保护思科无线企业网络考试要点(最新)
WISECURE(300-375)考试检验考生是否具备实施客户端设备安全,基于身份认证和服务,以及保护和监控企业无线基础设施的能力。下面是小编整理的考试主要内容:
1.0 Integrate Client Device Security19%Hide Details
1.1. Describe Extensible Authentication Protocol (EAP) authentication process
1.2. Configure client for secure EAP authentication
1.2.a. Native OS (iOS, Android, Windows, MAC OS, year 2013+) or AnyConnect client
1.3. Describe the impact of security configurations on application and client roaming
1.3.a. Key caching
1.3.b. 802.11r
1.4. Implement 802.11w Protected Management Frame (PMF) on the WLAN
1.4.a. Client support
1.4.b. PMF modes
1.4.c. Relevant timer settings
1.5. Implement Cisco Management Frame Protection (MFP)
1.5.a. Cisco Compatible Extensions (CCX)
1.5.b. Infrastructure mode
1.5.c. Client and infrastructure mode
1.6. Describe and configure client profiling
1.6.a. ISE
1.6.b. WLC
2.0 Implement Secure Distribution System Connectivity Services on the Wireless Infrastructure24%Hide Details
2.1. Describe the impact of BYOD on wireless security
2.1.a Additional security risks
2.1.b Loss of device control
2.1.c Increased complexity of policy enforcement
2.2. Implement BYOD policies
2.2.a. Single vs dual SSID
registration
2.2.c. mDNS sharing
-Fi Direct
2.3. Implement AAA based Layer 3 security on the controller
2.3.a. Local Web Auth (LWA)
2.3.a.[i] External authentication)
2.3.a.[ii] Locally significant certificates
2.3.a.[iii] Pre-authentication ACL
2.3.a.[iv] Pass through configuration
2.4. Describe regulatory compliance considerations for protecting data and access and providing accountability
2.4.a. PCI
2.5. Utilize security audit tools for Distribution Systems
2.5.a. PI reports
2.5.b. PCI audit
3.0 Implement Secure Client Connectivity Services on the Wireless Infrastructure27%Hide Details
3.1. Implement 802.1x wireless client authentication
3.1.a. AireOS
3.1.a.[i] Local
3.1.a.[ii] Central
3.1.b. IOS-XE
3.1.c. Autonomous
3.1.c.[i] Local authentication
3.1.c.[ii] Remote authentication
3.1.d. FlexConnect
3.1.d.[i] Local authentication
3.1.d.[ii] Remote authentication
3.2. Implement Identity Based Networking (IBN)
3.2.a. AireOS
3.2.a.[i] VLANs
3.2.a.[ii] QoS
3.2.a.[iii] ACLs
3.2.b. IOS-XE
3.2.b.[i] VLANs
3.2.b.[ii] QoS
3.2.b.[iii] ACLs
3.2.c. Autonomous
3.2.c.[i] VLAN
3.2.d. FlexConnect
3.2.d.[i] VLAN
3.2.d.[ii] ACLs
3.2.d.[iii] QoS
3.3. Implement ISE AAA parameters for integration with the wireless network
3.3.a. Network device
3.3.b. IBN profile
3.4. Implement AAA based Layer 3 security using ISE
3.4.a. Utilizing ISE as AAA service
3.4.a.[i] Locally significant certificates on ISE
3.4.a.[ii] Using captive portal capabilities for guest access
3.4.b. Central Web Auth (CWA
3.4.b.[i] Returned values and overrides
3.4.b.[ii] Access accept
