Product Description

First to market! Written by two of the leading Solaris security experts, this Sun Certified Security Administrator for Solaris 10 study guide is the only exam prep book for this difficult certification exam Learn from an integrated study system based on proven pedagogy, including step-by-step exercises, on-the-job elements, chapter self-tests and more. Run the UNIX based exam engine - included for Sun purists.

Product Details

• Amazon Sales Rank: #768944 in Books
• Published on: 2005-06-14
• Original language: English
• Number of items: 1
• Binding: Paperback
• 538 pages

From the Back Cover

Get the book that shows you not only what--but how--to study

• Complete coverage of all official exam objectives
• Exam Readiness checklist at the front of the book--you’re ready for the exams when all objectives on the list are checked off
• Real-world exercises--Step-by-step instruction modeled after the hands-on exam questions
• Inside the Exam sections in every chapter highlight key exam topics covered
• Simulated exam questions match the format, tone, topics, and difficulty of the real exams

Covers all Sun Certified Security Administrator topics, including: Attacks, Motives, and Methods * Best Security Practices * Logging and Process Accounting * Auditing, Planning, and Management * Device, System, and File Security * Denial of Service and Remote Access Attacks * Access Control * Solaris Cryptographic Framework * Authentication * Secure Shell

The best fully integrated study system available. CD-ROM includes:

• Complete MasterExam practice testing engine, featuring:
• One full practice exam
• Detailed answers with explanations
• Score Report performance assessment tool
• Electronic book for studying on the go

with free online registration:

• Bonus downloadable MasterExam practice test

About the Authors: John Chirillo, CISSP, ISSAP, CCNP, ASE, SCSA, is a Senior Internetworking Engineer at ValCom and the author of several computer security books. Edgar Danielyan, CISSP, CIW, Security+, CCNA, CCDP, CWNA, is a Solaris security expert and author.

About the Author
About the Author
John Chirillo, CISSP, ISSAP, ASE, CCDA, CCNA, CCNP, SCSECA, is a Senior Internetworking Engineer at ValCom and the author of several computer security books. John has also achieved certifications in numerous programming languages and is responsible for dozens of published security exploits and alerts throughout numerous listings. He has actively participated in core security developments of various UNIX flavors under the GNU. John can be reached at tiger@tigertools.net.

About the Co-Author
Edgar Danielyan, CISSP, ISSAP, ISSMP, CISA, MBCS, SCSA, SCNA, is Information Systems Audit Manager with Deloitte & Touche in the city of London. Before joining Deloitte, he had been an independent security consultant since 1999. He is also the author of Solaris 8 Security (New Riders, 2001) and technical editor of a number of books on Solaris, security, UNIX, and internetworking. His personal web site can be found at www.danielyan.com.

About the Technical Editor
Tom Brays, SCSA, SCNA, SCSECA, MCP, is a network administrator for a large telecommunications firm and the technical editor and contributing author of several computer books. He can be reached at tombrays@techie.com

About LearnKey
LearnKey provides self-paced learning content and multimedia delivery solutions to enhahce personal skills and business productivity. LearnKey claims the largest library of rich streaming-media training content that engages learners in dynamic media-rch instruction complete with video clips, audio, full motion graphics, and animated illustrations. LearnKey can be found on the Web at www.LearnKey.com.

Customer Reviews

Not suoitable for sun solaris 10 security exam
Took sun solaris 10 security exam today, the exam is very heavy on containers (Global vs non global, how to configure BART in global environment and will it flow down to non global), how to perform patching in global and non global environment, what is easiest way to setup 20 containers inside the same machine, definitions of key terms in Kerberos, what does kerberos each component do (drag and drop) and SFM and ipsec and ip filters syntax to block dns lookup. How to update the system automatically and what commands to use for automatic updating choose all correct commands . The textbook only covers 30% of the solaris 10 test only.

Woefully Inadiquate for Solaris 10.
First off, a little about me to give this review context. I have been working in the industry as a *nix administrator with a heavy concentration on Sun products for the last 12 years. For the last year and a half, I have been working on my organization's Solaris 10 baseline as one of the lead designers and the technical security architect for the baseline. Basically that means I have spent the last 18 months or so looking into security issues and building a common baseline that meets our needs within the Solaris 10 paradigm.

I took and passed the exam a few days ago using this book as a resource and offer the following observations about it:

When I purchase a book for certification preparation, I expect two things. First I expect it to be relevant to the exam in question, and second I expect it to have a life after the exam as a desk reference. The most excellent Calkins book for Solaris 10 System Administration is a great example of what I am talking about.

This book does neither of those things. The first half is a primer on the basic principles of IT security. As such, it does a passable job. That's half of the book spent on information that is easily obtainable from any number of sources.

The second half, which is semi-technical in nature, covers a portion of the testable topics, leaving out some of the most important security features introduced in Solaris 10. What is covered is done from the pre-Solaris 10 perspective and is largely useless for someone attempting to learn practical Solaris 10 security. The book would be much better advertised if it removed Solaris 10 from the title. Although I don't think the material that is covered is done on enough of a technical basis for Solaris 9 security certification either.

Basically if you are looking for a Solaris 9 security primer, that explains the overall concept of some of the Solaris 9 OS security features, this may be an acceptable book.

The only reason I passed the exam is because I have been working on security related projects on Solaris 10 for some time. Nothing beats practical experience. If you are looking for technical information about Solaris 10 security features, check out Glenn Brunette's web blog and presentations which are all locatable via google. He has some great work out there in the public domain talking about this subject.

Unclear, unfocussed and hard to use
Unlike some of the other reviewers, I find this book quite useless. I am a system administrator with more than 8 years experience on the Sun platform.

First off, it nowhere makes clear what features are specific to Solaris 10 and what is already available on Solaris 9. As the exam is only on Solaris 9, this seems a strange choice. On the other hand, I have not really found anything specific for Solaris 10 at all, so perhaps you should ignore the title and just assume it is a Solaris 9-only book.

Whenever it tries to explain new Solaris-specific things (like the SEAM model, RBAC, Secure RPC etc.) it never manages to give me a sound feeling about how it works. It talks about it very high-level, and then goes right into settings up things without going into the all-important intermediate level: how Sun implements it, what are the commands and configuration files, where can I find additional information, why does it work, etc.

Perhaps if you memorize the book completely, you will get a good exam score. But you will hardly have learned anything worthwhile.