SCNS, my impressions

I just got back from taking the Tactical Perimeter Defense exam, the qualifying exam for the Security Certified Network Specialist (SCNS) offered by the Security Certified Program. After a search here, it looks like I may be one of the only people on the board who has actually sat for a SCP exam -- though I see at least a half dozen people that have taken courses or studied/thought about studying it for a time. These are my own experiences with the exam.

A little backstory, and my motivation to take the exam:

I started on the CCNP track in Fall of 2008, around the same time I became involved in a very interesting development project that has nothing to do with Cisco. Not having -NP level work exposure to the material, and not being able to get it at my current employer, I decided to not pursue any of the exams after ONT. Instead, I studied the information without the intention of taking the exams.

So, I haven't studied for the purposes of sitting a cert exam since Fall 2008 (the Linux+ 2009 beta was essentially a walk-in). I wanted something light, but interesting, to get me back into gear. The SCNS is marketed as a lower-level network security certification, with a promise of more interesting information in their Professional and Architect exams, each requiring the passing of the preceding exam. The SCNS seemed like a good way to get back into the swing of things, maybe pick a few things up, and if I liked it, there would be more waiting for me.

Another motivation was the DoD accreditation. After you take the SCNS, you can take the SCNP and SCNA to meet the DoD "Information Assurance - Technical" (IAT) Levels 2 and 3, respectively. However, this part is a little bizarre. For the SCNS cert, it is recommended that you have the knowledge to pass CompTIA's Security+ exam. SCNS does not fall in on the IAT spectrum, but the Security+ qualifies a candidate for IAT level 2. So, if you passed the Security+, you don't really need the Level 2 qualification from the SCNP. If DoD accreditation is what you are interested in, realize that you would probably need to pursue the SCP exams up to the Architect level to make it worth while -- that would qualify you for Level 3 technical work. On the other hand, the CISSP is a qualifying certification for Level 3 Technical and Managerial positions within this hierarchy.

The real draw, though, was just to give myself a small challenge and have some fun with it. They say they cover Cisco IOS and some Linux utilities (iptables and Snort), so I figured I would be very well on my way.

This was all before I got the book. I have read criticisms (here and elsewhere) about the cost and content of the book, and my initial reaction was to agree. This was the book I used, and I believe it is the only published study source explicitly for the exam. Mine cost me ~$90 US plus shipping, although I see it currently listed at $100 on Amazon. I received it last Wednesday. A few points on how I felt about using the book to study for the exam:

  1. It is obviously designed for classroom use rather than self-study for the exam. There are decent end-of-chapter questions... but there are no corresponding answers, making it less useful for self assessment and validating an understanding of the concepts.
  2. Upon first receiving it, excitedly cracking it open, and digging in, I became a little disappointed -- I had indeed wanted something light, but this material seemed exceedingly fluffy. By halfway through the book, I began to have doubts about the exam.
  3. Parts of the book are decent, but parts of it seem a little out of touch with reality. It goes from a pretty decent section on IPv6, to features and means of configuring IGRP in the next chapter. It also covers the syntax of IPX ACLs and SAP filters. There were some odd statements regarding Linux as well. I ignored most of this stuff -- really odd.

I ended up only glancing through the book to take note of subjects that it hit upon. I didn't find many technical errors, though the ones I did were worrisome -- like the authors appearing to have listed Secure HTTP (S-HTTP) with the definition of HTTPS. They never talk about HTTPS, which would be the more obvious one of the two to discuss in the context of the section (which is on public key cryptography). The disturbing part is that this is an easy mistake to make for someone who doesn't know these are two different things. Typically, literature covering the two would explicitly mention that they are different technologies, since it is confusing for beginners.

Two days later, I was sure I had distilled all I was going to get out of it, and scheduled the exam for the next available day, today. When I made my mind up to schedule, I was more than a little disheartened at how basic the exam seemed -- if the book was an accurate guide for the information covered by the exam, it would hardly cover more than some basic definitions and concepts, and some silly things like installing programs. There would be no challenge. That said, before I had even determined what exam I was going to go after, I knew I wanted to follow it through and get something done. So, at worst, I wouldn't be as satisfied as I could have been.

So, on to the actual exam. What a night and day difference from the book! The book prepared me nothing at all, and I sincerely think that this is the best thing that could have happened. Because of this, I really enjoyed taking the exam. Since I had not formally prepared myself for the exam content (thanks to the book), it was really a “my experience versus the exam” scenario. This was the first time I had sat for any exam, ever, having no notion of what would come next and knowing that I had to continue -- it was pretty exciting!

There were some fluffy questions, but there were really some interesting and detailed technical questions. Quite a few of them looked rather daunting at first, but some logical analysis of the answers easily weeded out the right and wrong responses. There were even some trivia questions that you wouldn't know unless you had really studied some of this stuff in great detail (wish I could give you an example!). All said, I was happily surprised with the exam. I passed the exam, but its major saving grace was its unexpectedness -- it was just what I wanted.

