400-051 CCIE Collaboration Written Exam Topics v1.0 and Version 1.1

Exam Number 400-051 CCIE Collaboration
Associated Certifications CCIE Collaboration
Duration 120 minutes (90 - 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

 This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks.

Written Exam Topics v1.0 (Recommended for candidates scheduled to take the test BEFORE July 25, 2016)

Written Exam Topics v1.1 (Recommended for candidates scheduled to take the test ON July 25, 2016 and beyond)

Exam Description
The Cisco CCIE® Collaboration Written Exam (400-051) version 1.0 has 90-110 questions and is 2 hours in duration. This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks. The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Collaboration Written Exam Topics v1.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)

1.0 Cisco Collaboration Infrastructure 10%

1.1 Cisco UC Deployment Models

1.2 User management

1.3 IP routing in Cisco Collaboration Solutions

1.4 Virtualization in Cisco Collaboration Solutions

1.4.a UCS
1.4.b VMware
1.4.c Answer files

1.5 Wireless in Cisco Collaboration Solutions

1.6 Network services

1.6.a DNS
1.6.b DHCP
1.6.c TFTP
1.6.d NTP
1.6.e CDP/LLDP

1.7 PoE

1.8 Voice and data VLAN

1.9 IP multicast

1.10 IPv6

2.0 Telephony Standards and Protocols 15%

2.1 SCCP

2.1.a Call flows
2.1.b Call states
2.1.c Endpoint types

2.2 MGCP

2.2.a Call flows
2.2.b Call states
2.2.c Endpoint types

2.3 SIP

2.3.a Call flows
2.3.b Call states
2.3.c DP
2.3.d BFCP

2.4 H.323 and RAS

2.4.a Call flows
2.4.b Call states
2.4.c Gatekeeper
2.4.d H.239

2.5 Voice and video CODECs

2.5.a H.264
2.5.b ILBC
2.5.c ISAC
2.5.d LATM
2.5.e G.722
2.5.f Wide band

2.6 RTP, RTCP, and SRTP

3.0 Cisco Unified Communications Manager (CUCM) 25%

3.1 Device registration and redundancy

3.2 Device settings

3.3 Codec selection

3.4 Call features

3.4.a Call park
3.4.b Call pickup
3.4.c BLF speed dials
3.4.d Native call queuing
3.4.e Call hunting
3.4.f Meet-Me

3.5 Dial plan

3.5.a Globalized call routing
3.5.b Local route group
3.5.c Time-of-day routing
3.5.d Application dial rules
3.5.e Digit manipulations

3.6 Media resources

3.6.a TRP
3.6.b MOH
3.6.c CFB
3.6.d Transcoder and MTP
3.6.e Annunciator
3.6.f MRG and MRGL

3.7 CUCM mobility

3.7.a EM/EMCC
3.7.b Device Mobility
3.7.c Mobile Connect
3.7.d MVA

3.8 CUCM serviceability and OS administration

3.8.a Database replication
3.8.b CDR
3.8.c Service activation
3.8.d CMR

3.9 CUCM disaster recovery

3.10 ILS/URI dialing

3.10.a Directory URI
3.10.b ISL topology
3.10.c Blended addressing

3.11 Call Admission Control

3.11.a CAC/ELCAC
3.11.b RSVP
3.11.c SIP preconditions

3.12 SIP and H.323 trunks

3.12.a SIP trunks
3.12.b H.323 trunks
3.12.c Number presentation and manipulation

3.13 SAF and CCD

3.14 Call recording and silent monitoring

4.0 Cisco IOS UC Applications and Features 20%
4.1 CUCME

4.1.a SCCP phones registration
4.1.b SIP phones Registration
4.1.c SNR

4.2 SRST

4.2.a CME-as-SRST
4.2.b MGCP fallback
4.2.c MMOH in SRST

4.3 CUE

4.3.a AA
4.3.b Scripting
4.3.c Voiceview
4.3.d Web inbox
4.3.e MWI
4.3.f VPIM

4.4 Cisco IOS-based call queuing

4.4.a B-ACD
4.4.b Voice hunt groups
4.4.c Call blast

4.5 Cisco IOS media resources

4.5.a Conferencing
4.5.b Transcoding
4.5.c DSP management

4.6 CUBE

4.6.a Mid-call signaling
4.6.b SIP profiles
4.6.c Early and delayed offer
4.6.d DTMF interworking
4.6.e Box-to-box failover and redundancy

4.7 Fax and modem protocols

4.8 Analog telephony signalling

4.8.a Analog telephony signalling theories (FXS/FXO)
4.8.b Caller ID
4.8.c Line voltage detection
4.8.d THL sweep
4.8.e FXO disconnect
4.8.f Echo

