CCIE Security Written
350-018 CCIE Security Exam
|
Exam Number:
|
350-018
|
|
Associated Certifications:
|
CCIE Security
|
|
Duration:
|
120 minutes (90-110 questions)
|
|
Available Languages:
|
English
|
Exam Format
- The written exam is a two-hour, multiple-choice exam with 90-110 questions.
- The exam is closed book and no outside reference materials are allowed.
- Candidates will be required to answer each question before moving on to the next question. In other words, candidates will not be allowed to skip a question and come back to it later.
- The overall exam score and the exam passing score will be reported on a scale from 300-1000.
CCIE Security Written Exam Topics
v4.0
The Security written exam (350-018) has 90-110
multiple-choice questions and is two hours in duration. The topic areas listed
are general guidelines for the type of content that is likely to appear on the
exam. Please note, however, that other relevant or related topic areas may also
appear.
Topics include networking fundamentals and security related
concepts and best practices, as well as key sections on Cisco Network Security
products and solutions in areas such as VPNs, intrusion prevention, firewalls,
identity services, policy management, and secure network best practices.
Content includes both IPv4 and IPv6 based concepts and solutions.
The CCIE Security written exam is a two-hour, multiple
choice test with 100 questions covering the areas of skills and competency
needed by a Security Engineer to implement, deploy, configure, maintain, and
troubleshoot Cisco Network Security solutions and designs. Topics include Cisco
network security devices, appliances, protocols, firewalls, VPNs, intrusion
prevention devices, policy management, and best practices for implementing a
secure network.
All exam materials are provided and no outside reference
materials are allowed.
|
CCIE Security Written Exam Topics v4.0
|
|
Infrastructure, Connectivity,
Communications, Network Security
|
|
Network Addressing Basics
|
|
OSI Layers
|
|
TCP/UDP/IP Protocols
|
|
LAN Switching (e.g. VTP, VLANs,
Spanning Tree, Trunking)
|
|
Routing Protocols (RIP, EIGRP,
OSPF, and BGP)
|
|
(a) Basic
Functions/Characteristics
|
|
(b) Security Features
|
|
Tunneling Protocols
|
|
(a) GRE
|
|
(b) NHRP
|
|
(c)v6 Tunnel Types
|
|
IP Multicast
|
|
(a) PIM
|
|
(b) Multi Src Disc Protocol
|
|
(c)IGMP/CGMP
|
|
(d) Multi Listener Discovery
|
|
Wireless
|
|
(a) SSID
|
|
(b) Authentication/Authorization
|
|
(c)Rogue Aps
|
|
(d) Session Establishment
|
|
Authentication/Authorization
Technologies
|
|
(a) Single Sign-on
|
|
(b) OTPs
|
|
(c)LDAP/AD
|
|
(d) Role Based Access Control
|
|
VPNs
|
|
(a) L2 vs L3
|
|
(b) MPLS/VRFs/Tag switching
|
|
MobileIP Networks
|
|
Security Protocols
|
|
Rivest, Shamir and Adleman (RSA)
|
|
Rivest Cipher 4 (RC4)
|
|
Message Digest 5 (MD5)
|
|
Secure Hash Algorithm (SHA)
|
|
Data Encryption Standard (DES)
|
|
Triple DES (3DES)
|
|
Advanced Encryption Standard (AES)
|
|
IP Security (IPsec)
|
|
Internet Security Association and
Key Management Protocol (ISAKMP)
|
|
Internet Key Exchange IKE/IKEv2
|
|
Group Domain of Interpretation
(GDOI)
|
|
Authentication Header (AH)
|
|
Encapsulating Security Payload
(ESP)
|
|
Certificate Enrollment Protocol
(CEP)
|
|
Transport Layer Security TLS/DTLS
|
|
Secure Socket Layer (SSL)
|
|
Secure Shell (SSH)
|
|
Remote Authentication Dial In User
Service (RADIUS)
|
|
Terminal Access Controller
Access-Control System Plus (TACACS+)
|
|
Lightweight Directory Access
Protocol (LDAP)
|
|
EAP Methods (e.g. EAP-MD5,
EAP-TLS, EAP-TTLS, EAP-FAST, PEAP, LEAP)
|
|
Public Key Infrastructure
(PKI)/PKIX/PKCS
|
|
802.1X
|
|
WEP/WPA/WPA2
|
|
Web Cache Communication Protocol
(WCCP)
|
|
Secure Group Tagging Exchange
