CCSP My Thoughts
Ok so i have been debating with myself and my other half (my wife of ten years) on whether i should go for CCIE R&S or should choose the security track. I have my CCNP and i could easily go for CCIE Security, but i decided otherwise. So here i am.
I have decided to take this from a noobs perspective (no offense). i am gonna go through each exam and the main technology that i would need to get prepared for it. I have spent the last weeks trying to gather as much information as possible.
Pre-requisites:
If you have a CCNA and you have passed the SND exam you are got to go. If not you will need to clear the CCNA Security to satisfy the prerequisites.
Exams:
In addition to the pre-requisites you have to pass three required exams and choose one more from the elective exams. Any exam from the electives will satisfy the Certification requirements.
So lets see what you would need to pass these exams. I will also include the study materials that i will be using for each exam.
1) 642-504 SNRS Securing Networks with Cisco Routers and Switches (SNRS)
As the name suggests, securing networks with routers and switches. Expect to use a lot of CLI for this exam. You will be required to configure VPNs, IOS-IPS, layer-2 security and CBAC.
I think this is one of the hardest one in all the CCSP exams. Lots and lots of CLI configurations that surely will give you nightmares.
2.) 642-524 SNAF Securing Networks with ASA Foundation (SNAF)
This is like SNRS but all GUI based. Yup the foundation and the concepts are the same. But instead of using the CLI to perform the security functions you will be required to use a security appliance. You will be using ASDM to do most of the configurations, don’t get me wrong you will still be required to do CLI based configurations. You will be using ASDM to configure VPNs, AAA, L3/L4 protocol inspections and firewalls.
This just like SDM, you can either run ASDM on a pc or install it on the ASA device.
3) 642-533 IPS Implementing Cisco Intrusion Prevention System (IPS)
You will be required to deploy, configure, and administer Cisco IPS sensors to protect network devices as well as efficiently manage IPS alarms. This exam is all about IPS. So you have to dig deep and get into the core of Cisco IPS.
Once again you will be required to know how to configure IPS using CLI. There are other appliances also that you will need to use including Cisco IDM and IEV.
4) Elective Exams (Choose One)
a) 642-591 CANAC Implementing Cisco NAC Appliance (CANAC)
So what is NAC?
The NAC Appliance (Cisco Clean Access) is a “shrink-wrapped” network admission control solution that recognizes users, their devices and roles; evaluates the security posture of the endpoint and scans for vulnerabilities; and enforces policy in the network. In particular, prior to allowing users onto the network, the NAC Appliance (Cisco Clean Access) solution allows administrators to authenticate, authorize, interrogate and remediate users and their machines enforcing policy based access control on the network.
b.) 642-545 MARS Implementing Cisco Security Monitoring, Analysis and Response System (MARS)
One more security appliance to know off. Once again GUI based and a lot of configuration involved including installing and maintenance along with event and traffic inspections.
c) 642-515 SNAA Securing Networks with ASA Advanced (SNAA)
As the name suggests it is basically SNAF on steroids. You will be required to configure advance features on ASA, including configuring the ASA 5505 dual-ISP support, configuring ASA 5505 VLANs, configuring policy NAT, installing and configuring the Cisco Secure Desktop, configuring the security appliance to pass multicast traffic, configuring Layer 7 class maps and policy maps, and initializing the AIP-SSM and CSC-SSM.
Note: For a complete list of exam objective please visit the cisco’s website.
Certification Notes: (things you will need)
i) If you are using GNS3, make sure you are using IOSs with version 12.4(6)T and newer.
ii) ASA and PIX Security Appliance 8.0 AKA ASA 5500 Rev 8.
iii) Adaptive Security Device Manager (ASDM) Version 5.0(2) or 6
Now don’t get confused here Cisco ASA are devices, security devices. Using ASA you can configure NAT, VPNs and IPS. More information here : http://www.cisco.com…120/index.html.
My preparations:
Lets be honest i can’t in my dreams afford an ASA device to work on, i mean come on they range from $1500 to 10K. So i will be using virtualization to achieve my goals. I will be using GNS, Pemu and Qemu to emulate an ASA device.