4.9 Digital telephony signalling

4.9.a Digital telephony signalling theories (T1/E1, BRI/PRI/CAS)
4.9.b Q.921 and Q.931
4.9.c QSIG
4.9.d Caller ID
4.9.e R2
4.9.f NFAS

4.10 Cisco IOS dial plan

4.10.a Translation profile
4.10.b Dial-peer matching logics
4.10.c Test commands

4.11 SAF/CCD

4.12 IOS CAC

4.13 IOS accounting

5.0 Quality of Service and Security in Cisco Collaboration Solutions 12%

5.1 QoS: link efficiency

5.1.a LFI
5.1.b MMLPPP
5.1.c FRF.12
5.1.d cRTP
5.1.e VAD

5.2 QoS: classification and marking

5.2.a Voice versus video classification
5.2.b Soft clients versus hard clients
5.2.c Trust boundaries

5.3 QoS: congestion management

5.3.a Layer 2 priorities
5.3.b Low latency queue
5.3.c Traffic policing and shaping

5.4 QoS: medianet

5.5 QoS: wireless QoS

5.6 Security: mixed mode cluster

5.7 Security: secured phone connectivity

5.7.a VPN phones
5.7.b Phone proxy
5.7.c TLS proxy
5.7.d IEEE 802.1x

5.8 Security: default security features

5.9 Security: firewall traversal

5.10 Security: toll fraud

6.0 Cisco Unity Connection  8%

6.1 CUCM and CUCME integration

6.2 Single inbox

6.3 MWI

6.4 Call handlers

6.5 CUC dial plan

6.6 Directory handlers

6.7 CUC features


6.7.a High availability
6.7.b Visual voicemail
6.7.c Voicemail for Jabber

6.8 Voicemail networking

7.0 Cisco Unified Contact Center Express 4%

7.1 UCCX CTI Integration

7.2 ICD functions

7.3 UCCX scripting components

8.0 Cisco Unified IM and Presence 6%

8.1 Cisco Unified IM Presence Components

8.2 CUCM integration

8.3 Cisco Jabber

8.4 Federation

8.5 Presence Cloud Solutions

8.6 Group chat and compliance

CCIE Collaboration Written Exam (400-051) Version 1.1
Exam Description

The Cisco CCIE® Collaboration Written Exam [400-051] version 1.1 has 90-110 questions and is 2 hours in duration. This exam validates that candidates have the skills to plan, design, implement, operate, and troubleshoot enterprise collaboration and communication networks. The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Collaboration Written Exam Topics v1.1 (Recommended for candidates who are scheduled to take the exam ON July 25, 2016 and beyond)

1.0 Cisco Collaboration Infrastructure 10%

1.1 Cisco UC Deployment Models

1.2 User management

1.3 IP routing in Cisco Collaboration Solutions

1.4 Virtualization in Cisco Collaboration Solutions

1.4.a UCS
1.4.b VMware
1.4.c Answer files

1.5 Wireless in Cisco Collaboration Solutions

1.6 Network services

1.6.a DNS
1.6.b DHCP
1.6.c TFTP
1.6.d NTP
1.6.e CDP/LLDP

1.7 PoE

1.8 Voice and data VLAN

1.9 IP multicast

1.10 IPv6

2.0 Telephony Standards and Protocols 12%

2.1 SCCP

2.1.a Call flows
2.1.b Call states
2.1.c Endpoint types

2.2 MGCP

2.2.a Call flows
2.2.b Call states
2.2.c Endpoint types

2.3 SIP

2.3.a Call flows
2.3.b Call states
2.3.c DP
2.3.d BFCP

2.4 H.323 and RAS

2.4.a Call flows
2.4.b Call states
2.4.c Gatekeeper
2.4.d H.239

2.5 Voice and video CODECs

2.5.a H.264
2.5.b ILBC
2.5.c ISAC
2.5.d LATM
2.5.e G.722
2.5.f Wide band

2.6 RTP, RTCP, and SRTP

3.0 Cisco Unified Communications Manager [CUCM] 22%

3.1 Device registration and redundancy

3.2 Device settings

3.3 Codec selection

3.4 Call features

3.4.a Call park
3.4.b Call pickup
3.4.c BLF speed dials
3.4.d Native call queuing
3.4.e Call hunting
3.4.f Meet-Me

3.5 Dial plan

3.5.a Globalized call routing
3.5.b Local route group
3.5.c Time-of-day routing
3.5.d Application dial rules
3.5.e Digit manipulations

3.6 Media resources

3.6.a TRP
3.6.b MOH
3.6.c CFB
3.6.d Transcoder and MTP
3.6.e Annunciator
3.6.f MRG and MRGL

