SANNET—CCIE安全笔试大纲

cloudonline

	CCIE Security Written Blueprint
1.00	Infrastructure, Connectivity, Communications, Network Security
1.1	Network Addressing Basics
1.2	OSI Layers
1.3	TCP/UDP/IP
1.4	LAN Switching (e.g. VTP, VLANs, Spanning Tree, Trunking)
1.5	Routing Protocols (RIP, EIGRP, OSPF, and BGP)
	(a) Basic Functions/Characteristics
	(b) Security Features
1.6	Tunneling Protocols
	(a) GRE
	(b) NHRP
	(c) v6 Tunnel Types
1.7	IP Multicast
	(a) PIM
	(b) Multi Srvc Disc Protocol [Multiservice Discovery Protocol?]
	(c) IGMP/CGMP
	(d) Multicast Listener Discovery
1.8	Wireless
	(a) SSID
	(b) Authentication/Authorization
	(c) Rogue Apps
	(d) Session Establishment
1.9	Authentication/Authorization Technologies
	(a) Single Sign-On
	(b) OTPs
	(c)LDAP/AD
	(d) Role-Based Access Control (RBAC)
1.10	VPNs
	(a) Layer 2 versus Layer 3
	(b) MPLS/VRFs/Tag switching
1.11	Mobile IP Networks
2.00	Security Protocols
2.1	Rivest, Shamir and Adleman (RSA)
2.2	Rivest Cipher 4 (RC4)
2.3	Message Digest 5 (MD5)
2.4	Secure Hash Algorithm (SHA)
2.5	Data Encryption Standard (DES)
2.6	Triple DES (3DES)
2.7	Advanced Encryption Standard (AES)
2.8	IP Security (IPsec)
2.9	Internet Security Association and Key Management Protocol (ISAKMP)
2.10	Internet Key Exchange IKE/IKEv2
2.11	Group Domain of Interpretation (GDOI)
2.12	Authentication Header (AH)
2.13	Encapsulating Security Payload (ESP)
2.14	Certificate Enrollment Protocol (CEP)
2.15	Transport Layer Security TLS/DTLS
2.16	Secure Sockets Layer (SSL)
2.17	Secure Shell (SSH) Protocol
2.18	Remote Authentication Dial In User Service (RADIUS)
2.19	Terminal Access Controller Access-Control System Plus (TACACS+)
2.20	Lightweight Directory Access Protocol (LDAP)
2.21	EAP Methods (e.g. EAP-MD5, EAP-TLS, EAP-TTLS, EAP-FAST, PEAP, LEAP)
2.22	Public Key Infrastructure (PKI)/PKIX/PKCS
2.23	802.1X
2.24	WEP/WPA/WPA2
2.25	Web Cache Communication Protocol (WCCP)
2.26	Secure Group Tagging Exchange Protocol (SXP)
2.27	MacSec
2.28	DNSSec
3.00	Application and Infrastructure Security
3.1	Hypertext Transfer Protocol (HTTP)
3.2	Hypertext Transfer Protocol Secure (HTTPS)
3.3	Simple Mail Transfer Protocol (SMTP)
3.4	Dynamic Host Configuration Protocol (DHCP)
3.5	Domain Name System (DNS)
3.6	File Transfer Protocol (FTP/SFTP)
3.7	Trivial File Transfer Protocol (TFTP)
3.8	Network Time Protocol (NTP)
3.9	Simple Network Management Protocol (SNMP)
3.10	Syslog
3.11	Netlogon, Netbios, SMB
3.12	RPCs
3.13	RDP/VNC
3.14	PCoIP
3.15	OWASP
3.16	Basic Unnecessary Services
4.00	Threats, Vulnerability Analysis and Mitigation
4.1	Recognizing and Mitigating Common Attacks
	(a) ICMP Attacks, PING Floods
	(b) MITM
	(c) Replay
	(d) Spoofing
	(e) Backdoor
	(f) Botnets
	(g) Wireless Attacks
	(h) DoS/DDoS Attacks
	(i) Virus and worm Outbreaks