Next i will need to get my hands on ASDM. I haven’t downloaded it yet, because i couldn’t find the version 6.0.
I am also going to need to find some IOSs that support IPS and other security features.
Lets take a minute here. If you look at at its not that difficult. Look you need to know everything about ASA devices, and in doing so you will need to understand all the theory behind the security features as well as the applications you will be using to perform these tasks.
I have decided to take the SNAF and SNAA first and then the SNRS and IPS. I am pairing them because they are related to each other.
So stay tuned i will open another thread for my first two exams and post as i progress.
Firewall Fundamentals
http://rapidshare.com/files/12058347….2006.rar.html
Security Threat Mitigation and Response: Understanding Cisco Security MARS (Networking Technology)
http://rapidshare.com/files/12025496…ponse.rar.html
Cisco ASA and PIX Firewall
http://rapidshare.com/files/19649190…k.Jun.2005.rar
CCSP SNRS Exam Certification Guide 2Ed
http://rapidshare.com/files/22102003…e.2Ed.chm.html
Network Security Fundamentals
http://rapidshare.com/files/22092476…ndamentals.rar
Cisco Security Agent
http://rapidshare.com/files/22025987…rity.Agent.rar
CCSP SNPA Official Exam Certification Guide 3rd Edition
http://rapidshare.com/files/25474005…n.Apr.2006.pdf
CCSP Quick Reference Sheets SND SNRS SNPA IPS CSVPN Added !!!
http://rapidshare.com/files/34568668…heets.pdf.html
Cisco Asa All-in-one Firewall, Ips, And Vpn Adaptive Security Appliance
http://rapidshare.com/files/40719730…ance.part1.rar
http://rapidshare.com/files/40722500…ance.part2.rar
http://rapidshare.com/files/40724291…ance.part3.rar
http://rapidshare.com/files/40725018…ance.part4.rar
Password (all .rar files): sir_firewall
CODE
CNAP – Network Security Part 1(50908 KB) (for SNPA + SNRS Exams)
http://rapidshare.de/files/18006895/…urity.zip.html
CNAP – Network Security Part 2(28209 KB)(for SNPA + SNRS Exams)
http://rapidshare.de/files/18021406/…urity.rar.html
CCSP Flash Cards, with Test Engine Complete CD
http://rapidshare.de/files/24636437/…Cards.rar.html
CCSP Flash Cards, December 2005, ISBN: 1-58720-133-X CHM Format
http://rapidshare.de/files/24630195/…_2005.chm.html
CCSP Titles
All CCSP Titles
Subscribe to this topic RSS details
Showing 1-10 of 10
Sort by Date | Title | Popularity
1.
CCSP SNRS Quick Reference (Digital Short Cut)
By Andrew Mason
Mar 17, 2009
$19.99
2.
CCSP SNAA Quick Reference (Digital Short Cut)
By Ryan Lindfield
Feb 13, 2009
$19.99
3.
CCSP SNAF Quick Reference (Digital Short Cut)
By Andrew Mason
Nov 21, 2008
$19.99
4.
CCSP IPS Quick Reference (Digital Short Cut)
By Anthony Sequeira
Jan 8, 2008
$19.99
5.
CCSP SND Quick Reference (Digital Short Cut)
By Brandon James Carroll
Oct 16, 2007
$14.99
6. Networker’s Journal, A
By Cisco Press
Jan 14, 2005
$13.50 (Save 10%)
7. IT Career Builder’s Toolkit, The
By Matthew Moran
Dec 31, 2004
$43.16 (Save 10%)
8. CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), 2nd Edition
By Earl Carter, Cisco Systems, Inc.
Feb 9, 2004
$54.00 (Save 10%)
9. CCSP Self-Study: Cisco Secure PIX Firewall Advanced (CSPFA), 2nd Edition
By Behzad Behtash, Cisco Systems, Inc.
Jan 14, 2004
$45.00 (Save 10%)
10. CCSP SECUR Exam Certification Guide (CCSP Self-Study, 642-501)
By Greg Bastien, Christian Degu
Dec 22, 2003
$44.96 (Save 10%)