3.7 CUCM mobility

3.7.a EM/EMCC
3.7.b Device Mobility
3.7.c Mobile Connect
3.7.d MVA

3.8 CUCM serviceability and OS administration

3.8.a Database replication
3.8.b CDR
3.8.c Service activation
3.8.d CMR

3.9 CUCM disaster recovery

3.10 ILS/URI dialing

3.10.a Directory URI
3.10.b ISL topology
3.10.c Blended addressing

3.11 Call Admission Control

3.11.a CAC/ELCAC
3.11.b RSVP
3.11.c SIP preconditions

3.12 SIP and H.323 trunks

3.12.a SIP trunks
3.12.b H.323 trunks
3.12.c Number presentation and manipulation

3.13 SAF and CCD

3.14 Call recording and silent monitoring

4.0 Cisco IOS UC Applications and Features 16%

4.1 CUCME

4.1.a SCCP phones registration
4.1.b SIP phones Registration
4.1.c SNR

4.2 SRST

4.2.a CME-as-SRST
4.2.b MGCP fallback
4.2.c MMOH in SRST

4.3 CUE

4.3.a AA
4.3.b Scripting
4.3.c Voiceview
4.3.d Web inbox
4.3.e MWI
4.3.f VPIM

4.4 Cisco IOS-based call queuing

4.4.a B-ACD
4.4.b Voice hunt groups
4.4.c Call blast

4.5 Cisco IOS media resources

4.5.a Conferencing
4.5.b Transcoding
4.5.c DSP management

4.6 CUBE

4.6.a Mid-call signaling
4.6.b SIP profiles
4.6.c Early and delayed offer
4.6.d DTMF interworking
4.6.e Box-to-box failover and redundancy

4.7 Fax and modem protocols

4.8 Analog telephony signalling

4.8.a Analog telephony signalling theories [FXS/FXO]
4.8.b Caller ID
4.8.c Line voltage detection
4.8.d THL sweep
4.8.e FXO disconnect
4.8.f Echo

4.9 Digital telephony signalling

4.9.a Digital telephony signalling theories [T1/E1, BRI/PRI/CAS]
4.9.b Q.921 and Q.931
4.9.c QSIG
4.9.d Caller ID
4.9.e R2
4.9.f NFAS

4.10 Cisco IOS dial plan

4.10.a Translation profile
4.10.b Dial-peer matching logics
4.10.c Test commands

4.11 SAF/CCD

4.12 IOS CAC

4.13 IOS accounting

5.0 Quality of Service and Security in Cisco Collaboration Solutions 12%

5.1 QoS: link efficiency

5.1.a LFI
5.1.b MMLPPP
5.1.c FRF.12
5.1.d cRTP
5.1.e VAD

5.2 QoS: classification and marking

5.2.a Voice versus video classification
5.2.b Soft clients versus hard clients
5.2.c Trust boundaries

5.3 QoS: congestion management

5.3.a Layer 2 priorities
5.3.b Low latency queue
5.3.c Traffic policing and shaping

5.4 QoS: medianet

5.5 QoS: wireless QoS

5.6 Security: mixed mode cluster

5.7 Security: secured phone connectivity

5.7.a VPN phones
5.7.b Phone proxy
5.7.c TLS proxy
5.7.d IEEE 802.1x

5.8 Security: default security features

5.9 Security: firewall traversal

5.10 Security: toll fraud

6.0 Cisco Unity Connection 8%

6.1 CUCM and CUCME integration

6.2 Single inbox

6.3 MWI

6.4 Call handlers

6.5 CUC dial plan

6.6 Directory handlers

6.7 CUC features

6.7.a High availability
6.7.b Visual voicemail
6.7.c Voicemail for Jabber

6.8 Voicemail networking

7.0 Cisco Unified Contact Center Express 4%

7.1 UCCX CTI Integration

7.2 ICD functions

7.3 UCCX scripting components

8.0 Cisco Unified IM and Presence 6%

8.1 Cisco Unified IM Presence Components

8.2 CUCM integration

8.3 Cisco Jabber

8.4 Federation

8.5 Presence Cloud Solutions

8.6 Group chat and compliance

9.0 Evolving Technologies 10%

9.1 Cloud

9.1.a Compare and contrast Cloud deployment models
9.1.a [i] Infrastructure, platform, and software services [XaaS]
9.1.a [ii] Performance and reliability
9.1.a [iii] Security and privacy
9.1.a [iv] Scalability and interoperability
9.1.b Describe Cloud implementations and operations
9.1.b [i] Automation and orchestration
9.1.b [ii] Workload mobility
9.1.b [iii] Troubleshooting and management
9.1.b [iv] OpenStack components

9.2 Network programmability [SDN]

9.2.a Describe functional elements of network programmability [SDN] and how they interact
9.2.a [i] Controllers
9.2.a [ii] APIs
9.2.a [iii] Scripting
9.2.a [iv] Agents
9.2.a [v] Northbound vs. Southbound protocols
9.2.b Describe aspects of virtualization and automation in network environments
9.2.b [i] DevOps methodologies, tools and workflows
9.2.b [ii] Network/application function virtualization [NFV, AFV]
9.2.b [iii] Service function chaining
9.2.b [iv] Performance, availability, and scaling considerations

