CCNP and CCIE Security Core SCOR 350-701 Exam Cram, 1st edition

Published by Pearson IT Certification (March 28, 2024) © 2024

  • Joseph Mlodzianowski
  • Eddie Mendonca
  • Nick Kelly
Products list
$39.99

Price Reduced From: $49.99

  • A print text (hardcover or paperback)
  • Smart, fast, effective preparation for the new Cisco CCNP and CCIE Security Core 350-701 (SCOR) exam!
  • Covers every exam objective, including network, cloud, and content security; endpoint protection and detection; secure network access; and visibility and enforcement
  • Contains extensive proven Exam Cram prep tools for self-assessment, focused study, and efficient review
  • Includes the powerful, customizable Pearson IT Certification Practice Test software, with hundreds of exam-realistic practice questions, and three flexible modes of preparation

Introduction. . . . . . . . . . . . xviii

CHAPTER 1: Security Concepts.. . . . . . . . . . . 1

Explain Common Threats Against On-Premises and Cloud Environments.. . . . . . . . . 3

Compare Common Security Vulnerabilities.. . . . . 19

Describe Functions of the Cryptography Components. . . . 25

Compare Site-to-Site VPN and Remote Access VPN Deployment Types.. . . . . . . . . 31

Describe Security Intelligence Authoring, Sharing, and Consumption.. 38

Explain the Role of the Endpoint in Protecting Humans from Phishing and Social Engineering Attacks.. . . . . . 41

Explain Northbound and Southbound APIs in the SDN Architecture.. 44

Explain DNAC APIs for Network Provisioning, Optimization, Monitoring, and Troubleshooting.. . . . . . . 48

Interpret Basic Python Scripts Used to Call Cisco Security Appliance APIs.. . . . . . . . . . 51

What Next?.. . . . . . . . . . . 56

CHAPTER 2: Network Security.. . . . . . . . . . . 57

Compare Network Security Solutions and Provide Intrusion Prevention and Firewall Capabilities.. . . . . . 60

Describe Deployment Models of Network Security Solutions and Architectures That Provide
    Intrusion Prevention and Firewall Capabilities.. . . . . . . . . 65

Describe the Components, Capabilities, and Benefits of NetFlow and Flexible NetFlow Records.. . . . . . . . 70

Traditional NetFlow vs. Flexible NetFlow.. . . . . 74

Configure and Verify Network Infrastructure Security Methods (Router, Switch, and Wireless).. . . . . . . 77

Implement Segmentation, Access Control Policies, AVC, URL  Filtering, and Malware Protection. . . . . . . 89

Implement Management Options for Network Security Solutions.. . 93

Configure AAA for Device and Network Access.. . . . . 97

Configure Secure Network Management of Perimeter Security an Infrastructure Devices.. . . . . . . . . 101

Configure and Verify Site-to-Site VPN and Remote Access VPN.. . 106

What Next?.. . . . . . . . . . . 119

CHAPTER 3: Securing the Cloud.. . . . . . . . . . 121

Identify Security Solutions for Cloud Environments.. . . . 122

Compare Security Responsibilities for the Different Cloud Service Models.. . . . . . . . . . 129

Describe the Concepts of DevSecOps (CI/CD Pipeline), Container Orchestration, and Secure
     Software Development.. . . . 132

Implementing Application Security.. . . . . . . 136

Identify Security Capabilities, Deployment Models, and Policy Management to Secure the Cloud.. . . . . . . 142

Configure Cloud Logging and Monitoring. . . . . . 144

Application Security Concepts.. . . . . . . . 146

What Next?.. . . . . . . . . . . 150

CHAPTER 4: Content Security.. . . . . . . . . . . 151

Web Proxy Fundamentals. . . . . . . . . 158

Web Proxy Identity and Authentication.. . . . . . 167

Cisco Secure Web Appliance Identification and Authentication. 167

Content Security Overview.. . . . . . . . 171

Deploying Cisco Secure Web Appliance and Secure Email Gateway.. 184

Secure Email Gateway Configuration.. . . . . . 190

Cisco Secure Web Appliance Configuration.. . . . . 202

Cisco Umbrella Overview.. . . . . . . . 209

Cisco Umbrella Configuration.. . . . . . . . 216

What Next?.. . . . . . . . . . . 222

CHAPTER 5: Endpoint Protection and Detection.. . . . . . . . 223

Endpoint Protection and Endpoint Detection and Response. . . 225

Cisco Secure Endpoint.. . . . . . . . . 227

Outbreak Control and Quarantines.. . . . . . . 230

Justifications for Endpoint Security.. . . . . . . 239

Endpoint Management and Asset Inventory Tools.. . . . 241

Uses and Importance of a Multifactor Authentication Strategy.. . 246

Endpoint Posture Assessments to Ensure Endpoint Security. . . 252

Endpoint Patching Strategy.. . . . . . . . 254

What Next?.. . . . . . . . . . . 256

CHAPTER 6: Secure Network Access, Visibility, and Enforcement.. . . . 257

Identity Management Concepts.. . . . . . . 262

AAA Configuration.. . . . . . . . . . 275

RADIUS Change of Authorization.. . . . . . . 292

RADIUS CoA Use Cases. . . . . . . . 292

Application Visibility and Control.. . . . . . . 297

Data Exfiltration. . . . . . . . . . 300

Network Telemetry.. . . . . . . . . . 305

Cisco Security Solutions.. . . . . . . . . 308

What Next?.. . . . . . . . . . . 319

Cram Sheet. . . . . . . . . . . . 321

 

Online Element:

Glossary

 

9780137282517, TOC, 2/19/24

Need help? Get in touch