irishiop.blogg.se

out-ofband, CDP, DNS, SCP, SFTP, and DHCP security and risks)Ģ.7 Configure AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)Ģ.8 Configure secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)Ģ.9 Configure and verify site-to-site VPN and remote access VPNģ.1 Identify security solutions for cloud environmentsģ.2 Compare the customer vs.

1.1 Explain common threats against on-premises and cloud environmentsġ.2 Compare common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgeryġ.3 Describe functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorizationġ.4 Compare site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and An圜onnectġ.5 Describe security intelligence authoring, sharing, and consumptionġ.6 Explain the role of the endpoint in protecting humans from phishing and social engineering attacksġ.7 Explain North Bound and South Bound APIs in the SDN architectureġ.8 Explain DNAC APIs for network provisioning, optimization, monitoring, and troubleshootingġ.9 Interpret basic Python scripts used to call Cisco Security appliances APIsĢ.1 Compare network security solutions that provide intrusion prevention and firewall capabilitiesĢ.2 Describe deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilitiesĢ.3 Describe the components, capabilities, and benefits of NetFlow and Flexible NetFlow recordsĢ.4 Configure and verify network infrastructure security methods (router, switch, wireless)Ģ.5 Implement segmentation, access control policies, AVC, URL filtering, and malware protectionĢ.6 Implement management options for network security solutions such as intrusion prevention and perimeter security (Single vs.