- CCIE认证
CCIE认证
CCIE是什么
CCIE是Cisco最高等级的考试,全称是Cisco认证互联网专家,不仅全球获得该认证殊荣的人很少,只有2万多名,并且考试也相当的困难(需要参加笔试和实验室考试),考试费也非常昂贵( 笔试350美元,折合人民币2400元, 实验考试1400美元,折合人民币9576元),所以说CCIE考试是目前最难的最高端的认证考试之一。CCIE分为五类分别是:CCIE-路由和交换、CCIE-通信和服务、CCIE-安全、CCIE-语音、CCIE-网络存储。其中CCIE-路由和交换,是Cisco最普及的认证,多数CCIE是通过的CCIE-路由和交换的这一项技术认证。
报考CCIE认证的基础条件
资格:参加CCIE笔试不限制考生任何硬性的条件,参加实验室考试则需要先通过CCIE笔试
学历:报考CCIE不限制考生的文凭,任何人都可以报考
能力:了解路由器、交换机的基本配置和路由协议,最好具备高中英语语法基础
考取CCIE认证可以获得什么
方向:网络管理及实施,网络性能优化、安全设计
职位:网络工程师,系统集成工程师,网络维护工程师
能力:设定主干路由协议利用多层交换技术建立园区网络环境安装配置CISCO设备并进行故障诊断和排错
薪水:平均年薪不低于8万人民币,Cisco认证被恰当地称为"获得高技术,高薪水的头等舱船票
CCIE认证考试大纲
| CCIE Security Lab Exam Topics v4.0 |
| System Hardening and Availability |
| Routing plane security features (e.g. protocol authentication, route filtering) |
| Control,Plane,Policing |
| Control Plane Protection and Management Plane Protection |
| Broadcast control and switchport security |
| Additional CPU protection mechanisms (e.g. options drop, logging interval) |
| Disable,unnecessary,services |
| Control device access (e.g. Telnet, HTTP, SSH, Privilege levels) |
| Device services (e.g. SNMP, Syslog, NTP) |
| Transit Traffic Control and Congestion Management |
| Threat Identification and Mitigation |
| Identify and protect against fragmentation attacks |
| Identify and protect against malicious IP option usage |
| Identify and protect against network reconnaissance attacks |
| Identify and protect against IP spoofing attacks |
| Identify and protect against MAC spoofing attacks |
| Identify and protect against ARP spoofing attacks |
| Identify and protect against Denial of Service (DoS) attacks |
| Identify and protect against Distributed Denial of Service (DDoS) attacks |
| Identify and protect against Man-in-the-Middle (MiM) attacks |
| Identify and protect against port redirection attacks |
| Identify and protect against DHCP attacks |
| Identify and protect against DNS attacks |
| Identify and protect against MAC Flooding attacks |
| Identify and protect against VLAN hopping attacks |
| Identify and protect against various Layer2 and Layer3 attacks |
| NBAR |
| NetFlow |
| Capture,and,utilize,packet,captures |
| Intrusion Prevention and Content Security |
| IPS,4200,Series,Sensor,Appliance |