3.4.b.[iii] AAA override statement
3.5. Configure MSE based web authentication
3.6. Utilize security audit tools for client connectivity
3.6.a. PI reports
3.6.b. PCI audit
4.0 Implement Secure Management Access on the WLAN Infrastructure14%Hide Details
4.1. Controlling administrative access to the wireless infrastructure
4.1.a. RADIUS
4.1.b. TACACS
4.1.c. Controller and ISE integration
4.1.d. Access point administration credentials
4.2. Configure APs and switches for 802.1x access to the wired infrastructure
4.2.a. Controller based
4.2.b. Autonomous
4.3. Implement SNMPv3 on the wireless infrastructure
4.3.a. AireOS
4.3.b. IOS-XE
4.3.c. Autonomous
5.0 Monitoring Security on the WLAN Infrastructure16%Hide Details
5.1. Execute Security reports on PI
5.2. Perform Rogue Management
5.2.a. Rogue Containment on WLC and PI
5.2.b. RLDP on WLC and PI
5.2.c. SwitchPort tracing on PI
5.2.d. Location on PI
5.2.e. Rogue Rules on WLC and PI
5.3. Monitor rogue APs and clients
5.3.a. PI Maps
5.3.b. Controller
5.4. Monitor Alarms
5.4.a. 2 items
5.4.b. PI Security Tab
5.4.c. Controller Trap Logs
5.5. Identify RF related Security interferers on WLC and PI Maps
5.5.a. Jammers
5.5.b. Inverted Wi-Fi
5.5.c. Wi-Fi invalid channel
5.6. Implement wIPS
5.6.a. Enhanced Local Mode (ELM)
相關文章
-
保护思科无线企业网络考试要点
保护思科无线企业网络(300-375)是获得思科CCNP认证需要通过的`一项考试。考试时间为90分钟,包括60-70道考题。WISECURE(300-375)考试证明通过的考生具备实施客户端设备安全,基于身份认证和服务,以及保护和监控企业无线基 -
部署思科无线企业网络考试要点
部署思科无线企业网络(300-365)是获得思科CCNP认证需要通过的一项考试。考试时间为90分钟,包括60-70道考题。WIDEPLOY(300-365)考试证明通过的考生具备实施基于无线网络的可适用思科控制器以及支持高可用性的.、QoS、 -
2017部署思科无线企业网络考试要点
WIDEPLOY(300-365)考试检验考生是否具备实施基于无线网络的可适用思科控制器以及支持高可用性的、QoS、组播和移动服务的统一交换架构的'能力。下面是小编整理的考试要点: 1.0 Implement QoS for Wireless Applica -
故障排除思科无线企业网络考试概述和要点
本文目录医疗救助申请书城乡医疗救助申请书农村医疗救助申请书医疗救助申请书农村特困医疗救助申请书县民政局:我叫xxx,今年62岁,身份证号码为xxxxxxxxxxxxxxx。系我县xx村村民,我全家共有3口人,丈夫患癌症去世,是大病致贫 -
设计思科无线企业网络考试主要内容
设计思科无线企业网络(300-360)是获得思科CCNP认证需要通过的一项考试。考试时间为90分钟,包括60-70道考题。WIDESIGN(300-360)考试证明通过的.考生具备识别客户和应用需求,实施预测无线设计原则和执行站点调查所需的企 -
2017设计思科无线企业网络考试主要内容
WIDESIGN(300-360)考试检验考生是否具备识别客户和应用需求,实施预测无线设计原则和执行站点调查所需的企业无线网络设计和优化的.能力。下面是考试的主要内容: 1.0 Obtaining Customer Requirements as Related to -
故障排除思科无线企业网络考试大纲
WITSHOOT(300-370)考试检验考生是否具备故障排除和优化企业无线基础设施和相关服务,以及发现和解决客户端连接性、性能和RF问题所需的.工具和计算方法的能力。下面是考试大纲: 1.0 Troubleshooting Methodology10%Hi -
实施思科统一无线网络基础考试(IUWNE)
思科发布了新版CCNA 无线认证的考试蓝本,640-722 IUWNE考试要点V2.0 .同时新版考试要点的CCNA无线考试640-722也于2012年1月31日在全球的VUE考试中心正式启用。以前的考试640-721 将于2012年5 月11日停止报考。 考 -
WIFUND实施思科无线网络基础考试要点
200-355 WIFUND 实施思科无线网络基础考试时间为90分钟,涵盖与CCNA无线认证相关的60-70道考题。200-355 WIFUND考试检验考生Radio Frequency(PF)及802.11等知识点,同时检测考生是否具备安装,配置,监控及基础故障排除小型 -
实施思科统一无线语音网络IUWVN考试要点
实施思科统一无线语音网络(IUWVN)考试是与CCNP无线认证相关的考试,旨在测试考生能否将VoWLAN服务集成到WLAN中,并在无线网络中实施QoS、MPLS、和高带宽应用。考生可以通过学习实施思科统一无线语音网络(IUWVN)课程来为