CCIE SECURITY TRACK-Written Exam Blueprint v2.0

Written Exam Blueprint v2.0

The Security written exam (350-018) has 100 multiple-choice questions and is two hours in duration. The topic areas listed are general guidelines for the type of content that is likely to appear on the exam effective January 2, 2007. Please note, however, that other relevant or related topic areas may also appear. Candidates prior to January 2 should continue using the prior blueprints (now known as v1.0).

General Networking

Networking Basics

OSI Layers

TCP/IP Protocols

Switching (VTP, VLANs, Spanning Tree, Trunking, etc.)

Routing Protocols (RIP, EIGRP, OSPF, and BGP)

IP Multicast

Security Protocols, Ciphers and Hash Algorithms

RADIUS

TACACS+

Ciphers RSA, DSS, RC4

Message Digest 5 (MD5)

Secure Hash Algorithm (SHA)

EAP PEAP TKIP TLS

Data Encryption Standard (DES)

Triple DES (3DES)

Advanced Encryption Standard (AES)

IP Security (IPSec)

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Internet Key Exchange (IKE)

Certificate Enrollment Protocol (CEP)

Transport Layer Security (TLS)

Secure Socket Layer (SSL)

Point to Point Tunneling Protocol (PPTP)

Layer 2 Tunneling Protocol (L2TP)

Generic Route Encapsulation (GRE)

Secure Shell (SSH)

Pretty Good Privacy (PGP)

Application Protocols

Hypertext Transfer Protocol (HTTP)

Simple Mail Transfer Protocol (SMTP)

File Transfer Protocol (FTP)

Domain Name System (DNS)

Trivial File Transfer Protocol (TFTP)

Network Time Protocol (NTP)

Lightweight Directory Access Protocol (LDAP)

Syslog

Security Technologies

Packet Filtering

Content Filtering

URL Filtering

Authentication Technologies

Authorization technologies

Proxy Authentication

Public Key InfrastrUCture (PKI)

IPSec VPN

SSL VPN

Network Intrusion Prevention Systems

Host Intrusion Prevention Systems

Event Correlation

Adaptive Threat Defense (ATD)

Network Admission Control (NAC)

802.1x

Endpoint Security

Network Address Translation

Cisco Security Appliances and Applications

Cisco Secure PIX Firewall

Cisco Intrusion Prevention System (IPS)

Cisco VPN 3000 Series Concentrators

Cisco EzVPN Software and Hardware Clients

Cisco Adaptive Security Appliance (ASA) Firewall

Cisco Security Monitoring, Analysis and Response System (MARS)

Cisco IOS Firewall

Cisco IOS Intrusion Prevention System

Cisco IOS IPSec VPN

Cisco IOS Trust and Identity

Cisco Secure ACS for Windows

Cisco Secure ACS Solution Engine

Cisco Traffic Anomaly Detectors

Cisco Guard DDoS Mitigation Appliance

Cisco Catalyst 6500 Series Security Modules (FWSM, IDSM, VPNSM, WebVPN, SSL modules)

Cisco Traffic Anomaly Detector Module & Cisco Guard Service Module

Cisco Security Management

Cisco Adaptive Security Device Manager (ASDM)

Cisco Router & Security Device Manager (SDM)

Cisco Security Manager (CSM)

Cisco Security General

IOS Specifics

Routing and Switching Security Features: IP & MAC Spoofing, MAC Address Controls, Port Security, DHCP Snoop, DNS Spoof.

NetFlow

Layer 2 Security Features

Layer 3 Security Features

Wireless Security

IPv6 Security

Security Solutions

Network Attack Mitigation

Virus and Worms Outbreaks

Theft of Information

DoS/DDoS Attacks

Web Server & Web Application Security

Security General

Policies - Security Policy Best Practices

Information Security Standards (ISO 17799, ISO 27001, BS7799)

Standards Bodies

Common RFCs (e.g. RFC1918, RFC2827, RFC2401)

BCP 38

Attacks, Vulnerabilities and Common EXPloits - recon, scan, priv escalation, penetration, cleanup, backdoor

Security Audit & Validation

Risk Assessment

Change Management Process

Incident Response Framework

Computer Security Forensics