| (a),Initialize,the,Sensor,Appliance |
| (b),Sensor,Appliance,management |
| (c) Virtual Sensors on the Sensor Appliance |
| (d),Implementing,security,policies |
| (e) Promiscuous and inline monitoring on the Sensor Appliance |
| (f) Tune signatures on the Sensor Appliance |
| (g) Custom signatures on the Sensor Appliance |
| (h),Actions,on,the,Sensor,Appliance |
| (i) Signature engines on the Sensor Appliance |
| (j) Use IDM/IME to the Sensor Appliance |
| (k) Event action overrides/filters on the Sensor Appliance |
| (l) Event monitoring on the Sensor Appliance |
| VACL/SPAN,&,RSPAN,on,Cisco,switches |
| WSA |
| (a),Implementing,WCCP |
| (b),Active,Dir,Integration |
| (c)Custom,Categories |
| (d),HTTPS,Config |
| (e) Services Configuration (Web Reputation) |
| (f),Configuring,Proxy,By-pass,Lists |
| (g),Web,proxy,modes |
| (h),App,visibility,and,control |
| Identity Management |
| Identity Based Authentication/Authorization/Accounting |
| (a),Cisco,Router/Appliance,AAA |
| (b),RADIUS |
| (c)TACACS+ |
| Device Admin (Cisco IOS Routers, ASA, ACS5.x) |
| Network,Access,(TrustSec,Model) |
| (a) Authorization Results for Network Access (ISE) |
| (b),802,1X,(ISE) |
| (c)VSAs,(ASA,/,Cisco,IOS,/,ISE) |
| (d) Proxy-Authentication (ISE/ASA/Cisco IOS) |
| Cisco,Identity,Services,Engine,(ISE) |
| (a),Profiling,Configuration,(Probes) |
| (b),Guest,Services |
| (c)Posture,Assessment |
| (d),Client,Provisioning,(CPP) |
| (e) Configuring AD Integration/Identity Sources |
| Perimeter Security and Services |
| Cisco,ASA,Firewall |
| (a),Basic,firewall,Initialization |
| (b),Device,management |
| (c ) Address translation (nat, global, static) |
| (d),Access,Control,Lists |
| (e),IP,routing/Route,Tracking |
| (f),Object,groups |
| (g),VLANs |
| (h),Configuring,Etherchannel |
| (i),High,Availability,and,Redundancy |
| (j),Layer,2,Transparent,Firewall |
| (k) Security contexts (virtual firewall) |
| (l),Modular,Policy,Framework |
| (j),Identity,Firewall,Services |
| (k),Configuring,ASA,with,ASDM |
| (l),Context-aware,services |
| (m),IPS,capabilities |
| (n),QoS,capabilities |
| Cisco,IOS,Zone,Based,Firewall |
| (a) Network, Secure Group and User Based Policy |
| (b),Performance,Tuning |
| (c) Network, Protocol and Application Inspection |
