CCIE Sec Lab Diary - or how to make Ahriakin's brain implode

gorebrush

Ah dude, sorry to hear you didn't pass - but am sure you'll get it the 2nd time.

You "know" your weak points - surely this is the first step to the realisation of epic victory

ITdude

Hang in there, you will knock it out in January!

NetAdmin2436

Oh so close.... Round 2 is definitely yours.

Thanks for your diary, it's very interesting and informative.

Ahriakin

The score report is very vague (which is why I put the "For what it's worth" in there ), it just breaks down in 25% chunks over 6 areas. Mine was

Firewall 100%
Advanced Security 100%
Network Attacks 75%
VPN 75%
Identity Management 50%
IPS 50%

Sooo, no real way to know how it was all weighted, but it averaged 75% which is actually close to my sure-score count from the day.
I ran into something stupid at the start with the IPS that just messed me up for the rest of the morning, I'm not giving anything from the exam away but the IPS is the only device that won't accept a leading 0 in an IP address. So if you are nervous and trying to enter your IP details incorporating your Rack number, exactly as printed and it happens to be below 10, drop the 0. Stupid stupid stupid, and I realised it after coming back at lunch straight away but it just messed up my tempo and I lost about an hour on it and something related, so very little time to dot the 'i's and verify at the end. Still regardless of the rationalisations I failed, plain and simple. Now I"m just formulating the plan of attack again. I'm going to rebook for Jan 21st, and yes I remember to avoid a Friday date this time .

Ahriakin

Righty. Jan 2st it is - Lab seat, Flights and Hotel are booked. I booked a few sessions with Proctorlabs/IPexpert to work on their full labs (6 full ones in the workbook), earliest was Mid December which suits me fine. I'll take the next few days easy and then get back into study and hammering at my weakest points on the home lab until then. Thankfully AAA is easy enough to do with Dynagen and my one 3550, the IPS I can work a bit on the ones at the job since my weakest there is signature creation and regex and as long as I'm not a complete idiot I won't affect the network doing non-block pattern matching stuff.
The game is once more afoot ! (albeit a foot that is now an exam fee and airplane ticket price lighter...who needs Xmas?... )

LarryDaMan

Good luck man! I enjoy your blog and will be rooting for you along with everyone else. Second time is a charm, you know what you're up against now.

GT-Rob

Good luck on round 2 mate. Are you going to RTP again I take it?

Ahriakin

RTP is all booked up until March, has been since I first tried booking, I guess they're rolling out the new equipment there first. So San Jose it is, RTP would be more convenient for me and I love NC (live there for 18 months) but it was not to be.

GT-Rob

Cool. I'll be there on the 28th, keep me a seat warm!

Ahriakin

Will do .

Other tips I guess for the site itself if you've not been there:

Hotel:
The La Quinta on Seaboard Avenue is a good choice, for all the reasons I mentioned earlier.
Taxi from that Hotel to the Cisco offices only took about 15 minutes - I advise you to book the taxi through the Hotel desk to be sure.
There's a burger king on the same lot as the Hotel and a Chinese (with delivery) across the road. There's also a pretty good restaurant that does a mix of American and Italian that delivers. Just in case you don't rent a car (I didn't).
There's no PPV channel and the TV is limited so bring your own movies.

The Lab:
You can bring drinks into the Lab but not Snacks, you can have those with you but will need to leave and go to the breakroom to eat - seriously though the last thing you'll think about is food.
The lab is not that cold, but then Irish blood and a few layers of comfort food blubber might make me biased, so if you do want to layer up just in case bring a light jacket you can remove if need be.
Definitely bring Earplugs, it won't kill you not to use them as I think we are all used to the sound of equipment but it helps to focus.
If you have practiced redrawing your diagrams and colour coding be prepared to be flexible. The assortment of Pens and Pencils is pretty weak, and half will either be blunt or out of Ink . Not a biggy but it can interrupt your plan of attack. I think most of mine remembered Y2K.

GT-Rob

What about tea? I like to have 1 or 2 while I lab, especially after a meal. Is there access to some hot water or should I bring a thermos?


Also, this may sound silly, and feel free not to answer due to NDA, but are the tasks numbered? (like in the workbooks) I only ask because it is how I keep track of what I need to come back to.

