Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from CCNA Security 210-260 Certification Guide Build your knowledge of network security and pass your CCNA Security exam (210-260)

Product type Paperback

Published in Jun 2018

Publisher Packt

ISBN-13 9781787128873

Length 518 pages

Edition 1st Edition

Tools

Cisco

Concepts

IT Certification

Authors (3):

Glen D. Singh

Vijay Anandh

Michael Vinod

View More author details

Table of Contents (19) Chapters

Preface

1. Exploring Security Threats FREE CHAPTER

2. Delving into Security Toolkits

3. Understanding Security Policies

4. Deep Diving into Cryptography

5. Implementing the AAA Framework

6. Securing the Control and Management Planes

7. Protecting Layer 2 Protocols

8. Protecting the Switch Infrastructure

9. Exploring Firewall Technologies

10. Cisco ASA

11. Advanced ASA Configuration

12. Configuring Zone-Based Firewalls

13. IPSec – The Protocol that Drives VPN

14. Configuring a Site-to-Site VPN

15. Configuring a Remote-Access VPN

16. Working with IPS

17. Application and Endpoint Security

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Intrusion detection system

An intrusion detection system (IDS) is a monitoring system that passively monitors incoming and outgoing network traffic for suspicious attacker activity. An IDS is a module that can alert network devices, but it cannot stop attacks from happening. Generally, an IDS is configured in promiscuous mode because it cannot block the attacks, but only send alerts:

One major question you may have is how different is an IPS from a firewall that can also do deep-packet inspection? Well, the answer is that an IPS can identify traffic patterns that might match an attack, while a firewall can do an inspection on a per-packet basis, thereby they would not be intelligent enough to detect an attack. So, in any secure network, an IPS complements a firewall.

The different IPS and IDS identification methods are discussed here:

Signature-based: The IPS verifies the...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (3)

Glen D. Singh

Glen D. Singh is a cybersecurity author, educator and SecOps professional. His areas of expertise are cybersecurity operations, offensive security tactics and techniques, and enterprise networking. He holds a Master of Science (MSc) in cybersecurity and many industry certifications from top awarding bodies such as EC-Council, Cisco, and Check Point. Glen loves teaching and mentoring others while sharing his wealth of knowledge and experience as an author. He has written many books, which focus on vulnerability discovery and exploitation, threat detection, intrusion analysis, incident response, network security, and enterprise networking. As an aspiring game changer, Glen is passionate about increasing cybersecurity awareness in his homeland, Trinidad and Tobago.

See other products by Glen D. Singh

Anandh

Vijay Anandh is an IT consultant and public speaker specializing in Cisco routing and switching, security, and F5 load balancer technologies. He has 9 years of combined experience as a training consultant and network architect.

See other products by Anandh

Vinod

Michael Vinod is a freelance IT trainer and consultant specializing in Cisco routing, switching, and security technologies. He has expertise in the field of networking, with close to 3 years of field experience and 7 years of experience, as a Cisco training consultant. He has a passion for training individuals on Cisco technologies and has received accolades from various clients.

See other products by Vinod