| Perimeter,Security,Services |
| (a) Cisco IOS QoS and Packet marking techniques |
| (b) Traffic Filtering using Access-Lists |
| (c)Cisco,IOS,NAT |
| (d),uRPF |
| (e),PAM,-,Port,to,Application,Mapping |
| (f),Policy,Routing,and,Route,Maps |
| Confidentiality and Secure Access |
| IKE,(V1/V2) |
| IPsec,LAN-to-LAN,(Cisco,IOS/ASA) |
| Dynamic,Multipoint,VPN,(DMVPN) |
| FlexVPN |
| Group,Encrypted,Transport,(GET),VPN |
| Remote,Access,VPN |
| (a),Easy,VPN,Server,(Cisco,IOS/ASA) |
| (b),VPN,Client,5,X |
| (c)Clientless,WebVPN |
| (d),AnyConnect,VPN |
| (e),EasyVPN,Remote |
| (f),SSL,VPN,Gateway |
| VPN,High,Availability |
| QoS,for,VPN |
| VRF-aware,VPN |
| MacSec |
| Digital Certificates (Enrollment and Policy Matching) |
| Wireless,Access |
| (a),EAP,methods |
| (b),WPA/WPA-2 |
| (c)WIPS |
CCIE® Routing & Switching Written (350-001) 考试大纲 v4.0
| 1.00 | 实现第二层技术 | |
| 1.10 | 实现生成树(STP) | |
| (a)802,1d | ||
| (b)802,1w | ||
| (c)801,1s | ||
| (d)环路防护 | ||
| (e)根防护 | ||
| (f)网桥协议数据单元(BPDU)防护 | ||
| (g)风暴控制 | ||
| (h)单播泛洪 | ||
| (i)端口角色,故障传播以及环路防护操作 | ||
| 1.20 | 实现VLAN和VLAN中继协议(VTP) | |
| 1.30 | 实现中级和中级协议,以太信道和负载平衡 | |
| 1.40 | 实现以太网技术 | |
| (a)速度和全双工 | ||
| (b)以太网,快速以太网和千兆以太网 | ||
| (c)以太网上的点对点协议(PPPoE) | ||
| 1.50 | 实现交换端口分析器(SPAN),远程交换端口分析器(RSPAN)和流量控制 | |
| 1.60 | 实现帧中继 | |
| (a)本地管理接口(LMI) | ||
| (b)流量整形 | ||
| (c)全网型 | ||
| (d)集中星型 | ||
| (e)丢弃允许(DE) | ||
| 1.70 | 实现高级数据链路控制(HDLC)和PPP | |
| 2.00 | 实现IPv4 | |
| 2.10 | 实现IPv4寻址,子网划分和可编程子网掩码(VLSM) | |
| 2.20 | 实现IPv4隧道和通用路由封装(GRE) | |
| 2.30 | 实现IPv4,RIPv2 | |
| 2.40 | 实现IPv4开放最短路径优先(OSPF) | |
| (a)标准OSPF区域 | ||
| (b),末节区域 | ||
| (c)完全末节区域 | ||
| (d)次末节区域 | ||
| (e)完全次末节区域 | ||
| (f)链路状态广播(LSA)类型 | ||
| (g)点对点网络和多路接入网络的邻接 | ||
| (h)OSPF平滑重启 | ||
| 2.50 | 实现IPv4增强网关内部路由协议(EIGRP) | |
| (a)最佳路径 | ||
| (b)无环路径 | ||
| (c)备用无环路径可用和不可用时的EIGRP操作 | ||
| (d)EIGRP查询 | ||
| (e)手动汇总和自动汇总 | ||
| (f)EIGRP末节 | ||
| 2.60 | 实现IPv4边界网关协议(BGP) | |
| (a)下一跳 | ||
| (b)同级 | ||
| (c)内部边界网关协议(IBGP)和外部边界网关协议(EBGP) | ||
| 2.70 | 实现策略路由 | |
| 2.80 | 实现性能路由(PfR)和思科优化边界路由(OER) | |
| 2.90 | 实现过滤,路由再分配,汇总,同步,属性和其他高级功能 | |
| 3.00 | 实现IPv6 | |
| 3.10 | 实现IPv6寻址和不同地址类型 | |
| 3.20 | 实现IPv6邻居发现 | |
| 3.30 | 实现基本IPv6功能协议 | |
| 3.40 | 实现隧道技术 | |
| 3.50 | 实现OSPFv3 | |
