Cover image for CCIE security exam certification guide
CCIE security exam certification guide
Benjamin, Henry.
Personal Author:
Publication Information:
Indianapolis, In : Cisco Press, [2003]

Physical Description:
xxi, 615 pages : illustrations ; 24cm + 1 CD-ROM (4 3/4 in.).
General Note:
Includes index.
Format :


Call Number
Material Type
Home Location
Item Holds
QA76.3 .B446 2003 Adult Non-Fiction Central Closed Stacks

On Order



Exam Certification Guides from Cisco Press are comprehensive study tools for Cisco certification exam preparation that combine tutorial learning of all topics for the relevant exam with proven learning, retention, and self-assessment pedagogical tools. The accompanying CD-ROM also includes an electronic copy of the book.

Author Notes

Henry Benjamin , CCIE No. 4695, has more than ten years experience with Cisco networks. Henry recently worked for Cisco in the internal IT department helping to design and implement networks throughout Australia and Asia. Henry was a key member of the CCIE global team, where he was responsible for writing new laboratory examinations and questions for the coveted CCIE R/S, CCIE Security, and CCIE C/S examinations.

Table of Contents

1 Using This Book to Prepare for the CCIE Security Written Exam
CCIE Security Certification
CCIE Security Written Exam Blueprint
How to Prepare for the CCIE Security Written Exam Using This Book
2 General Networking Topics
"Do I Know This Already?" Quiz
Foundation Topics
Networking Basics--The OSI Reference Model
Layer 1 The Physical Layer
Layer 2 The Data Link Layer
Layer 3 The Network Layer
Layer 4 The Transport Layer
Layer 5 The Session Layer
Layer 6 The Presentation Layer
Layer 7 The Application Layer
TCP/IP and OSI Model Comparison
Example of Peer-to-Peer Communication
Ethernet Overview
Switching and Bridging
Bridge Port States
Fast Ether Channel
Internet Protocol
Variable-Length Subnet Masks
Classless Interdomain Routing
Transmission Control Protocol
TCP Mechanisms
TCP Services
Address Resolution Protocol (ARP)
Reverse ARP
Dynamic Host Configuration Protocol
Hot Standby Router Protocol
Internet Control Message Protocol
File Transfer Protocol and Trivial File Transfer Protocol
Routing Protocols
Routing Information Protocol
Border Gateway Protocol
Basic Rate and Primary Rate Interfaces
ISDN Framing and Frame Format
ISDN Layer 2 Protocols
Cisco IOS ISDN Commands
IP Multicast
Asynchronous Communications and Access Devices
Foundation Summary
Requirements for Fast Ether Channel
Q & A
Scenario 2-1: Routing IP on Cisco Routers
Scenario Answers
Scenario 2-1 Answers: Routing IP on Cisco Routers
3 Application Protocols
"Do I Know This Already?" Quiz
Foundation Topics
Domain Name System
Trivial File Transfer Protocol
File Transfer Protocol
Active FTP
Passive FTP
Hypertext Transfer Protocol
Secure Socket Layer
Simple Network Management Protocol
SNMP Notifications
SNMP Examples
Simple Mail Transfer Protocol
Network Time Protocol
Secure Shell
Foundation Summary
Q & A
Scenario 3-1: Configuring DNS, TFTP, NTP, and SNMP
Scenario Answers
Scenario 3-1 Solutions
4 Cisco IOS Specifics and Security
"Do I Know This Already?" Quiz
Foundation Topics
Cisco Hardware
Random-Access Memory (RAM)
Nonvolatile RAM (NVRAM)
System Flash
Central Processing Unit
Read-Only Memory
Configuration Registers
Cisco Interfaces
Saving and Loading Files
Show and debug Commands
Router CLI
Show Commands
Debugging Cisco Routers
Password Recovery
Basic Security on Cisco Routers
IP Access Lists
Access Lists on Cisco Routers
Extended Access Lists
Foundation Summary
Q & A
Scenario 4-1: Configuring Cisco Routers for Passwords and Access Lists
Scenario Answers
5 Security Protocols
"Do I Know This Already?" Quiz
Foundation Topics
Authentication, Authorization, and Accounting (AAA)
Remote Authentication Dial-In User Service (RADIUS)
RADIUS Configuration Task List
Terminal Access Controller Access Control System Plus (TACACS+)
TACACS+ Configuration Task List
Kerberos Configuration Task List
Virtual Private Dial-Up Networks (VPDN)
VPDN Configuration Task List
Encryption Technology Overview
Data Encryption Standard (DES) and Triple Data Encryption Standard (3DES
Digital Signature Standard (DSS)
Message Digest 5 (MD5) and Secure Hash Algorithm (SHA)
IP Security IPSec
Internet Key Exchange (IKE)
IKE Phase I Messages Types 1-6
IKE Phase II Message Types 1-3
Cisco IOS IPSec Configuration
Certificate Enrollment Protocol (CEP)
Foundation Summary
Q & A
Scenario 5-1: Configuring Cisco Routers for IPSec
Scenario Answers
Scenario 5