CCNP and CCIE Security Core SCOR 350-701 Exam Cram

This is the eBook version of the print title. Note that the eBook does not provide access to the practice test software that accompanies the print book.

Learn, prepare, and practice for CCNP and CCIE Security Core SCOR 350-701 exam success with this Exam Cram from Pearson IT Certification, a leader in IT Certification learning.

  • Master CCNP and CCIE Security Core SCOR 350-701 exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam-preparation tasks

CCNP and CCIE Security Core SCOR 350-701 Exam Cram is a best-of-breed exam study guide. Three Cisco experts share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time, including:

 

  • Compare common security vulnerabilities, such as software bugs, weak and/or hardcoded passwords, OWASP top ten, missing encryption ciphers, buffer overflow, path traversal, and cross-site scripting/forgery
  • Configure AAA for device and network access, such as TACACS+ and RADIUS
  • Implement segmentation, access control policies, AVC, URL filtering, malware protection, and intrusion policies
  • Identify security capabilities, deployment models, and policy management to secure the cloud
  • Configure cloud logging and monitoring methodologies
  • Implement traffic redirection and capture methods for web proxy
  • Describe the components, capabilities, and benefits of Cisco Umbrella
  • Configure endpoint antimalware protection using Cisco Secure Endpoint
  • Describe the uses and importance of a multifactor authentication (MFA) strategy
  • Describe identity management and secure network access concepts, such as guest services, profiling, posture assessment and BYOD
  • Explain exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, and NTP)
1144943106
CCNP and CCIE Security Core SCOR 350-701 Exam Cram

This is the eBook version of the print title. Note that the eBook does not provide access to the practice test software that accompanies the print book.

Learn, prepare, and practice for CCNP and CCIE Security Core SCOR 350-701 exam success with this Exam Cram from Pearson IT Certification, a leader in IT Certification learning.

  • Master CCNP and CCIE Security Core SCOR 350-701 exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam-preparation tasks

CCNP and CCIE Security Core SCOR 350-701 Exam Cram is a best-of-breed exam study guide. Three Cisco experts share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time, including:

 

  • Compare common security vulnerabilities, such as software bugs, weak and/or hardcoded passwords, OWASP top ten, missing encryption ciphers, buffer overflow, path traversal, and cross-site scripting/forgery
  • Configure AAA for device and network access, such as TACACS+ and RADIUS
  • Implement segmentation, access control policies, AVC, URL filtering, malware protection, and intrusion policies
  • Identify security capabilities, deployment models, and policy management to secure the cloud
  • Configure cloud logging and monitoring methodologies
  • Implement traffic redirection and capture methods for web proxy
  • Describe the components, capabilities, and benefits of Cisco Umbrella
  • Configure endpoint antimalware protection using Cisco Secure Endpoint
  • Describe the uses and importance of a multifactor authentication (MFA) strategy
  • Describe identity management and secure network access concepts, such as guest services, profiling, posture assessment and BYOD
  • Explain exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, and NTP)
47.99 In Stock
CCNP and CCIE Security Core SCOR 350-701 Exam Cram

CCNP and CCIE Security Core SCOR 350-701 Exam Cram

CCNP and CCIE Security Core SCOR 350-701 Exam Cram

CCNP and CCIE Security Core SCOR 350-701 Exam Cram

Overview

This is the eBook version of the print title. Note that the eBook does not provide access to the practice test software that accompanies the print book.

Learn, prepare, and practice for CCNP and CCIE Security Core SCOR 350-701 exam success with this Exam Cram from Pearson IT Certification, a leader in IT Certification learning.

  • Master CCNP and CCIE Security Core SCOR 350-701 exam topics
  • Assess your knowledge with chapter-ending quizzes
  • Review key concepts with exam-preparation tasks

CCNP and CCIE Security Core SCOR 350-701 Exam Cram is a best-of-breed exam study guide. Three Cisco experts share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.

