[.ca] CCSP: Securing Cisco IOS Networks Study Guide: Exam ...

insuficient for the 642-501 exam:
I bought this book because I have good experiences with Todd Lammle books, his books are usually clearly written and cost little energy to digest (and he did manage to this again in this book). but.....It does seem out of date at this moment, the CCSP path changes rapidly and some main toppics have been added (such as "securing Cisco Routers using Security device manager" and "management centre (MC) for VPN routers". There is a big chance that the exam will hold quite a few questions on these topics as happened with me. With a passing rate of 860 you just can't afford loosing valuable points just because it wasn't in the book. I am now reading the cisco press self study book (Published: Apr 21, 2004), and indeed like one of the other reviewers says, they might sometimes be crammed with in depth information (perhaps even too much for the exam). Sybex should rewrite this book to match it with the current standards. I'm happy that a lot of the reviewers passed after using this book, but it might have something to do with a lucky collection of questions. Regards, Herman

old, outdated, and not terribly good:
This guide will not allow you to pass the Cisco tests by its self. The book is only good in conjunction with the latest Cisco Press books. The main problem is that this entire Sybex CCSP series is outdated. Cisco added to their tests and updated their books after these were written. (i am giving them the benefit of the doubt there). These book leave a ton of stuff out. There are also some errors in the questions. Bottom line is that these books do not stand up by themselves.

Enough but extras needed:
This book will help you pass the exam but you will have to use the Cisco web site to get up to date info on SDM and Management Center if you want to score above 900. You can get upwards of 6 questions on SDM on the exam and every point counts towards the 860 pass mark. Other than the missing SDM and MC stuff, if you have a lab set up running the IOS FW and follow the labs you will be able to spot the errors in the book and help reinforce the correct commands.

Book not a "stand alone":
I used this book, along with my experience and I failed the test. As several have mentioned there are questions about SDM & MC on the exam that are not covered in this book. I have about 6 questions on SDM. Unfortunately I had no real life experience with this. If you use this book, make sure you get other study material! With a score of 860 needed, the SDM questions alone put you very close to failure.

A fair resource but the book needs more diligent editors:
This book has a lot going for it. Lammle and Timm are obviously knowledgeable and generally present information in an easy to understand, well organized fashion. I particularly enjoyed the last chapter on Easy VPNs. Short sweet, easy to understand with lots of good info. I also thought chapter 5 was well written - lots of useful tips on how to use CBAC, which seems like it can be especially helpful in securing a network. I like that the book has practical information as well as what you need to pass the exam. The CD is also worthwhile, providing 2 bonus exams (though the answer to question 19 in the first exam has a glaring error that reflects a disturbing lack of understanding of the difference between symmetric and asymmetric encryption that is fortunately not duplicated in the book), an electronic version of the book and flashcards. One annoying thing about this book is that each chapter warms up with a page or two of useless fluff. The book is also riddled with easily correctable though sometimes amusing errors. A few errors are listed on Sybex's web site (which is worth checking out before you read the book) but not nearly all of them. The first chapter is the worst and should probably be skipped altogether. In it the book makes some interesting claims - for example, on pg 4 that TCP/IP has operating system weaknesses (a bizarre claim to make about a protocol suite) and that because of NAT, there is absolutely no reason to use real IP addresses (surely debatable). On page 12 the book claims that "ICMP attacks are known as 'The Ping of Death'". Hm, I always thought that was the name of one specific ICMP attack. Silly me. On page 15 the book claims, in rather amusing fashion, that "the latest trend in the attacker game is the smurf attack" (certainly not true even in 2002 when the book was written) and that "Smurf attacks send a Layer 2 (Data Link layer) broadcast" (I'm sure Lammle and Timm are aware that ICMP is a layer 3 protocol). There are simply too many to list. Errors are sadly not confined to the first chapter. On page 310 the book claims that the Easy VPN Client does not support DH1 (I believe they meant the VPN server). This contradicts page 308 and the answers to the review questions. The explanation of IPSEC theory (ch 7) and configuration (ch 8) is convoluted, incomplete and should definitely be covered in at least 3 chapters. Perhaps there was a last minute rush to get the book published or maybe quality control is slipping a bit at Sybex. In any case, this book is pretty good but it could have been great with a bit more work. Additional note: I just took the test and passed it using this book and a Boson practice exam. There were at least 5 questions on SDM on the test (if the test focused on anything I would say it was SDM). Router MC was also covered. Neither topic was covered in this book - though the Boson exam had more than enough info on each. Concentrate on simple topics for the test - it doesn't delve into anything in great detail (I imagine that's saved for later in the CCSP process).