Muutke küpsiste eelistusi

Official (ISC)2 Guide to the CCSP CBK 2nd edition [Kõva köide]

3.70/5 (83 hinnangut Goodreads-ist)
(Florida International University)
  • Formaat: Hardback, 544 pages, kõrgus x laius x paksus: 234x188x31 mm, kaal: 1043 g
  • Ilmumisaeg: 24-Jun-2016
  • Kirjastus: Sybex Inc.,U.S.
  • ISBN-10: 1119276721
  • ISBN-13: 9781119276722
Teised raamatud teemal:
  • Kõva köide
  • Hind: 97,75 €*
  • * saadame teile pakkumise kasutatud raamatule, mille hind võib erineda kodulehel olevast hinnast
  • See raamat on trükist otsas, kuid me saadame teile pakkumise kasutatud raamatule.
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Lisa soovinimekirja
Official (ISC)2 Guide to the CCSP CBK 2nd editionSuurem pilt
  • Formaat: Hardback, 544 pages, kõrgus x laius x paksus: 234x188x31 mm, kaal: 1043 g
  • Ilmumisaeg: 24-Jun-2016
  • Kirjastus: Sybex Inc.,U.S.
  • ISBN-10: 1119276721
  • ISBN-13: 9781119276722
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781119276722.html
Märksõnad:

Globally recognized and backed by the Cloud Security Alliance (CSA) and the (ISC)the CCSP credential is the ideal way to match marketability and credibility to your cloud security skill set. The Official (ISC)2 Guide to the CCSPSM CBK Second Edition is your ticket for expert insight through the 6 CCSP domains. You will find step-by-step guidance through real-life scenarios, illustrated examples, tables, best practices, and more. This Second Edition features clearer diagrams as well as refined explanations based on extensive expert feedback. Sample questions help you reinforce what you have learned and prepare smarter.

Numerous illustrated examples and tables are included to demonstrate concepts, frameworks and real-life scenarios.  The book offers step-by-step guidance through each of CCSP’s domains, including best practices and techniques used by the world's most experienced practitioners. Developed by (ISC)², endorsed by the Cloud Security Alliance® (CSA) and compiled and reviewed by cloud security experts across the world, this book brings together a global, thorough perspective. The Official (ISC)² Guide to the CCSP CBK should be utilized as your fundamental study tool in preparation for the CCSP exam and provides a comprehensive reference that will serve you for years to come.

Foreword xvii
Introduction xix
Domain 1 Architectural Concepts And Design Requirements 1(78)
Introduction
3(4)
Drivers for Cloud Computing
4(1)
Security, Risks, and Benefits
5(2)
Cloud Computing Definitions
7(5)
Cloud Computing Roles
12(1)
Key Cloud Computing Characteristics
12(2)
Cloud Transition Scenario
14(2)
Building Blocks
16(1)
Cloud Computing Functions
16(2)
Cloud Service Categories
18(5)
IaaS
18(1)
PaaS
19(2)
SaaS
21(2)
Cloud Deployment Models
23(2)
The Public Cloud Model
23(1)
The Private Cloud Model
23(1)
The Hybrid Cloud Model
24(1)
The Community Cloud Model
25(1)
Cloud Cross-Cutting Aspects
25(7)
Architecture Overview
25(2)
Key Principles of an Enterprise Architecture
27(1)
The NIST Cloud Technology Roadmap
28(4)
Network Security and Perimeter
32(1)
Cryptography
33(4)
Encryption
33(2)
Key Management
35(2)
IAM and Access Control
37(3)
Provisioning and Deprovisioning
37(1)
Centralized Directory Services
38(1)
Privileged User Management
38(1)
Authorization and Access Management
39(1)
Data and Media Sanitization
40(2)
Vendor Lock-In
40(1)
Cryptographic Erasure
41(1)
Data Overwriting
41(1)
Virtualization Security
42(1)
The Hypervisor
42(1)
Security Types
43(1)
Common Threats
43(5)
Data Breaches
43(1)
Data Loss
44(1)
Account or Service Traffic Hijacking
45(1)
Insecure Interfaces and APIs
45(1)
Denial of Service
46(1)
Malicious Insiders
46(1)
Abuse of Cloud Services
46(1)
Insufficient Due Diligence
47(1)
Shared Technology Vulnerabilities
47(1)
Security Considerations for Different Cloud Categories
48(6)
IaaS Security
48(2)
PaaS Security
50(2)
SaaS Security
52(2)
Open Web Application Security Project Top Ten Security Threats
54(1)
Cloud Secure Data Lifecycle
55(1)
Information and Data Governance Types
56(1)
Business Continuity and Disaster Recovery Planning
57(3)
Business Continuity Elements
57(1)
Critical Success Factors
58(1)
Important SLA Components
59(1)
Cost-Benefit Analysis
60(2)
Certification Against Criteria
62(7)
System and Subsystem Product Certification
69(3)
Summary
72(1)
Review Questions
73(4)
Notes
77(2)
Domain 2 Cloud Data Security 79(76)
Introduction
81(1)
The Cloud Data Lifecycle Phases
82(1)
Location and Access of Data
83(1)
Location
83(1)
Access
84(1)
Functions, Actors, and Controls of the Data
84(3)
Key Data Functions
85(1)
Controls
85(1)
Process Overview
86(1)
Tying It Together
86(1)
Cloud Services, Products, and Solutions
87(1)
Data Storage
87(4)
IaaS
87(1)
PaaS
88(1)
SaaS
89(1)
Threats to Storage Types
90(1)
Technologies Available to Address Threats
91(1)
Relevant Data Security Technologies
91(14)
Data Dispersion in Cloud Storage
92(1)
DLP
92(3)
Encryption
95(7)
Masking, Obfuscation, Anonymization, and Tokenization
102(3)
Application of Security Strategy Technologies
105(1)
Emerging Technologies
106(2)
Bit Splitting
106(1)
Homomorphic Encryption
107(1)
Data Discovery
108(4)
Data Discovery Approaches
108(1)
Different Data Discovery Techniques
109(1)
Data Discovery Issues
110(1)
Challenges with Data Discovery in the Cloud
111(1)
Data Classification
112(1)
Data Classification Categories
112(1)
Challenges with Cloud Data
113(1)
Data Privacy Acts
113(3)
Global P&DP Laws in the United States
114(1)
Global P&DP Laws in the European Union
115(1)
Global P&DP Laws in APEC
115(1)
Differences Between Jurisdiction and Applicable Law
115(1)
Essential Requirements in P&DP Laws
116(1)
Typical Meanings for Common Privacy Terms
116(1)
Privacy Roles for Customers and Service Providers
117(1)
Responsibility Depending on the Type of Cloud Services
118(1)
Implementation of Data Discovery
119(1)
Classification of Discovered Sensitive Data
120(3)
Mapping and Definition of Controls
123(1)
Privacy Level Agreement
124(1)
PLA Versus Essential P&DP Requirements Activity
124(4)
Application of Defined Controls for PII
128(6)
Cloud Security Alliance Cloud Controls Matrix
129(4)
Management Control for Privacy and Data-Protection Measures
133(1)
Data Rights Management Objectives
134(2)
IRM Cloud Challenges
134(1)
IRM Solutions
135(1)
Data-Protection Policies
136(4)
Data-Retention Policies
137(1)
Data-Deletion Procedures and Mechanisms
138(1)
Data-Archiving Procedures and Mechanisms
139(1)
Events
140(6)
Event Sources
140(2)
Identifying Event Attribute Requirements
142(2)
Storage and Analysis of Data Events
144(1)
SIEM
145(1)