9.3 Internet of Things

9.3.a Describe architectural framework and deployment considerations for Internet of Things [IoT]
9.3.a [i] Performance, reliability and scalability
9.3.a [ii] Mobility
9.3.a [iii] Security and privacy
9.3.a [iv] Standards and compliance
9.3.a [v] Migration
9.3.a [vi] Environmental impacts on the network

---

QUESTION 1
A SIP carried delivers DIDs to a Cisco Unified Border Element in the form of +155567810XX,
where the last two digits could be anything from 00 to 99. To match the internal dial plan, that
number must be changed to 6785XXX, where the last two digits should be retained. Which two
translation profiles create the required outcome? (Choose two)

A. rule 1 /555\(.*\).*\(.*\)/ /\150\2/
B. rule 1 /+ 1555\(…\).\(…\)$/ /\15\2/
C. rule 1 /^\+ 1555\(678\)10\(..\)$/ /\150\2/
D. rule 1 /^15+678\(… .\)/678\1/
E. rule 1 /.15+678?10?\(..\)/ /67850\1/

Answer: C,E
Explanation:

---

QUESTION 2
Which Cisco Unified CM service is responsible for detecting new Call Detail Records files and
transferring them to the CDR Repository node?

A. Cisco CallManager
B. Cisco CDR Repository Manager
C. Cisco SOAP-CDRonDemand Service
D. Cisco Extended Functions
E. Cisco CDR Agent

Answer: E
Explanation:

---

QUESTION 3
Users report that they are unable to control their Cisco 6941 desk phone from their Jabber client,
but the Jabber client works as a soft phone. Which two configuration changes allow this? (Choose two)

A. Assign group “Standard CTI Allow Control of Phones supporting Connected Xfer and Conf” to the user.
B. Set the End User page to the Primary Extension on the desk phone.
C. Set the Owner User ID on the desk phone.
D. Assign group “Standard CTI Enabled User Group” to the user.
E. Assign group “Standard CTI Allow Control of Phones Supporting Rollover Mode” to the user.

Answer: A,E
Explanation:

---

QUESTION 4
Which two parameters, in the reply of an MGCP gateway to an Audit Endpoint message, indicate
to a Cisco Unified CM that it has an active call on an endpoint? (Choose two)

A. Bearer Information
B. Call ID
C. Capabilities
D. Connection ID
E. Connection Parameters
F. Connection Mode

Answer: A,D
Explanation:

---

QUESTION 5
Where the administrator can reset all database replication and initiate a broadcast of all tables on
a Cisco Unified CM cluster running version 9.1?

A. Real Time Monitoring Tool
B. Cisco Unified Serviceability
C. Cisco Unified OS Administration
D. Cisco Unified CM CLI
E. Disaster Recovery System

Answer: D
Explanation:

---

QUESTION 6
During a Cisco Connection extension greeting, callers can press a single key to be transferred to a
specific extension. However, callers report that the system does not process the call immediately
after pressing the key. Which action resolves this issue?

A. Reduce Caller Input timeout in Cisco Unity Connection Service Parameters.
B. Lower the timer Wait for Additional Digits on the Caller input page.
C. Enable Ignore Additional Input on the Edit Caller input page for the selected key.
D. Enable Prepend Digits to Dialed Extensions and configure complete extension number on the
Edit Caller input page for the selected key.
E. Reduce Caller input timeout in Cisco Unity Connection Enterprise Parameters.

Answer: C
Explanation:

Click here to view complete Q&A of 400-051 exam
Certkingdom Review

Best Cisco 400-051 Certification, Cisco 400-051 Training at certkingdom.com

350-018 CCIE Security version 4.0 and version 4.1

CCIE Security
Exam Number 350-018 CCIE Security
Associated Certifications CCIE Security
Duration 120 minutes (90 - 110 questions)
Available Languages English
Register Pearson VUE
Exam Policies Read current policies and requirements
Exam Tutorial Review type of exam questions

This exam tests the skills and competencies of security professionals in terms of describing, implementing, deploying, configuring, maintaining, and troubleshooting Cisco network security solutions and products, as well as current industry best practices and internetworking fundamentals.

Topics include networking fundamentals and security-related concepts and best practices, as well as Cisco network security products and solutions in areas such as VPNs, intrusion prevention, firewalls, identity services, policy management, and device hardening. Content includes both IPv4 and IPv6 concepts and solutions.

