据考试大了解,新的第三版CCIE安全实验的大纲发布了,将于2009年4月开始实行,硬件上没有太多的改变,具体硬件,软件版本和考纲如下,红色部分是新内容。
Hardware
Cisco 3800 Series Integrated Services Routers (ISR)
Cisco 1800 Series Integrated Services Routers (ISR)
Cisco Catalyst 3560 Series Switches
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco IPS Series 4200 Intrusion Prevention System sensors
Cisco Secure Access Control Server for Windows
Software
Cisco ISR Series running IOS Software Version 12.4T Advanced Enterprise Services feature set is used on all routers
Cisco Catalyst 3560 Series Switches running Cisco IOS Software Release 12.2(44)SE or above
Cisco ASA 5500 Series Adaptive Security Appliances OS Software Version 8.x
Cisco IPS Software Release 6.1.x
Cisco VPN Client Software for Windows, Release 5.x
Cisco Secure ACS for Windows Version 4.1
V3 Blueprint
Ⅰ Implement secure networks using Cisco ASA Firewalls
Perform basic firewall Initialization
Configure device management
Configure address translation (nat, global, static)
Configure ACLs
Configure IP routing
Configure object groups
Configure VLANs
Configure filtering
Configure failover
Configure Layer 2 Transparent Firewall
Configure security contexts (virtual firewall)
Configure Modular Policy Framework
Configure Application-Aware Inspection
Configure high availability solutions
Configure QoS policies
Ⅱ Implement secure networks using Cisco IOS Firewalls
Configure CBAC
Configure Zone-Based Firewall
Configure Audit
Configure Auth Proxy
Configure PAM
Configure access control
Configure performance tuning
Configure advanced IOS Firewall features
Ⅲ Implement secure networks using Cisco VPN solutions
Configure IPsec LAN-to-LAN (IOS/ASA)
Configure SSL VPN (IOS/ASA)
Configure Dynamic Multipoint VPN (DMVPN)
Configure Group Encrypted Transport (GET) VPN
Configure Easy VPN (IOS/ASA)
Configure CA (PKI)
Configure Remote Access VPN
Configure Cisco Unity Client
Configure Clientless WebVPN
Configure AnyConnect VPN
Configure XAuth, Split-Tunnel, RRI, NAT-T
Configure High Availability
Configure QoS for VPN
Configure GRE, mGRE
Configure L2TP
Configure advanced Cisco VPN features
Ⅳ Configure Cisco IPS to mitigate network threats
Configure IPS 4200 Series Sensor Appliance
Initialize the Sensor Appliance
Configure Sensor Appliance management
Configure virtual Sensors on the Sensor Appliance
Configure security policies
Configure promiscuous and inline monitoring on the Sensor Appliance
Configure and tune signatures on the Sensor Appliance
Configure custom signatures on the Sensor Appliance
Configure blocking on the Sensor Appliance
Configure TCP resets on the Sensor Appliance
Configure rate limiting on the Sensor Appliance
Configure signature engines on the Sensor Appliance
Use IDM to configure the Sensor Appliance
Configure event action on the Sensor Appliance
Configure event monitoring on the Sensor Appliance
Configure advanced features on the Sensor Appliance
Configure and tune Cisco IOS IPS
Configure SPAN & RSPAN on Cisco switches
责任编辑:虫虫