Algorithm (SHA)
   6. EAP PEAP TKIP TLS
   7. Data Encryption Standard (DES)
   8. Triple DES (3DES)
   9. Advanced Encryption Standard (AES)
   10. IP Security (IPSec)
   11. Authentication Header (AH)
   12. Encapsulating Security Payload (ESP)
   13. Internet Key Exchange (IKE)
   14. Certificate Enrollment Protocol (CEP)
   15. Transport Layer Security (TLS)
   16. Secure Socket Layer (SSL)
   17. Point to Point Tunneling Protocol (PPTP)
   18. Layer 2 Tunneling Protocol (L2TP)
   19. Generic Route Encapsulation (GRE)
   20. Secure Shell (SSH)
   21. Pretty Good Privacy (PGP)
   
   
3. Application Protocols
   1. Hypertext Transfer Protocol (HTTP)
   2. Simple Mail Transfer Protocol (SMTP)
   3. File Transfer Protocol (FTP)
   4. Domain Name System (DNS)
   5. Trivial File Transfer Protocol (TFTP)
   6. Network Time Protocol (NTP)
   7. Lightweight Directory Access Protocol (LDAP)
   8. Syslog
   
   
4. Security Technologies
   1. Packet Filtering
   2. Content Filtering
   3. URL Filtering
   4. Authentication Technologies
   5. Authorization technologies
   6. Proxy Authentication
   7. Public Key Infrastructure (PKI)
   8. IPSec VPN
   9. SSL VPN
   10. Network Intrusion Prevention Systems
   11. Host Intrusion Prevention Systems
   12. Event Correlation
   13. Adaptive Threat Defense (ATD)
   14. Network Admission Control (NAC)
   15. 802.1x
   16. Endpoint Security
   17. Network Address Translation
   
   
5. Cisco Security Appliances and Applications
   1. Cisco Secure PIX Firewall
   2. Cisco Intrusion Prevention System (IPS)
   3. Cisco VPN 3000 Series Concentrators
   4. Cisco EzVPN Software and Hardware Clients
   5. Cisco Adaptive Security Appliance (ASA) Firewall
   6. Cisco Security Monitoring, Analysis and Response System (MARS)
   7. Cisco IOS Firewall
   8. Cisco IOS Intrusion Prevention System
   9. Cisco IOS IPSec VPN
   10. Cisco IOS Trust and Identity
   11. Cisco Secure ACS for Windows
   12. Cisco Secure ACS Solution Engine
   13. Cisco Traffic Anomaly Detectors
   14. Cisco Guard DDoS Mitigation Appliance
   15. Cisco Catalyst 6500 Series Security Modules (FWSM, IDSM, VPNSM, WebVPN, SSL modules)
   16. Cisco Traffic Anomaly Detector Module & Cisco Guard Service Module
   
   
6. Cisco Security Management
   1. Cisco Adaptive Security Device Manager (ASDM)
   2. Cisco Router & Security Device Manager (SDM)
   3. Cisco Security Manager (CSM)
   
   
7. Cisco Security General
   1. IOS Specifics
   2. Routing and Switching Security Features: IP & MAC Spoofing, MAC Address Controls, Port Security, DHCP Snoop, DNS Spoof.
   3. NetFlow
   4. Layer 2 Security Features
   5. Layer 3 Security Features
   6. Wireless Security
   7. IPv6 Security
   
   
8. Security Solutions
   1. Network Attack Mitigation
   2. Virus and Worms Outbreaks
   3. Theft of Information
   4. DoS/DDoS Attacks
   5. Web Server & Web Application Security
   
   
9. Security General
   1. Policies - Security Policy Best Practices
   2. Information Security Standards (ISO 17799, ISO 27001, BS7799)
   3. Standards Bodies
   4. Common RFCs (e.g. RFC1918, RFC2827, RFC2401)
   5. BCP 38
   6. Attacks, Vulnerabilities and Common Exploits - recon, scan, priv escalation, penetration, cleanup, backdoor
   7. Security Audit & Validation
   8. Risk Assessment
   9. Change Management Process
   10. Incident Response Framework
   11. Computer Security Forensics

[此贴子已经被作者于2006-8-15 14:11:59编辑过]

windecember

CCIE SECURITY TRACK-Lab Exam Blueprint v2.0

Please review the Lab Exam Overview for general information about the CCIE Security lab exam. This lab exam blueprint v2.0 is a detailed outline of the topics likely to appear on the lab exam effective January 2, 2007. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE lab exam. The topics listed are guidelines and other relevant or related topics may also appear. Candidates for lab exams scheduled on January 2, 2007 or later should prepare using the v2.0 blueprints below. In general, new product features become eligible for testing on CCIE lab exams six months after general release.