If actually reading the book wasn't enough, taking the exam really got me wondering what was up with that stack of paper. Today, I thought to look up the authors, Randy and Dawn Weaver, on the “Find a Security Pro” feature which lists all the SCN*s, available on the SCP website.

Only one Weaver, and its not a Randy or a Dawn... the book was published in 2008, so they either let their certs lapse recently (2 year validity, and they could have passed well before writing the book), or they never took the exam to begin with. I have no way of knowing, but I think either would be entirely possible. The book presents an obvious baseline of material that you would need to be well acquainted with, but the exam goes a lot deeper.

My conclusions for this experience are as follows:

  1. If you are preparing for this exam, you should probably already know the introductory ideas that riddle the Weaver book, or be prepared to study quite beyond that.
  2. The book probably sheds the worst light on this exam, and I completely understand why people have looked elsewhere after reading it.
  3. The goal of the certification seems to be a hands-on version of the Security+, so if you do want to prepare for it, try it from that angle. Know the hands-on stuff. Thankfully, this was a strong point for me.
  4. From a practical perspective, I don't think this cert will help very much for professional growth; it doesn't seem to be well recognized. Other certs will offer more in the way of recognition. Take this spontaneously if you have the background and the money to burn, and you want a fun little challenge.

I'm curious what the Professional exam covers, but I'm not sure I'm interested enough to find out. Next up will likely be LPIC-1 and possibly 2, with SSCP a little further off on the radar. But probably no more exams until work gets sorted out with funding for a new project.

Comments

  • JDMurrayJDMurray Admin Posts: 13,091 Admin
    An excellent review! We've need personal accounts of the SCP exams and your review is one of the best I've seen posted here at TE or anywhere. I hope you'll be posting mor cert exam reviews in the future. :D

    You've also given me an idea for an 8570.01 blog article that I can use to point people to your posting.
  • veritas_libertasveritas_libertas Member Posts: 5,746 ■■■■■■■■■■
    Excellent review! I have wanting to here more about their certifications. Thanks!
  • GAngelGAngel Member Posts: 708 ■■■■□□□□□□
    That was a let down icon_sad.gif

    I'm going to write it for the sake of writing it since i bought the book anyways. But alteast i don't feel bad pushing it back another mth whil i go down the cisco road.
  • Met44Met44 Member Posts: 194
    I am glad that it is helpful.

    GAngel, certainly go ahead and write it. Cisco knowledge up to CCNA level is very applicable to the SCNS -- don't know what you're working on, but for others, this would fit right in to those studies. Also realize the way the objectives are weighted: IDS and Firewall technology are weighted as something like 25% and 20% of the exam -- almost half, combined -- and the basic idea of traffic flows and how you define those flows are very similar in the Cisco IOS, snort, and iptables.

    Part of the point I wanted to make is that the exam is legitimate, its just the poor material written for it that really makes it seem like a sub-par certification. Also, the reality is that I'm sure there are people who are not savvy to the cert market who would read your resume, see the words "Security" "Network" and "Specialist" all on one line and ooh-ahh over it. It's just not going to draw much water from the people who have read reviews about the bad material and correspondingly not sat for the exam.

    A better book would probably get more people interested in the exam, as would dropping one of the vendors -- it is not as likely for someone to administer Cisco, Linux, and MS boxes all together, rather than specializing in one of the three. I will certainly congratulate you, for what that's worth, because not having an in-depth study reference certainly makes it more of a challenge to learn the material, and so will be a greater personal achievement. Like I said -- I was not let down by the exam at all, it just wasn't what I expected based on the book.
  • Met44Met44 Member Posts: 194
    Little update on the SCP organization. I've meant to post this for some time, and another member's PM finally made me get to it.

    After taking my exam, aside from the score report that was printed at the testing center, I never received any additional info from SCP. I wasn't particularly interested anyway, so I never called about it. Checking recently some comments on the otherwise-desolate SCP blog (linked below), lots of people claim to have had this problem, and get no response to messages/e-mails sent to SCP.

    Their exams are through EXIN, rather than PearsonVUE or Prometric as more of us are familiar with. One of the comments mentions success in getting a digital copy of the cert directly from EXIN. This is never communicated by SCP that I can remember. Heads up for anyone out there who is still pursuing these exams.

    Here is the blog link: http://www.securitycertified.net/About---News-(1)/SCP-Blog/June-2008/Hello-World!.aspx#comments
  • SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    Thank you very much, that defiantly will serve as a warning for anyone else considering the SCNS.
  • Bl8ckr0uterBl8ckr0uter Inactive Imported Users Posts: 5,031 ■■■■■■■■□□
    I wonder if anyone has taken the course/exam lately. They are offering their course material for 79 bucks.

    Wow and here is why. Apparently the exam is dead: http://www.securitycertified.net/About---News-%281%29/SCP-Blog/June-2008/Hello-World!.aspx#comments
  • SephStormSephStorm Member Posts: 1,731 ■■■■■■■□□□
    I am not surprised. Half their website doesnt work. At the least this is worth a BBB review, possibly worthy of a DoJ inquiry.
Sign In or Register to comment.