CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), 2nd Edition

Book ~~$60.00~~ $54.00

Usually ships in 24 hours.

This book includes Instant Online Access with Safari and free shipping!

Instant Online Access with Safari Books Online

With your book purchase you are entitled to free, instant online access to that book on Safari Books Online for 45 days. After you've completed your purchase, you will receive instructions on how to log into Safari Books Online. If you do not want to receive online access to the book, simply uncheck the box for Instant Online Access in your cart.

Save more by becoming a member.
Request an Instructor or Media review copy.
Corporate, Academic, and Employee Purchases
International Buying Options

What is this?

Online access to books, videos, and tutorials from Addison Wesley, Prentice Hall, Cisco Press, IBM Press, O'Reilly Media and others - starting as low as $22.99. Learn more and start a free trial.

Published: Feb 9, 2004
Copyright 2004
Dimensions: 7-3/8" x 9-1/8"
Pages: 864
Edition: 2nd

Book
ISBN-10: 1-58705-144-3
ISBN-13: 978-1-58705-144-9

CCNP Wireless IUWMS Quick Reference: Implementing Location-Based Services: By Jerome Henry.; Jul 20, 2010
CCIE Routing and Switching Practice Lab 3—The VPN Lab: By Martin J. Duggan.; Jul 14, 2010
CCNP TSHOOT Certification Guide: Understanding the Basics of QoS: By Kevin Wallace.; Apr 27, 2010

Safari Bookshelf Titles

Cisco DCUCI Quick Reference (eBook): By James Casaletto, Jeremy Moulton.; Jul 28, 2010

Implementing Cisco IP Routing (ROUTE) Foundation Learning Guide: Foundation learning for the ROUTE 642-902 Exam: By Diane Teare.; Jun 28, 2010

Implementing Cisco IP Switched Networks (SWITCH) Foundation Learning Guide: Foundation learning for SWITCH 642-813: By Richard Froom, Balaji Sivasubramanian, Erum Frahim.; Jun 21, 2010

More Information

Description Reviews Sample Content Updates

Product Description

Understand how Cisco IDS can be used to protect, monitor, and enforce physical security policies
Review techniques applicable to both network- and host-based platforms
Review the security wheel concepts and apply security to AVVID using the SAFE Blueprint
Install and configure the Cisco IDS to monitor your network for malicious activity
Understand Cisco Threat Response (CTR) benefits and how it operates
Apply alarm signatures and gain the proficiency to create your own custom signatures
Deploy Cisco IDS effectively in your network using sensor and management platforms
Get inside the Cisco Security Agent (CSA) architecture

In addition to firewalls and other security appliances intended to limit outsider access to a network, intrusion detection and targeted countermeasures are a critical component of a complete network security plan. The Cisco Intrusion Detection Sensors and Management options work as a united system to provide detection, notification, and aggressive lockdown to malicious network breaches. CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, offers in-depth configuration and deployment information for the reliable and intensive intrusion detection solutions from Cisco Systems.

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, is a Cisco authorized, self-paced learning tool that helps you gain mastery over the use of both the host-based and network-based IDS options (as well as the Cisco Threat Response functionality) by presenting a consolidated all-inclusive reference on all of the current Cisco IDS sensor platforms and management platforms. Chapter overviews bring you quickly up to speed and help you get to work right away. Configuration examples are designed to show you how to make the most of your IDS system, and unique chapter-ending review questions test your knowledge.

Whether you are seeking a reference guide to working with the CIDS sensor and management platforms or a study guide for the 642-531 exam, CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, supports your effective use of the Cisco IDS.

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, is part of a recommended learning path from Cisco Systems that can include simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

This volume is in the Certification Self-Study Series offered by Cisco Press. Books in this series provide officially developed training solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

Praise For CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), 2nd Edition

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Ed.
Reviewer Name: Mark G. Reyero
Reviewer Certification: CCIE No. 12932

The book is an excellent resource for any individual pursuing the CCSP track. In fact, I used this as my primary training material to pass the CSIDS exam 642-531 to complement my CSIDS web-based training.

The book format follows the CSIDS training course. However, the book provides far greater detail than the traditional Cisco courseware. The book follows the standard format similar to the majority of the Cisco Press authorized self-study books. Part I reviews the basics of network security; if you already passed some of the other CCSP exams, such as the PIX or SECUR exam, you can probably breeze through this section. Part II begins the deep dive into the CIDS environment, reviewing IDS concepts, Cisco IDS architecture, and the various Cisco IDS platforms. The third section of the book delves into IDS configuration. Not only does the book provide detailed information on configuring the IDS sensor and modules, but also the various switch configuration requirements and the differences between IOS and Catalyst OS. The remaining sections cover CIDS maintenance and management.

Cisco Press provides numerous screenshots and configuration examples throughout the book. For those CCSP candidates who cannot afford to invest in a 4200 IDS Sensor, a Layer 2/3 Switch, and CiscoWorks VMS, the diagrams, tables, configuration examples, and screen shots are very helpful in grasping the concepts and configuration requirements.

Where the book truly excels is in its coverage of both the IDS signatures as well as using the IDS Management Console (a component of CiscoWorks VMS). Fifty pages are dedicated to the IDS signatures. Admittedly, my eyes got a bit heavy reading this chapter. However, understanding the IDS signature architecture is paramount for any Network Admin. The coverage of the IDS MC was also fantastic. After completing the book, I felt confident in my abilities to utilize not only the IDS MC, but also the Security Monitor component of VMS.

The only instance where the book seemed lacking was coverage of the IDS Network Module for the Cisco Routers. However, in defense of Cisco Press, it is nearly impossible for a Cisco book to remain 100% up-to-date on Cisco latest hardware and software releases. The book does provide some content on the Cisco Secure Agent (CSA). Any CCSP candidate should always check www.cisco.com for the latest exam requirements and augment study material with the latest hardware and software releases from Cisco’s website. All in all, I strongly recommend the Cisco Press CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) for Cisco CSIDS 642-531 exam preparation.

Index

Download - 433 KB -- Index

I. INTRODUCTION TO NETWORK SECURITY.

1. Network Security.

2. Network Security and Cisco.

II. INTRUSION DETECTION AND THE CIDS ENVIRONMENT.

3. Intrusion Detection Overview.

4. Cisco Intrusion Protection Overview.

5. Cisco IDS Architecture.

III. CISCO NETWORK IDS CONFIGURATION.

6. Capturing Network Traffic for IDS.

7. Cisco IDS Network Sensor Installation.

8. Cisco IDS Module Configuration.

9. Cisco IDS Device Manager And Event Viewer.

10. Sensor Configuration.

11. Signature Configuration.

12. Signature Response.

13. Cisco IDS Alarms and Signatures.

IV. CISCO ENDPOINT SECURITY.

14. Host Intrusion Protection.

V. CIDS MAINTENANCE AND TUNING.

15. Cisco IDS Maintenance and Troubleshooting.

VI. CISCO ENTERPRISE IDS MANAGEMENT.

16. Enterprise IDS Management.

17. Enterprise IDS Monitoring and Reporting.

18. Cisco Threat Response.

19. Cisco Secure IDS Upcoming Functionality.

Appendix A. Cisco Secure IDS Tuning Case Studies.

Appendix B. Glossary.

Downloadable Sample Chapter

Download - 380 KB -- Chapter 4: Cisco Intrusion Protection

Errata

Errata - 19 KB -- Errata