Application Protocols
Domain Name System (DNS)
Trivial File Transfer Protocol (TFTP)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP)
Secure Socket Layer (SSL)
Simple Mail Transfer Protocol (SMTP)
Network Time Protocol (NTP)
IOS SSH
Lightweight Directory Access Protocol (LDAP)
Active Directory
RDEP Remote Data Exchange Protocol
General Networking
Networking Basics
TCP/IP
Switching and Bridging (including: VLANs, Spanning Tree, etc.)
Routed Protocols
Routing Protocols (including: RIP, EIGRP, OSPF, BGP)
Point to Point Protocol (PPP)
IP Multicast
Integrated Services Digital Network (ISDN)
Async
Access Devices (for example: Cisco AS 5300 series)
Telephony best practices
Wireless best practices
Security Technologies
Concepts - security best practices
Packet Filtering
PIX and IOS authentication proxies
Port Address Translation (PAT)
Network Address Translation (NAT)
Firewalls
Content Filters
Public Key Infrastructure (PKI)
Authentication Technologies
Authorization technologies
Virtual Private Networks (VPN)
Network IDS anomaly, signature, passive, inline
Host Intrusion Prevention
Cisco Threat Response
Cisco Security Applications
Cisco Secure NT
Cisco Secure PIX Firewall
VMS
Cisco Secure Intrusion Detection System (formerly NetRanger)
IOS� Firewall Feature Set
VPN 3000
Client side VPN
CAT Service Modules
IOS IDS (in line)
Cisco Secure ACS
Security Information Monitoring System (event correlation, basic forensics)
Security General
Policies - Security Policy Best Practices
Standards Bodies - IETF
Vulnerability discussions
Attacks and Common Exploits - recon, priv escalation, penetration, cleanup, backdoor
Cisco General
IOS Specifics
Routing and switching security features: IE mac address controls, port security, dhcp snoop
Security Policy best practices
LAB考试大纲:
Bridging and Switching
Basic frame relay configuration
Catalyst VLAN configuration
Catalyst VTP configuration
Port-VLAN assignments
Basic ATM configuration (To be removed from the exam as of January 1, 2006.)
Catalyst management and security
802.1x
Traffic control and congestion management
Catalyst features and advanced catalyst configuration
IGP Routing
OSPF, EIGRP and RIP configurations
OSPF, EIGRP and RIP security
PIX routing
VPN3000 routing
Route filtering, redistribution, summarization and other advanced IGP features
PIX Firewall
Basic PIX configuration
Management
Address translation (NAT, global, static)
ACL, conduit
Routing
Object groups
VLANs
AAA
VPN
DHCP
PPPoE
Filtering
Fixup protocols
Other advanced PIX features
ISDN
Basic configuration (To be removed from the exam as of January 1, 2006.)
ODR, DDR, dial-backup, callback, authentication (To be removed from the exam as of January 1, 2006.)
Routing over ISDN (To be removed from the exam as of January 1, 2006.)
Advanced ISDN features (To be removed from the exam as of January 1, 2006.)
BGP
Basic IBGP, EBGP and BGP backbone configurations
BGP security
Summarization, filtering and advanced BGP features
IP/IOS Features
IP services
QoS
NAT/PAT
NTP
DHCP
SNMP
IOS features and user interfaces
File management, system management and advanced IP/IOS features
AAA
Tacacs+
Radius
Switch and router management
PIX management
VPN3000 management
Proxy authentication
Service authentication FTP, telnet, HTTP, other
Advanced AAA features
VPN
IPSec LAN-to-LAN (IOS/ PIX/ VPN3000)
DMVPN
Pre-shared
CA (PKI)
Remote access VPN (IOS/ PIX/ VPN3000)
VPN3000 concentrator
Unity client
WebVPN
EzVPN Hardware client (IOS/ PIX)
Xauth, split-tunnel, RRI, NAT-T
High availability
IPSec redundancy
QoS for VPN
GRE, mGRE
L2TP
PPTP
Advanced VPN features
IOS Firewall
CBAC
Audit
Auth Proxy
PAM
Access control
Performance tuning
Advanced IOS firewall features
Advanced Security
DoS/DDoS attacks
Network/ Host attacks
Packet marking techniques
Mitigation techniques
Security RFCs
Service provider security
Black holes, sink holes
Access lists (standard, extended, named)
Lock-and-Key access-list
Reflexive access-list
TCP intercept
uRPF
CAR
NBAR
Netflow
802.1x
PBR
Flooding
Spoofing
Policing
Fragmentation
Sniffer traces
Device security and management (telnet, SSH, pwd, priv lvls)
Other advanced features
Intrusion Detection System
IDS sensor appliance 42XX
Sensor configuration
Signature tuning
Shunning
TCP resets
Sensor features
IDM
IEV
IOS IDS
PIX IDS
SPAN, RSPAN
Advanced IDS features
安全CCIE lab 学习以及考试建议
Assessing Strengths Using the content blueprint, determine your experience and knowledge in the major topic areas. For areas of strength, practicing for speed should be your focus. For weak areas, you may need training or book study in addition to practice.
Study Materials
Choose lab materials that provide configuration examples and take a hands-on approach. Look for materials that are approved or provided by Cisco and its Learning Partners.
Hands-On Practice
Build and practice lab scenarios on a per topic basis. Go beyond the basics and practice additional features. Learn the show and debug commands along with each topic. If a protocol has multiple ways of configuring a feature, practice all of them.
Cisco Documentation CD
Make sure you can navigate the Cisco documentation CD with confidence because this is the only resource you will be allowed during the lab. Make the CD part of your regular study; if you are familiar with it, you can save time during the exam.
Home Labs
Although acquiring a personal home lab is ideal, it can be costly to gather all the equipment you will need. For the hardware devices that are costly to obtain, you may be able to rent the equipment online at a more reasonable cost.
>TEN TIPS FOR TAKING THE LAB EXAM
Read the entire exam first and check for addressing issues. Do not skip any details or sections.
Manage your time. Make a plan to cover all the sections in the time provided. Work out how much time you will spend on each section, keeping in mind the point value of the questions. Don’t forget to allow time at the end to verify your solutions.
Clarify the requirements of each question. Don’t assume requirements that aren’t mentioned in the question. During the lab, if you are in any doubt, verify your understanding of the question with the proctor.
Do each question as a unit. Configure and verify before moving to the next question. You may want to redraw the topology with all the details available. This will help you visualize and map the network.
Troubleshoot. You must know how to troubleshoot using the tools available. Although troubleshooting is important, don’t lose too much time working on a 2- or 3-point question. If you’re caught off-guard by an unfamiliar topic, don’t let it absorb too much time. Work on the things you are more comfortable with and go back to difficult items later.
Keep a list. During the exam, make notes on configurations and settings as you move through the exam. Make a separate list for items you have not been able to address or where you have not achieved the desired result which you’ll need to revisit.
Test your work. Never rely on a configuration done in the early hours of the exam. There is a possibility that an item you configured a few sections earlier can become broken and non-functional. Keep in mind that points are awarded for working configuration only.
Save your configurations often.
Don’t make any drastic changes in the last half hour of the exam.
Speed is vital on the exam. Review and practice core material the week before the exam to ensure you can move quickly through the less challenging questions.
