CCSP Self-Study: Securing Cisco IOS Networks (SECUR): 642-501

Title: CCSP Self-Study: Securing Cisco IOS Networks (SECUR) Author: John F. Roland ISBN 1-58705-151-6 Though I have yet to take the first exam in the Cisco Certified Security Professional series, I feel confident that after reading this book, that I'll pass. I am a CCNP (re-certified last year) and would say that the material covered in this book expounds on a CCNP's education. In other words, this should be the next phase for all CCNPs, i.e., don't stop reading after attaining the CCNP. The information covered in this book is the least you need to read and understand in order to be, at a minimum, a "security" professional in your field. This book covers the security aspects that aren't mentioned (or mentioned very briefly) in the CCNP series. This book covers securing the router using the IOS' built-in features, such as, the IDS, the firewall features (CBAC), and setting up secure VPNs with IPSec. For the most part, the author did a good job with the illustrations and the examples. There are a few errors, but with enough reading, the student can decipher them. Perhaps they'll be fixed in the next edition. A reader would benefit greatly by answering the questions at the end of each chapter, but were a reader to work out the scenario exercises at the end of each chapter, everything would then fall into place. The material is difficult. With enough repetition (and the author gives you many chances), the reader can't help but understand it. One thing this reader noticed is how well the material is presented, i.e., the author tells you what he's going to cover, he covers the material systematically and extensively, and he summarizes by telling you what he covered. This method of presentation ensures maximum coverage of the material and ingrains it into the reader. In fact, and I don't speak facetiously, this author does such a great job of presenting the material several times that if you never got it the first or the second time, by the third time, it finally sinks in -- at least that's what it took for this reader. This book included two additional and very helpful appendices, i.e., a "Sample Network Security Policy", and "Configuring Standard and Extended Access Lists". The sample policy offers a nice template for those that may find themselves tasked to create one in the future. Very nice additional features in the configuring access lists appendix are two tables. One table contains the several types and codes of ICMP and the other table contains the TCP port keywords. I would give this book a 4 in a rating of 1 - 5, 5 being the highest. Though the book is very long, I learned the material. In fact, I believe that it required such a length because, as I state yet again, the material is very difficult to grasp. There are enough examples that one could easily follow the steps and employ them in one's own network without (too much) difficulty. And most definitely, this book will be used frequently on my book shelf, not

This is the first book I started off with for preparing for 642-501(Securing IOS Networks ) exam and I liked this book very much. This is the only book I could find the information about SDM, which is a topic in the exam. Some times you feel like the text is too verbose, but this does not take the gist away from the topic at hand. Only downside of this book is, it does not come with a CD. If they come up with a companion CD with some sample questions, I think you can pass the exam with this single book.