Supporting Continuous Operations
146(1)
Chain of Custody and Nonrepudiation
147(1)
Summary
148(1)
Review Questions
149(3)
Notes
152(3)
Domain 3 Cloud Platform And Infrastructure Security 155(50)
Introduction
157(2)
The Physical Environment of the Cloud Infrastructure
157(1)
Data Center Design
158(1)
Network and Communications in the Cloud
159(2)
Network Functionality
159(1)
Software-Defined Networking
160(1)
The Compute Parameters of a Cloud Server
161(2)
Virtualization
161(1)
Scalability
162(1)
The Hypervisor
162(1)
Storage Issues in the Cloud
163(3)
Object Storage
164(1)
Management Plane
164(2)
Management of Cloud Computing Risks
166(4)
Risk Assessment and Analysis
166(4)
Cloud Attack Vectors
170(1)
Countermeasure Strategies Across the Cloud
170(2)
Continuous Uptime
171(1)
Automation of Controls
171(1)
Access Controls
171(1)
Physical and Environmental Protections
172(1)
Key Regulations
173(1)
Examples of Controls
173(1)
Protecting Data Center Facilities
173(1)
System and Communication Protections
173(3)
Automation of Configuration
174(1)
Responsibilities of Protecting the Cloud System
174(1)
Following the Data Lifecycle
175(1)
Virtualization Systems Controls
176(2)
Managing Identification, Authentication, and Authorization in the Cloud Infrastructure
178(3)
Managing Identification
178(1)
Managing Authentication
179(1)
Managing Authorization
179(1)
Accounting for Resources
179(1)
Managing Identity and Access Management
179(1)
Making Access Decisions
179(1)
The Entitlement Process
180(1)
The Access Control Decision-Making Process
180(1)
Risk Audit Mechanisms
181(2)
The Cloud Security Alliance Cloud Controls Matrix
182(1)
Cloud Computing Audit Characteristics
182(1)
Using a VM
183(1)
Understanding the Cloud Environment Related to BCDR
183(3)
On-Premises, Cloud as BCDR
184(1)
Cloud Service Consumer, Primary Provider BCDR
184(1)
Cloud Service Consumer, Alternative Provider BCDR
185(1)
BCDR Planning Factors
185(1)
Relevant Cloud Infrastructure Characteristics
185(1)
Understanding the Business Requirements Related to BCDR
186(2)
Understanding the BCDR Risks
188(2)
BCDR Risks Requiring Protection
188(1)
BCDR Strategy Risks
188(1)
Potential Concerns About the BCDR Scenarios
189(1)
BCDR Strategies
190(3)
Location
191(1)
Data Replication
191(1)
Functionality Replication
192(1)
Planning, Preparing, and Provisioning
192(1)
Failover Capability
192(1)
Returning to Normal
193(1)
Creating the BCDR Plan
193(8)
The Scope of the BCDR Plan
193(1)
Gathering Requirements and Context
193(1)
Analysis of the Plan
194(1)
Risk Assessment
194(1)
Plan Design
194(1)
Other Plan Considerations
195(1)
Planning, Exercising, Assessing, and Maintaining the Plan
195(2)
Test Plan Review
197(4)
Testing and Acceptance to Production
201(1)
Summary
201(1)
Review Questions
202(2)
Notes
204(1)
Domain 4 Cloud Application Security 205(36)
Introduction
207(1)
Determining Data Sensitivity and Importance
208(1)
Understanding the API Formats
208(1)
Common Pitfalls of Cloud Security Application Deployment
209(4)
On-Premises Does Not Always Transfer (and Vice Versa)
210(1)
Not All Apps Are Cloud Ready
210(1)
Lack of Training and Awareness
210(1)
Lack of Documentation and Guidelines
211(1)
Complexities of Integration
211(1)
Overarching Challenges
211(2)
Awareness of Encryption Dependencies
213(1)
Understanding the Software Development Lifecycle Process for a Cloud Environment
213(2)
Secure Operations Phase
214(1)
Disposal Phase
215(1)
Assessing Common Vulnerabilities
215(3)
Cloud-Specific Risks
218(2)
Threat Modeling
220(3)
STRIDE Threat Model
220(1)
Approved Application Programming Interfaces
221(1)
Software Supply Chain (API) Management
221(1)
Securing Open Source Software
222(1)
Identity and Access Management
222(1)
Identity Management
223(1)
Access Management
223(1)
Identity Repository and Directory Services
223(1)
Federated Identity Management
224(1)
Federation Standards
224(1)
Federated Identity Providers
225(1)
Federated SSO
225(1)
Multifactor Authentication
225(1)
Supplemental Security Devices
226(1)
Cryptography
227(1)
Tokenization
228(1)
Data Masking
228(1)
Sandboxing
229(1)
Application Virtualization
229(1)
Cloud-Based Functional Data
230(1)
Cloud-Secure Development Lifecycle
231(3)
ISO/IEC 27034-1
232(1)
Organizational Normative Framework
232(1)
Application Normative Framework
233(1)
Application Security Management Process
233(1)
Application Security Testing
234(3)
Static Application Security Testing
234(1)
Dynamic Application Security Testing
235(1)
Runtime Application Self-Protection
235(1)
Vulnerability Assessments and Penetration Testing
235(1)
Secure Code Reviews
236(1)
OWASP Recommendations
236(1)
Summary
237(1)
Review Questions
238(1)
Notes
239(2)
Domain 5 Operations 241(122)
Introduction
243(1)
Modern Data Centers and Cloud Service Offerings
243(1)
Factors That Affect Data Center Design
243(11)
Logical Design
244(2)
Physical Design
246(3)
Environmental Design Considerations
249(4)
Multivendor Pathway Connectivity
253(1)
Implementing Physical Infrastructure for Cloud Environments
253(1)
Enterprise Operations
254(1)
Secure Configuration of Hardware: Specific Requirements
255(5)
Best Practices for Servers
255(1)
Best Practices for Storage Controllers
256(2)
Network Controllers Best Practices
258(1)
Virtual Switches Best Practices
259(1)
Installation and Configuration of Virtualization Management Tools for the Host
260(6)
Leading Practices
261(1)
Running a Physical Infrastructure for Cloud Environments
261(4)
Configuring Access Control and Secure
Kernel-Based Virtual Machine
265(1)
Securing the Network Configuration
266(4)
Network Isolation
266(1)
Protecting VLANs
267(1)
Using TLS
268(1)
Using DNS
268(1)
Using IPSec
269(1)
Identifying and Understanding Server Threats
270(1)
Using Standalone Hosts
271(2)
Using Clustered Hosts
273(1)
Resource Sharing
273(1)
Distributed Resource Scheduling/Compute Resource Scheduling
274(1)
Accounting for Dynamic Operation
274(1)
Using Storage Clusters
275(1)
Clustered Storage Architectures
275(1)
Storage Cluster Goals
276(1)
Using Maintenance Mode
276(1)
Providing HA on the Cloud
276(2)
Measuring System Availability
276(1)
Achieving HA
277(1)
The Physical Infrastructure for Cloud Environments
278(1)
Configuring Access Control for Remote Access
279(2)
Performing Patch Management
281(4)
The Patch Management Process
282(1)
Examples of Automation
282(1)
Challenges of Patch Management
283(2)
Performance Monitoring
285(2)
Outsourcing Monitoring
285(1)
Hardware Monitoring
285(1)
Redundant System Architecture
286(1)
Monitoring Functions
286(1)
Backing Up and Restoring the Host Configuration
287(1)