CCIE Security Written Exam (350-018) version 4.0

Exam Description
The Cisco CCIE® Security Written Exam (350-018) version 4.0 is a 2-hour test with 90–110 questions. This exam tests the skills and competencies of security professionals in terms of describing, implementing, deploying, configuring, maintaining, and troubleshooting Cisco network security solutions and products, as well as current industry best practices and internetworking fundamentals.

Topics include networking fundamentals and security-related concepts and best practices, as well as Cisco network security products and solutions in areas such as VPNs, intrusion prevention, firewalls, identity services, policy management, and device hardening. Content includes both IPv4 and IPv6 concepts and solutions.

The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Security Written Exam Topics v4.0 (Recommended for candidates who are scheduled to take the exam BEFORE July 25, 2016)


1.0 Infrastructure, Connectivity, Communications, and Network Security 20%

1.1 Network addressing basics

1.2 OSI layers

1.3 TCP/UDP/IP protocols

1.4 LAN switching (for example, VTP, VLANs, spanning tree, and trunking)

1.5 Routing protocols (for example, RIP, EIGRP, OSPF, and BGP)

1.5.a Basic functions and characteristics
1.5.b Security features

1.6 Tunneling protocols

1.6.a GRE
1.6.b NHRP
1.6.c IPv6 tunnel types

1.7 IP multicast

1.7.a PIM
1.7.b MSDP
1.7.c IGMP and CGMP
1.7.d Multicast Listener Discovery

1.8 Wireless

1.8.a SSID
1.8.b Authentication and authorization
1.8.c Rogue APs
1.8.d Session establishment

1.9 Authentication and authorization technologies

1.9.a Single sign-on
1.9.b OTPs
1.9.c LDAP and AD
1.9.d RBAC

1.10 VPNs

1.10.a L2 vs L3
1.10.b MPLS, VRFs, and tag switching

1.11 Mobile IP networks

2.0 Security Protocols 15%

2.1 RSA

2.2 RC4

2.3 MD5

2.4 SHA

2.5 DES

2.6 3DES

2.7 AES

2.8 IPsec

2.9 ISAKMP

2.10 IKE and IKEv2

2.11 GDOI

2.12 AH

2.13 ESP

2.14 CEP

2.15 TLS and DTLS

2.16 SSL

2.17 SSH

2.18 RADIUS

2.19 TACACS+

2.20 LDAP

2.21 EAP methods (for example, EAP-MD5, EAP-TLS, EAP-TTLS, EAP-FAST, PEAP, and LEAP)

2.22 PKI, PKIX, and PKCS

2.23 IEEE 802.1X

2.24 WEP, WPA, and WPA2

2.25 WCCP

2.26 SXP

2.27 MACsec

2.28 DNSSEC
3.0 Application and Infrastructure Security 10%

3.1 HTTP

3.2 HTTPS

3.3 SMTP

3.4 DHCP

3.5 DNS

3.6 FTP and SFTP

3.7 TFTP

3.8 NTP

3.9 SNMP

3.10 syslog

3.11 Netlogon, NetBIOS, and SMB

3.12 RPCs

3.13 RDP and VNC

3.14 PCoIP

3.15 OWASP

3.16 Manage unnecessary services

4.0 Threats, Vulnerability Analysis, and Mitigation 10%

4.1 Recognize and mitigate common attacks

4.1.a ICMP attacks and PING floods
4.1.b MITM
4.1.c Replay
4.1.d Spoofing
4.1.e Backdoor
4.1.f Botnets
4.1.g Wireless attacks
4.1.h DoS and DDoS attacks
4.1.i Virus and worm outbreaks
4.1.j Header attacks
4.1.k Tunneling attacks

4.2 Software and OS exploits

4.3 Security and attack tools

4.4 Generic network intrusion prevention concepts

4.5 Packet filtering

4.6 Content filtering and packet inspection

4.7 Endpoint and posture assessment

4.8 QoS marking attacks

5.0 Cisco Security Products, Features, and Management 20%

5.1 Cisco Adaptive Security Appliance (ASA)

5.1.a Firewall functionality
5.1.b Routing and multicast capabilities
5.1.c Firewall modes
5.1.d NAT (before and after version 8.4)
5.1.e Object definition and ACLs
5.1.f MPF functionality (IPS, QoS, and application awareness)
5.1.g Context-aware firewall
5.1.h Identity-based services
5.1.i Failover options

5.2 Cisco IOS firewalls and NAT

5.2.a CBAC
5.2.b Zone-based firewall
5.2.c Port-to-application mapping
5.2.d Identity-based firewalling

5.3 Cisco Intrusion Prevention Systems (IPS)

5.4 Cisco IOS IPS

5.5 Cisco AAA protocols and application

5.5.a RADIUS
5.5.b TACACS+
5.5.c Device administration
5.5.d Network access
5.5.e IEEE 802.1X
5.5.f VSAs

