CBT NUGGETS CISCO CCSP EXAM PACK 642-524 SNAF
After watching this video series, you’ll be ready to take on the tasks
of a Cisco Firewall and VPN specialist. Trainer Michael Shannon covers
everything you’ll need to know for securing your network with ASA
Introduction to SNAF
This opening nugget is an overview of the exam objectives as well as a look at the entire nugget series.
ASA Features and Technology
Here we explore the functionality of the three types of firewalls used to secure our network infrastructure. You will learn the technology and features of Cisco’s various security appliances.
PIX and ASA Product Line
This nugget is a survey of the different Cisco ASA and PIX security appliance models. The Cisco ASA security appliance licensing options are also covered.
Security Appliance Basics
In this knowledge-packed SNAF nugget we’ll find out about the four main access modes, appliance file management system, security levels, and ASDM requirements and capabilities using the CLI to configure and verify basic network settings, prepare the ASA for configuration via Cisco ASDM, and verification of ASA configuration and licensing via Cisco ASDM.
Configuring the ASA
This vital nugget explores the configuration of ASA for basic network connectivity which includes verifying the initial configuration, setting the clock and synchronizing the time on a security appliance. You’ll also configure a security appliance to send syslog messages to a syslog server.
Translations and Connections (part 1)
This important SNAF module describes how the TCP and UDP protocols function within the security appliance. In addition, the dynamic address translations are defined and configured.
Translations and Connections (part 2)
This follow-up nugget describes and configures port address translation along with static address translations. The process of setting connection limits is also covered.
ACLs and Content Filtering
This nugget will introduce you to the explanation and configuration appliance ACLs. You will configure active code filtering (Microsoft ActiveX and Java applets) as well as configure the security appliance for URL filtering.
Welcome to the wonderful and optimizing world of object grouping. Learn all about the object grouping feature of the security appliance and its advantages – an advantage you’ll see time and again throughout this nugget series. You will also learn to configure object groups and use them in ACLs.
Switching and Routing with the ASA
In this gem we cover the configuration of logical interfaces and VLANs on the switching side and on the routing side we look at static routes, static route tracking, and the dynamic routing capabilities of Cisco security appliances and configure passive RIP routing.
This one explores AAA functions, local user database configuration, installation and configuration of Cisco Secure ACS, cut-through proxy authentication, and configuring user authorization using downloadable ACLs.
Cisco Modular Policy Framework (MPF)
MPF is a powerful policy language for the ASA, and in this nugget you’ll learn about the Cisco Modular Policy Framework feature set; the functionality of class maps, policy maps and service policies; how to use the Cisco ASDM to configure a service policy rule and a policy for management traffic. Finally, the technique for displaying Cisco Modular Policy Framework component will be covered.
Advanced Protocol Handling & Threat Detection
This SNAF nugget combines two powerful features. The topics covered include: the need for advanced protocol handling; how the security appliance implements inspection of common network applications; the issues with multimedia applications and how the security appliance supports multimedia call control and audio sessions; threat detection and threat statistics; and basic threat detection, scanning threat detection, and viewing threat detection statistics.
Site-To-Site VPNs with PSKs
Here we explore how security appliances enable a secure VPN. We also look at: how IPSec works; preparing to configure an IPSec VPN; configuring a VPN between security appliances; implementing the Site-to-Site VPN menus in Cisco ASDM to modify a configured site-to-site VPN; and testing and verifying a site-to-site VPN configuration.
Remote Access VPN Configuration
In this nugget you’ll learn about Cisco Easy VPN, the Cisco VPN Client, configuring an IPSec Remote-Access VPN; and configuring users and groups.
Cisco SSL VPN for the ASA
Here is a continuation of the VPN theme as we look at SSL VPN and its purpose. We will use the SSL VPN Wizard to configure a basic Clientless SSL VPN connection and, finally, verify SSL VPN operations.
Transparent Firewall Mode
This SNAF module will explain the purpose of transparent firewall mode as well as how data traverses a security appliance in transparent mode. You will learn how to enable transparent firewall mode along with monitoring and maintaining transparent firewall mode.
Here is where the scalability, power, and extensibility of the ASA are really seen through the newest virtualization technology. We will discover the purpose of security contexts and how to enable and disable multiple context mode. Also we will configure a security context and allocate resources to a security context. In the final section of this nugget, we will manage a security context.
This SNAF nugget module describes the difference between hardware and stateful failover as well as the difference between active/standby and active/active failover. You’ll learn about the security appliance failover hardware requirements and how active/standby failover works. The security appliance roles of primary, secondary, active, and standby will be covered as well as how active/active failover works. Then you will see how the ADSM is used to configure active/standby LAN-based failover and active/active failover.
Security Appliance Management
The final nugget of this series covers the following maintenance topics: configuring telnet access to the security appliance; configuring SSH access to the security appliance; configuring command authorization; recovering security appliance passwords using general password recovery procedures; and installing and upgrading the software image on the security appliance.
All links are InterChangable. It means you can download any part of the archive from any host, and can extract them without problem!