The book presents you with an organized test-preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

Well regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time, including:

 

  • Compare common security vulnerabilities, such as software bugs, weak and/or hardcoded passwords, OWASP top ten, missing encryption ciphers, buffer overflow, path traversal, and cross-site scripting/forgery
  • Configure AAA for device and network access, such as TACACS+ and RADIUS
  • Implement segmentation, access control policies, AVC, URL filtering, malware protection, and intrusion policies
  • Identify security capabilities, deployment models, and policy management to secure the cloud
  • Configure cloud logging and monitoring methodologies
  • Implement traffic redirection and capture methods for web proxy
  • Describe the components, capabilities, and benefits of Cisco Umbrella
  • Configure endpoint antimalware protection using Cisco Secure Endpoint
  • Describe the uses and importance of a multifactor authentication (MFA) strategy
  • Describe identity management and secure network access concepts, such as guest services, profiling, posture assessment and BYOD
  • Explain exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, and NTP)

Product Details

ISBN-13: 9780137282722
Publisher: Pearson Education
Publication date: 03/27/2024
Series: Exam Cram
Sold by: Barnes & Noble
Format: eBook
File size: 19 MB
Note: This product may take a few minutes to download.
Age Range: 18 Years

About the Author

Joseph Mlodzianowski is a CCIE, CISSP, information security aficionado, and adventurer; he started multiple events and villages at RSA Conference, DEF CON, and Black Hat, among others, including founding the Red Team Village. He has been in the information technology security field for more than 25 years working in cybersecurity, infrastructure, networking, systems, design, offense, and defense. Joseph is currently a cybersecurity architect for Cisco Managed and Intelligence Services. He spent more than 12 years at the Department of Defense as an operator, principal cyber engineer, and SME designing and deploying complex technologies in support of missions around the world. He has consulted, investigated, and provided support for multiple federal agencies during the past 15 years. Joseph continues to contribute to content, reviews, and editing in the certification testing and curriculum process. Joseph spent almost 15 years in the energy sector, supporting refineries, pipelines, and chemical plants, specializing in ICS/SCADA industrial control networks, and building data centers. Joseph holds a broad range of certifications, including the Cisco CCIE, CNE, CSNA, CNSS-4012, CISSP, ITILv4, MCSE, NSA IAM and IEM, OIAC1180, FEMA IS-00317, Aruba ACMA, First Responder, Hazmat Certified, Member of Bexar County Sheriff’s Office CERT, and Certified Hacking Investigator. He also is a founding contributor to the CyManII (Cybersecurity Manufacturing Innovation Institute) Supply Chain. He is a member of Messaging Malware Mobile Anti-Abuse Working Group (M3aawg) and founder of the Texas Cyber Summit, a nonprofit. He believes in giving back to the community and supporting nonprofits. More information on Joseph and his training classes can be found at CyberLearningPath.org.

 

Eduardo (Eddie) Mendonca is a 23-year Cisco veteran whose current role is cybersecurity technical solutions architect in the Cisco security channel team. Before joining the security channel team, Eddie served as a technical leader on the Cisco Identity Services Engine (ISE) infrastructure development team. Eddie authored several infrastructure features in ISE, including the installation framework, upgrade and patching framework, OS layer IPv6 support, NIC Bonding, Secure Boot, and RootPatch kit. Eddie holds various technical certifications, including CISSP and Cisco DevNet. He also holds U.S. Patent US8250630: Detecting Unauthorized Computer Access. Eddie holds a bachelor’s degree in computer science from Fresno State University and is based out of Clovis, California.

 

Nicholas Kelly has worked for more than 25 years in the cybersecurity industry. He has worked in the private sector, in diplomatic security for the U.S. Department of State, and in volunteer capacity. He currently leads a team of Security Architects at Cisco, whose mission is to provide technical enablement to partners and customers. He is the author of the Leon “Catwalk” Caliber cyberpunk noir series of novels

and comics and hosts several podcasts. Nick works alongside the Innocent Lives Foundation, a non-profit, non-vigilante organization that identifies child predators and helps to bring them to justice. He resides in Virginia with his wife, son, and rotating roster of rescued fur babies.

Table of Contents

Introduction. . . . . . . . . . . . xviii

CHAPTER 1: Security Concepts.. . . . . . . . . . . 1

Explain Common Threats Against On-Premises and Cloud Environments.. . . . . . . . . 3

Compare Common Security Vulnerabilities.. . . . . 19

Describe Functions of the Cryptography Components. . . . 25

Compare Site-to-Site VPN and Remote Access VPN Deployment Types.. . . . . . . . . 31

Describe Security Intelligence Authoring, Sharing, and Consumption.. 38

Explain the Role of the Endpoint in Protecting Humans from Phishing and Social Engineering Attacks.. . . . . . 41