Implementing Network Security Controls: Defense in Depth
288(8)
Firewalls
288(1)
Layered Security
289(3)
Utilizing Honeypots
292(1)
Conducting Vulnerability Assessments
293(1)
Log Capture and Log Management
293(2)
Using Security Information and Event Management
295(1)
Developing a Management Plan
296(2)
Maintenance
297(1)
Orchestration
297(1)
Building a Logical Infrastructure for Cloud Environments
298(2)
Logical Design
298(1)
Physical Design
298(1)
Secure Configuration of Hardware-Specific Requirements
299(1)
Running a Logical Infrastructure for Cloud Environments
300(4)
Building a Secure Network Configuration
300(1)
OS Hardening via Application Baseline
301(2)
Availability of a Guest OS
303(1)
Managing the Logical Infrastructure for Cloud Environments
304(2)
Access Control for Remote Access
304(1)
OS Baseline Compliance Monitoring and Remediation
305(1)
Backing Up and Restoring the Guest OS Configuration
305(1)
Implementation of Network Security Controls
306(2)
Log Capture and Analysis
306(1)
Management Plan Implementation Through the Management Plane
307(1)
Ensuring Compliance with Regulations and Controls
307(1)
Using an ITSM Solution
308(1)
Considerations for Shadow IT
308(1)
Operations Management
309(14)
Information Security Management
310(1)
Configuration Management
310(1)
Change Management
311(4)
Incident Management
315(2)
Problem Management
317(1)
Release and Deployment Management
318(1)
Service-Level Management
319(1)
Availability Management
319(1)
Capacity Management
319(1)
Business Continuity Management
320(1)
Continual Service Improvement Management
321(1)
How Management Processes Relate to Each Other
321(2)
Incorporating Management Processes
323(1)
Managing Risk in Logical and Physical Infrastructures
323(1)
The Risk-Management Process Overview
323(17)
Framing Risk
324(1)
Risk Assessment
324(10)
Risk Response
334(5)
Risk Monitoring
339(1)
Understanding the Collection and Preservation of Digital Evidence
340(10)
Cloud Forensics Challenges
341(1)
Data Access Within Service Models
342(1)
Forensics Readiness
343(1)
Proper Methodologies for Forensic Collection of Data
343(6)
The Chain of Custody
349(1)
Evidence Management
350(1)
Managing Communications with Relevant Parties
350(4)
The Five Ws and One H
351(1)
Communicating with Vendors and Partners
351(2)
Communicating with Customers
353(1)
Communicating with Regulators
353(1)
Communicating with Other Stakeholders
354(1)
Wrap-Up: Data Breach Example
354(1)
Summary
354(2)
Review Questions
356(5)
Notes
361(2)
Domain 6 Legal And Compliance 363(78)
Introduction
365(1)
International Legislation Conflicts
365(1)
Legislative Concepts
366(2)
Frameworks and Guidelines Relevant to Cloud Computing
368(5)
ISO/IEC 27017:2015 Information Technology-Security Techniques-Code of Practice for Information Security Controls Based on ISO/IEC 27002 for Cloud Services
368(1)
Organization for Economic Cooperation and Development-Privacy and Security Guidelines
369(1)
Asia-Pacific Economic Cooperation Privacy Framework
369(1)
EU Data Protection Directive
370(2)
General Data Protection Regulation
372(1)
ePrivacy Directive
372(1)
Beyond Frameworks and Guidelines
372(1)
Common Legal Requirements
373(1)
Legal Controls and Cloud Service Providers
374(1)
e-Discovery
375(2)
e-Discovery Challenges
375(1)
Considerations and Responsibilities of e-Discovery
376(1)
Reducing Risk
376(1)
Conducting e-Discovery Investigations
377(1)
Cloud Forensics and 150/IEC 27050-1
377(1)
Protecting Personal Information in the Cloud
378(14)
Differentiating Between Contractual and Regulated PII
379(4)
Country-Specific Legislation and Regulations Related to PII, Data Privacy, and Data Protection
383(9)
Auditing in the Cloud
392(11)
Internal and External Audits
392(1)
Types of Audit Reports
393(3)
Impact of Requirement Programs by the Use of Cloud Services
396(1)
Assuring Challenges of the Cloud and Virtualization
396(1)
Information Gathering
397(1)
Audit Scope
398(3)
Cloud-Auditing Goals
401(1)
Audit Planning
401(2)
Standard Privacy Requirements (ISO/IEC 27018)
403(1)
GAPP
404(1)
Internal ISMS
405(2)
The Value of an ISMS
405(1)
Internal Information Security Controls System: ISO 27001:2013 Domains
406(1)
Repeatability and Standardization
406(1)
Implementing Policies
407(3)
Organizational Policies
407(1)
Functional Policies
408(1)
Cloud Computing Policies
408(1)
Bridging the Policy Gaps
409(1)
Identifying and Involving the Relevant Stakeholders
410(2)
Stakeholder Identification Challenges
410(1)
Governance Challenges
411(1)
Communication Coordination
411(1)
Impact of Distributed IT Models
412(3)
Clear Communications
412(1)
Coordination and Management of Activities
413(1)
Governance of Processes and Activities
413(1)
Coordination Is Key
414(1)
Security Reporting
414(1)
Understanding the Implications of the Cloud to Enterprise Risk Management
415(7)
Risk Profile
416(1)
Risk Appetite
416(1)
Difference Between the Data Owner and Controller and the Data Custodian and Processor
416(1)
SLA
417(5)
Risk Mitigation
422(3)
Risk-Management Metrics
422(1)
Different Risk Frameworks
423(2)
Understanding Outsourcing and Contract Design
425(1)
Business Requirements
425(1)
Vendor Management
426(3)
Understanding Your Risk Exposure
426(1)
Accountability of Compliance
427(1)
Common Criteria Assurance Framework
427(1)
CSA STAR
428(1)
Cloud Computing Certification
429(2)
Contract Management
431(3)
Importance of Identifying Challenges Early
431(1)
Key Contract Components
432(2)
Supply Chain Management
434(2)
Supply Chain Risk
434(1)
CSA CCM
435(1)
The ISO 28000:2007 Supply Chain Standard
435(1)
Summary
436(2)
Review Questions
438(1)
Notes
439(2)
Appendix A: Answers To Review Questions 441(50)
Domain 1: Architectural Concepts and Design Requirements
441(10)
Domain 2: Cloud Data Security
451(9)
Domain 3: Cloud Platform and Infrastructure Security
460(6)
Domain 4: Cloud Application Security
466(4)
Domain 5: Operations
470(12)
Domain 6: Legal and Compliance Issues
482(6)
Notes
488(3)
Appendix B: Glossary 491(10)
Appendix C: Helpful Resources And Links 501(4)
Index 505
9781587205798
Introduction xxxv
Your Study Plan 2(11)
A Brief Perspective on Cisco Certification Exams
2(1)
Five Study Plan Steps
3(5)
Step 1: Think in Terms of Parts and
Chapters
3(1)
Step 2: Build Your Study Habits Around the
Chapter
4(1)
Step 3: Use Book Parts for Major Milestones
5(1)
Step 4: Use the Final Review
Chapter to Refine Skills and Uncover Weaknesses
6(1)
Step 5: Set Goals and Track Your Progress
7(1)
Things to Do Before Starting the First
Chapter
8(3)
Find Review Activities on the Web and DVD
8(1)
Should I Plan to Use the Two-Exam Path or One-Exam Path?
