I have noticed that some topics in the official self-study guide is not so clear as you might expect.
References: DHCP Snooping and Private VLANs.
The problem is: I cannot understand the general meaning of the topic only basing upon the guide explanations. I had to make use of additional docs (ref guides) from the Cisco Web Site so as to fully get the point of the problem. Moreover, no reference to the IOS versions supporting the CLI commands.
- give a precise overview of the Cisco feature presented.
- please at least include in the guide the CISCO IOS support matrix for the CLI commands.
Do you share this feeling?
Thats an interesting observation. I wonder if they leave it out because it is covered more thoroughly in other Certification tracks. I have this book, and I have yet to go through it. DHCP Snooping and Private VLANs are somewhat covered in the RS track in the CCNP and CCIE certs. Also, I think private VLANs are covered in the Service Provider and possibly SP Ops tracks, but I am not sure, as I have no experience with those tracks.
I'm curious if other topics are like this. Maybe they are just briefly mentioned for completeness?
To my knowledge, only the CCNP RS has the foundation learning and the OCG. The CCNP Security only has the OCG. I have all four of the Security books, I'm hoping to get to them soon.
I think, if you do SECURE after SWITCH you will be a lot more clear about subject and go though chapter only to refresh.
However, best way to understand would be to simulate each of the technologies, use debugs and see whta you are comming too.
You may find bellow matireal very usefull, as it is shared to me by John Kiehnle
For lab, I used 1 switch L3 with 1 router as a DHCP server and Tried all technologies described for Access Ports protection
My observation was: Introducing a topic in a official cert guide should be as clear and reachable as possible (or at least deriving from the specific curriculum).
Of course with the help of additional documentations I have get all the issues arisen in my mind from the book.
Hate to say it, but I have seen this issue with many books. Because of this, I have always been a firm believer in having multiple study sources. Going to Cisco.com as a supplement to your books is a very wise practice. I have run into the same kind of thing with wireless material.
The topic of networks, security, provisioning, etc is all relavent based on a broad knowledge and a depth of scope into the topics. As such the text, like most other educational references do not provide complete answers, but instead leaves information that is direct in scope to a topic to other text that are more suited to addressing, as well as imparting a need to reference multiple reference/study material thereby increasing your overall knowledge and skill sets.
Agree with everything Cristian said. This book is really worst cisco OCG i've read. Topics are mixed in strange way. Examples are not consistent - part of example might be in one part of a chapter, another part in other. Pictures and examples to them are not consistent with each other. A LOT OF mistakes in many examples. I'm tired of the word example, but for example)):
Example 17-2 [Hub] Configure an mGRE Interface (page 459)
Hub(config)# interface tunnel0
Hub(config-if)# tunnel mode gre multipoint
Hub(config-if)# tunnel source 172.17.0.1
Hub(config-if)# tunnel destination 172.17.2.4
Hub(config-if)# ip address 10.1.1.1 255.255.0.0
How can mGRE tunnel destination be statically configured? - mistake (or mistype) in an example wich describes the concept of technology. And here are lotsa mistakes and misprints like this all around the book. You actually can't use this guide as first reference to the technologies it was intendet to describe (not only due to misprints everywhere, but also due the way everything is explained). Guide might be used only by the ones, who already knows everything wirtten there pretty good, just as a refresher.
I'd better stop here))
I hope cisco will review and rewrite this book in a more appropriate manner.
Almost got through the entire book now, and I confirm my original impressions:
- provide more relevant examples;
- include a punctual feature support matrix;
- possibly provide case studies: it is very difficult to get an idea of what we are talking about without an adequate environment description.
I agree about the deepening your study of each topic with Cisco On-line Docs and, in a certain way it is a very enticing good-practise. By the way, my best compliments to the on-line materials provided by Cisco.
However a guide for a such important milestone security Cert should be as perfect and enligthening as possible.
I am a Network and Security Engineer, and I can assure that I saw a lot of materials and studied from many different sources.
All the best.
I'm reading the book as well, and I do notice some of the issues expressed in this thread. I would recommend that anyone using this OCG go to ciscopress.com and review the errata. It clears up a lot of the errors, but can't really address the inconsistencies. I always recommend multiple study resources for concept reinforcement, but that's just me.
To my knowledge, there weren't any CCSP books specifically written for the exams associated with that cert, so these are essentially new. I know a lot of people were hoping CiscoPress would finally release Security books, so I hope this gets resolved soon.
I have to say that im in page number 210 right now and the book (at least by now) is not as i expected. It doesn't make the concepts clear and is a little inconsistent in the examples, since it doesn't explain too much. An example would be the uRPF topic, it doesn't even have a graphic representing what it's being explained! Among other explanations that lack of deepness. FPM is a huge topic, but doesn't explain very well the topic and that's not cool.
By now im safe because i always look for external resources, so i have a bigger amount of options to refer in a specific technology. But the book is not good as might seem.
Just my two cents.