Ahriakin

Not breaking NDA I think since they claim it themselves but yes you'll find the real thing laid out very similarly to major vendor Mocklabs, some subtle differences that are about the same as those between vendors.
Not sure about tea though, that would have been nice actually (since I think we're both talking about the hot kind and not the unholy iced stuff they drink down here ), but I only left the Lab to use the bathroom and with the group at lunchtime, I never went to the breakroom.

Ahriakin

Well back at it today. I did a small lab setup with 4 Routers/1 Frame relay in the middle to play with Routing redistribution and distribute-lists, the 2 CBTNugget modules on the same (again, just trying to drum it into long term memory) and started the IEWB Adv. tech Classes from scratch again, day one down - I realized when doing certain segments on demand that I'd missed a lot of the more arcane stuff along the way so I figure a complete re-run wouldn't be a bad idea. I was going to book some IEWB rack time for the next 2 weeks but then remember that some SOB had tried using our CC on Black Friday and we won't have a replacement until Tuesday. Great.

pr3d4t0r

Ahriakin wrote:

The score report is very vague (which is why I put the "For what it's worth" in there ), it just breaks down in 25% chunks over 6 areas. Mine was

Firewall 100%
Advanced Security 100%
Network Attacks 75%
VPN 75%
Identity Management 50%
IPS 50%

Sooo, no real way to know how it was all weighted, but it averaged 75% which is actually close to my sure-score count from the day.
I ran into something stupid at the start with the IPS that just messed me up for the rest of the morning, I'm not giving anything from the exam away but the IPS is the only device that won't accept a leading 0 in an IP address. So if you are nervous and trying to enter your IP details incorporating your Rack number, exactly as printed and it happens to be below 10, drop the 0. Stupid stupid stupid, and I realised it after coming back at lunch straight away but it just messed up my tempo and I lost about an hour on it and something related, so very little time to dot the 'i's and verify at the end. Still regardless of the rationalisations I failed, plain and simple. Now I"m just formulating the plan of attack again. I'm going to rebook for Jan 21st, and yes I remember to avoid a Friday date this time .

Hey my lab is for this Friday :P

So is 80 the passing score ? Your score report is good. This 50% for the IPS section is really scary, i don't like cisco ips so definitely this is not one of my strong areas.

I ll just have to stay calm during the lab, maybe i ll do some yoga lessons :P

Ahriakin

Best of luck on friday! As for the nerves just try and remember when you are there that there is nothing more you can do except click away.

Turgon

Yes good luck. I imagine you are busy doing the lab itself right now.

pr3d4t0r

hahaha, well yeah it was a busy day

It was a fantastic experience being with different cisco geeks from different countries. I really enjoyed it very much

The lab itself isn't so hard...but, it can crack you easily, there are many things that are depended from topics that you previously configured and if you miss one then...

I managed to finish the lab in time and have 30 minutes to check my confs, i didn't complete only one task because i was mentally exhausted at the last 30 minutes and i just tried to make all the other topics perfect.

Well,all i have to do now is wait

GT-Rob

You guys are crazy for taking this on a friday. Waiting that weekend wouldn't be good for my mental health!


Look forward to hearing how you do

networker050184

Hopefully we will see a number come Monday

pr3d4t0r

It is possible...but in the other hand, you never know.

Turgon

pr3d4t0r wrote:

It is possible...but in the other hand, you never know.

Fingers crossed for you! The CCIE is illusive but I have no doubt you have worked hard. You may be spared another attempt at it. I think four folks on here have cleared CCIE sometime over the last 18 months so let's hope you make it 5.

1. dtlokee
2. Mr D
3. Simba
4. the other guy..

dynamik

How well did you guys feel the workbooks prepared you for the lab (I assume you used some too, pr3d4t0r)? Did they do a good job of covering the material and identifying your weak points?

What was your attitude towards them prior to the lab? Did you feel like you had mastered the material, or did you feel like you were still shaky on a few things?

Ahriakin

Personally I think they prepare you quite well IF you partner them with continuous study. The lab isn't just about knowing how something works, you have to fully understand when 'it' should be done a certain way and you have to be able to do it in a compressed timeframe. For that you need absolute understanding of every possible way something can be configured, and practicing enough to quickly see how it can go wrong - the 2 parts to this obviously are deep theory and then the speed/troubleshooting practice that comes from the workbooks and your own labs. Also the workbooks get you prepared for the actual format of the Lab aswell as honing your approach to these kind of tasks.

pr3d4t0r

I mostly used the official books from Yusuf Bhaiji. His practice labs are in the same logic as the official exam with topics that depending from each other. Learning to configuring and thinking this way helped me a lot in my lab. I also used books from Cisco Press, CCSP books even some old ccie security practice labs from 2002 that i found in e-mule.

