This book is one more tool to help you get ready for this challenging exam. It is not a substitute for reading the source documentation, though! You must read the document that the exam focuses on, SAFE: Extending the Security Blueprint to Small, Midsize, and Remote-User Networks . You would also be wise to read the original SAFE document, sometimes known as "Enterprise SAFE," although its actual title is SAFE: A Security Blueprint for Enterprise Networks . You also should read the version that goes into more depth for VPNS, SAFE VPN: IPSec Virtual Private Networks in Depth . "SAFE," by the way, has been used by Cisco for these blueprints as though it were an acronym, but it has never been spelled out. Each topical Exam Cram 2 chapter follows a regular structure and contains graphical cues about important or useful information. Here's the structure of a typical chapter:
As a tool, this book is organized to be sure you have all the information you need to pass the exam. Because Cisco exams need not be taken in a particular sequence, you might find material here that you already know quite well but that others who perhaps have not yet taken other exams do need. Even if you see material that you are confident about, it never hurts to review it; I encourage you to at least skim what is here on that topic. The chapters follow this sequence:
The two practice exams in Chapters 13 and 15 are a completely separate set of questions, so the combination gives you two looks at testing yourself on the material. Finally, each chapter has a section called "Need to Know More?" This section provides information on books and Web sites where you can flesh out your knowledge of the material relevant to that particular chapter. This book includes a number of diagrams. Although some authors like to use the Cisco icon set, which can be downloaded from Cisco's Web page (if you have Visio, you can search for "visio icons" at Cisco's Web page and get a set to use with that program), I don't. Some of the icons look a great deal alike (such as a router versus a router with a firewallthe difference is in the edging of the flat cylinder figure), and there are now many icons because the range of specialized network products has grown so rapidly . It's easy to lose track of which icon is which product, but with labeled figures, it is easier to keep track. For those who know the icons, using labeled figures also means that you have to look at the diagram rather than glance over it. I want to get your mind engaged in the diagram by making you look at it carefully . In a number of cases, I have provided sample commands and command syntax. The syntax presented uses the same conventions that you will see in any documentation you download from Cisco:
The software releases from which I took the commands referenced were IOS 12.2 Mainline for routers, PIX Firewall OS Version 6.2, and Catalyst 3550 Version 12.1(13)EA1. One comment about the two practice exams, then a disagreement , and then we can get to work! Two practice exams are included at the end of this book (Chapters 13 and 15the answers are in Chapters 14 and 16). These two exams are as much like the real exam as I could make them without violating the NDA. Part of that similarity is that, although the end-of-chapter Exam Prep questions have an icon to designate especially tricky questions, these practice exams do not use the "Trick Question" icon, even though there are some tricky questions in them. Cisco won't tell you on the exam that a question was intended to be tricky (or even that it turned out to be tricky), so having to deal with them as they show up is good practice. Likewise, sometimes in the exam you might have a cluster of questions (three or even four) in a row on the same topic, but the rest of the time the topics will bounce from one to another. Therefore, I set up the practice exams in both ways: In Chapter 13, the questions are generally clustered by topic, with a little bouncing around; in Chapter 15, the theme is to bounce all over, with an occasional pair of questions on a topic. You'll get practice at both approaches. Here's the disagreement: Cisco tends to keep its certification program evolving, which means that the training and the exams also evolve . In August 2003, while I was writing this book, a few of us on the GroupStudy list argued about the idea of the "four threat types," which one person said was a part of the "SAFE Test Blueprint." Actually, as I'll note in Chapter 1, neither the Exam Description nor the Exam Topics mention "threat types," much less specify a number of them. However, the CSI Training offered by Cisco training partners mentions "four threat types." That was where the argument really began : One person insisted he had seen in his training that the four types were structured, unstructured, internal, and external. However, I pointed out that previous training had listed four threat types as the four I have used in this book: reconnaissance, unauthorized access, denial of service, and data manipulation. Although we can argue over which training is reflected in the current release of the exam as you read this, the release of the exam that I took (642-541, on June 28, 2003) included a question that reflected the four types I have used.
You have to understand a great deal of material to really understand what goes on in the SAFE Blueprints: why certain technologies are used and why they are used in some places and not others. This book will help by ensuring that you have background material on network security (Chapters 24) and that you understand the security aspects of management protocols (Chapter 5), the Blueprints themselves (Chapters 67), the Cisco products used in them (Chapters 89), and, finally, how the three main parts of the SAFE SMR Blueprint put all the pieces together (Chapters 1012). The place to begin, of course, is Chapter 1, where I'll talk a little about the exam itself and what you can expect. |