| 3.60 | 实现EIGRPv6 | |
| 3.70 | 实现过滤和路由再分配 | |
| 4.00 | 实现MPLS第三层VPN | |
| 4.10 | 实现多协议标签交换(MPLS) | |
| 4.20 | 实现运营商边缘(PE)、运营商(P)和客户边缘(CE)路由器上的第三层虚拟专用网络(VPN) | |
| 4.30 | 实现虚拟路由转发(VRF)及多VRF客户边缘(VRF-Lite) | |
| 5.00 | 实现IP组播 | |
| 5.10 | 实现协议无关组播(PIM)稀疏模式 | |
| 5.20 | 实现组播源发现协议(MSDP) | |
| 5.30 | 实现域间组播路由 | |
| 5.40 | 实现PIM 自动汇聚点(Auto-RP),单播汇聚点(RP)和自举路由器(BSR) | |
| 5.50 | 实现组播工具,功能和特定源组播 | |
| 5.60 | 实现IPv6组播,PIM和相关组播协议,如组播侦听者发现(MLD) | |
| 6.00 | 实现网络安全 | |
| 6.01 | 实现访问控制列表 | |
| 6.02 | 实现基于区域的防火墙 | |
| 6.03 | 实现单播逆向转发(uRPF) | |
| 6.04 | 实现IP源防护 | |
| 6.05 | 实现认证、授权及记账(AAA)(配置AAA服务器不需要,只需要配置客户端(IOS)) | |
| 6.06 | 实现控制平面管制(CoPP) | |
| 6.07 | 实现思科IOS防火墙 | |
| 6.08 | 实现思科IOS入侵防护系统(IPS) | |
| 6.09 | 实现防护壳(SSH) | |
| 6.10 | 实现802,1x | |
| 6.11 | 实现NAT | |
| 6.12 | 实现路由协议认证 | |
| 6.13 | 实现设备接入控制 | |
| 6.14 | 实现安全功能 | |
| 7.00 | 实现网络服务 | |
| 7.10 | 实现热备份路由器协议(HSRP) | |
| 7.20 | 实现网关负载平衡协议(GLBP) | |
| 7.30 | 实现虚拟路由器冗余协议(VRRP) | |
| 7.40 | 实现网络时间协议(NTP) | |
| 7.50 | 实现DHCP | |
| 7.60 | 实现网页缓存通信协议(WCCP) | |
| 8.00 | 实现服务质量(QoS) | |
| 8.10 | 实现模块化QoS,CLI(MQC) | |
| (a)基于网络的应用程序识别(NBAR) | ||
| (b)加权公平队列(CBWFQ),修改的差额轮询(MDRR)和低延迟队列(LLQ) | ||
| (c)分类 | ||
| (d)管制 | ||
| (e)整形 | ||
| (f)标记 | ||
| (g)加权随机早期检测(WRED)和随机早期检测(RED) | ||
| (h)压缩 | ||
| 8.20 | 实现第二层QoS,加权轮询(WRR),整形轮询(SRR)和管制 | |
| 8.30 | 为帧中继实现链路分段和交织(LFI) | |
| 8.40 | 实现通用流量整形 | |
| 8.50 | 实现资源预留协议(RSVP) | |
| 8.60 | 实现思科自动QoS | |
| 9.00 | 网络排错 | |
| 9.10 | 复杂第二层网络问题排错 | |
| 9.20 | 复杂第三层网络问题排错 | |
| 9.30 | 根据应用程序问题对网络排错 | |
| 9.40 | 网络服务排错 | |
| 9.50 | 网络安全排错 | |
| 10.00 | 网络优化 | |
| 10.01 | 实现系统日志和本地登录 | |
| 10.02 | 实现IP服务级别协议(SLA) | |
| 10.03 | 实现NetFlow | |
| 10.04 | 实现SPAN,RSPAN和路由器IP流量输出(RITE) | |
| 10.05 | 实现简单网络管理协议(SNMP) | |
| 10.06 | 实现思科IOS嵌入式事件管理器(EEM) | |
| 10.07 | 实现远程监控(RMON) | |
| 10.08 | 实现FTP | |
| 10.09 | 实现TFTP | |
| 10.10 | 在路由器上实现TFTP服务器 | |
| 10.11 | 实现安全复制协议(SCP) | |
| 10.12 | 实现HTTP和HTTPS | |
| 10.13 | 实现Telnet | |
| 11.00 | 评估网络变更建议 | |
| 11.01 | 评估建议技术和已部署技术的互通性 | |
| (a)路由协议参数变更 | ||
| (b)网络到IPv6的迁移部分 | ||
| (c)路由协议迁移 | ||
| (d)加入组播至此后 | ||
| (e)生成树迁移 | ||
| (f)评估新流量对现行QoS设计的影响 | ||
| 11.02 | 确定建议变更对现行网络的操作影响 | |
| (a)网络或部分网络的停机时间 | ||
| (b)性能下降 | ||
| (c)引入安全缺口 | ||
| 11.03 | 当建议的变更与现行网络不兼容时提供备选解决方案 | |
