Chapter 4. Configuring Context-based Access Control on a Cisco Router


Chapter 4. Configuring Context-based Access Control on a Cisco Router

Terms you'll need to understand:

  • Stateful inspection

  • State table

  • Access control lists (ACLs)

  • Access control entries (ACEs)

  • Session information

  • Connection-oriented

  • Connectionless

  • Control channel

  • Data channel

  • Three-way handshake

  • SYN

  • SYN-ACK

  • ACK

  • Established state

  • Half-opened session

  • Embryonic

  • Unassembled packets

  • State structure allocation

  • Legal Simple Mail Transfer Protocol (SMTP) commands

  • Demilitarized zone (DMZ)

  • Inbound

  • Outbound

  • Port-to-application mapping (PAM)

Techniques you'll need to master:

  • Configuring event logging

  • Configuring global context-based access control (CBAC) parameters

  • Configuring named CBAC inspection rules

  • Configuring unique CBAC inspection rules

  • Configuring CBAC to inspect traffic

  • Configuring nonstandard port CBAC inspection

  • Verifying CBAC

  • Testing CBAC



CCSP SECUR Exam Cram 2
CCSP SECUR Exam Cram 2 (642-501)
ISBN: B000MU86IQ
EAN: N/A
Year: 2003
Pages: 291
Authors: Raman Sud

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net