	(j) Header Attacks
	(k) Tunneling Attacks
4.2	Software/OS Exploits
4.3	Security/Attack Tools
4.4	Generic Network Intrusion Prevention Concepts
4.5	Packet Filtering
4.6	Content Filtering/Packet Inspection
4.7	Endpoint/Posture Assessment
4.8	QoS Marking Attacks
5.00	Cisco Security Products, Features, and Management
5.1	Cisco Adaptive Security Appliance (ASA)
	(a) Firewall Functionality
	(b) Routing/Multicast Capabilities
	(c )Firewall Modes
	(d) NAT - Pre 8.4/Post 8.4
	(e) Object Definition/ACLs
	(f) MPF functionality (IPS/QoS/Application Awareness)
	(g) Context Aware Firewall
	(h) Identity Based Services
	(g) Failover Options
5.2	Cisco IOS Firewalls and NAT
	(a) CBAC
	(b) Zone-Based Firewall
	(c ) Port-to-Application Mapping
	(d) Identity Based Firewalling
5.3	Cisco Intrusion Prevention Systems (IPSs)
5.4	Cisco IOS IPS
5.5	Cisco AAA Protocols and Application
	(a) RADIUS
	(b) TACACS+
	(c) Device Admin
	(d) Network Access
	(e) 802.1X
	(f) VSAs
5.6	Cisco Identity Services Engine
5.7	Cisco Secure ACS Solution Engine
5.8	Cisco Network Admission Control (NAC) Appliance Server
5.9	Endpoint/Client
	(a) Cisco AnyConnect VPN Client
	(b) Cisco VPN Client
	(c) Cisco Secure Desktop (CSD)
	(d) NAC Agent
5.10	Secure Access Gateways (Cisco IOS Router/ASA)
	(a) IPsec
	(b) SSL VPN
	(c) PKI
5.11	Virtual Security Gateway
5.12	Cisco Catalyst 6500 Series Security Services Modules
5.13	Scansafe Functionality and Components
5.14	IronPort Products
5.15	Security Management
	(a) Cisco Security Manager
	(b) Cisco Adaptive Security Device Manager (ASDM)
	(c) Cisco IPS Device Manager (IDM)
	(d) Cisco IPS Manager Express (IME)
	(e) Cisco Configuration Professional
	(f) Cisco Prime
6.00	Cisco Security Technologies and Solutions
6.1	Router Hardening Features (e.g. CoPP, MPP, uRPF, PBR)
6.2	Switch Security Features (e.g. anti-spoofing, port, STP, MacSec , NDAC, NEAT)
6.3	NetFlow
6.4	Wireless Security
6.5	Network Segregation
	(a) VRF-aware technologies
	(b) VXLAN
6.6	VPN Solutions
	(a) FlexVPN
	(b) Dynamic Multipoint VPN (DMVPN)
	(c) Group Encrypted Transport VPN (GETVPN)
	(d) EasyVPN
6.7	Content and Packet Filtering
6.8	QoS application for security
6.9	Load Balancing and Failover
7.00	Security Policies and Procedures, Best Practices, Standards
7.1	Security Policy Elements
7.2	Information Security Standards (e.g. ISO/IEC 27001, ISO/IEC 27002)
7.3	Standards Bodies (e.g. ISO, IEC, ITU, ISOC, IETF, IAB, IANA, ICANN)
7.4	Industry Best Practices (e.g. SOX, PCI DSS)
7.5	Common RFC/BCP (e.g. RFC2827/BCP38, RFC3704/BCP84,RFC5735)
7.6	Security Audit and Validation
7.7	Risk Assessment
7.8	Change Management Process
7.9	Incident Response Framework
7.10	Computer Security Forensics
7.11	Desktop Security Risk Assessment/Desktop Security Risk Management

该贴已经同步到 cloudonline的微博