| (a)硬件/软件升级 | ||
| (b)拓扑版更 | ||
| (c)重新配置, |
考试途径和学习方案
| CCIE Security Lab Exam Topics v4.0 |
| System Hardening and Availability |
| Routing plane security features (e.g. protocol authentication, route filtering) |
| Control,Plane,Policing |
| Control Plane Protection and Management Plane Protection |
| Broadcast control and switchport security |
| Additional CPU protection mechanisms (e.g. options drop, logging interval) |
| Disable,unnecessary,services |
| Control device access (e.g. Telnet, HTTP, SSH, Privilege levels) |
| Device services (e.g. SNMP, Syslog, NTP) |
| Transit Traffic Control and Congestion Management |
| Threat Identification and Mitigation |
| Identify and protect against fragmentation attacks |
| Identify and protect against malicious IP option usage |
| Identify and protect against network reconnaissance attacks |
| Identify and protect against IP spoofing attacks |
| Identify and protect against MAC spoofing attacks |
| Identify and protect against ARP spoofing attacks |
| Identify and protect against Denial of Service (DoS) attacks |
| Identify and protect against Distributed Denial of Service (DDoS) attacks |
| Identify and protect against Man-in-the-Middle (MiM) attacks |
| Identify and protect against port redirection attacks |
| Identify and protect against DHCP attacks |
| Identify and protect against DNS attacks |
| Identify and protect against MAC Flooding attacks |
| Identify and protect against VLAN hopping attacks |
| Identify and protect against various Layer2 and Layer3 attacks |
| NBAR |
| NetFlow |
| Capture,and,utilize,packet,captures |
| Intrusion Prevention and Content Security |
| IPS,4200,Series,Sensor,Appliance |
| (a),Initialize,the,Sensor,Appliance |
| (b),Sensor,Appliance,management |
| (c) Virtual Sensors on the Sensor Appliance |
| (d),Implementing,security,policies |
| (e) Promiscuous and inline monitoring on the Sensor Appliance |
| (f) Tune signatures on the Sensor Appliance |
| (g) Custom signatures on the Sensor Appliance |
| (h),Actions,on,the,Sensor,Appliance |
| (i) Signature engines on the Sensor Appliance |
| (j) Use IDM/IME to the Sensor Appliance |
| (k) Event action overrides/filters on the Sensor Appliance |
