The chapter covers port-level security controls at Layer 2 and security features and best
practices available on the switch.
Chapter 5, "Cisco IOS Firewall," introduces the software-based IOS firewall features, including the legacy
Context-Based Access Control (CBAC) and the newly introduced Zone-Based Policy Firewall (ZFW) feature
available on the router.
Chapter 6, "Cisco Firewalls: Appliance and Module," covers the complete range of hardware-based Cisco
firewall products, including Cisco PIX, Cisco ASA Firewall appliance, and Cisco Firewall Services Module
(FWSM). The chapter provides comprehensive coverage of firewall operating systems (OS), software
features, and capabilities.
Chapter 7, "Attack Vectors and Mitigation Techniques," is a uniquely positioned chapter covering details of
common types of attacks, and providing details of how to characterize and classify various attacks. The
chapter provides mitigation techniques for a wide range of attacks at Layer 2 and Layer 3.
Part II, "Identity Security and Access Management": Identity is the accurate and positive identification of
network users, hosts, applications, services and resources. Part II includes the following chapters:
Chapter 8, "Securing Management Access," covers details of the authentication, authorization, and
accounting (AAA) framework and implementation of AAA technology.
Pages:
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33