5.6 Cisco Identity Services Engine (ISE)

5.7 Cisco Secure ACS Solution Engine

5.8 Cisco Network Admission Control (NAC) Appliance Server

5.9 Endpoint and client

5.9.a Cisco AnyConnect VPN Client
5.9.b Cisco VPN Client
5.9.c Cisco Secure Desktop
5.9.d Cisco NAC Agent

5.10 Secure access gateways (Cisco IOS router or ASA)

5.10.a IPsec
5.10.b SSL VPN
5.10.c PKI

5.11 Virtual security gateway

5.12 Cisco Catalyst 6500 Series ASA Services Modules

5.13 ScanSafe functionality and components

5.14 Cisco Web Security Appliance and Cisco Email Security Appliance

5.15 Security management

5.15.a Cisco Security Manager
5.15.b Cisco Adaptive Security Device Manager (ASDM)
5.15.c Cisco IPS Device Manager (IDM)
5.15.d Cisco IPS Manager Express (IME)
5.15.e Cisco Configuration Professional
5.15.f Cisco Prime

6.0 Cisco Security Technologies and Solutions 17%

6.1 Router hardening features (for example, CoPP, MPP, uRPF, and PBR)

6.2 Switch security features (for example, anti-spoofing, port, STP, MACSEC, NDAC, and NEAT)

6.3 NetFlow

6.4 Wireless security

6.5 Network segregation

6.5.a VRF-aware technologies
6.5.b VXLAN

6.6 VPN solutions

6.6.a FlexVPN
6.6.b DMVPN
6.6.c GET VPN
6.6.d Cisco EasyVPN

6.7 Content and packet filtering

6.8 QoS application for security

6.9 Load balancing and failover

7.0 Security Policies and Procedures, Best Practices, and Standards 8%

7.1 Security policy elements

7.2 Information security standards (for example, ISO/IEC 27001 and ISO/IEC 27002)

7.3 Standards bodies (for example, ISO, IEC, ITU, ISOC, IETF, IAB, IANA, and ICANN)

7.4 Industry best practices (for example, SOX and PCI DSS)

7.5 Common RFC and BCP (for example, RFC2827/BCP38, RFC3704/BCP84, and RFC5735)

7.6 Security audit and validation

7.7 Risk assessment

7.8 Change management process

7.9 Incident response framework

7.10 Computer security forensics

7.11 Desktop security risk assessment and desktop security risk management

CCIE Security Written Exam (350-018) Version 4.1

Exam Description
The Cisco CCIE® Security Written Exam [350-018] version 4.1 is a 2-hour test with 90–110 questions. This exam tests the skills and competencies of security professionals in terms of describing, implementing, deploying, configuring, maintaining, and troubleshooting Cisco network security solutions and products, as well as current industry best practices and internetworking fundamentals.

Topics include networking fundamentals and security-related concepts and best practices, as well as Cisco network security products and solutions in areas such as VPNs, intrusion prevention, firewalls, identity services, policy management, and device hardening. Content includes both IPv4 and IPv6 concepts and solutions.

The exam is closed book, and no outside reference materials are allowed.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

CCIE Security Written Exam Topics v4.1 (Recommended for candidates who are scheduled to take the exam ON July 25, 2016 and beyond)


1.0 Infrastructure, Connectivity, Communications, and Network Security 14%

1.1 Network addressing basics

1.2 OSI layers

1.3 TCP/UDP/IP protocols

1.4 LAN switching [for example, VTP, VLANs, spanning tree, and trunking]

1.5 Routing protocols [for example, RIP, EIGRP, OSPF, and BGP]

1.5.a Basic functions and characteristics
1.5.b Security features

1.6 Tunneling protocols

1.6.a GRE
1.6.b NHRP
1.6.c IPv6 tunnel types

1.7 IP multicast

1.7.a PIM
1.7.b MSDP
1.7.c IGMP and CGMP
1.7.d Multicast Listener Discovery

1.8 Wireless

1.8.a SSID
1.8.b Authentication and authorization
1.8.c Rogue APs
1.8.d Session establishment

