Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam and excel in your day-to-day security work. CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide presents you with an organized test preparation routine using proven series elements and techniques. "Do I Know This Already?" quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. * Master the topics on the CCNP Security concentration exam that focuses on the Cisco Secure Firewall and IPS (formerly known as Cisco Firepower) * Assess your knowledge with chapter-opening quizzes * Review key concepts with exam preparation tasks * Practice with realistic exam questions in the practice test software CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Long-time Cisco security insider Nazmul Rajib shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. This complete study package includes * A test-preparation routine proven to help you pass the exams * Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section * Chapter-ending and part-ending exercises, which help you drill on key concepts you must know thoroughly * The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports * A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies * Study plan suggestions and templates to help you organize and optimize your study time Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success. This official study guide helps you master the topics on the CCNP Security concentration exam that focuses on the Cisco Secure Firewall and IPS (formerly known as Cisco Firepower). Use it to deepen your knowledge of * Configurations * Integrations * Deployments * Management * Troubleshooting, and more Companion Website: The companion website contains two full practice exams, an interactive Flash Cards application, Study Planner, Glossary, memory table and config checklist review exercises, and more. Includes Exclusive Offers for Up to 80% Off Video Training, Practice Tests, and more Pearson Test Prep online system requirements: Browsers: Chrome version 73 and above, Safari version 12 and above, Microsoft Edge 44 and above. Devices: Desktop and laptop computers, tablets running Android v8.0 and above or iPad OS v13 and above, smartphones running Android v8.0 and above or iOS v13 and above with a minimum screen size of 4.7. Pearson Test Prep offline system requirements: Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases. Also available from Cisco Press for CCNP Security study is the CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Test. This integrated learning package * Enables you to focus on individual topic areas or take complete, timed exams * Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions * Provides unique sets of exam-realistic practice questions * Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Table of Contents:
Introduction xxv Part I General Deployment Chapter 1 Introduction to Cisco Secure Firewall and IPS 2 “Do I Know This Already?” Quiz 3 Foundation Topics 4 Evolution of Next-Generation Firewall 4 Cisco Secure Firewall Solutions 8 Product Evolution and Lifecycle 11 Software and Hardware Architecture 14 Scalability and Resiliency 18     Clustering 18     Multi-Instance 19     High Availability 20     Resiliency in Connectivity 21 Summary 22 Exam Preparation Tasks 22 Chapter 2 Deployment of Secure Firewall Virtual 24 “Do I Know This Already?” Quiz 24 Foundation Topics 26 Cisco Secure Firewall on a Virtual Platform 26     Hosting Environment Settings 27     Virtual Resource Allocation 28     Software Package Selection 28 Best Practices 30 Configuration 31     Virtual Network for Management Traffic 32     Virtual Network for Data Traffic 33     Virtual Machine Creation for Secure Firewall 35 System Initialization and Validation 41 Summary 45 Exam Preparation Tasks 46 Chapter 3 Licensing and Registration 48 Do I Know This Already? 