| (l) Event monitoring on the Sensor Appliance |
| VACL/SPAN,&,RSPAN,on,Cisco,switches |
| WSA |
| (a),Implementing,WCCP |
| (b),Active,Dir,Integration |
| (c)Custom,Categories |
| (d),HTTPS,Config |
| (e) Services Configuration (Web Reputation) |
| (f),Configuring,Proxy,By-pass,Lists |
| (g),Web,proxy,modes |
| (h),App,visibility,and,control |
| Identity Management |
| Identity Based Authentication/Authorization/Accounting |
| (a),Cisco,Router/Appliance,AAA |
| (b),RADIUS |
| (c)TACACS+ |
| Device Admin (Cisco IOS Routers, ASA, ACS5.x) |
| Network,Access,(TrustSec,Model) |
| (a) Authorization Results for Network Access (ISE) |
| (b),802,1X,(ISE) |
| (c)VSAs,(ASA,/,Cisco,IOS,/,ISE) |
| (d) Proxy-Authentication (ISE/ASA/Cisco IOS) |
| Cisco,Identity,Services,Engine,(ISE) |
| (a),Profiling,Configuration,(Probes) |
| (b),Guest,Services |
| (c)Posture,Assessment |
| (d),Client,Provisioning,(CPP) |
| (e) Configuring AD Integration/Identity Sources |
| Perimeter Security and Services |
| Cisco,ASA,Firewall |
| (a),Basic,firewall,Initialization |
| (b),Device,management |
| (c ) Address translation (nat, global, static) |
| (d),Access,Control,Lists |
| (e),IP,routing/Route,Tracking |
| (f),Object,groups |
| (g),VLANs |
| (h),Configuring,Etherchannel |
| (i),High,Availability,and,Redundancy |
| (j),Layer,2,Transparent,Firewall |
| (k) Security contexts (virtual firewall) |
| (l),Modular,Policy,Framework |
| (j),Identity,Firewall,Services |
| (k),Configuring,ASA,with,ASDM |
| (l),Context-aware,services |
| (m),IPS,capabilities |
| (n),QoS,capabilities |
| Cisco,IOS,Zone,Based,Firewall |
| (a) Network, Secure Group and User Based Policy |
| (b),Performance,Tuning |
| (c) Network, Protocol and Application Inspection |
| Perimeter,Security,Services |
| (a) Cisco IOS QoS and Packet marking techniques |
| (b) Traffic Filtering using Access-Lists |
| (c)Cisco,IOS,NAT |
| (d),uRPF |
| (e),PAM,-,Port,to,Application,Mapping |
| (f),Policy,Routing,and,Route,Maps |
| Confidentiality and Secure Access |
| IKE,(V1/V2) |
| IPsec,LAN-to-LAN,(Cisco,IOS/ASA) |
| Dynamic,Multipoint,VPN,(DMVPN) |
| FlexVPN |
| Group,Encrypted,Transport,(GET),VPN |
| Remote,Access,VPN |
| (a),Easy,VPN,Server,(Cisco,IOS/ASA) |
| (b),VPN,Client,5,X |