1.9 Authentication and authorization technologies

1.9.a Single sign-on
1.9.b OTPs
1.9.c LDAP and AD
1.9.d RBAC

1.10 VPNs

1.10.a L2 vs L3
1.10.b MPLS, VRFs, and tag switching

1.11 Mobile IP networks

2.0 Security Protocols 14%

2.1 RSA

2.2 RC4

2.3 MD5

2.4 SHA

2.5 DES

2.6 3DES

2.7 AES

2.8 IPsec

2.9 ISAKMP

2.10 IKE and IKEv2

2.11 GDOI

2.12 AH

2.13 ESP

2.14 CEP

2.15 TLS and DTLS

2.16 SSL

2.17 SSH

2.18 RADIUS

2.19 TACACS+

2.20 LDAP

2.21 EAP methods [for example, EAP-MD5, EAP-TLS, EAP-TTLS, EAP-FAST, PEAP, and LEAP]

2.22 PKI, PKIX, and PKCS

2.23 IEEE 802.1X

2.24 WEP, WPA, and WPA2

2.25 WCCP

2.26 SXP

2.27 MACsec

2.28 DNSSEC

3.0 Application and Infrastructure Security 10%

3.1 HTTP

3.2 HTTPS

3.3 SMTP

3.4 DHCP

3.5 DNS

3.6 FTP and SFTP

3.7 TFTP

3.8 NTP

3.9 SNMP

3.10 syslog

3.11 Netlogon, NetBIOS, and SMB

3.12 RPCs

3.13 RDP and VNC

3.14 PCoIP

3.15 OWASP

3.16 Manage unnecessary services

4.0 Threats, Vulnerability Analysis, and Mitigation 10%

4.1 Recognize and mitigate common attacks

4.1.a ICMP attacks and PING floods
4.1.b MITM
4.1.c Replay
4.1.d Spoofing
4.1.e Backdoor
4.1.f Botnets
4.1.g Wireless attacks
4.1.h DoS and DDoS attacks
4.1.i Virus and worm outbreaks
4.1.j Header attacks
4.1.k Tunneling attacks

4.2 Software and OS exploits

4.3 Security and attack tools

4.4 Generic network intrusion prevention concepts

4.5 Packet filtering

4.6 Content filtering and packet inspection

4.7 Endpoint and posture assessment

4.8 QoS marking attacks

5.0 Cisco Security Products, Features, and Management 18%

5.1 Cisco Adaptive Security Appliance [ASA]

5.1.a Firewall functionality
5.1.b Routing and multicast capabilities
5.1.c Firewall modes
5.1.d NAT [before and after version 8.4]
5.1.e Object definition and ACLs
5.1.f MPF functionality [IPS, QoS, and application awareness]
5.1.g Context-aware firewall
5.1.h Identity-based services
5.1.i Failover options

5.2 Cisco IOS firewalls and NAT

5.2.a CBAC
5.2.b Zone-based firewall
5.2.c Port-to-application mapping
5.2.d Identity-based firewalling

5.3 Cisco Intrusion Prevention Systems [IPS]

5.4 Cisco IOS IPS

5.5 Cisco AAA protocols and application

5.5.a RADIUS
5.5.b TACACS+
5.5.c Device administration
5.5.d Network access
5.5.e IEEE 802.1X
5.5.f VSAs

5.6 Cisco Identity Services Engine [ISE]

5.7 Cisco Secure ACS Solution Engine

5.8 Cisco Network Admission Control [NAC] Appliance Server

5.9 Endpoint and client

5.9.a Cisco AnyConnect VPN Client
5.9.b Cisco VPN Client
5.9.c Cisco Secure Desktop
5.9.d Cisco NAC Agent

5.10 Secure access gateways [Cisco IOS router or ASA]

5.10.a IPsec
5.10.b SSL VPN
5.10.c PKI

5.11 Virtual security gateway

5.12 Cisco Catalyst 6500 Series ASA Services Modules

5.13 ScanSafe functionality and components

5.14 Cisco Web Security Appliance and Cisco Email Security Appliance

5.15 Security management

5.15.a Cisco Security Manager
5.15.b Cisco Adaptive Security Device Manager [ASDM]
5.15.c Cisco IPS Device Manager [IDM]
5.15.d Cisco IPS Manager Express [IME]
5.15.e Cisco Configuration Professional
5.15.f Cisco Prime

6.0 Cisco Security Technologies and Solutions 16%

6.1 Router hardening features [for example, CoPP, MPP, uRPF, and PBR]

6.2 Switch security features [for example, anti-spoofing, port, STP, MACSEC, NDAC, and NEAT]

6.3 NetFlow

6.4 Wireless security

6.5 Network segregation

6.5.a VRF-aware technologies
6.5.b VXLAN

6.6 VPN solutions

6.6.a FlexVPN
6.6.b DMVPN
6.6.c GET VPN
6.6.d Cisco EasyVPN

6.7 Content and packet filtering

6.8 QoS application for security

6.9 Load balancing and failover

7.0 Security Policies and Procedures, Best Practices, and Standards 8%

7.1 Security policy elements

7.2 Information security standards [for example, ISO/IEC 27001 and ISO/IEC 27002]

7.3 Standards bodies [for example, ISO, IEC, ITU, ISOC, IETF, IAB, IANA, and ICANN]

7.4 Industry best practices [for example, SOX and PCI DSS]

7.5 Common RFC and BCP [for example, RFC2827/BCP38, RFC3704/BCP84, and RFC5735]

7.6 Security audit and validation

7.7 Risk assessment

7.8 Change management process

7.9 Incident response framework

7.10 Computer security forensics

7.11 Desktop security risk assessment and desktop security risk management

8.0 Evolving Technologies 10%

8.1 Cloud

8.1.a Compare and contrast Cloud deployment models
8.1.a [i] Infrastructure, platform, and software services [XaaS]
8.1.a [ii] Performance and reliability
8.1.a [iii] Security and privacy
8.1.a [iv] Scalability and interoperability
8.1.b Describe Cloud implementations and operations
8.1.b [i] Automation and orchestration
8.1.b [ii] Workload mobility
8.1.b [iii] Troubleshooting and management
8.1.b [iv] OpenStack components

