Professional Documents
Culture Documents
Memory Tables
Chapter 1
Table 1-2 Government and Military Data Classification Example
Data Category Description
Unclassified
Sensitive but
unclassified (SBU)
Confidential
Secret
Top-secret
Phreaker
Script kiddy
Hacktivist
Computer security
hacker
Academic hacker
Hobby hacker
Chapter 1 4
Blind spoofing
5 Appendix D: Memory Tables
Dumpster diving
Electromagnetic
interference
(EMI)
interception
Wiretapping
Social
engineering
Sending
information over
overt channels
Sending
information over
covert channels
Chapter 2 6
Chapter 2
Table 2-2 Operations Security Recommendations
Recommendation Description
Separation of duties
Rotation of duties
Trusted recovery
Configuration and
change control
7 Appendix D: Memory Tables
Catastrophe
Warm site
Cold site
Annualized rate of
occurrence (ARO)
Chapter 2 8
Training
Education
Collaborative
Adaptive
continues
9 Appendix D: Memory Tables
Cisco Security
Agent (CSA)
Cisco Secure
Access Control
Server
Cisco Catalyst
6500 series switch
and Cisco 7600
series router
modules
Cisco Router and
Security Device
Manager (SDM)
Chapter 3
Table 3-2 IOS Security Features
Feature Description
Stateful firewall
Intrusion
Prevention System
Enable password
vty password
continues
11 Appendix D: Memory Tables
VPN
Security Audit
Routing
NAT
Intrusion Prevention
Quality of Service
NAC
Chapter 4
Table 4-2 AAA Commands to Secure Administrative and Remote LAN Access
Network Access AAA Command
Access Type Mode Mode Server Ports Element
Remote
administrative
access
Remote network
access
Chapter 4 12
aaa authentication
banner
aaa authentication
enable default
aaa authentication
fail-message
aaa authentication
local-override
aaa authentication
login
aaa authentication
nasi
aaa authentication
password-prompt
aaa authentication
ppp
aaa authentication
username-prompt
13 Appendix D: Memory Tables
list-name
method
exec
commands
Chapter 4 14
reverse-access
configuration
default
list-name
method
network
exec
connection
continues
15 Appendix D: Memory Tables
default
list-name
vrf vrf-name
start-stop
stop-only
none
broadcast
group group-name
Table 4-7 Ports Used by Cisco Secure ACS for Client Communication
Feature Protocol Port(s)
RADIUS authentication authorization
RADIUS accounting
TACACS+
Cisco Secure ACS database replication
RDBMS synchronization
User-changeable password web application
Logging
Chapter 4 16
Table 4-7 Ports Used by Cisco Secure ACS for Client Communication (Continued)
Feature Protocol Port(s)
Administrative HTTP port for new sessions
Administrative HTTP port range
AAA support
Multiprotocol
support
Router
management
Responses
tacacs-server host
ip-address single-
connection
tacacs-server key
key
17 Appendix D: Memory Tables
list-name
group group-name
group radius
group tacacs+
method2
method3
method4
Chapter 5 18
Chapter 5
Table 5-2 Cisco IOS Features
IOS Feature Description
Bootstrap protocol
(BOOTP) server
Cisco Discovery
Protocol (CDP)
Configuration
autoloading
FTP server
TFTP server
Finger service
ICMP unreachable
notifications
continues
19 Appendix D: Memory Tables
IP identification service
TCP keepalives
Gratuitous ARP
Proxy ARP
IP-directed broadcast
SNMP agent
Management
Information Base
(MIB)
Table 5-6 Security Models and Security Levels Supported by Cisco IOS
Security Authentication
Model Security Level Strategy Encryption Type
SNMPv1
SNMPv2c
SNMPv3
21 Appendix D: Memory Tables
Chapter 6
Table 6-2 Root Guard Versus BPDU Guard
STP Attack
Mitigation Method Description
Root Guard
BPDU Guard
Isolated
Community
Authenticator
Authentication
server
Chapter 7 22
Chapter 7
Table 7-2 Cisco Security Elements
Cisco Security Element Description
Endpoint protection
Network infection
containment
23 Appendix D: Memory Tables
Trusted path
Privileged context of
execution
Process memory
protection and
isolation
Access control to
resources
Table 7-4 Techniques for Protecting Endpoints from Operating System Vulnerabilities