| (c)Clientless,WebVPN |
| (d),AnyConnect,VPN |
| (e),EasyVPN,Remote |
| (f),SSL,VPN,Gateway |
| VPN,High,Availability |
| QoS,for,VPN |
| VRF-aware,VPN |
| MacSec |
| Digital Certificates (Enrollment and Policy Matching) |
| Wireless,Access |
| (a),EAP,methods |
| (b),WPA/WPA-2 |
| (c)WIPS |
CCIE考试时间 考试费用 报考地点等事项
| 1.00 | 实现第二层技术 | |
| 1.10 | 实现生成树(STP) | |
| (a)802,1d | ||
| (b)802,1w | ||
| (c)801,1s | ||
| (d)环路防护 | ||
| (e)根防护 | ||
| (f)网桥协议数据单元(BPDU)防护 | ||
| (g)风暴控制 | ||
| (h)单播泛洪 | ||
| (i)端口角色,故障传播以及环路防护操作 | ||
| 1.20 | 实现VLAN和VLAN中继协议(VTP) | |
| 1.30 | 实现中级和中级协议,以太信道和负载平衡 | |
| 1.40 | 实现以太网技术 | |
| (a)速度和全双工 | ||
| (b)以太网,快速以太网和千兆以太网 | ||
| (c)以太网上的点对点协议(PPPoE) | ||
| 1.50 | 实现交换端口分析器(SPAN),远程交换端口分析器(RSPAN)和流量控制 | |
| 1.60 | 实现帧中继 | |
| (a)本地管理接口(LMI) | ||
| (b)流量整形 | ||
| (c)全网型 | ||
| (d)集中星型 | ||
| (e)丢弃允许(DE) | ||
| 1.70 | 实现高级数据链路控制(HDLC)和PPP | |
| 2.00 | 实现IPv4 | |
| 2.10 | 实现IPv4寻址,子网划分和可编程子网掩码(VLSM) | |
| 2.20 | 实现IPv4隧道和通用路由封装(GRE) | |
| 2.30 | 实现IPv4,RIPv2 | |
| 2.40 | 实现IPv4开放最短路径优先(OSPF) | |
| (a)标准OSPF区域 | ||
| (b),末节区域 | ||
| (c)完全末节区域 | ||
| (d)次末节区域 | ||
| (e)完全次末节区域 | ||
| (f)链路状态广播(LSA)类型 | ||
| (g)点对点网络和多路接入网络的邻接 | ||
| (h)OSPF平滑重启 | ||
| 2.50 | 实现IPv4增强网关内部路由协议(EIGRP) | |
| (a)最佳路径 | ||
| (b)无环路径 | ||
| (c)备用无环路径可用和不可用时的EIGRP操作 | ||
| (d)EIGRP查询 | ||
| (e)手动汇总和自动汇总 | ||
| (f)EIGRP末节 | ||
| 2.60 | 实现IPv4边界网关协议(BGP) | |
| (a)下一跳 | ||
| (b)同级 | ||
| (c)内部边界网关协议(IBGP)和外部边界网关协议(EBGP) | ||
| 2.70 | 实现策略路由 | |
| 2.80 | 实现性能路由(PfR)和思科优化边界路由(OER) | |
| 2.90 | 实现过滤,路由再分配,汇总,同步,属性和其他高级功能 | |
| 3.00 | 实现IPv6 | |
| 3.10 | 实现IPv6寻址和不同地址类型 | |
| 3.20 | 实现IPv6邻居发现 | |
| 3.30 | 实现基本IPv6功能协议 | |
| 3.40 | 实现隧道技术 | |
| 3.50 | 实现OSPFv3 | |
| 3.60 | 实现EIGRPv6 | |
| 3.70 | 实现过滤和路由再分配 | |
| 4.00 | 实现MPLS第三层VPN | |
| 4.10 | 实现多协议标签交换(MPLS) | |
| 4.20 | 实现运营商边缘(PE)、运营商(P)和客户边缘(CE)路由器上的第三层虚拟专用网络(VPN) | |
| 4.30 | 实现虚拟路由转发(VRF)及多VRF客户边缘(VRF-Lite) | |
| 5.00 | 实现IP组播 | |
| 5.10 | 实现协议无关组播(PIM)稀疏模式 | |
| 5.20 | 实现组播源发现协议(MSDP) | |
| 5.30 | 实现域间组播路由 | |
| 5.40 | 实现PIM 自动汇聚点(Auto-RP),单播汇聚点(RP)和自举路由器(BSR) | |
| 5.50 | 实现组播工具,功能和特定源组播 | |
| 5.60 | 实现IPv6组播,PIM和相关组播协议,如组播侦听者发现(MLD) | |
| 6.00 | 实现网络安全 | |
| 6.01 | 实现访问控制列表 | |
| 6.02 | 实现基于区域的防火墙 | |
| 6.03 | 实现单播逆向转发(uRPF) | |
| 6.04 | 实现IP源防护 | |
