Cisco.Press.CCSP.SNPA.Official.Exam.Certification.Guide.3rd.Edition.Apr.2006.pdf

CCSP SNPA Ofﬁcial Exam

Certiﬁcation Guide

Third Edition

Michael Gibbs

Greg Bastien

Earl Carter

Christian Abera Degu

Cisco Press

800 East 96th Street

Indianapolis, IN 46240 USA

CCSP SNPA Ofﬁcial Exam Certiﬁcation Guide, Third Edition

Michael Gibbs

Greg Bastien

Earl Carter

Christian Abera Degu

Published by:

Cisco Press

800 East 96th Street

Indianapolis, IN 46240 USA

mechanical, including photocopying, recording, or by any information storage and retrieval system, without written

permission from the publisher, except for the inclusion of brief quotations in a review.

Printed in the United States of America 1 2 3 4 5 6 7 8 9 0

First Printing: April 2006

Library of Congress Cataloging-in-Publication Number: 2006922897

ISBN: 1-58720-152-6

Warning and Disclaimer

This book is designed to provide information about the Securing Networks with PIX and ASA (SNPA) 642-522 exam toward

the Cisco Certiﬁed Security Professional (CCSP) certiﬁcation. Every effort has been made to make this book as complete and

as accurate as possible, but no warranty or ﬁtness is implied.

The information is provided on an “as is” basis. The authors, Cisco Press, and Cisco Systems, Inc., shall have neither liability

nor responsibility to any person or entity with respect to any loss or damages arising from the information contained in this

book or from the use of the discs or programs that may accompany it.

The opinions expressed in this book belong to the author and are not necessarily those of Cisco Systems, Inc.

Feedback Information

At Cisco Press, our goal is to create in-depth technical books of the highest quality and value. Each book is crafted with care

and precision, undergoing rigorous development that involves the unique expertise of people from the professional technical

community.

Readers’ feedback is a natural continuation of this process. If you have any comments regarding how we could improve the

quality of this book, or otherwise alter it to better suit your needs, you can contact us through e-mail at feedback@cisco-

press.com. Please include the book title and ISBN in your message.

We greatly appreciate your assistance.

Corporate and Government Sales

Cisco Press offers excellent discounts on this book when ordered in quantity for bulk purchases or special sales.

For more information please contact: U.S. Corporate and Government Sales 1-800-382-3419

corpsales@pearsontechgroup.com

For sales outside the U.S. please contact: International Sales international@pearsoned.com

iii

Trademark Acknowledgments

All terms mentioned in this book that are known to be trademarks or service marks have been appropriately capitalized.

Cisco Press or Cisco Systems, Inc., cannot attest to the accuracy of this information. Use of a term in this book should not be

regarded as affecting the validity of any trademark or service mark.

Publisher:

John Wait

Cisco Representative:

Anthony Wolfenden

Editor-in-Chief:

John Kane

Cisco Press Program Manager:

Jeff Brady

Executive Editor:

Brett Bartow

Production Manager:

Patrick Kanouse

Senior Development Editor:

Christopher Cleveland

Senior Project Editor:

San Dee Phillips

Copy Editor:

Carlisle Communications

Technical Editors:

David Chapman Jr., Kevin Hofstra, and Bill Thomas

Editorial Assistant:

Raina Han

Book and Cover Designer:

Louisa Adair

Composition:

Mark Shirar

Indexer:

Eric Schroeder

About the Authors

is the vice president of Consulting for Security Evolutions, Inc. (SEI), where he

is responsible for the overall technical management of SEI’s Cisco-centric IT security consulting

services. Mr. Gibbs has more than 10 years of hands-on experience with Cisco Systems routers,

switches, ﬁrewalls, IDSs, and other CPE equipment and IOS Software versions. He has been

involved in IP network design, IP network engineering, and IT security engineering for large

service provider backbone networks and broadband infrastructures. Mr. Gibbs is proﬁcient in

designing, implementing, and operating backbone IP and VoIP networks, implementing

network operation centers, and designing and conﬁguring server farms. Mr. Gibbs is also the

author of multiple patents on IP data exchanges and QoS systems.

As SEI’s technical leader for Cisco-centric IP network engineering and IT security consulting

services, Mr. Gibbs provided technical program management, as well as technical support,

for clients who utilize Cisco Systems CPE devices at the network ingress/egress. His hands-on,

real-world experience designing and implementing Cisco-centric security countermeasures

provided valuable experience in the authoring of this book.

, CCNP, CCSP, CISSP, is the chief technical ofﬁcer for Virtue Technologies, Inc.

He provides consulting services to various federal agencies and commercial clients and holds a

position as adjunct professor at Strayer University, teaching networking and network security

classes. He completed his undergraduate and graduate degrees at Embry-Riddle Aeronautical

University while on active duty as a helicopter ﬂight instructor in the U.S. Army.

has been working in the ﬁeld of computer security for approximately 11 years.

He started learning about computer security while working at the Air Force Information

Warfare Center. Earl's primary responsibility was securing Air Force networks against cyber

attacks. In 1998, he accepted a job with Cisco to perform IDS research for NetRanger

(currently Cisco IPS) and NetSonar (Cisco Secure Scanner). Currently, he is a member of the

Security Technologies Assessment Team (STAT) that is part of Consulting Engineering (CE).

His duties involve performing security evaluations on numerous Cisco products and

consulting with other teams within Cisco to help enhance the security of Cisco products. He

has examined various products from the PIX Firewall to the Cisco CallManager. Presently,

Earl is working on earning his CCIE certiﬁcation with a security emphasis. In his spare time,

Earl is very active at church as a youth minister and lector. He also enjoys training in

Taekwondo where he is currently a third-degree black belt and working on becoming a

certiﬁed American Taekowndo Association (ATA) instructor.

, CCNP, CCSP, CISSP, works as a senior network engineer for General

Dynamics Network Systems Signal solutions, as consultant to the U.S. Federal Energy

Regulatory commission. He holds a master's degree in computer information systems.

Christian resides in Alexandria, Virginia.

Michael Gibbs

Greg Bastien

Earl Carter

Christian Abera Degu

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: