Worldwide [change] |Account |Register |About Cisco
Guest

Hierarchical Navigation

IT Certification and Career Paths

642-501 SECUR

Securing Cisco IOS Networks

Retired

 
Exam Number:     642-501
Associated Certifications: CCSP, Cisco Firewall, VPN and IDS Specialists
Duration: 90 minutes (65-75 questions)
Available Languages: English
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions
 

Exam Description    Exam Topics    Recommended Training    Additional Resources
  Exam Description  
 

The Securing Cisco IOS Networks exam (SECUR 642-501) is one of the exams associated with the Cisco Certified Security Professional, Cisco Firewall Specialist, Cisco VPN Specialist, and Cisco IDS Specialist certifications. Candidates can prepare for this exam by taking the SECUR v1.1 course. This exam includes simulations and tests a candidate's knowledge and ability to secure Cisco IOS router networks. CCNA or CCDA recertification candidates who pass the 642-501 exam will be considered recertified at the CCNA or CCDA level.

  
  Exam Topics  
 

The following information provides general guidelines for the content likely to be included on this exam. However, other related topics may also appear on any specific delivery of the exam.

Basic Cisco Router Security
•  Secure administrative access for Cisco routers
•  Describe the components of a basic AAA implementation
•  Test the perimeter router AAA implementation using applicable debug commands

Advanced AAA Security for Cisco Router Networks
•  Describe the features and architecture of CSACS 3.0 for Windows
•  Configure the perimeter router to enable AAA processes to use a TACACS remote service

Cisco Router Threat Mitigation
•  Disable unused router services and interfaces
•  Use access lists to mitigate common router security threats

Cisco IOS Firewall CBAC Configuration
•  Define the Cisco IOS Firewall and CBAC
•  Configure CBAC

Cisco IOS Firewall Authentication Proxy Configuration
•  Describe how authentication proxy technology works
•  Configure AAA on a Cisco IOS Firewall

Cisco IOS Firewall IDS Configuration
•  Name the two types of signature implementations used by the Cisco IOS Firewall IDS
•  Initialize a Cisco IOS Firewall IDS router

Building Basic IPSec Using Cisco Routers
•  Configure a Cisco router for IPSec using pre-shared keys
•  Verify the IKE and IPSec configuration
•  Explain the issues regarding configuring IPSec manually and using RSA encrypted nonces

Building Advanced IPSec VPNs Using Cisco Routers and Certificate Authorities
•  Advanced IPSec VPNs using Cisco Routers and CAs

Configuring Cisco Remote Access IPSec VPNs
•  Describe the Easy VPN Server

Managing Enterprise VPN Routers
•  Managing Enterprise VPN Routers

 
  Recommended Training  
 

Securing Cisco IOS Networks (SECUR) v1.1 is the recommended training for the Securing Cisco IOS Networks Exam.

Courses listed are offered by Cisco Learning Partners—the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the List of Learning Partners for a Cisco Learning Partner nearest you.

  
  Additional Resources  
 

A variety of Cisco Press Self-Study titles are available for this exam. These titles can be purchased at the Cisco Marketplace, directly from Cisco Press, or wherever you purchase technical books.

  
  [ Return to Top ]