Cisco Systems has added a new security certification called Cisco Security Specialist 1 (CSS1), to its line of increasingly popular certification. CSS1 is a great choice because it shows that you have expertise on security issues and security technologies foundation of Cisco-centric. CSS1 is a mid-level certification that is similar to Cisco Certified Network Professional (CCNP) that should have already achieved the Cisco Certified Network Associate (CCNA) to qualify to take the tests CSS1. The CCNA certification (and review, as it is only a single test) covers basic knowledge of Cisco networks, such as the OSI model, TCP / IP, subnetting, basic commands in Cisco IOS, and router base and switch operation.
CSS1 Components
CSS1 is required to pass four tests. Here’s a look at each:
Managing Cisco Network Security (MCN) 640-442
MCNS proof could be considered the review of CSS1 bases. It lays the foundation for the other three tests and covers topics such as how to assess security threats and the basics of setting up IPSec, VPN, AAA, PIX firewall, and VPN client. Although you can take the exams in any order, I recommend that everyone take this test before taking the other three CSS1 exams.
Cisco PIX Firewall Advanced Security (CSPFA) 9E0-571
Although the 640-442 exam covers the basics PIX Firewall, the PIX Firewall Advanced exam covers exactly what it says: configure the advanced features of the PIX firewalls and Cisco IOS Firewall feature set, which can be loaded into the routers. Cisco PIX devices are line of dedicated, hardware-based, firewall devices. As you can imagine, every possible configuration of a PIX firewall is fair game in this test. The experience is almost a necessity for this and two other tests.
Intrusion Detection System with Policy Manager (CSID 2.1) 9E0-572
Yes, that’s all a long title for a test. Basically, the focus is on the operation of Cisco Intrusion Detection System. This is a dedicated hardware device that continually looks for potential attacks. Usually sits on the edge of the network and search suspicious packages. The review also deals with Cisco Secure Policy Manager. This software package can deploy security policies to multiple devices on your network.
Cisco Secure VPN (CSVPN) 9E0-570
CSVPN test involves creating virtual private networks, the Cisco way. In other words, this is the configuration of the Cisco VPN Concentrator 3000 Series and Cisco Secure VPN Client; VPN configuration on a PIX firewall, VPN router configuration based on certification authorities, and a lot of problems with IPSec.