8(1)
Study Options for Those Taking the 200-125 CCNA Exam
9(1)
Other Small Tasks Before Getting Started
10(1)
Getting Started: Now
11(2)
Part I Ethernet LANs 13(156)
Chapter 1 Implementing Ethernet Virtual LANs
14(28)
"Do I Know This Already?" Quiz
14(2)
Foundation Topics
16(1)
Virtual LAN Concepts
16(8)
Creating Multiswitch VLANs Using Trunking
18(3)
VLAN Tagging Concepts
18(2)
The 802.1Q and ISL VLAN Trunking Protocols
20(1)
Forwarding Data Between VLANs
21(3)
Routing Packets Between VLANs with a Router
21(2)
Routing Packets with a Layer 3 Switch
23(1)
VLAN and VLAN Trunking Configuration and Verification
24(15)
Creating VLANs and Assigning Access VLANs to an Interface
24(5)
VLAN Configuration Example 1: Full VLAN Configuration
25(3)
VLAN Configuration Example 2: Shorter VLAN Configuration
28(1)
VLAN Trunking Protocol
29(1)
VLAN Trunking Configuration
30(4)
Implementing Interfaces Connected to Phones
34(10)
Data and Voice VLAN Concepts
34(2)
Data and Voice VLAN Configuration and Verification
36(2)
Summary: IP Telephony Ports on Switches
38(1)
Chapter Review
39(3)
Chapter 2 Spanning Tree Protocol Concepts
42(26)
"Do I Know This Already?" Quiz
43(1)
Foundation Topics
44(1)
Spanning Tree Protocol (IEEE 802.1D)
44(14)
The Need for Spanning Tree
45(2)
What IEEE 802.1D Spanning Tree Does
47(1)
How Spanning Tree Works
48(6)
The STP Bridge ID and Hello BPDU
49(1)
Electing the Root Switch
50(2)
Choosing Each Switch's Root Port
52(2)
Choosing the Designated Port on Each LAN Segment
54(1)
Influencing and Changing the STP Topology
54(4)
Making Configuration Changes to Influence the STP Topology
55(1)
Reacting to State Changes That Affect the STP Topology
55(1)
How Switches React to Changes with STP
56(1)
Changing Interface States with STP
57(1)
Rapid STP (IEEE 802.1w) Concepts
58(6)
Comparing STP and RSTP
59(1)
RSTP and the Alternate (Root) Port Role
60(2)
RSTP States and Processes
62(1)
RSTP and the Backup (Designated) Port Role
62(1)
RSTP Port Types
63(1)
Optional STP Features
64(2)
EtherChannel
64(1)
PortFast
65(1)
BPDU Guard
65(1)
Chapter Review
66(2)
Chapter 3 Spanning Tree Protocol Implementation
68(30)
"Do I Know This Already?" Quiz
69(2)
Foundation Topics
71(1)
Implementing STP
71(10)
Setting the STP Mode
72(1)
Connecting STP Concepts to STP Configuration Options
72(3)
Per-VLAN Configuration Settings
72(1)
The Bridge ID and System ID Extension
73(1)
Per-VLAN Port Costs
74(1)
STP Configuration Option Summary
74(1)
Verifying STP Operation
75(3)
Configuring STP Port Costs
78(2)
Configuring Priority to Influence the Root Election
80(1)
Implementing Optional STP Features
81(7)
Configuring PortFast and BPDU Guard
81(3)
Configuring EtherChannel
84(4)
Configuring a Manual EtherChannel
84(2)
Configuring Dynamic EtherChannels
86(2)
Implementing RSTP
88(6)
Identifying the STP Mode on a Catalyst Switch
88(3)
RSTP Port Roles
91(1)
RSTP Port States
92(1)
RSTP Port Types
92(2)
Chapter Review
94(4)
Chapter 4 LAN Troubleshooting
98(22)
"Do I Know This Already?" Quiz
99(1)
Foundation Topics
99(1)
Troubleshooting STP
99(7)
Determining the Root Switch
99(2)
Determining the Root Port on Nonroot Switches
101(3)
STP Tiebreakers When Choosing the Root Port
102(1)
Suggestions for Attacking Root Port Problems on the Exam
103(1)
Determining the Designated Port on Each LAN Segment
104(1)
Suggestions for Attacking Designated Port Problems on the Exam
105(1)
STP Convergence
105(1)
Troubleshooting Layer 2 EtherChannel
106(3)
Incorrect Options on the channel-group Command
106(2)
Configuration Checks Before Adding Interfaces to EtherChannels
108(1)
Analyzing the Switch Data Plane Forwarding
109(4)
Predicting STP Impact on MAC Tables
110(1)
Predicting EtherChannel Impact on MAC Tables
111(1)
Choosing the VLAN of Incoming Frames
112(1)
Troubleshooting VLANs and VLAN Trunks
113(6)
Access VLAN Configuration Incorrect
113(1)
Access VLANs Undefined or Disabled
114(2)
Mismatched Trunking Operational States
116(1)
Mismatched Supported VLAN List on Trunks
117(1)
Mismatched Native VLAN on a Trunk
118(1)
Chapter Review
119(1)
Chapter 5 VLAN Trunking Protocol
120(22)
"Do I Know This Already?" Quiz
120(2)
Foundation Topics
122(1)
VLAN Trunking Protocol (VTP) Concepts
122(7)
Basic VTP Operation
122(5)
Synchronizing the VTP Database
124(2)
Requirements for VTP to Work Between Two Switches
126(1)
VTP Version 1 Versus Version 2
127(1)
VTP Pruning
127(1)
Summary of VTP Features
128(1)
VTP Configuration and Verification
129(6)
Using VTP: Configuring Servers and Clients
129(2)
Verifying Switches Synchronized Databases
131(3)
Storing the VTP and Related Configuration
134(1)
Avoiding Using VTP
135(1)
VTP Troubleshooting
135(4)
Determining Why VTP Is Not Synchronizing
136(1)
Common Rejections When Configuring VTP
137(1)
Problems When Adding Switches to a Network
137(2)
Chapter Review
139(3)
Chapter 6 Miscellaneous LAN Topics
142(22)
"Do I Know This Already?" Quiz
143(1)
Foundation Topics
144(1)
Securing Access with IEEE 802.1x
144(3)
AAA Authentication
147(3)
AAA Login Process
147(1)
TACACS+ and RADIUS Protocols
147(1)
AAA Configuration Examples
148(2)
DHCP Snooping
150(5)
DHCP Snooping Basics
151(1)
An Example DHCP-based Attack
152(1)
How DHCP Snooping Works
152(2)
Summarizing DHCP Snooping Features
154(1)
Switch Stacking and Chassis Aggregation
155(7)
Traditional Access Switching Without Stacking
155(1)
Switch Stacking of Access Layer Switches
156(1)
Switch Stack Operation as a Single Logical Switch
157(1)
Cisco FlexStack and FlexStack-Plus
158(1)
Chassis Aggregation
159(13)
High Availability with a Distribution/Core Switch
159(1)
Improving Design and Availability with Chassis Aggregation
160(2)
Chapter Review
162(2)
Part I Review
164(5)
Part II IPv4 Routing Protocols 169(158)
Chapter 7 Understanding OSPF Concepts
170(24)
"Do I Know This Already?" Quiz
170(2)
Foundation Topics
172(1)
Comparing Dynamic Routing Protocol Features
172(6)
Routing Protocol Functions
172(1)
Interior and Exterior Routing Protocols
173(2)
Comparing IGPs
175(2)
IGP Routing Protocol Algorithms
175(1)
Metrics
175(1)
