Please review the Lab Exam Overview for general information about the CCIE Security lab exam. This lab exam blueprint v2.0 is a detailed outline of the topics likely to appear on the lab exam effective January 2, 2007. Knowledge of troubleshooting is an important skill and candidates are eXPected to diagnose and solve issues as part of the CCIE lab exam. The topics listed are guidelines and other relevant or related topics may also appear. Candidates for lab exams scheduled on January 2, 2007 or later should prepare using the v2.0 blueprints below. In general, new prodUCt features become eligible for testing on CCIE lab exams six months after general release.
Firewall
PIX and ASA Firewall
Basic initialization
Access Management
Address translation
ACLs
IP Routing
Object groups
VLANs
AAA
VPNs
Filtering
Failover
Layer 2 Transparent Firewall
Security Contexts (Virtual Firewall)
Modular Policy Framework
Application-Aware Inspection
High Availability Scenarios
QoS Policies
Other advanced features
IOS Firewall
CBAC
Audit
Auth Proxy
PAM
Access control
Performance tuning
Advanced features
VPN
IPSec LAN-to-LAN
SSL VPN
DMVPN
CA (PKI)
Remote access VPN
VPN3000 Concentrator
VPN3000 IP Routing
Unity client
WebVPN
EzVPN Hardware Client
XAuth, Split-tunnel, RRI, NAT-T
High Availability
QoS for VPN
GRE, mGRE
L2TP
PPTP
Advanced VPN features
Intrusion Prevention System (IPS)
IPS 4200 Series Sensor Appliance
Basic initialization
Sensor configuration
Sensor Management
Promiscuous and Inline Monitoring
Signature Tuning
Custom Signatures
Blocking
TCP Resets
Rate Limiting
Signature Engines
IDM
Event Action
Event Monitoring
IOS IPS
PIX IDS
SPAN, RSPAN
Advanced Features
Identity Management
Security Protocols (Radius, Tacacs+)
Cisco Secure ACS Configuration
Access Management (Telnet, SSH, Pwds, Priv Levels)
Proxy Authentication
Service Authentication (FTP, Telnet, HTTP, other)
Network Admission Control (NAC Framework solution)
802.1x
Advanced features
Advanced Security
Mitigation techniques
Packet marking techniques
Security RFCs (RFC1918, RFC2827, RFC2401)
Service Provider Security
Black Holes, Sink Holes
RTBH Filtering (Remote Triggered Black Hole)
Traffic Filtering using Access-lists
NAT
TCP Intercept
uRPF
CAR
NBAR
NetFlow
Flooding
Spoofing
Policing
Fragmentation
Sniffer Traces
Catalyst Management and Security
Traffic Control and Congestion Management
Catalyst Features and Advanced configuration
IOS Security Features
Network Attacks
Network Reconnaissance
IP Spoofing Attacks
MAC Spoofing Attacks
ARP Spoofing Attacks
Denial of Service (DoS)
Distributed Denial of Service (DDoS)
Man-in-the-Middle (MiM) Attacks
Port Redirection Attacks
DHCP Attacks
DNS Attacks
Fragment Attacks
Smurf attacks
SYN Attacks
MAC Attacks
VLAN Hoping Attacks
Other Layer2 and Layer3 Attacks