CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), 2nd Edition

Product Description

• Understand how Cisco IDS can be used to protect, monitor, and enforce physical security policies
• Review techniques applicable to both network- and host-based platforms
• Review the security wheel concepts and apply security to AVVID using the SAFE Blueprint
• Install and configure the Cisco IDS to monitor your network for malicious activity
• Understand Cisco Threat Response (CTR) benefits and how it operates
• Apply alarm signatures and gain the proficiency to create your own custom signatures
• Deploy Cisco IDS effectively in your network using sensor and management platforms
• Get inside the Cisco Security Agent (CSA) architecture

In addition to firewalls and other security appliances intended to limit outsider access to a network, intrusion detection and targeted countermeasures are a critical component of a complete network security plan. The Cisco Intrusion Detection Sensors and Management options work as a united system to provide detection, notification, and aggressive lockdown to malicious network breaches. CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, offers in-depth configuration and deployment information for the reliable and intensive intrusion detection solutions from Cisco Systems.

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, is a Cisco authorized, self-paced learning tool that helps you gain mastery over the use of both the host-based and network-based IDS options (as well as the Cisco Threat Response functionality) by presenting a consolidated all-inclusive reference on all of the current Cisco IDS sensor platforms and management platforms. Chapter overviews bring you quickly up to speed and help you get to work right away. Configuration examples are designed to show you how to make the most of your IDS system, and unique chapter-ending review questions test your knowledge.

Whether you are seeking a reference guide to working with the CIDS sensor and management platforms or a study guide for the 642-531 exam, CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, supports your effective use of the Cisco IDS.

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Edition, is part of a recommended learning path from Cisco Systems that can include simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/go/authorizedtraining.

This volume is in the Certification Self-Study Series offered by Cisco Press. Books in this series provide officially developed training solutions to help networking professionals understand technology implementations and prepare for the Cisco Career Certifications examinations.

Customer Reviews

3 of 3 people found the following review helpful Strongly Recommend for Cisco CSIDS Exam 642-531, April 26, 2005 By  Mark G. Reyero "IT Consultant, CCIE 12932, an... (Annapolis, MD United States) - See all my reviews    This review is from: CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) (2nd Edition) (Hardcover) The Cisco Press "CCSP Self-Study: Cisco Secure Intrusion Detection System" is the Cisco Authorized self study book for the CSIDS Exam 642-531 (ISBN: 1587051443). The book is an excellent resource for any individual pursuing the CCSP track. In fact, I used this as my primary training material to pass the CSIDS Exam 642-531 to compliment my CSIDS web-based training. The book format follows the CSIDS training course. However, the book provides far greater detail than the tradition Cisco courseware. The book follows the standard format similar to the majority of the Cisco Press Authorized self study books. Part I reviews the basics of Network Security; if you already passed some of the other CCSP exams, such as the PIX or SECUR exam, you can probably breeze through this section. Part II begins the deep dive into the CIDS environment, reviewing IDS concepts, Cisco's IDS architecture, and the various Cisco IDS platforms. The third section of the book delves into IDS... Read more Help other customers find the most helpful reviews  Was this review helpful to you?  Report abuse | Permalink  Comment 9 of 12 people found the following review helpful Excellent companion and guide, April 8, 2004 By A Customer This review is from: CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) (2nd Edition) (Hardcover) I read this book over 4-6 weeks and must say its one of the best technical reads I have come across, the level of accuracy if 100 % and there are few errors even worth mentioning, it has loads of quality examples and the flow is brilliant, I don't keep many of my books but I will keep this one, highly recommended for all security engineers. Thanks Ciscopress for publishing a really high standard security manual AWESOME. Help other customers find the most helpful reviews  Was this review helpful to you?  Report abuse | Permalink  Comment

Share your thoughts with other customers:

› See both customer reviews...

Praise For CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), 2nd Edition

CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS), Second Ed.
Reviewer Name: Mark G. Reyero
Reviewer Certification: CCIE No. 12932

The book is an excellent resource for any individual pursuing the CCSP track. In fact, I used this as my primary training material to pass the CSIDS exam 642-531 to complement my CSIDS web-based training.

The book format follows the CSIDS training course. However, the book provides far greater detail than the traditional Cisco courseware. The book follows the standard format similar to the majority of the Cisco Press authorized self-study books. Part I reviews the basics of network security; if you already passed some of the other CCSP exams, such as the PIX or SECUR exam, you can probably breeze through this section. Part II begins the deep dive into the CIDS environment, reviewing IDS concepts, Cisco IDS architecture, and the various Cisco IDS platforms. The third section of the book delves into IDS configuration. Not only does the book provide detailed information on configuring the IDS sensor and modules, but also the various switch configuration requirements and the differences between IOS and Catalyst OS. The remaining sections cover CIDS maintenance and management.

Cisco Press provides numerous screenshots and configuration examples throughout the book. For those CCSP candidates who cannot afford to invest in a 4200 IDS Sensor, a Layer 2/3 Switch, and CiscoWorks VMS, the diagrams, tables, configuration examples, and screen shots are very helpful in grasping the concepts and configuration requirements.

Where the book truly excels is in its coverage of both the IDS signatures as well as using the IDS Management Console (a component of CiscoWorks VMS). Fifty pages are dedicated to the IDS signatures. Admittedly, my eyes got a bit heavy reading this chapter. However, understanding the IDS signature architecture is paramount for any Network Admin. The coverage of the IDS MC was also fantastic. After completing the book, I felt confident in my abilities to utilize not only the IDS MC, but also the Security Monitor component of VMS.

The only instance where the book seemed lacking was coverage of the IDS Network Module for the Cisco Routers. However, in defense of Cisco Press, it is nearly impossible for a Cisco book to remain 100% up-to-date on Cisco latest hardware and software releases. The book does provide some content on the Cisco Secure Agent (CSA). Any CCSP candidate should always check www.cisco.com for the latest exam requirements and augment study material with the latest hardware and software releases from Cisco’s website. All in all, I strongly recommend the Cisco Press CCSP Self-Study: Cisco Secure Intrusion Detection System (CSIDS) for Cisco CSIDS 642-531 exam preparation.

Index

Download - 433 KB -- Index

Table of Contents

I. INTRODUCTION TO NETWORK SECURITY.

II. INTRUSION DETECTION AND THE CIDS ENVIRONMENT.

III. CISCO NETWORK IDS CONFIGURATION.

IV. CISCO ENDPOINT SECURITY.

V. CIDS MAINTENANCE AND TUNING.

VI. CISCO ENTERPRISE IDS MANAGEMENT.

Downloadable Sample Chapter

Download - 380 KB -- Chapter 4: Cisco Intrusion Protection

Errata

Errata - 19 KB -- Errata