上海昂立CCIE(SECURITY)认证昂立IT承诺：直通车 通过率!Cisco Certified Internetwork Expert 被视为是全球Internetworking领域中的CCIE认证证书。这个认证主要提供工程师在今日快速变动的网络环境中驾驭Cisco设备所需的专业知识。成为CCIE，除了整个产业的认同之外，Security CCIE也是你不断持有网络知识的指标;你将会在你的专业领域中成为一位竞争力的人。如何成为Security CCIE专家?要取得Security CCIE认证，必须通过以下课程考试：Security CCIE理论考试(Security CCIE考试号 350-018、考试时间两个半小时)Security CCIE实验考试(一天8小时)入学条件已经通过CCSP或者具备相应水平者Security CCIE认证培训薪资水平取得CCIE认证如无工作经验薪资水平为8000-12000元/月，有工作经验18-20万/年Security CCIE认证培训班型Security CCIE脱产班Security CCIE一三五晚班Security CCIE二四晚班Security CCIE周末下午班Security CCIE周末班Security CCIE认证培训目标现在市场上主流的3大防火墙产品，checkpoint公司的checkpoint全套产品.juniper公司的netscreen,cisco 公司的ASA .作为三家业界龙头的防火墙产品，在市场上具有很高的市场占有率。让学员真正学会使用所有的防火墙产品，成为名副其实网络安全专家。CCIE课程特色CCIE认证培训没有标准课程。课程内容是由ONLY认证培训考试中心的10多名CCIE专家设计开发。把历年所有的CCIE认证考试的全真考题版本，拆成分解实验，再按照知识点分类，讲解和操作分解实验。这些知识点的分解实验都掌握了，即使考试变题也可以通过。因为任何的CCIE认证全真考题版本都是由知识点分解实验组合起来。通过CCIE认证培训的入学测试后进入B阶段的学习。B阶段的主要目的是掌握所有的知识点和分解实验，达到真实的CCIE认证水准。通过内部考核确认技术水平达标后再进入A阶段的学习。A阶段的主要目的是针CCIE认证考试的全面冲刺，全真考题的讲解分析考试技巧，确保学员通过。CCIE认证培训的考生在考前一个月，由ONLY认证培训考试中心3位CCIE专家作考前评估，水平完全达到要求再参加考试。只要按照我们的要求学习CCIE认证实验考试的通过率可以达到90%以上。Security CCIE课程介绍FirewallPIX and ASA FirewallBasic InitializationAccess ManagementAddress TranslationACLsIP RoutingObject GroupsVLANsAAAVPNsFilteringFailoverLayer 2 Transparent FirewallSecurity Contexts (Virtual Firewall)Modular Policy FrameworkApplication-Aware InspectionHigh Availability ScenariosQoS PoliciesOther Advanced FeaturesIOS FirewallCBACAuditAuth ProxyPAMAccess ControlPerformance TuningAdvanced FeaturesVPNIPSec LAN-to-LANSSL VPNDMVPNCA (PKI)Remote Access VPNVPN3000 ConcentratorVPN3000 IP RoutingUnity ClientWebVPNEzVPN Hardware ClientXAuth, Split-tunnel, RRI, NAT-THigh AvailabilityQoS for VPNGRE, mGREL2TPPPTPAdvanced VPN FeaturesIntrusion Prevention System (IPS)IPS 4200 Series Sensor ApplianceBasic InitializationSensor ConfigurationSensor ManagementPromiscuous and Inline MonitoringSignature TuningCustom SignaturesBlockingTCP ResetsRate LimitingSignature EnginesIDMEvent ActionEvent MonitoringIOS IPSPIX IDSSPAN, RSPANAdvanced FeaturesIdentity ManagementSecurity Protocols (RADIUS and TACACS+)Cisco Secure ACS ConfigurationAccess Management (Telnet, SSH, Pwds, Priv Levels)Proxy AuthenticationService Authentication (FTP, Telnet, HTTP, other)Network Admission Control (NAC Framework solution)802.1xAdvanced FeaturesAdvanced SecurityMitigation TechniquesPacket Marking TechniquesSecurity RFCs (RFC1918, RFC2827, RFC2401)Service Provider SecurityBlack Holes, Sink HolesRTBH Filtering (Remote Triggered Black Hole)Traffic Filtering using Access-listsNATTCP InterceptuRPFCARNBARNetFlowFloodingSpoofingPolicingFragmentationSniffer TracesCatalyst Management and SecurityTraffic Control and Congestion ManagementCatalyst Features and Advanced ConfigurationNetwork AttacksNetwork ReconnaissanceIP Spoofing AttacksMAC Spoofing AttacksARP Spoofing AttacksDenial of Service (DoS)Distributed Denial of Service (DDoS)Man-in-the-Middle (MiM) AttacksPort Redirection AttacksDHCP AttacksDNS AttacksFragment AttacksSmurf AttacksSYN AttacksMAC AttacksVLAN Hopping AttacksOther Layer2 and Layer3 Attacks考试时间CCIE Sec认证考试分为以两个组成部分：1. CCIE Sec 笔试(code：350-018)，2小时考试时间2. CCIE Sec Lab 考试，8小时的实验考试时间考试分数总分1000分，800分合格Security CCIE认证学习路径：Security CCIE认证证书样本