48 Foundation Topics 50 Cisco Licensing Architecture 50     Direct Cloud Access 52     On-Premises Server 52     Offline Access 53 Cisco Secure Firewall Licenses 54     Feature License 54     Export-Controlled License 55     Evaluation License 56 Validation of Licensing 59 Device Registration 61     Best Practices for Registration 61     Configurations on Threat Defense 62     Configurations on Management Center 63     Management Communication over the Internet 65 Validation of Registration 67 Summary 68 Exam Preparation Tasks 69 Chapter 4 Firewall Deployment in Routed Mode 70 “Do I Know This Already?” Quiz 70 Foundation Topics 72 Routed Mode Essentials 72 Best Practices for Routed Mode Configuration 73 Fulfilling Prerequisites 73     Enabling the Routed Firewall Mode 75 Configuration of the Routed Interface 75     Configuring Interfaces with Static IP Addresses 76     Configuring Interfaces with Automatic IP Addresses 80 Validation of Interface Configuration 82 Summary 88 Exam Preparation Tasks 89 Chapter 5 Firewall Deployment in Transparent Mode 90 “Do I Know This Already?” Quiz 90 Foundation Topics 92 Transparent Mode Essentials 92 Best Practices for Transparent Mode Configuration 93 Fulfilling Prerequisites 94     Enabling the Transparent Firewall Mode 95 Configuring Transparent Mode in a Layer 2 Network 96     Configuring the Physical and Virtual Interfaces 96     Verifying the Interface Status 103     Verifying Basic Connectivity and Operations 104 Deploying a Threat Defense Between Layer 3 Networks 108     Selecting a Default Action 108     Adding an Access Control Rule for a Routing Protocol 111     Creating an Access Control Rule for the SSH Protocol 113     Verifying Access Control Lists 115 Integrated Routing and Bridging (IRB) 118 Summary 118 Exam Preparation Tasks 118 Chapter 6 IPS-Only Deployment in Inline Mode 120 “Do I Know This Already?” Quiz 120 Foundation Topics 122 Inline Mode Essentials     Inline Mode Versus Passive Mode 123     Inline Mode Versus Transparent Mode 125 Best Practices for Inline Mode 125 Inline Mode Configuration 126     Fulfilling Prerequisites 126     Interface Setup 127     Inline Set Configuration 129 Verification 132     Event Analysis in IPS-Only Mode 135 Summary 136 Exam Preparation Tasks 136 Chapter 7 Deployment in Detection-Only Mode 138 “Do I Know This Already?” Quiz 139 Foundation Topics 141 Detection-Only Mode Essentials 141     Passive Monitoring Technology 141     Interface Modes: Inline, Inline Tap, and Passive 142 Best Practices for Detection-Only Deployment 143 Inline Tap Mode 145     Configuration of Inline Tap Mode 145     Verification of Inline Tap Configuration 147 Passive Interface Mode 149     Configuration of Passive Interface Mode 149         Configuring Passive Interface Mode on a Threat Defense 150         Configuring a SPAN Port on a Switch 151     Verification of Passive Interface Configuration 152 Event Analysis in Detection-Only Mode 153 Summary 154 Exam Preparation Tasks 154 Part II Basic Security Operations Chapter 8 Capturing Traffic for Advanced Analysis 156 “Do I Know This Already?” Quiz 157 Foundation Topics 158 Packet Capture Essentials 158 Best Practices for Capturing Traffic 160 Capturing of Packets Using Secure Firewall 162     Configuration 162     Verification 165     Packet Capture versus Packet Tracer 169 Summary 170 Exam Preparation Tasks 170 Chapter 9 Network Discovery Policy 172 “Do I Know This Already?” Quiz 172 Foundation Topics 174 Network Discovery Essentials 174     Application Detectors 175     Network Discovery Operations 176 Best Practices for Network Discovery 178 Fulfilling Prerequisites 179 Configurations 180     Reusable Objects 181     Network Discovery Policy 183 Verification 186     Analyzing Application Discovery 186     Analyzing Host Discovery 186     Undiscovered New Hosts 188 Summary 191 Exam Preparation Tasks 191 Chapter 10 Access Control Policy 194 “Do I Know This Already?” Quiz 194 Foundation Topics 196 Access Control Policy Essentials 196     Policy Editor 