| 6.05 | 实现认证、授权及记账(AAA)(配置AAA服务器不需要,只需要配置客户端(IOS)) | |
| 6.06 | 实现控制平面管制(CoPP) | |
| 6.07 | 实现思科IOS防火墙 | |
| 6.08 | 实现思科IOS入侵防护系统(IPS) | |
| 6.09 | 实现防护壳(SSH) | |
| 6.10 | 实现802,1x | |
| 6.11 | 实现NAT | |
| 6.12 | 实现路由协议认证 | |
| 6.13 | 实现设备接入控制 | |
| 6.14 | 实现安全功能 | |
| 7.00 | 实现网络服务 | |
| 7.10 | 实现热备份路由器协议(HSRP) | |
| 7.20 | 实现网关负载平衡协议(GLBP) | |
| 7.30 | 实现虚拟路由器冗余协议(VRRP) | |
| 7.40 | 实现网络时间协议(NTP) | |
| 7.50 | 实现DHCP | |
| 7.60 | 实现网页缓存通信协议(WCCP) | |
| 8.00 | 实现服务质量(QoS) | |
| 8.10 | 实现模块化QoS,CLI(MQC) | |
| (a)基于网络的应用程序识别(NBAR) | ||
| (b)加权公平队列(CBWFQ),修改的差额轮询(MDRR)和低延迟队列(LLQ) | ||
| (c)分类 | ||
| (d)管制 | ||
| (e)整形 | ||
| (f)标记 | ||
| (g)加权随机早期检测(WRED)和随机早期检测(RED) | ||
| (h)压缩 | ||
| 8.20 | 实现第二层QoS,加权轮询(WRR),整形轮询(SRR)和管制 | |
| 8.30 | 为帧中继实现链路分段和交织(LFI) | |
| 8.40 | 实现通用流量整形 | |
| 8.50 | 实现资源预留协议(RSVP) | |
| 8.60 | 实现思科自动QoS | |
| 9.00 | 网络排错 | |
| 9.10 | 复杂第二层网络问题排错 | |
| 9.20 | 复杂第三层网络问题排错 | |
| 9.30 | 根据应用程序问题对网络排错 | |
| 9.40 | 网络服务排错 | |
| 9.50 | 网络安全排错 | |
| 10.00 | 网络优化 | |
| 10.01 | 实现系统日志和本地登录 | |
| 10.02 | 实现IP服务级别协议(SLA) | |
| 10.03 | 实现NetFlow | |
| 10.04 | 实现SPAN,RSPAN和路由器IP流量输出(RITE) | |
| 10.05 | 实现简单网络管理协议(SNMP) | |
| 10.06 | 实现思科IOS嵌入式事件管理器(EEM) | |
| 10.07 | 实现远程监控(RMON) | |
| 10.08 | 实现FTP | |
| 10.09 | 实现TFTP | |
| 10.10 | 在路由器上实现TFTP服务器 | |
| 10.11 | 实现安全复制协议(SCP) | |
| 10.12 | 实现HTTP和HTTPS | |
| 10.13 | 实现Telnet | |
| 11.00 | 评估网络变更建议 | |
| 11.01 | 评估建议技术和已部署技术的互通性 | |
| (a)路由协议参数变更 | ||
| (b)网络到IPv6的迁移部分 | ||
| (c)路由协议迁移 | ||
| (d)加入组播至此后 | ||
| (e)生成树迁移 | ||
| (f)评估新流量对现行QoS设计的影响 | ||
| 11.02 | 确定建议变更对现行网络的操作影响 | |
| (a)网络或部分网络的停机时间 | ||
| (b)性能下降 | ||
| (c)引入安全缺口 | ||
| 11.03 | 当建议的变更与现行网络不兼容时提供备选解决方案 | |
| (a)硬件/软件升级 | ||
| (b)拓扑版更 | ||
| (c)重新配置, |
相关百科
-
江铃福特轻客持续打造最优TCO 锐骐超值版PK江铃国产共轨
2025-09-20 22:19:07 查看详情 -
江铃福特轻客持续打造最优TCO 江铃E200N豪华型怎么样
2025-09-20 22:19:07 查看详情 -
380TSI劲擎智联版四驱车型上市 成都车展:雪铁龙C
2025-09-20 22:19:07 查看详情 -
西安大众速腾现金优惠2.3万 成都沃尔沃XC90优惠三万元
2025-09-20 22:19:07 查看详情 -
欧拉新款R1将于成都车展上市 全新宝马2系Coupe最新谍照
2025-09-20 22:19:07 查看详情 -
将于上海车展上市 Ocean曝光
2025-09-20 22:19:07 查看详情 -
保时捷Taycan国内上市 55周年纪念版上市
2025-09-20 22:19:07 查看详情 -
哈尔滨沃尔沃XC40优惠达4.7万 优惠7万元
2025-09-20 22:19:07 查看详情 -
Face家族设计/或年内上市 各限量500台
2025-09-20 22:19:07 查看详情 -
凯迪拉克CT6新车型上市 W帅气亮相
2025-09-20 22:19:07 查看详情
求购