Protection Technique Description
Least-privilege concept
Isolation between
processes
Chapter 7 24
Table 7-4 Techniques for Protecting Endpoints from Operating System Vulnerabilities (Continued)
Protection Technique Description
Reference monitor
Propagation mechanism
Payload
continues
25 Appendix D: Memory Tables
Penetration phase
Persist phase
Propagate phase
Paralyze phase
Chapter 7 26
Cisco NAC
Appliance (Cisco
Clean Access)
Cisco Security
Agent
27 Appendix D: Memory Tables
Network
Interceptor
Configuration
Interceptor
Execution Space
Interceptor
Chapter 8
Table 8-2 SAN Transport Technologies
SAN Transport
Technology Description
Fibre Channel
iSCSI
FCIP
Chapter 9 28
Chapter 9
Table 9-2 VoIP Components
Component Description
IP phone
Call agent
Gateway
Gatekeeper
Multipoint
Control Unit
(MCU)
Application
server
Videoconference
station
Voice-enabled
switch
29 Appendix D: Memory Tables
MGCP
H.248
SIP
SCCP
RTP
RTCP
SRTP
Chapter 9 30
Gleaning information
from unsecured VoIP
network resources
Launching a denial-
of-service (DoS)
attack
Capturing telephone
conversations
31 Appendix D: Memory Tables
Vishing
Toll fraud
SIP attacks
Using firewalls
Using IPsec-
protected VPNs
Disabling web
access
Disabling gratuitous
ARP
Disabling unneeded
services
Chapter 10 32
Chapter 10
Table 10-2 Initial Firewall Technologies
Firewall Technology Description
Static packet-filtering
firewall
Circuit-level firewall
Application layer
firewall
Dynamic packet-
filtering firewall
continues
33 Appendix D: Memory Tables
Improve routing
performance
Defend against
spoofing and
DoS attacks
Chapter 10 34
Applications that
open multiple
connections
User
authentication is
not supported
Session layer
Application
layer
35 Appendix D: Memory Tables
To provide more
stringent controls over
security than stateful
filtering provides
Deny physical
access to firewall
devices
Allow only
necessary
protocols
Segment security
zones
Chapter 10 36
Never use a
firewall as a
workstation for a
user
Set connection
limits
Restrict access to
firewalls
Combine firewall
technology
Use firewalls as
part of a
comprehensive
security solution
Maintain your
installation
37 Appendix D: Memory Tables
access-list-name
in
out
continues
39 Appendix D: Memory Tables
Order of specific
statements
Directional filtering
Modifying numbered
ACLs
Special packets
Protocol-specific
parameter map
match access-group
{number | name}
match class-map-
name
Chapter 11
Table 11-2 IDS/IPS Detection Methods
Detection Method Description
Signature-based
detection
Policy-based
detection
continues
41 Appendix D: Memory Tables
Inline mode
Chapter 11 42
Block traffic
associated with the
offending connection
continues
43 Appendix D: Memory Tables
Chapter 12
Table 12-2 Defining Attack Types
Type of Attack Description
Chosen plain-
text attack
Chosen
ciphertext attack
Chapter 12 44
Meet-in-the-
middle attack
Brute-force
attack
Ciphertext-only
attack
Known plain-
text attack
45 Appendix D: Memory Tables
Asymmetric encryption
algorithms
Use a secure
channel
Use CBC
mode
Avoid weak
keys
Chapter 12 46
RC4
RC5
RC6
Protection against
brute-force attacks
47 Appendix D: Memory Tables
Chapter 13
Table 13-2 RSA Attack Vulnerabilities
Attack Description
Timing attack
Adaptive
chosen
ciphertext
attack
Branch
prediction
analysis
(BPA) attack
Chapter 14 48
Chapter 14
Table 14-2 Uses of X.509v3
Use of X.509v3 Description
Website authentication
To support S/MIME
In IPsec VPNs
To implement client
certificates
The CA
administrator’s
process
Chapter 15
Table 15-2 Site-to-Site VPN Elements
Element Description
Headend VPN device
Tunnel
Broadband service
Chapter 15 50
Aggressive
mode
Quick mode
51 Appendix D: Memory Tables
Table 15-5 Establishing, Maintaining, and Tearing Down an IPsec Site-to-Site VPN
Step Configuration
Step 1
Step 2
Step 3
Step 4
Step 5
Step 2
Step 3
Step 4
Step 5
Chapter 15 52
IKE proposals
Protected traffic