1. Firewall
   1. PIX and ASA Firewall
      1. Basic initialization
      2. Access Management
      3. Address translation
      4. ACLs
      5. IP Routing
      6. Object groups
      7. VLANs
      8. AAA
      9. VPNs
      10. Filtering
      11. Failover
      12. Layer 2 Transparent Firewall
      13. Security Contexts (Virtual Firewall)
      14. Modular Policy Framework
      15. Application-Aware Inspection
      16. High Availability Scenarios
      17. QoS Policies
      18. Other advanced features
          
   2. IOS Firewall
      1. CBAC
      2. Audit
      3. Auth Proxy
      4. PAM
      5. Access control
      6. Performance tuning
      7. Advanced features
   
   
2. VPN
   1. IPSec LAN-to-LAN
   2. SSL VPN
   3. DMVPN
   4. CA (PKI)
   5. Remote access VPN
   6. VPN3000 Concentrator
   7. VPN3000 IP Routing
   8. Unity client
   9. WebVPN
   10. EzVPN Hardware Client
   11. XAuth, Split-tunnel, RRI, NAT-T
   12. High Availability
   13. QoS for VPN
   14. GRE, mGRE
   15. L2TP
   16. PPTP
   17. Advanced VPN features
   
   
3. Intrusion Prevention System (IPS)
   1. IPS 4200 Series Sensor Appliance
   2. Basic initialization
   3. Sensor configuration
   4. Sensor Management
   5. Promiscuous and Inline Monitoring
   6. Signature Tuning
   7. Custom Signatures
   8. Blocking
   9. TCP Resets
   10. Rate Limiting
   11. Signature Engines
   12. IDM
   13. Event Action
   14. Event Monitoring
   15. IOS IPS
   16. PIX IDS
   17. SPAN, RSPAN
   18. Advanced Features
   
   
4. Identity Management
   1. Security Protocols (Radius, Tacacs+)
   2. Cisco Secure ACS Configuration
   3. Access Management (Telnet, SSH, Pwds, Priv Levels)
   4. Proxy Authentication
   5. Service Authentication (FTP, Telnet, HTTP, other)
   6. Network Admission Control (NAC Framework solution)
   7. 802.1x
   8. Advanced features
   
   
5. Advanced Security
   1. Mitigation techniques
   2. Packet marking techniques
   3. Security RFCs (RFC1918, RFC2827, RFC2401)
   4. Service Provider Security
   5. Black Holes, Sink Holes
   6. RTBH Filtering (Remote Triggered Black Hole)
   7. Traffic Filtering using Access-lists
   8. NAT
   9. TCP Intercept
   10. uRPF
   11. CAR
   12. NBAR
   13. NetFlow
   14. Flooding
   15. Spoofing
   16. Policing
   17. Fragmentation
   18. Sniffer Traces
   19. Catalyst Management and Security
   20. Traffic Control and Congestion Management
   21. Catalyst Features and Advanced configuration
   22. IOS Security Features
   
   
6. Network Attacks
   1. Network Reconnaissance
   2. IP Spoofing Attacks
   3. MAC Spoofing Attacks
   4. ARP Spoofing Attacks
   5. Denial of Service (DoS)
   6. Distributed Denial of Service (DDoS)
   7. Man-in-the-Middle (MiM) Attacks
   8. Port Redirection Attacks
   9. DHCP Attacks
   10. DNS Attacks
   11. Fragment Attacks
   12. Smurf attacks
   13. SYN Attacks
   14. MAC Attacks
   15. VLAN Hoping Attacks
   16. Other Layer2 and Layer3 Attacks

[此贴子已经被作者于2006-8-15 14:12:26编辑过]