tailieunhanh - Lecture CCNA security partner - Chapter 8: Access Control Lists for threat mitigation

Cisco provides basic traffic filtering capabilities with access control lists (ACL). This chapter covers the benefits of ACLs and describes their building blocks. The chapter describes summarizable address blocks in the context of CIDR and VLSM environments, demonstrating how ACL wildcard masks allow for threat mitigation in those environments. | Access Control Lists for Threat Mitigation 1 • Lists the benefits of ACLs • Describes the building blocks and operational framework of ACLs • Describes summarizable address blocks in the context of CIDR and VLSM environments, demonstrating how ACL wildcard masks allow for threat mitigation in those environments • Lists design considerations when deploying ACLs • Demonstrates the use of Cisco Configuration Professional and the CLI to deploy and verify a threat containment strategy using ACLs • Demonstrates the use of Cisco Configuration Professional and the CLI to correlate ACL log and alarm information in order to monitor their impact and effectiveness • Demonstrates how to configure object groups to streamline the implementation of ACLs for threat control • Demonstrates how to configure ACLs in IPv6 environments, highlighting the operational differences with IPv4 ACLs Outline ACLs provide packet filtering for routers and firewalls to protect internal networks from the outside world. | Access Control Lists for Threat Mitigation 1 • Lists the benefits of ACLs • Describes the building blocks and operational framework of ACLs • Describes summarizable address blocks in the context of CIDR and VLSM environments, demonstrating how ACL wildcard masks allow for threat mitigation in those environments • Lists design considerations when deploying ACLs • Demonstrates the use of Cisco Configuration Professional and the CLI to deploy and verify a threat containment strategy using ACLs • Demonstrates the use of Cisco Configuration Professional and the CLI to correlate ACL log and alarm information in order to monitor their impact and effectiveness • Demonstrates how to configure object groups to streamline the implementation of ACLs for threat control • Demonstrates how to configure ACLs in IPv6 environments, highlighting the operational differences with IPv4 ACLs Outline ACLs provide packet filtering for routers and firewalls to protect internal networks from the outside world. ACLs filter network traffic in both directions by controlling whether to forward or block packets at the router interfaces, based on the criteria that you specify within the ACLs. ACL criteria could be the source address of the traffic, the destination address of the traffic, the upper-layer protocol, or other information ACL Fundamentals Host A to access the Human Resources network but prevents Host B from accessing the Human Resources network. Filtering Host B Traffic Ingress Using an ACL • IP address spoofing (inbound) • IP address spoofing (outbound) • DoS TCP SYN attacks (blocking external attacks) • DoS TCP SYN attacks (using TCP intercept) • DoS Smurf attacks • Filtering ICMP messages (inbound) • Filtering ICMP messages (outbound) • Filtering traceroute Using ACLs to mitigate many threats ACLs operate in two ways: • Inbound: Incoming packets are processed before they are routed to an outbound interface. An inbound ACL is efficient because it saves the overhead of routing lookups

• An ninh - Bảo mật
• CCNA Security Partner
• Network Security
• Access Control Lists
• Threat mitigation
• Operational framework
• VLSM environments
• Purpose of security
• Basic security requirements
• Managing the risk
• Risk analysis
• Security strategy
• Cisco borderless Network
• Cisco borderless Network architecture
• Borderless Networks
• Threat control strategy
• Network security threats
• Threat control design
• Security intelligence analysis
• Network Foundation Protection
• Cisco Configuration Professional
• Cisco NFP Framework
• Secure management
• Securing the management plane
• Cisco IOS devices
• Network Time Protocol
• Simple Network Management Protocol
• Native VLANs
• Configuring VLANs
• Configuring Inter VLAN routing
• Spanning Tree
• IPv6 environments
• IPv6 headers
• IPv6 address types
• Configure IPv6 addressing
• Firewall Fundamentals
• Network Address Translation
• Firewall technologies
• Application layer firewalls
• Cisco IOS Zone Based Firewall
• Cisco IOS Zone Based Policy Firewall
• Intrusion Prevention Systems
• IPS fundamentals
• IPS attack responses
• IPS Anti Evasion techniques
• Fundamentals of cryptography
• VPN technologies
• Public Key Infrastructure
• IPsec fundamentals
• IPsec protocol
• IPsec’s main components
• Site to Site IPsec VPNs
• Cisco IOS Routers
• VPN configuration
• Cisco SSL VPNs
• Protocol framework
• Cisco VPN clientless mode
• Cisco full tunnel mode