Uh-oh, it looks like your Internet Explorer is out of date.

For a better shopping experience, please upgrade now.

CCNA Security 640-554 Official Cert Guide / Edition 1

CCNA Security 640-554 Official Cert Guide / Edition 1

4.0 5
by Keith Barker

See All Formats & Editions

ISBN-10: 1587204460

ISBN-13: 2901587204462

Pub. Date: 07/20/2012

Publisher: Cisco Press

Trust the best selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

CCNA Security 640-554 Official Cert Guide presents you with an organized test

Customer Reviews

Average Review:

Post to your social network


Most Helpful Customer Reviews

See all customer reviews

CCNA Security 640-554 Official Cert Guide 4 out of 5 based on 0 ratings. 5 reviews.
Stephen_Luhan More than 1 year ago
The CCNA Security 640-554 Official Cert Guide, by Keith Barker and Scott Morris, provides an overview of the security and network terminology utilized in today’s enterprise environment to secure the network perimeter, specifically utilizing Cisco routers and switches. The exam candidate and network practitioner alike can use this resource to master the information needed to pass the exam. The CCNA Security 640-554 certification exam is a 90 minute (55-65 question) exam that tests a candidate’s knowledge of securing Cisco routers and switches on their associated networks. By obtaining this certification, the network practitioner can validate their skills for installing, configuring and maintaining Cisco network equipment. The CCNA Security 640-554 Official Cert Guide can assist the candidate in obtaining this certification. Although the reference material is not necessary as comprehensive as other certification guides and reference materials, the book explains in plain terms the basics that a network administrator / CCNA level candidate must know to pass the exam. The book generally explains the concepts behind network security and some of the vulnerabilities can affect the network security boundaries, but it is not as detailed and comprehensive as other certifications can attest too (example: CISSP). The certification guide includes a CD that contains a premium edition of the book (eBook), as well as a generic practice test. The CD also has links to book updates (when applicable), as well as printable appendixes that can help reinforce the content. However, I do wish that the reference material did contain additional information and test questions to enhance the content. There are some configuration examples for applying configuration parameters (i.e., AAA, ACL’s, IPv6, etc.), but by no means is it a comprehensive cookbook of router / switch configurations. The reader and exam candidate can benefit from this resource, but I would definitely suggest that this would not be the only resource that is utilized to support configure, manage and support the infrastructure. I give this book 3 out 5 stars.
Are you preparing for the 640-554 Implementing Cisco IOS Network Security exam? If you are, then this book is for you! Authors Keith Barker and Scott Morris, have done an outstanding job of writing book that improves your awareness and knowledge of network security. Barker and Morris, begin by covering the need for the building blocks of network and information security, threats to our networks today, and the fundamental principles of secure network design. Then, the authors review risk analysis, management and security policies. The authors also cover the securing of borderless networks, controlling and containing data loss. They continue by covering the securing of the network using the network foundation protection approach, the management plane, the control plane, and the data plane. Next, the authors review the Cisco Configuration Professional features and the GUI, setting up new devices, CCP building blocks, and CCP audit features. Then, they describe management traffic and how to make it more secure and the implementation of security measures to protect the management plane. The authors also describe the role of Cisco Secure ACS and the two primary protocols used with it, RADIUS and TACACS. They continue by reviewing VLANs and trunking fundamentals, spanning-tree fundamentals, and common Layer 2 threats and how to mitigate them. Next, the authors cover the Ipv6. Then, they discuss the design considerations for threat mitigation and containment; and, the hardware, software, and services used to implement a secure network. The authors also cover the benefits and fundamentals for access control lists, implementing Ipv4 ACLs a packet filters, and implementing Ipv6 ACLs as packet filters. They continue by reviewing the firewall concepts and the technologies used by them, the function of Network Address Translations, including its building blocks, and the guidelines and considerations for creating and deploying firewalls. Next, the authors discuss the operational and functional components of the IOS Zone-Based Firewall and how to configure and verify the IOS Zone-Based Firewall. Then, they cover the Adaptive Security Appliance family and features, ASA firewall fundamentals, and configuring the ASA. The authors also compare intrusion prevention systems to intrusion detection systems and cover how to identify malicious traffic on the network, manage signatures, and monitor and manage alarms and alerts. Next, they cover the features included in the IOS-based IPS and the installing of the IPS feature; working with signatures in IOS-based IPS; and, managing and monitoring IPS alarms. The authors continue by covering what VPNs are, why they are used and the basic ingredients of cryptography. Then, they cover the concepts, components, and operations of the public key infrastructure and include an example of putting the pieces of PKI to work. The authors also cover the concepts, components, and operations of IPsec and how to configure and verify IPsec. Next, they cover the planning and preparation that is needed to implement an IPsec site-to-site VPN, implementing and verifying the IPsec site-to-site VPN. The authors continue by covering the functions and use of SSL for VPNs, configuring SSL clientless VPN on the ASA, and configuring the full SSL AnyConnect VPN on the ASA. Finally, they identify the tools that are needed for the final exam preparation to help you develop an effective study plan. The goal of this most excellent book is
Boudville More than 1 year ago
One nice feature of the book is the ample coverage of IPv6. Finally after over 10 years, IPv6 subnets are becoming common, if only because of the impending exhaustion of IPv4 addresses. This CERT guide goes into a new focus on IPv6 security, while also delineating existing commonalities with IPv4. Maybe the quickest advantage of IPv6 is that an attacker who gets access to your v6 subnet cannot simply do an exhaustive ping sweep to find all active devices. Whereas typically a v4 subnet might have 8 bits of addressing, which means 254 maximum addresses to ping. Of all the differences between v4 and v6, this advantage is the easiest to understand. But the book warns against complacency. It suggests that scanners and worms built for v4 will likely run in v6. While another and ironic danger is that you might have v6 running on your v4 network unawares to you. Then a newly discovered v6 bug might be exploited by an attacker, because you are unlikely to check for it if you do not even expect to be running v6 anywhere on your network. By the way, this brings up the very real possibility that newly coded v6 firmware might be vulnerable to bugs unlike a thoroughly tested and heavily used existing v4 package. The discussion in chapter 12 on firewall fundamentals is quite understandable and generally applicable to any type of firewall hardware (or software) you choose to run. The differing properties of firewalls is explained, where this can translate to very different hardware costs. Another useful section of the chapter delves into Network Address Translation. Sometimes used to conserve addresses in the larger v4 Internet, but also to improve protection to computers behind a firewall. The book also has very specific explanations of Cisco hardware and software to implement firewalls. Something you can expect to be tested on in the exam. You can also see from the screen captures in the book that much of the administration is via a GUI that tries to make the tasks easy to understand.
Anonymous More than 1 year ago
Anonymous More than 1 year ago
This book has excellent information and is well written. I HIGHLY recommend the physical book. For the Nook Book, a large amount of the book is using CCP and ASDM which comes with screenshots of the interface and how to configure things through them. In the Nook book, these screen shots are essentially illegible. This is using a nook, using an android tablet with the nook app and on the PC Nook application. In all 3 instances, the ASDM and CCP screenshots are practically useless. Again, I wholeheartedly recommend the book, the information is excellent, but the Nook version leaves a lot to be desired.