Are Two Better Than One?

Two books from Coriolis help prep you for the same ISA Server exam. Question: Why did they do it that way?

By now you've probably heard how Microsoft's .NET series of servers are going to revolutionize your business on the Internet. At the same time you may be frightened of the security implications of exposing your production servers to the throngs of Internet hackers and crackers. A key component of Microsoft's strategy to secure .NET servers is to buffer your network from the Internet with Internet Security and Acceleration (ISA) Server, the much-anticipated upgrade to the beleaguered Proxy Server 2.0. Microsoft claims that ISA Server will keep the bad guys out of your network, as long as you configure it correctly. To check whether you're up to the challenge, the ISA Server exam tests your knowledge of configuring and deploying ISA Server.

This month I take a look at Coriolis' Exam Prep/Cram books and give you a real-world perspective on whether they can help you pass or not. I used the Coriolis books exclusively to prepare for my own ISA exam and you'll find out how well Exam Prep/Cram prepared me for the real thing.

Exam Prep
If reading long technical manuals is your idea of fun, you'll have no problem curling up in bed with the 603-page ISA Server Exam Prep book. It consists of eighteen chapters packed with ISA Server configuration and implementation details. Although it would help for you to already have some experience with Proxy Server 2.0, it's not absolutely necessary. The authors walk you through many of the basics without assuming you're a firewall or proxy expert.

The book is roughly broken up into three main topic areas-ISA installation/upgrade, ISA configuration, and ISA deployment and troubleshooting. The chapters were clear and well-written. Each chapter ends with a technical summary as well as basic review questions that quiz you on the material just covered. Finally, the chapter also presents you with a series of "Real-World Projects:" hands-on exercises designed to get you working with ISA Server. The authors also did a good job of incorporating numerous hands-on exercises within the chapters themselves. I eventually found myself skipping the real-world projects and focusing on the hands-on exercises in the chapters since they were related to the current concept I was reading. For the hands-on exercises, I set up an ISA server as the main firewall connecting my home network via two-way satellite to the Internet. I also set up a second ISA server as a secondary firewall so I could simulate a Demilitarized Zone (DMZ).

Product Information

MCSE ISA Server 2000 Exam Prep: Exam 70-227, $49.99
By Kim Simmons, Masaru Ryumae (ISBN 1576109577)
MCSE ISA Server 2000 Exam Cram: Exam 70-227, $34.99
By Diana Bartley, Gregory Smith (ISBN 1576109410 )
Coriolis Certification Insider Press
www.examcram.com

Exam Prep's technical accuracy is fairly good, with most of my eyebrow-raising limited to trying to understand some of the cryptic or ambiguous concepts. For example, the authors mention that when the ISA Server configuration is backed up, a .bif backup file is created. They failed to mention that this is the backup configuration for an ISA Server array, while the ISA Server Enterprise configuration backup file uses a .bef extension. I found many of the end-of chapter review questions to also be ambiguous but nonetheless worth perusing to reinforce learned concepts. The last chapter's a 50-question sample ISA test. Although these questions were good review, they're not as complex as the questions you'll see on the real exam. Overall, the authors have done a good job of covering the ISA Server exam objectives, which are also neatly summarized in Appendix B.

The Exam Insights section mentions supplementing your study program with visits to ExamCram.com to receive additional practice questions, but I didn't find an ISA Server practice exam there, only a Proxy 2.0 exam. The CD that comes with the book does have 50 exam practice questions, some of them repeated from the book's sample test.

Exam Cram
I don't understand why the same publisher would produce two books geared toward helping you pass the same certification exam. I'm even more perplexed when the publisher commissions two different sets of authors to write the books-but that's exactly what Coriolis has done with the ISA Serer Exam Cram and Exam Prep books. Coriolis describes Exam Cram as "(a book that) gives you information about material you need to know the pass the tests," while describing Exam Prep as "(a book that) provides a greater level of detail than the Exam Cram books and (is) are designed to teach you everything you need to know from an exam perspective."

Although this sounds redundant, there are marked differences in content coverage between the two books. For example, the Exam Cram book, although more condensed (376 pages), dedicates two chapters to Windows 2000 forest design and TCP/IP addressing/subnetting, topics not even touched on by Exam Prep. At the same time, Exam Cram glosses over concepts covered in much more detail in the Exam Prep book. For example, when explaining how to configure ISA Server array listeners, Exam Cram mentions the different authentication methods but refers you to chapter 10 for detailed explanations of each of the methods-explanations that are never offered. Exam Prep, on the other hand, offers a whole chapter on authentication methods. Coriolis could very easily consolidate the two books into one, letting you decide which concepts to skim over and which to read in detail.

Each of the Exam Cram chapters introduces you to a series of ISA Server concepts followed by up to 10 practice questions. At the end of each chapter is a "Need to Know More?" section that points you to additional reference material. The end of the book contains a 45-question sample practice exam.

Put to the Test
The two-hour, fifteen minute ISA Server Exam consists of 55 mostly multiple-choice questions. Most of the questions are long and wordy, and many are ambiguous and confusing. You're not only tested on ISA Server, but also your knowledge of Win2K logical structure (domains, sites, Organizational Units), Group Policy (software distribution), TCP/IP addressing and subnetting (basic and Classless Internet Domain Routing (CIDR), routing tables), DNS configuration (recursive queries, record types, configuring Round Robin), Network Load Balancing, and so on as they relate to ISA Server. If you don't already have a good grasp of these concepts, you're at a serious disadvantage when taking this exam.

I only had two minutes to spare after the review session before I ended the exam. The minimum passing score is 720 and I scored an 800-not the best score I've ever achieved, but hey, it was a green bar. Did Exam Prep/Cram help me to achieve this passing score? Yes, they did, along with hours of hands-on practice and prerequisite knowledge.

Don't Buy Both Books!
So here's the bottom line: to prepare for the ISA Server Exam, the Coriolis Exam Prep is a good choice. It has comprehensive objective coverage, accurate technical content, and numerous hands-on practice exercises. Study it cover to cover while working on a live ISA server or two. You don't need to purchase Exam Cram as you'll get all the detail you need for ISA Server configuration from Exam Prep. Coriolis should consider consolidating the two books into one. ISA Server's a challenging exam, but with the right combination of hands on and learning resources like Coriolis' Exam Prep, you can pass.

Featured