196     Rule Editor 198 Best Practices for Access Control Policy 199 Access Control Policy Configuration 200     Fulfilling Prerequisites 201     Creating Rules 202 Verification 208 Summary 222 Exam Preparation Tasks 222 Chapter 11 Prefilter Policy 224 “Do I Know This Already?” Quiz 224 Foundation Topics 226 Prefilter Policy Essentials 226     Prefilter Policy: Rules and Actions 226     Bypassing Deep Packet Inspection 227 Best Practices for a Prefilter Policy 230 Enabling Bypass Through a Prefilter Policy 230     Fulfilling Prerequisites 230     Configuring a Rule in a Prefilter Policy 230     Invoking a Prefilter Policy into an Access Control Policy 235 Establishing Trust Through an Access Control Policy 237 Verification 240 Managing Encapsulated Traffic Inspection 242 Summary 245 Exam Preparation Tasks 245 Chapter 12 Security Intelligence 248 “Do I Know This Already?” Quiz 249 Foundation Topics 251 Security Intelligence Essentials 251 Best Practices for Security Intelligence 256 Fulfilling Prerequisites 257 Automatic Blocking Using Cisco Intelligence Feed 259     Verifying the Action of Cisco Intelligence Feed 262     Overriding the Cisco Intelligence Feed Outcome 265 Instant Blocking Using Context Menu 267     Adding an Address to the Block List 267     Deleting an Address from the Block List 268 Manual Blocking Using Custom List 269     Enabling Security Intelligence in Monitor-Only Mode 272 Threat Intelligence Director 274     Enabling Threat Intelligence Director 276     Adding Sources and Importing Indicators 277 Summary 280 Exam Preparation Tasks 281 Chapter 13 Domain Name System (DNS) Policy 282 “Do I Know This Already?” Quiz 282 Foundation Topics 284 DNS Policy Essentials 284     Domain Name System (DNS) 284     Blocking of a DNS Query Using a Secure Firewall 285     DNS Rule Actions 287         Actions That Can Interrupt DNS Queries 288         Actions That Allow DNS Queries 292     Sources of Intelligence 293 Best Practices for Blocking DNS Queries 295 Fulfilling Prerequisites 296 Configuring DNS Policy 297     Add a New Rule to a DNS Policy 298     Invoke the DNS Policy 301 Verification 302 Summary 307 Exam Preparation Tasks 307 Chapter 14 URL Filtering 310 “Do I Know This Already?” Quiz 310 Foundation Topics 312 URL Filtering Essentials 312     Category and Reputation 312     URL Database 314 Fulfilling Prerequisites 315 Best Practices for URL Filtering Configuration 317 Enabling URL Filtering 322     Blocking URLs of a Certain Category 323     Verifying the Operation of a URL Filtering Rule 325     Allowing a Specific URL 329     Analyzing the Default Category Override 331     Handling Uncategorized URLs 335     Investigating the Uncategorized URLs 338 Summary 340 Exam Preparation Tasks 341 Part III Advanced Configurations Chapter 15 Network Analysis and Intrusion Policies 342 “Do I Know This Already?” Quiz 343 Foundation Topics 345 Intrusion Prevention System Essentials 345     Network Analysis Policy 346     Intrusion Policy 346     System-Provided Variable Sets 352     System-Provided Base Policies 353 Best Practices for Intrusion Policy Deployment 356 Configuring a Network Analysis Policy 359 Configuring an Intrusion Policy 364     Creating a Policy with a Default Ruleset 364     Incorporating Intrusion Rule Recommendations 365     Enabling or Disabling an Intrusion Rule 368     Setting Up a Variable Set 369 Policy Deployment 371 Verification 373 Summary 379 Exam Preparation Tasks 379 Chapter 16 Malware and File Policy 380 “Do I Know This Already?” Quiz 380 Foundation Topics 382 File Policy Essentials 382     File Type Detection 382     Malware Analysis 382 Best Practices for File Policy Configuration 386 Fulfilling Prerequisites 387 Configuring a File Policy 390     Creating a File Policy 390     Deploying a File Policy 396 Verification 398     Analyzing File Events 399     Analyzing Malware Events 404         The Management Center Is Unable to Communicate