Other IGP Comparisons
176(1)
Administrative Distance
177(1)
OSPF Concepts and Operation
178(10)
OSPF Overview
179(1)
Topology Information and LSAs
179(1)
Applying Dijkstra SPF Math to Find the Best Routes
180(1)
Becoming OSPF Neighbors
180(3)
The Basics of OSPF Neighbors
181(1)
Meeting Neighbors and Learning Their Router ID
181(2)
Exchanging the LSDB Between Neighbors
183(3)
Fully Exchanging LSAs with Neighbors
183(1)
Maintaining Neighbors and the LSDB
184(1)
Using Designated Routers on Ethernet Links
185(1)
Calculating the Best Routes with SPF
186(2)
OSPF Area Design
188(3)
OSPF Areas
189(1)
How Areas Reduce SPF Calculation Time
190(1)
OSPF Area Design Advantages
191(1)
Chapter Review
191(3)
Chapter 8 Implementing OSPF for IPv4
194(30)
"Do I Know This Already?" Quiz
194(2)
Foundation Topics
196(1)
Implementing Single-Area OSPFv2
196(10)
OSPF Single-Area Configuration
197(1)
Matching with the OSPF network Command
198(2)
Verifying OSPFv2 Single Area
200(3)
Configuring the OSPF Router ID
203(1)
OSPF Passive Interfaces
204(2)
Implementing Multiarea OSPFv2
206(7)
Single-Area Configurations
207(2)
Multiarea Configuration
209(1)
Verifying the Multiarea Configuration
210(3)
Verifying the Correct Areas on Each Interface on an ABR
210(1)
Verifying Which Router Is DR and BDR
211(1)
Verifying Interarea OSPF Routes
212(1)
Additional OSPF Features
213(8)
OSPF Default Routes
213(2)
OSPF Metrics (Cost)
215(2)
Setting the Cost Based on Interface Bandwidth
216(1)
The Need for a Higher Reference Bandwidth
217(1)
OSPF Load Balancing
217(1)
OSPFv2 Interface Configuration
218(8)
OSPFv2 Interface Configuration Example
218(1)
Verifying OSPFv2 Interface Configuration
219(2)
Chapter Review
221(3)
Chapter 9 Understanding EIGRP Concepts
224(20)
"Do I Know This Already?" Quiz
224(2)
Foundation Topics
226(1)
EIGRP and Distance Vector Routing Protocols
226(8)
Introduction to EIGRP
226(1)
Basic Distance Vector Routing Protocol Features
227(5)
The Concept of a Distance and a Vector
228(1)
Full Update Messages and Split Horizon
229(2)
Route Poisoning
231(1)
EIGRP as an Advanced DV Protocol
232(2)
EIGRP Sends Partial Update Messages, As Needed
232(1)
EIGRP Maintains Neighbor Status Using Hello
233(1)
Summary of Interior Routing Protocol Features
233(1)
EIGRP Concepts and Operation
234(9)
EIGRP Neighbors
234(1)
Exchanging EIGRP Topology Information
235(1)
Calculating the Best Routes for the Routing Table
236(3)
The EIGRP Metric Calculation
236(1)
An Example of Calculated EIGRP Metrics
237(1)
Caveats with Bandwidth on Serial Links
238(1)
EIGRP Convergence
239(7)
Feasible Distance and Reported Distance
240(1)
EIGRP Successors and Feasible Successors
241(1)
The Query and Reply Process
242(1)
Chapter Review
243(1)
Chapter 10 Implementing EIGRP for IPv4
244(28)
"Do I Know This Already?" Quiz
244(2)
Foundation Topics
246(1)
Core EIGRP Configuration and Verification
246(9)
EIGRP Configuration
246(2)
Configuring EIGRP Using a Wildcard Mask
248(1)
Verifying EIGRP Core Features
249(6)
Finding the Interfaces on Which EIGRP Is Enabled
250(3)
Displaying EIGRP Neighbor Status
253(1)
Displaying the IPv4 Routing Table
253(2)
EIGRP Metrics, Successors, and Feasible Successors
255(7)
Viewing the EIGRP Topology Table
255(7)
Finding Successor Routes
257(1)
Finding Feasible Successor Routes
258(2)
Convergence Using the Feasible Successor Route
260(2)
Examining the Metric Components
262(1)
Other EIGRP Configuration Settings
262(7)
Load Balancing Across Multiple EIGRP Routes
263(2)
Tuning the EIGRP Metric Calculation
265(1)
Autosummarization and Discontiguous Classful Networks
266(8)
Automatic Summarization at the Boundary of a Classful Network
266(1)
Discontiguous Classful Networks
267(2)
Chapter Review
269(3)
Chapter 11 Troubleshooting IPv4 Routing Protocols
272(28)
"Do I Know This Already?" Quiz
272(1)
Foundation Topics
273(1)
Perspectives on Troubleshooting Routing Protocol Problems
273(1)
Interfaces Enabled with a Routing Protocol
274(10)
EIGRP Interface Troubleshooting
275(6)
Examining Working EIGRP Interfaces
276(2)
Examining the Problems with EIGRP Interfaces
278(3)
OSPF Interface Troubleshooting
281(3)
Neighbor Relationships
284(12)
EIGRP Neighbor Verification Checks
285(1)
EIGRP Neighbor Troubleshooting Example
286(2)
OSPF Neighbor Troubleshooting
288(6)
Finding Area Mismatches
290(1)
Finding Duplicate OSPF Router IDs
291(2)
Finding OSPF Hello and Dead Timer Mismatches
293(1)
Other OSPF Issues
294(8)
Shutting Down the OSPF Process
294(2)
Mismatched MTU Settings
296(1)
Chapter Review
296(4)
Chapter 12 Implementing External BGP
300(24)
"Do I Know This Already?" Quiz
300(2)
Foundation Topics
302(1)
BGP Concepts
302(7)
Advertising Routes with BGP
303(1)
Internal and External BGP
304(1)
Choosing the Best Routes with BGP
305(1)
eBGP and the Internet Edge
306(3)
Internet Edge Designs and Terminology
306(1)
Advertising the Enterprise Public Prefix into the Internet
307(2)
Learning Default Routes from the ISP
309(1)
eBGP Configuration and Verification
309(12)
BGP Configuration Concepts
310(1)
Configuring eBGP Neighbors Using Link Addresses
311(3)
Verifying eBGP Neighbors
312(2)
Administratively Disabling Neighbors
314(1)
Injecting BGP Table Entries with the network Command
314(6)
Injecting Routes for a Classful Network
315(3)
Advertising Subnets to the ISP
318(1)
Advertising a Single Prefix with a Static Discard Route
319(1)
Learning a Default Route from the ISP
320(1)
Chapter Review
321(3)
Part II Review
324(3)
Part III Wide-Area Networks 327(110)
Chapter 13 Implementing Point-to-Point WANs
328(34)
"Do I Know This Already?" Quiz
328(2)
Foundation Topics
330(1)
Leased-Line WANs with HDLC
330(10)
Layer 1 Leased Lines
331(5)
The Physical Components of a Leased Line
332(2)
The Role of the CSU/DSU
334(1)
Building a WAN Link in a Lab
335(1)
Layer 2 Leased Lines with HDLC
336(1)
Configuring HDLC
337(3)
Leased-Line WANs with PPP
340(13)
PPP Concepts
340(3)
PPP Framing
341(1)
PPP Control Protocols
341(1)
PPP Authentication
342(1)
Implementing PPP
343(1)
Implementing PPP CHAP
344(2)
Implementing PPP PAP
346(1)
