2009-09-01 12:18 (Ultima actualización: 2023-04-10 16:55)
642-504 Blueprint
La siguiente información se encuentra disponible en el sitio web de Cisco.
Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Implement Cisco Layer 2 security
- Utilize Cisco IOS commands to mitigate Layer 2 attacks
- Implement Cisco Identity-Based Networking Services on Cisco Catalyst Switches
- Implement Identity Management using ACS as the Authentication Server
Configure Cisco IOS Firewalls to mitigate network threats
- Identify and describe the advanced capabilities of the IOS firewall feature set
- Configure Classic IOS Firewall (CBAC) and NAT to dynamically mitigate identified threats to the network
- Verify Classic IOS Firewall (CBAC) configuration and operation
- Configure IOS Zone-Based Firewalls including advanced application inspections and URL filtering
- Verify Zone-Based Firewall operations
Configure Cisco IOS-IPS to identify and mitigate threats to network resources
- Identify and describe the advanced capabilities of the Cisco IOS-IPS feature set including Signature Event Action Processing
- Configure Cisco IOS-IPS features to identify threats and dynamically block them from entering the network
- Verify Cisco IOS-IPS operations
- Maintain, update and tune Cisco IOS-IPS signatures
Configure Cisco VPNs to provide secure connectivity for site-to-site and remote access communications
- Describe IPsec features and functionality
- Describe GRE/IPsec features and functionality
- Configure secure connectivity for site-to-site VPN using certificate authorities
- Describe DMVPN features and functionality
- Configure secure connectivity for site-to-site VPN using DMVPN
- Verify secure site-to-site VPN operations
- Implement IOS SSL VPN
- Configure Cisco IOS Easy VPN Server with Dynamic Virtual Tunnel Interface (DVTI)
- Configure Cisco IOS Easy VPN remote using both router and VPN software clients
- Verify Cisco IOS Easy VPN implementations
- Implement IOS GET VPN operations
- Describe High Availability IPsec VPNs
Implement Network Foundation Protection using the CLI
- Describe NFP features and functionality
- Secure the management plane using Cisco IOS security features
- Secure the data plane using Cisco IOS security features
- Secure the control plane using Cisco IOS security features