with the Cloud 404         The Management Center Performs a Cloud Lookup 408         The Threat Defense Blocks Malware 409     Overriding a Malware Disposition 412     Network Trajectory 413 Summary 414 Exam Preparation Tasks 414 Chapter 17 Network Address Translation (NAT) 416 “Do I Know This Already?” Quiz 417 Foundation Topics 418 NAT Essentials 418     NAT Techniques 420     NAT Rule Types 422 Best Practices for NAT Deployment 423 Fulfilling Prerequisites 425 Configuring NAT 427     Masquerading a Source Address (Source NAT for Outbound Connection) 427         Configuring a Dynamic NAT Rule 427         Verifying the Configuration 433         Verifying the Operation: Inside to Outside 434         Verifying the Operation: Outside to Inside 441     Connecting to a Masqueraded Destination (Destination NAT for Inbound Connection) 446         Configuring a Static NAT Rule 446         Verifying the Operation: Outside to DMZ 449 Summary 457 Exam Preparation Tasks 457 Chapter 18 Traffic Decryption Policy 460 “Do I Know This Already?” Quiz 460 Foundation Topics 462 Traffic Decryption Essentials 462     Overview of SSL and TLS Protocols 462     Decryption Techniques on Secure Firewall 466 Best Practices for Traffic Decryption 467 Configuring a Decryption Policy 468     PKI Objects 468         Internal CAs Object 469         Internal Certs Object 469     SSL Policy 470     File Policy 474     Access Control Policy 474 Verification 476 Summary 480 Exam Preparation Tasks 480 Chapter 19 Virtual Private Network (VPN) 482 “Do I Know This Already?” Quiz 483 Foundation Topics 484 VPN Essentials 484     Site-to-Site VPN 485     Remote-Access VPN 488 IPsec Essentials 489     Mode of Operation 490     Security Association and Key Exchange 492         IKEv1 492         IKEv2 494     Authentication 495 Site-to-Site VPN Deployment 496     Prerequisites 496     Configurations 499         Access Control Policy 503         NAT Policy 504     Verification 507 Remote-Access VPN Deployment 513     Prerequisites 513     Configuration 516         AnyConnect File 517         RADIUS Server Group 518         Certificate Enrollment 518         Network and IP Address Pool 521         Remote-Access VPN Policy 522     Verification 527 Summary 534 Exam Preparation Tasks 535 Chapter 20 Quality of Service (QoS) 536 “Do I Know This Already?” Quiz 536 Foundation Topics 538 Quality of Service Essentials 538 Best Practices for Enabling QoS 541 Fulfilling Prerequisites 541 Configuring QoS Policy 542 Verification 546     Analyzing QoS Events and Statistics 550 Summary 554 Exam Preparation Tasks 554 Chapter 21 System Logging (Syslog) 556 “Do I Know This Already?” Quiz 557 Foundation Topics 558 Secure Firewall Logging Essentials 558 Best Practices for Logging 560 Prerequisites 560 Sending Syslog from Threat Defense 564     Add a Syslog Server on Platform Settings 564     Enable Logging on Access Control Policy 568     Verification 568 Sending Syslog from Management Center 569     Create Syslog Alerts 569     Verification 572     Correlate Events to Send Syslog Alerts 574 Troubleshooting Logs 578 Summary 581 Exam Preparation Tasks 581 Part IV Conclusion Chapter 22 Final Preparation 582 Getting Ready for the Exam 582     Tools for Final Review 582 Exam Day 583 Practice Tests 583     Pearson Cert Practice Test Engine and Questions on the Website 583     Accessing the Pearson Test Prep Software Online 584     Accessing the Pearson Test Prep Software Offline 584     Customizing Your Exams 585     Updating Your Exams 585     Premium Edition 586 Chapter-Ending Review Tools 586 Summary 586 Part V Appendixes Appendix A Answers to the “Do I Know This Already?” Questions 588 Appendix B CCNP Security Cisco Secure Firewall and Intrusion Prevention System Official Cert Guide Updates 598 Glossary 601 Online Elements Appendix C Memory Tables Appendix D Memory Tables Answer Key Appendix E Study Planner Glossary 9780136589709   TOC   4/21/2022