Implementing Multilink PPP
347(6)
Multilink PPP Concepts
348(1)
Configuring MLPPP
349(2)
Verifying MLPPP
351(2)
Troubleshooting Serial Links
353(5)
Troubleshooting Layer 1 Problems
354(1)
Troubleshooting Layer 2 Problems
354(3)
Keepalive Failure
355(1)
PAP and CHAP Authentication Failure
356(1)
Troubleshooting Layer 3 Problems
357(1)
Chapter Review
358(4)
Chapter 14 Private WANs with Ethernet and MPLS
362(24)
"Do I Know This Already?" Quiz
363(1)
Foundation Topics
364(1)
Metro Ethernet
364(11)
Metro Ethernet Physical Design and Topology
365(1)
Ethernet WAN Services and Topologies
366(4)
Ethernet Line Service (Point-to-Point)
367(1)
Ethernet LAN Service (Full Mesh)
368(1)
Ethernet Tree Service (Hub and Spoke)
369(1)
Layer 3 Design Using Metro Ethernet
370(3)
Layer 3 Design with E-Line Service
370(1)
Layer 3 Design with ELAN Service
371(1)
Layer 3 Design with E-Tree Service
372(1)
Ethernet Virtual Circuit Bandwidth Profiles
373(2)
Charging for the Data (Bandwidth) Used
373(1)
Controlling Overages with Policing and Shaping
374(1)
Multiprotocol Label Switching (MPLS)
375(8)
MPLS VPN Physical Design and Topology
377(1)
MPLS and Quality of Service
378(1)
Layer 3 with MPLS VPN
379(10)
OSPF Area Design with MPLS VPN
381(1)
Routing Protocol Challenges with EIGRP
382(1)
Chapter Review
383(3)
Chapter 15 Private WANs with Internet VPN
386(48)
"Do I Know This Already?" Quiz
386(3)
Foundation Topics
389(1)
Internet Access and Internet VPN Fundamentals
389(8)
Internet Access
389(4)
Digital Subscriber Line
390(1)
Cable Internet
391(1)
Wireless WAN (3G, 4G, LTE)
392(1)
Fiber Internet Access
393(1)
Internet VPN Fundamentals
393(4)
Site-to-Site VPNs with IPsec
395(1)
Client VPNs with SSL
396(1)
GRE Tunnels and DMVPN
397(16)
GRE Tunnel Concepts
398(4)
Routing over GRE Tunnels
398(2)
GRE Tunnels over the Unsecured Network
400(2)
Configuring GRE Tunnels
402(2)
Verifying a GRE Tunnel
404(2)
Troubleshooting GRE Tunnels
406(4)
Tunnel Interfaces and Interface State
406(3)
Layer 3 Issues for Tunnel Interfaces
409(1)
Issues with ACLs and Security
409(1)
Multipoint Internet VPNs Using DMVPN
410(3)
PPP over Ethernet
413(17)
PPPoE Concepts
414(1)
PPPoE Configuration
415(5)
PPPoE Configuration Breakdown: Dialers and Layer 1
416(1)
PPPoE Configuration Breakdown: PPP and Layer 2
417(1)
PPPoE Configuration Breakdown: Layer 3
417(1)
PPPoE Configuration Summary
418(1)
A Brief Aside About Lab Experimentation with PPPoE
419(1)
PPPoE Verification
420(5)
Verifying Dialer and Virtual-Access Interface Bindings
421(1)
Verifying Virtual-Access Interface Configuration
422(2)
Verifying PPPoE Session Status
424(1)
Verifying Dialer Interface Layer 3 Status
425(1)
PPPoE Troubleshooting
425(15)
Step 0: Status Before Beginning the First Step
426(1)
Step 1: Status After Layer 1 Configuration
427(1)
Step 2: Status After Layer 2 (PPP) Configuration
428(1)
Step 3: Status After Layer 3 (IP) Configuration
429(1)
PPPoE Troubleshooting Summary
430(1)
Chapter Review
430(4)
Part III Review
434(3)
Part IV IPv4 Services: ACLs and QoS 437(82)
Chapter 16 Basic IPv4 Access Control Lists
438(22)
"Do I Know This Already?" Quiz
438(2)
Foundation Topics
440(1)
IPv4 Access Control List Basics
440(3)
ACL Location and Direction
440(1)
Matching Packets
441(1)
Taking Action When a Match Occurs
442(1)
Types of IP ACLs
442(1)
Standard Numbered IPv4 ACLs
443(10)
List Logic with IP ACLs
444(1)
Matching Logic and Command Syntax
445(3)
Matching the Exact IP Address
445(1)
Matching a Subset of the Address with Wildcards
446(1)
Binary Wildcard Masks
447(1)
Finding the Right Wildcard Mask to Match a Subnet
448(1)
Matching Any/All Addresses
448(1)
Implementing Standard IP ACLs
448(4)
Standard Numbered ACL Example 1
449(1)
Standard Numbered ACL Example 2
450(2)
Troubleshooting and Verification Tips
452(1)
Practice Applying Standard IP ACLs
453(3)
Practice Building access-list Commands
454(1)
Reverse Engineering from ACL to Address Range
454(2)
Chapter Review
456(4)
Chapter 17 Advanced IPv4 Access Control Lists
460(28)
"Do I Know This Already?" Quiz
461(1)
Foundation Topics
462(1)
Extended Numbered IP Access Control Lists
462(9)
Matching the Protocol, Source IP, and Destination IP
463(1)
Matching TCP and UDP Port Numbers
464(3)
Extended IP ACL Configuration
467(3)
Extended IP Access Lists: Example 1
468(1)
Extended IP Access Lists: Example 2
469(1)
Practice Building access-list Commands
470(1)
Named ACLs and ACL Editing
471(6)
Named IP Access Lists
471(2)
Editing ACLs Using Sequence Numbers
473(2)
Numbered ACL Configuration Versus Named ACL Configuration
475(1)
ACL Implementation Considerations
476(1)
Troubleshooting with IPv4 ACLs
477(8)
Analyzing ACL Behavior in a Network
477(6)
ACL Troubleshooting Commands
479(1)
Example Issue: Reversed Source/Destination IP Addresses
480(1)
Steps 3D and 3E: Common Syntax Mistakes
481(1)
Example Issue: Inbound ACL Filters Routing Protocol Packets
481(2)
ACL Interactions with Router-Generated Packets
483(7)
Local ACLs and a Ping from a Router
483(1)
Router Self-Ping of a Serial Interface IPv4 Address
483(1)
Router Self-Ping of an Ethernet Interface IPv4 Address
484(1)
Chapter Review
485(3)
Chapter 18 Quality of Service (QoS)
488(28)
"Do I Know This Already?" Quiz
488(2)
Foundation Topics
490(1)
Introduction to QoS
490(5)
QoS: Managing Bandwidth, Delay, Jitter, and Loss
491(1)
Types of Traffic
492(3)
Data Applications
492(1)
Voice and Video Applications
493(2)
QoS as Mentioned in This Book
495(1)
QoS on Switches and Routers
495(1)
Classification and Marking
495(9)
Classification Basics
495(1)
Matching (Classification) Basics
496(1)
Classification on Routers with ACLs and NBAR
497(2)
Marking IP DSCP and Ethernet CoS
499(2)
Marking the IP Header
499(1)
Marking the Ethernet 802.1Q Header
500(1)
Other Marking Fields
501(1)
Defining Trust Boundaries
501(1)
DiffServ Suggested Marking Values
502(2)
Expedited Forwarding (EF)
502(1)
Assured Forwarding (AF)
502(1)
Class Selector (CS)
503(1)
Congestion Management (Queuing)
504(3)
Round Robin Scheduling (Prioritization)
505(1)
Low Latency Queuing
505(2)
