安全CCIE笔试考试大纲

　　 

　　The Security written exam (350-018) went into production in all testing locations on June 1, 2004. The exam has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam. Please note, however, that other relevant or related topic areas may also appear. Italicized bold type indicates topic areas changed from the previous Security exam (prior to June 1, 2004) and strengthens coverage of highly-secure enterprise.networks.



Security Protocols
Remote Authentication Dial In User Service (RADIUS)
Terminal Aclearcase/" target="_blank" >ccess Controller Access Control System Plus (TACACS+)
AES
EAP peap tkip tls
Data Encryption Standard (DES)
Triple DES (DES3)
IP Secure (IPSec)
Internet Key Exchange (IKE)
Certificate Enrollment Protocol (CEP)
Point to Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)


Application Protocols
Domain Name System (DNS)
Trivial File Transfer Protocol (TFTP)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol (HTTP)
Secure Socket Layer (SSL)
Simple Mail Transfer Protocol (SMTP)
Network Time Protocol (NTP)
IOS SSH
Lightweight Directory Access Protocol (LDAP)
Active Directory
RDEP Remote Data Exchange Protocol


General Networking
Networking Basics
TCP/IP
Switching and Bridging (including: VLANs, Spanning Tree, etc.)
Routed Protocols
Routing Protocols (including: RIP, EIGRP, OSPF, BGP)
Point to Point Protocol (PPP)
IP Multicast
Integrated Services Digital Network (ISDN)
Async
Access Devices (for example: Cisco AS 5300 series)
Telephony best practices
Wireless best practices


Security Technologies
Concepts - security best practices
Packet Filtering
PIX and IOS authentication proxies
Port Address Translation (PAT)
Network Address Translation (NAT)
Firewalls
Content Filters
Public Key Infrastructure (PKI)
Authentication Technologies
Authorization technologies
Virtual Private Networks (VPN)
Network IDS anomaly, signature, passive, inline
Host Intrusion Prevention
Cisco Threat Response


Cisco Security Applications
Cisco Secure NT
Cisco Secure PIX Firewall
VMS
Cisco Secure Intrusion Detection System (formerly NetRanger)
IOS Firewall Feature Set
VPN 3000
Client side VPN
CAT Service Modules
IOS IDS (in line)
Cisco Secure ACS
Security Information Monitoring System (event correlation, basic forensics)


Security General
Policies - Security Policy Best Practices
Standards Bodies - IETF
Vulnerability discussions
Attacks and Common Exploits - recon, priv escalation, penetration, cleanup, backdoor


Cisco General
IOS Specifics
Routing and switching security features: IE mac address controls, port security, dhcp snoop
Security Policy best practices

原文转自：http://www.ltesting.net