Official self-study test preparation guide for the CCIE Security written exam

Review all CCIE Security written exam topics, including:

• Switching concepts, routing protocols, and WAN protocols, including PPP, ISDN, and Frame Relay

• DNS, TFTP, Secure Shell, Secure Socket Layer Protocol, NTP, and SNMP

• Cisco IOS(r) Software specifics, including password security, password recovery, and standard and extended access lists

• Encryption technologies and security protocols, including TACACS+, RADIUS, and Kerberos Windows and UNIX operating system security issues

• Cisco security applications, including Cisco PIX(r) Firewall, VPN, IDS, and Cisco Policy Manager

• Basic security methods and the evolution of new secure networks including packet filtering, proxies, and NAT/PAT

• Network security policies, vulnerabilities, and protection techniques

With increased reliance on networking resources to provide productivity gains and corporate revenue contributions, the need for network security has never been higher. Rising concerns over corporate espionage, cyber-terrorism, financial fraud, and theft of proprietary information have radically increased the demand for highly skilled networking security professionals. One of the most sought-after and highly valued networking certifications, the Cisco Systems CCIE Security certification is answering the need for technical expertise in this critical market by distinguishing the top echelon of internetworking experts.

CCIE Security Exam Certification Guide is a comprehensive study tool for the Security written exam. Written and reviewed by members of the CCIE Security team at Cisco, this book helps you understand and master the material you will need to know to pass the written exam. Designed to optimize your study time, this book helps you assess your knowledge of the material at the beginning of each chapter with customized quizzes for each topic. Increase retention of key concepts by reviewing summaries of crucial concepts. Test your comprehension with chapter-ending review questions. Determine your assimilation of knowledge and get a taste for the CCIE Security lab exam with two complete practice lab scenarios focused on security and routing and switching topics. Take timed practice exams that mimic the real testing environment with the CD-ROM test engine or customize the test bank to focus on the topics for which you need the most help. Along with an electronic version of the text, a complete copy of Henry Benjamin's previously published CCIE Routing and Switching Exam Cram is also presented on the CD-ROM as an additional bonus.

CCIE Security Exam Certification Guide is part of a recommended study program from Cisco Systems that can include simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

"This book will be a valuable asset for potential CCIE Security candidates. I am positive individuals will inevitably gain extensive security network knowledge during their preparation by using this book."
-Gert De Laet, Product Manager, CCIE Security, Cisco Systems, Inc.

Companion CD-ROM
CD contains a test engine with over 300 questions, lab equipment suggestions, sample configurations, and a bonus electronic copy of the complete CCIE Routing and Switching Exam Cram text.

Amazon.com® Reader Reviews (Ranked by Helpfulness)

Average Amazon.com® Rating:  Based on 76 Ratings

Excellent Study Guide for CCIE Security Written Exam - 2006-03-02
Reviewer Rating:
I obtained a copy of Henry Benjamin's "CCIE Security Exam Certification Guide" (ISBN 1587201356) to complete my final preparation for the CCIE Security Written Exam. Contrary to a few other reviews, I found this book to be extremely valuable for my final review. This book is exactly what it states in the title, a study guide for the exam. It is not a detailed analysis of security architectures and principles. It should not be viewed a CCIE Security "bible". Rather, this book should be used by a CCIE Security candidate only after he or she has read most of the other security related books listed on the CCIE Written Roadmap on Cisco's website.

I found the layout of the book to be beneficial for the CCIE Security candidate. Each chapter opens with a "Do I know this already?" quiz. The quizzes are helpful in assessing the reader's knowledge on the chapter's topics. Therefore, the reader will be better prepared to focus on the areas where he or she may be weak. The chapters then jump right in to its particular topic, presenting the material in a concise and articulate manner. The chapters close with a summary, questions and answers, and references to additional information. Finally, the book includes a testing engine as well as an electronic version of the book on CDROM.

I appreciated the "bonus" CCIE Security and Routing & Switching lab scenarios at the end of the book. A competent and confident Cisco engineer can never get enough hands-on practice lab scenarios to sharpen and keep ones skills fresh.

Again, I must emphasize that this book is a culmination of the CCIE Security candidate's exam preparation, not a starting point! If you are just starting your CCIE journey, I strongly recommend that you review the written exam blueprint on Cisco's website and begin with the Doyle, Malik, and De Laet and Gert Schauwers books, to quickly name a few. I am confident that this book assisted me in conquering the CCIE Security Written exam!

Mark Reyero
CCIE 12932 (R/S)

A good global view to exam - 2006-07-28
Reviewer Rating:
It's a good book with most of all topics to someone make the CCIE Security written exam, but not so deep.

Puddle depth? That's one way of putting it... - 2006-07-09
Reviewer Rating:
As another reviewer put it: puddle depth. As is not uncommon with most CCxx prep books, Benjamin's CCIE Security coverage is barely broad enough and nowhere deep enough. I'm using this more as a basic overview for a topic, then it's off to the Cisco documentation and lab work for a few hours to figure out how the thing really works.
Oh I wish for someone like Odom or Doyle/Carroll to write a CCIE Security book! It'd be two or three volumes, but it'd be worth the money, unlike "CCIE Security Exam Certification Guide". Buy it second hand, or better use Safari - at least you'll not waste a tree.

Totally out of date - 2007-10-18
Reviewer Rating:
This book is completely out of date. It was relevant 3 yrs ago but it will not get you 20% of what you need to pass the current CCIE Security 2.0 exam.

Information within is very broad and generalized - nothing like you'll experience on the test itself.

Also, the test software from Boson is a complete joke. 1 in 10 questions are wrong. In other words, what they list as the correct answer is not always the case. Also, you'll find that you might click on an answer and then it tells you it's wrong and that the right answer is the same as the one you picked - only instead of 'A', it's 'C' for example. Sigh..... what a waste of $50.

A woefully, inadequate "study guide" for Cisco's premier certification. - 2007-05-02
Reviewer Rating:
The CCIE Security Exam Certification Guide glosses over "topics" listed in the CCIE version 1 blueprint. Each section provides a high level view of a subject. This book is riddled with configuration errors and lacks depth. While not study guides, other books like Network Security Principles and Practices -- Saadat Malik, Network Security Architectures -- Sean Convery and Cisco Router Firewall Security -- Richard Deal were excellent, detailed and fun to learn from.

Benjamin's description of cryptography and related protocols is terrible and should be avoided. A study guide should list salient features of a technology, not just fillers that will confuse the reader. I found chapter 4 (Security protocols) weak and skipped reading this chapter all together, preferring other, *better* tomes - Malik for example. Examples - The ESP Frame Format figure is incorrect. In the IPSec section, Benjamin writes "You can tunnel any form of data across the IPSec tunnel, such as IP, Novel IPX, or AppleTalk." Not without GRE to first encapsulate the non-IP traffic. IPSec works only on IP traffic and non-IP traffic should be encapsulated (recommended GRE encapsulation) prior to IPSec.

In chapter 5, Security Applications, Benjamin writes the following on VPN Concentrators "Cisco makes a number of recommendations in its SAFE Blueprint, but in general requires that the VPN Concentrator be located behind a Cisco PIX Firewall on the inside interface where the DMZ is located. The Cisco SAFE Blueprint has a number of recommendations based on network size and appliances, though". The SAFE blueprint does not recommend having a VPN device beyond a Firewall. Common sense would dictate that having this scenario would require opening up the Pix for all encrypted traffic.

I truly hope that Benjamin would write a far better book for the CCIE v2.0 blueprint.

Browse Similar Topics

Top Level Categories:
Certification

Sub-Categories:
Certification > Cisco
Cisco > CCIE