A Prioritization Strategy for Data, Voice, and Video
507(1)
Shaping and Policing
507(5)
Policing
508(2)
Where to Use Policing
509(1)
Shaping
510(2)
Setting a Good Shaping Time Interval for Voice and Video
511(1)
Congestion Avoidance
512(2)
TCP Windowing Basics
512(1)
Congestion Avoidance Tools
513(1)
Chapter Review
514(2)
Part IV Review
516(3)
Part V IPv4 Routing and Troubleshooting 519(72)
Chapter 19 IPv4 Routing in the LAN
520(24)
"Do I Know This Already?" Quiz
521(1)
Foundation Topics
522(1)
VLAN Routing with Router 802.1Q Trunks
522(7)
Configuring ROAS
524(2)
Verifying ROAS
526(2)
Troubleshooting ROAS
528(1)
VLAN Routing with Layer 3 Switch SVIs
529(5)
Configuring Routing Using Switch SVIs
529(2)
Verifying Routing with SVIs
531(1)
Troubleshooting Routing with SVIs
532(2)
VLAN Routing with Layer 3 Switch Routed Ports
534(7)
Implementing Routed Interfaces on Switches
535(2)
Implementing Layer 3 EtherChannels
537(4)
Troubleshooting Layer 3 EtherChannels
541(1)
Chapter Review
541(3)
Chapter 20 Implementing HSRP for First-Hop Routing
544(22)
"Do I Know This Already?" Quiz
544(2)
Foundation Topics
546(1)
FHRP and HSRP Concepts
546(8)
The Need for Redundancy in Networks
547(2)
The Need for a First Hop Redundancy Protocol
549(1)
The Three Solutions for First-Hop Redundancy
550(1)
HSRP Concepts
551(3)
HSRP Failover
552(1)
HSRP Load Balancing
553(1)
Implementing HSRP
554(6)
Configuring and Verifying Basic HSRP
554(2)
HSRP Active Role with Priority and Preemption
556(3)
HSRP Versions
559(1)
Troubleshooting HSRP
560(3)
Checking HSRP Configuration
560(1)
Symptoms of HSRP Misconfiguration
561(2)
Chapter Review
563(3)
Chapter 21 Troubleshooting IPv4 Routing
566(22)
"Do I Know This Already?" Quiz
567(1)
Foundation Topics
567(1)
Problems Between the Host and the Default Router
567(9)
Root Causes Based on a Host's IPv4 Settings
568(4)
Ensure IPv4 Settings Correctly Match
568(1)
Mismatched Masks Impact Route to Reach Subnet
569(2)
Typical Root Causes of DNS Problems
571(1)
Wrong Default Router IP Address Setting
572(1)
Root Causes Based on the Default Router's Configuration
572(4)
DHCP Issues
573(2)
Router LAN Interface and LAN Issues
575(1)
Problems with Routing Packets Between Routers
576(10)
IP Forwarding by Matching the Most Specific Route
577(4)
Using show ip route and Subnet Math to Find the Best Route
577(2)
Using show ip route address to Find the Best Route
579(1)
show ip route Reference
579(2)
Routing Problems Caused by Incorrect Addressing Plans
581(4)
Recognizing When VLSM Is Used or Not
581(1)
Overlaps When Not Using VLSM
581(2)
Overlaps When Using VLSM
583(1)
Configuring Overlapping VLSM Subnets
584(1)
Pointers to Related Troubleshooting Topics
585(7)
Router WAN Interface Status
585(1)
Filtering Packets with Access Lists
586(1)
Chapter Review
586(2)
Part V Review
588(3)
Part VI IPv6 591(100)
Chapter 22 IPv6 Routing Operation and Troubleshooting
592(24)
"Do I Know This Already?" Quiz
592(1)
Foundation Topics
592(1)
Normal IPv6 Operation
592(12)
Unicast IPv6 Addresses and IPv6 Subnetting
593(2)
Assigning Addresses to Hosts
595(3)
Stateful DHCPv6
596(1)
Stateless Address Autoconfiguration
597(1)
Router Address and Static Route Configuration
598(2)
Configuring IPv6 Routing and Addresses on Routers
598(1)
IPv6 Static Routes on Routers
599(1)
Verifying IPv6 Connectivity
600(4)
Verifying Connectivity from IPv6 Hosts
600(1)
Verifying IPv6 from Routers
601(3)
Troubleshooting IPv6
604(8)
Pings from the Host Work Only in Some Cases
605(1)
Pings Fail from a Host to Its Default Router
606(1)
Problems Using Any Function That Requires DNS
607(1)
Host Is Missing IPv6 Settings: Stateful DHCP Issues
608(1)
Host Is Missing IPv6 Settings: SLAAC Issues
609(1)
Traceroute Shows Some Hops, But Fails
610(2)
Routing Looks Good, But Traceroute Still Fails
612(1)
Chapter Review
612(4)
Chapter 23 Implementing OSPF for IPv6
616(28)
"Do I Know This Already?" Quiz
616(2)
Foundation Topics
618(1)
OSPFv3 for IPv6 Concepts
618(3)
IPv6 Routing Protocol Versions and Protocols
619(1)
Two Options for Implementing Dual Stack with OSPF
619(2)
OSPFv2 and OSPFv3 Internals
621(1)
OSPFv3 Configuration
621(7)
Basic OSPFv3 Configuration
621(5)
Single-Area Configuration on the Three Internal Routers
623(2)
Adding Multiarea Configuration on the Area Border Router
625(1)
Other OSPFv3 Configuration Settings
626(2)
Setting OSPFv3 Interface Cost to Influence Route Selection
626(1)
OSPF Load Balancing
627(1)
Injecting Default Routes
627(1)
OSPFv3 Verification and Troubleshooting
628(14)
OSPFv3 Interfaces
630(2)
Verifying OSPFv3 Interfaces
630(1)
Troubleshooting OSPFv3 Interfaces
631(1)
OSPFv3 Neighbors
632(4)
Verifying OSPFv3 Neighbors
632(1)
Troubleshooting OSPFv3 Neighbors
633(3)
OSPFv3 LSDB and LSAs
636(1)
The Issue of IPv6 MTU
636(2)
OSPFv3 Metrics and IPv6 Routes
638(8)
Verifying OSPFv3 Interface Cost and Metrics
638(2)
Troubleshooting IPv6 Routes Added by OSPFv3
640(2)
Chapter Review
642(2)
Chapter 24 Implementing EIGRP for IPv6
644(20)
"Do I Know This Already?" Quiz
644(2)
Foundation Topics
646(1)
EIGRP for IPv6 Configuration
646(7)
EIGRP for IPv6 Configuration Basics
647(1)
EIGRP for IPv6 Configuration Example
648(2)
Other EIGRP for IPv6 Configuration Settings
650(3)
Setting Bandwidth and Delay to Influence EIGRP for IPv6 Route Selection
650(1)
EIGRP Load Balancing
651(1)
EIGRP Timers
652(1)
EIGRP for IPv6 Verification and Troubleshooting
653(8)
EIGRP for IPv6 Interfaces
654(2)
EIGRP for IPv6 Neighbors
656(1)
EIGRP for IPv6 Topology Database
657(2)
EIGRP for IPv6 Routes
659(2)
Chapter Review
661(3)
Chapter 25 IPv6 Access Control Lists
664(24)
"Do I Know This Already?" Quiz
664(2)
Foundation Topics
666(1)
IPv6 Access Control List Basics
666(5)
Similarities and Differences Between IPv4 and IPv6 ACLs
666(1)
ACL Location and Direction
667(1)
IPv6 Filtering Policies
668(1)
ICMPv6 Filtering Caution
668(1)
Capabilities of IPv6 ACLs
669(1)
Limitations of IPv6 ACLs
669(5)
Matching Tunneled Traffic
670(1)
IPv4 Wildcard Mask and IPv6 Prefix Length
670(1)
ACL Logging Impact
670(1)
Router Originated Packets
