2/18/2011 -- Cisco has added three new certifications to the Cisco Certified Security Specialist offerings. The three new offerings are: Cisco Firewall Security Specialist, Cisco IOS Security Specialist and Cisco VPN Security Specialist.
The Firewall Specialist is intended for those who design, implement and maintain Cisco security appliances, including the ASA adaptive security appliance and zone-based firewalls. The IOS Specialist is for those who can demonstrate mastery of IOS in Cisco routers and switches as well as other security appliances. The VPN Specialist is aimed at those who configure, maintain, troubleshoot and support Cisco VPN solutions and the IOS software.
More information on these new specializations can be found here.
Certification Tip #2
Testing centers prohibit you from bringing anything into the cubicle with you -- no phones, no calculators, no music players, no pens, etc. When you sit, you have before you just the terminal/monitor/keyboard, two sheets of blank paper and two pencils. Those latter items can make all the difference between passing and failing an exam.
The exam begins once you login/authenticate and click the button to start. Until you click that start button, you still have all the time allotted for the exam -- provided you don't abuse it and run into the time of the next person scheduled to sit at that station. Between your sitting in the chair and clicking the button to start, you can do anything you want with the paper and pencils, including writing down everything you fear you may forget as you take the exam. This can be information you looked at in the car right before you came in, or information you've worked with for the past seven years.
It may seem like an inept use of time writing down everything about the OSI model and what you've spent the last four months committing to memory, but doing so serves a two-fold purpose. First, it brings it all back to the forefront of your mind. Having to think about what you're putting down on paper helps you better prepare for the electronic grill session. Second, it serves as a backup security blanket when you glance at the timer and realize you only have five minutes left to answer ten questions. It is in those moments that you often find you can't remember at which layer the XYZ protocol runs.
There is often a bit of conceit involved in taking an exam, and I am certain that there are those who would never think of using the scratch paper at any time before or during an exam because to do so might seem like a weakness. That type of arrogance is meaningless since the odds are quite good that no one at the test center cares whether you use the paper they are obligated to provide or not. Your real source of satisfaction should come from the passing score and nothing else.
IT Book of the Week: IT Auditing, Second Edition
Chris Davis and Mike Schiller's IT Auditing, Second Edition weighs in at 480 pages of 'must read' for every security administrator. Divided into 18 chapters and 3 parts, there is a chapter devoted to auditing each critical component, including:
- Applications
- Cloud computing and outsourced operations
- Company projects
- Data centers and disaster recovery
- Databases
- Entry-level controls
- Routers, switches, and firewalls
- Storage
- Virtualized environments
- Web servers and web applications
- WLAN and mobile devices
My favorite is Chapter 6, Auditing Windows Operating Systems. Even though it is a topic that most administrators deal with on a daily basis, it is nice to have everything located in one reference section, and the coverage of rsop.msc (the Resultant Set of Policy) is the best that I've seen in any text. In addition to covering Windows, the book gives equal treatment to Unix and Linux, and truly is the best auditing book on the market.
|