8.2 Network programmability [SDN]

8.2.a Describe functional elements of network programmability [SDN] and how they interact
8.2.a [i] Controllers
8.2.a [ii] APIs
8.2.a [iii] Scripting
8.2.a [iv] Agents
8.2.a [v] Northbound vs. Southbound protocols
8.2.b Describe aspects of virtualization and automation in network environments
8.2.b [i] DevOps methodologies, tools and workflows
8.2.b [ii] Network/application function virtualization [NFV, AFV]
8.2.b [iii] Service function chaining
8.2.b [iv] Performance, availability, and scaling considerations

8.3 Internet of Things

8.3.a Describe architectural framework and deployment considerations for Internet of Things [IoT]
8.3.a [i] Performance, reliability and scalability
8.3.a [ii] Mobility
8.3.a [iii] Security and privacy
8.3.a [iv] Standards and compliance
8.3.a [v] Migration
8.3.a [vi] Environmental impacts on the network

---

QUESTION 1
An RSA key pair consists of a public key and a private key and is used to set up PKI. Which statement applies to RSA and PKI?

A. The public key must be included in the certificate enrollment request.
B. The RSA key-pair is a symmetric cryptography.
C. It is possible to determine the RSA key-pair private key from its corresponding public key.
D. When a router that does not have an RSA key pair requests a certificate, the certificate request is sent, but a warning is shown to generate the RSA key pair before a CA signed certificate is received.

Answer: A

Explanation:
An RSA key pair consists of a public key and a private key. When setting up your PKI, you must include the public key in the certificate enrollment request. After the certificate has been granted, the public key will be included in the certificate so that peers can use it to encrypt data that is sent to the router. The private key is kept on the router and used both to decrypt the data sent by peers and to digitally sign transactions when negotiating with peers.
Reference: http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_conn_pki/configuration/xe-3s/sec-pki-xe-3s-book/sec-pki-overview.html

---

QUESTION 2
Refer to the exhibit.


Which three descriptions of the configuration are true? (Choose three.)

A. The configuration is on the NHS.
B. The tunnel IP address represents the NBMA address.
C. This tunnel is a point-to-point GRE tunnel.
D. The tunnel is not providing peer authentication.
E. The configuration is on the NHC.
F. The tunnel encapsulates multicast traffic.
G. The tunnel provides data confidentiality.

Answer: A,F,G

---

QUESTION 3
Which two values you must configure on the Cisco ASA firewall to support FQDN ACL? (Choose two.)

A. a DNS server
B. an FQDN object
C. a policy map
D. a class map
E. a service object
F. a service policy

Answer: A,B
Reference: https://supportforums.cisco.com/document/66011/using-hostnames-dns-
access-lists-configuration-steps-caveats-and-troubleshooting

---

QUESTION 4
Which set of encryption algorithms is used by WPA and WPA2?

A. Blowfish and AES
B. CAST and RC6
C. TKIP and RC6
D. TKIP and AES

Answer: D

---

QUESTION 5
What are two enhancements in WCCP V2.0 over WCCP V1.0? (Choose two.)

A. support for HTTP redirection
B. multicast support
C. authentication support
D. IPv6 support
E. encryption support

Answer: B,C

Explanation: WCCP V2.0 supports the following enhancements to the WCCP V1.0
Protocol:
* Multi-Router Support.
WCCP V2.0 allows a farm of web-caches to be attached to more than one router.
* Multicast Support.
WCCP V2.0 supports multicasting of protocol messages between web-caches and routers.
* Improved Security.
WCCP V2.0 provides optional authentication of protocol packets received by web-caches and routers.
* Support for redirection of non-HTTP traffic.
WCCP V2.0 supports the redirection of traffic other than HTTP traffic through the concept of Service Groups.
* Packet return.
WCCP V2.0 allows a web-cache to decline to service a redirected packet and to return it to a router to be forwarded. The method by which packets are returned to a router is negotiable.
Reference: https://tools.ietf.org/id/draft-wilson-wrec-wccp-v2-01.txt

Click here to view complete Q&A of 300-018 exam
Certkingdom Review

Best Cisco 300-018 Certification, Cisco 300-018 Training at certkingdom.com