Explain Northbound and Southbound APIs in the SDN Architecture.. 44

Explain DNAC APIs for Network Provisioning, Optimization, Monitoring, and Troubleshooting.. . . . . . . 48

Interpret Basic Python Scripts Used to Call Cisco Security Appliance APIs.. . . . . . . . . . 51

What Next?.. . . . . . . . . . . 56

CHAPTER 2: Network Security.. . . . . . . . . . . 57

Compare Network Security Solutions and Provide Intrusion Prevention and Firewall Capabilities.. . . . . . 60

Describe Deployment Models of Network Security Solutions and Architectures That Provide
Intrusion Prevention and Firewall Capabilities.. . . . . . . . . 65

Describe the Components, Capabilities, and Benefits of NetFlow and Flexible NetFlow Records.. . . . . . . . 70

Traditional NetFlow vs. Flexible NetFlow.. . . . . 74

Configure and Verify Network Infrastructure Security Methods (Router, Switch, and Wireless).. . . . . . . 77

Implement Segmentation, Access Control Policies, AVC, URL Filtering, and Malware Protection. . . . . . . 89

Implement Management Options for Network Security Solutions.. . 93

Configure AAA for Device and Network Access.. . . . . 97

Configure Secure Network Management of Perimeter Security an Infrastructure Devices.. . . . . . . . . 101

Configure and Verify Site-to-Site VPN and Remote Access VPN.. . 106

What Next?.. . . . . . . . . . . 119

CHAPTER 3: Securing the Cloud.. . . . . . . . . . 121

Identify Security Solutions for Cloud Environments.. . . . 122

Compare Security Responsibilities for the Different Cloud Service Models.. . . . . . . . . . 129

Describe the Concepts of DevSecOps (CI/CD Pipeline), Container Orchestration, and Secure
Software Development.. . . . 132

Implementing Application Security.. . . . . . . 136

Identify Security Capabilities, Deployment Models, and Policy Management to Secure the Cloud.. . . . . . . 142

Configure Cloud Logging and Monitoring. . . . . . 144

Application Security Concepts.. . . . . . . . 146

What Next?.. . . . . . . . . . . 150

CHAPTER 4: Content Security.. . . . . . . . . . . 151

Web Proxy Fundamentals. . . . . . . . . 158

Web Proxy Identity and Authentication.. . . . . . 167

Cisco Secure Web Appliance Identification and Authentication. 167

Content Security Overview.. . . . . . . . 171

Deploying Cisco Secure Web Appliance and Secure Email Gateway.. 184

Secure Email Gateway Configuration.. . . . . . 190

Cisco Secure Web Appliance Configuration.. . . . . 202

Cisco Umbrella Overview.. . . . . . . . 209

Cisco Umbrella Configuration.. . . . . . . . 216

What Next?.. . . . . . . . . . . 222

CHAPTER 5: Endpoint Protection and Detection.. . . . . . . . 223

Endpoint Protection and Endpoint Detection and Response. . . 225

Cisco Secure Endpoint.. . . . . . . . . 227

Outbreak Control and Quarantines.. . . . . . . 230

Justifications for Endpoint Security.. . . . . . . 239

Endpoint Management and Asset Inventory Tools.. . . . 241

Uses and Importance of a Multifactor Authentication Strategy.. . 246

Endpoint Posture Assessments to Ensure Endpoint Security. . . 252

Endpoint Patching Strategy.. . . . . . . . 254

What Next?.. . . . . . . . . . . 256

CHAPTER 6: Secure Network Access, Visibility, and Enforcement.. . . . 257

Identity Management Concepts.. . . . . . . 262

AAA Configuration.. . . . . . . . . . 275

RADIUS Change of Authorization.. . . . . . . 292

RADIUS CoA Use Cases. . . . . . . . 292

Application Visibility and Control.. . . . . . . 297

Data Exfiltration. . . . . . . . . . 300

Network Telemetry.. . . . . . . . . . 305

Cisco Security Solutions.. . . . . . . . . 308

What Next?.. . . . . . . . . . . 319

Cram Sheet. . . . . . . . . . . . 321

Online Element:

Glossary

9780137282517, TOC, 2/19/24

From the B&N Reads Blog
Page 1 of

Related Subjects

Computers
Computer Certification & Training
Cisco Certification
Computers
Computer Certification & Training
Cisco Certification

Customer Reviews