Protocol (SXP)
|
|
MacSec
|
|
DNSSec
|
|
Application and Infrastructure
Security
|
|
Hypertext Transfer Protocol (HTTP)
|
|
Hypertext Transfer Protocol Secure
(HTTPS)
|
|
Simple Mail Transfer Protocol
(SMTP)
|
|
Dynamic Host Configuration
Protocol (DHCP)
|
|
Domain Name System (DNS)
|
|
File Transfer Protocol (FTP/SFTP)
|
|
Trivial File Transfer Protocol
(TFTP)
|
|
Network Time Protocol (NTP)
|
|
Simple Network Management Protocol
(SNMP)
|
|
Syslog
|
|
Netlogon,Netbios,SMB
|
|
RPCs
|
|
RDP/VNC
|
|
PCoIP
|
|
OWASP
|
|
Basic unnecessary services
|
|
Threats, Vulnerability Analysis
and Mitigation
|
|
Recognizing and mitigating common
attacks
|
|
(a) ICMP attacks, PING floods
|
|
(b) MITM
|
|
(c)Replay
|
|
(d) Spoofing
|
|
(e) Backdoor
|
|
(f) Botnets
|
|
(g) Wireless attacks
|
|
(h) DoS/DDoS Attacks
|
|
(i) Virus and Worms Outbreaks
|
|
(j) Header Attacks
|
|
(k) Tunneling attacks
|
|
Software/OS Exploits
|
|
Security/Attack Tools
|
|
Generic Network Intrusion
Prevention Concepts
|
|
Packet Filtering
|
|
Content Filtering/Packet
Inspection
|
|
Endpoint/Posture Assessment
|
|
QoS marking attacks
|
|
Cisco Security Products, Features
and Management
|
|
Cisco Adaptive Security Appliance
(ASA)
|
|
(a) Firewall Functionality
|
|
(b) Routing/Multicast Cababilities
|
|
(c )Firewall modes
|
|
(d) NAT - Pre 8.4/Post 8.4
|
|
(e) Object Definition/ACLs
|
|
(f) MPF functionality
(IPS/QoS/Application Awareness)
|
|
(g) Context Aware Firewall
|
|
(h) Identity Based Services
|
|
(g) Failover Options
|
|
Cisco IOS Firewalls and NAT
|
|
(a) CBAC
|
|
(b) Zone-Based Firewall
|
|
(c ) Port-to-Application Mapping
|
|
(d) Identity Based Firewalling
|
|
Cisco Intrusion Prevention Systems
(IPS)
|
|
Cisco IOS IPS
|
|
Cisco AAA Protocols and
Application
|
|
(a) RADIUS
|
|
(b) TACACS+
|
|
(c)Device Admin
|
|
(d)Network Access
|
|
(e)802.1X
|
|
(f)VSAs
|
|
Cisco Identity Services Engine
|
|
Cisco Secure ACS Solution Engine
|
|
Cisco Network Admission Control
(NAC) Appliance Server
|
|
Endpoint/Client
|
|
(a) Cisco AnyConnect VPN Client
|
|
(b) Cisco VPN Client
|
|
(c)Cisco Secure Desktop (CSD)
|
|
(d) NAC Agent
|
|
Secure Access Gateways (Cisco IOS
Router/ASA)
|
|
(a) IPsec
|
|
(b) SSL VPN
|
|
(c)PKI
|
|
Virtual Security Gateway
|
|
Cisco Catalyst 6500 Series
Security Services Modules
|
|
Scansafe
Functionality&Components
|
|
IronPort Products
|
|
Security Management
|
|
(a) Cisco Security Manager (CSM)
|
|
(b) Cisco Adaptive Security Device
Manager (ASDM)
|
|
(c)Cisco IPS Device Manager (IDM)
|
|
(d) Cisco IPS Manager Express
(IME)
|
|
(e) Cisco Configuration
Professional (CCP)
|
|
(f) Cisco Prime
|
|
Cisco Security Technologies and
Solutions
|
|
Router Hardening Features (e.g.
CoPP, MPP. uRPF, PBR)
|
|
Switch Security Features (e.g.
anti-spoofing, port, STP, MacSec,NDAC,NEAT)
|
|
NetFlow
|
|
Wireless Security
|
|
Network Segregation
|
|
(a) VRF-aware technologies
|
|
(b) VXLAN
|
|
VPN Solutions
|
|
(a) FlexVPN
|
|
(b) Dynamic Multipoint VPN (DMVPN)
|
|
(c)Group Encrypted Transport VPN
(GETVPN)
|
|
(d) EasyVPN
|
|
Content and Packet Filtering
|
|
QoS application for security
|
|
Load Balancing & Failover
|
|
Security Policies and Procedures,
Best Practices, Standards
|
|
Security Policy Elements
|
|
Information Security Standards
(e.g. ISO/IEC 27001, ISO/IEC 27002)
|
|
Standards Bodies (e.g. ISO, IEC,
ITU, ISOC, IETF, IAB, IANA, ICANN)
|
|
Industry Best Practices (e.g. SOX,
PCI DSS)
|
|
Common RFC/BCP (e.g.
RFC2827/BCP38, RFC3704/BCP84,RFC5735)
|
|
Security Audit & Validation
|
|
Risk Assessment
|
|
Change Management Process
|
|
Incident Response Framework
|
|
Computer Security Forensics
|
|
Desktop Security Risk
Assessment/Desktop Security Risk Management
|
No comments:
Post a Comment