670(1)
Configuring Standard IPv6 ACLs
671(3)
Configuring Extended IPv6 ACLs
674(5)
Examples of Extended IPv6 ACLs
676(2)
Practice Building ipv6 access-list Commands
678(1)
Other IPv6 ACL Topics
679(7)
Implicit IPv6 ACL Rules
679(6)
An Example of Filtering ICMPv6 NDP and the Negative Effects
679(4)
How to Avoid Filtering ICMPv6 NDP Messages
683(1)
IPv6 ACL Implicit Filtering Summary
684(1)
IPv6 Management Control ACLs
685(1)
Chapter Review
686(2)
Part VI Review
688(3)
Part VII Miscellaneous 691(92)
Chapter 26 Network Management
692(38)
"Do I Know This Already?" Quiz
692(2)
Foundation Topics
694(1)
Simple Network Management Protocol
694(18)
SNMP Concepts
695(4)
SNMP Variable Reading and Writing: SNMP Get and Set
696(1)
SNMP Notifications: Traps and Informs
696(1)
The Management Information Base
697(1)
Securing SNMP
698(1)
Implementing SNMP Version 2c
699(5)
Configuring SNMPv2c Support for Get and Set
699(2)
Configuring SNMPv2c Support for Trap and Inform
701(1)
Verifying SNMPv2c Operation
702(2)
Implementing SNMP Version 3
704(8)
SNMPv3 Groups
705(2)
SNMPv3 Users, Passwords, and Encryption Keys
707(1)
Verifying SNMPv3
708(2)
Implementing SNMPv3 Notifications (Traps and Informs)
710(1)
Summarizing SNMPv3 Configuration
711(1)
IP Service Level Agreement
712(6)
An Overview of IP SLA
713(1)
Basic IP SLA ICMP-Echo Configuration
714(1)
Troubleshooting Using IP SLA Counters
715(1)
Troubleshooting Using IP SLA History
716(2)
SPAN
718(8)
SPAN Concepts
718(3)
The Need for SPAN When Using a Network Analyzer
719(1)
SPAN Session Concepts
720(1)
Configuring Local SPAN
721(3)
SPAN Session Parameters for Troubleshooting
724(8)
Choosing to Limit SPAN Sources
725(1)
Chapter Review
726(4)
Chapter 27 Cloud Computing
730(30)
"Do I Know This Already?" Quiz
730(2)
Foundation Topics
732(1)
Cloud Computing Concepts
732(12)
Server Virtualization
732(7)
Cisco Server Hardware
732(1)
Server Virtualization Basics
733(2)
Networking with Virtual Switches on a Virtualized Host
735(1)
The Physical Data Center Network
736(1)
Workflow with a Virtualized Data Center
737(2)
Cloud Computing Services
739(2)
Private Cloud
739(2)
Public Cloud
741(1)
Cloud and the "As a Service" Model
741(3)
Infrastructure as a Service
742(1)
Software as a Service
743(1)
(Development) Platform as a Service
743(1)
WAN Traffic Paths to Reach Cloud Services
744(8)
Enterprise WAN Connections to Public Cloud
744(5)
Accessing Public Cloud Services Using the Internet
745(1)
Pros and Cons with Connecting to Public Cloud with Internet
745(1)
Private WAN and Internet VPN Access to Public Cloud
746(1)
Pros and Cons with Connecting to Cloud with Private WANs
747(1)
Intercloud Exchanges
748(1)
Summarizing the Pros and Cons of Public Cloud WAN Options
749(1)
A Scenario: Branch Offices and the Public Cloud
749(3)
Migrating Traffic Flows When Migrating to Email SaaS
750(1)
Branch Offices with Internet and Private WAN
751(1)
Virtual Network Functions and Services
752(6)
Virtual Network Functions: Firewalls and Routers
752(2)
DNS Services
754(2)
Address Assignment Services and DHCP
756(1)
NTP
757(1)
Chapter Review
758(2)
Chapter 28 SDN and Network Programmability
760(20)
"Do I Know This Already?" Quiz
761(1)
Foundation Topics
762(1)
SDN and Network Programmability Basics
762(8)
The Data, Control, and Management Planes
762(4)
The Data Plane
762(1)
The Control Plane
763(1)
The Management Plane
764(1)
Cisco Switch Data Plane Internals
765(1)
Controllers and Network Architecture
766(4)
Controllers and Centralized Control
766(1)
The Southbound Interface
767(1)
The Northbound Interface
768(2)
SDN Architecture Summary
770(1)
Examples of Network Programmability and SDN
770(7)
Open SDN and OpenFlow
771(2)
The OpenDaylight Controller
771(1)
Cisco Open SDN Controller
772(1)
The Cisco Application Centric Infrastructure
773(1)
The Cisco APIC Enterprise Module
774(2)
Comparing the Three Examples
776(1)
Cisco APIC-EM Path Trace ACL Analysis Application
777(1)
APIC-EM Path Trace App
777(1)
APIC-EM Path Trace ACL Analysis Tool Timing and Exam Topic
778(1)
Chapter Review
778(2)
Part VII Review
780(3)
Part VIII Final Prep 783(18)
Chapter 29 Final Review
784(17)
Advice About the Exam Event
784(4)
Learn the Question Types Using the Cisco Certification Exam Tutorial
784(1)
Think About Your Time Budget Versus Number of Questions
785(1)
A Suggested Time-Check Method
786(1)
Miscellaneous Pre-Exam Suggestions
786(2)
Exam-Day Advice
787(1)
Reserve the Hour After the Exam in Case You Fail
788(1)
Exam Review
788(13)
Take Practice Exams
789(3)
Practicing Taking the ICND2 or CCNA R&S Exam
790(1)
Advice on How to Answer Exam Questions
790(2)
Taking Other Practice Exams
792(1)
Find Knowledge Gaps Through Question Review
792(2)
Practice Hands-On CLI Skills
794(2)
Review Mind Maps from Part Review
795(1)
Do Labs
795(1)
Assess Whether You Are Ready to Pass (and the Fallacy of Exam Scores)
796(1)
Study Suggestions After Failing to Pass
797(1)
Other Study Tasks
798(1)
Final Thoughts
799(2)
Part IX Appendixes 801(12)
Appendix A Numeric Reference Tables
803(7)
Appendix B CCNA ICND2 200-105 Exam Updates
810(3)
Glossary 813(39)
Index 852
With over 20 years of experience as both an educator and IT professional, Adam Gordon?holds numerous Professional IT Certifications including CISSP, CISA, CRISC, CHFI, CEH, SCNA, VCP, and VCI. He is the author of several books and has achieved many awards, including EC-Council Instructor of Excellence for 2006-07 and Top Technical Instructor Worldwide, 2002-2003. Adam holds his Bachelor's Degree in International Relations and his Master's Degree in International Political Affairs from Florida International University. Adam has held a number of positions during his professional career including CISO, CTO, Consultant, and Solutions Architect. He has worked on many large implementations involving multiple customer program teams for delivery. Adam has been invited to lead projects for companies such as Microsoft, Citrix, Lloyds Bank TSB, Campus Management, US Southern Command (SOUTHCOM), Amadeus, World Fuel Services, and Seaboard Marine.