I have no experience from IE labs etc. so i cannot tell you something about them.

Hands-on experience is a must for the ccie lab. No workbook can prepare you enough if you haven't configure anything in real conditions. That is a big difference.

You have to keep your mind working at 105% for 8 hours. It is like running a marathon.

Turgon

I agree with the previous posters on workbooks.

For about as long as the CCIE has been public there have been workbooks and bootcamps in one form or another. Over time as the track has evolved in complexity so have the number of offerings from vendors. I worked with two CCIEs who were both very timeserved and they both used workbooks and bootcamps at some stage in their distant preparations. By way of an example, CCIE's as far back as 4 digits were usually thanking the 'Brians' for the workbooks they used to prepare.

Workbooks are very useful in that they bring form and structure to your hands-on preparations. They also bring lots of technologies together in ways that Cisco Press (for example) and even CCO struggled to keep up with in order to provide practice scenarios that are really useful for lab preparation. This has changed somewhat over the years as in the case of Cisco Press a number of books emerged that were 'geared' to helping candidates prepare for the hands-on lab, but the publications do not keep up with the blueprint as well as the vendor companies.

The rub though is in the use of these materials. Much depends on the candidate. For example, prior experience configuring cisco devices will certainly assist your studies as will a through understanding of networking rudiments. But critically (IMO) you want to augment the workbook experience with regular recourse to other networking material. This can be good Cisco Press books or technical detail on CCO. For example I have worked many labs at home hands on using examples taken from books produced by Doyle, Solie and Duggan. If you don't come into workbook use with a solid base, and you don't continue to refine and reflect on your understanding as you go along then you become more of a 'passenger' during the workbook experience as opposed to a driver. This is a problem because candidates get out of their depth with the workbook material and miss out on the true learning experience offered by it.

There's something of an urban myth held by many candidates that vendor products have demystified the CCIE and that the black art has gone. Nothing could be further from the truth. The quality of learning relies on the candidate to master the black art on his or her own time. If a vendor was to fully document all the nuances in a single multiprotocol lab it could easy become the size of a cisco press book. They have to draw the line somewhere or they would never get material to print. Workbooks and bootcamps can help you become a CCIE but they do not make you one. That's down to the individual. There are many testimonies to this on groupstudy (for example) where people have invested and reinvested in more practice workbooks, mock exams, CoD's, VoDs and what have you and repeatedly failed the exam. When what they really need to do is stop cheating the written exam and read (for example) Doyle, and I don't mean in a weekend! It's amazing how many CCIE candidates neither have material like this on their bookshelves or even read it these days.

18,500 R/S CCIE's is still a very small return for a track running for 10+ years!

Just some thoughts!

Ahriakin

Just an update as I realise the actual diary part of this thread has been lacking lately (the discussion is great too btw so keep that up). I've just been doing bits and bobs for the last 2 weeks, it was pretty hard to get back into things after that kick in the nuts on the first attempt but I'm ramping things back up. I've done a few CBTNuggets and Adv classes over the last week and yesterday did some small self-labs on routing authentication, distribution lists (I finally 'clicked' on using "out" of some routing protocols when I though it should be "in" to the protocol you're configuring) and a more comprehensive lab on Remotely Triggered Blackhole Filtering. Today is back to the IPexpert mini-labs, 4a this morning for some AAA fun. My next full labs aren't until next week, I have 3 so far before Xmas but I might add some more. Having them scheduled helps my focus I think, it's harder to make time for my own labs if I haven't that little voice at the back of my head telling me I'll be wasting rental fees....of course half the time that little voice is actually my wife...which, erm, also helps the focus

Turgon

Ahriakin wrote:

Just an update as I realise the actual diary part of this thread has been lacking lately (the discussion is great too btw so keep that up). I've just been doing bits and bobs for the last 2 weeks, it was pretty hard to get back into things after that kick in the nuts on the first attempt but I'm ramping things back up. I've done a few CBTNuggets and Adv classes over the last week and yesterday did some small self-labs on routing authentication, distribution lists (I finally 'clicked' on using "out" of some routing protocols when I though it should be "in" to the protocol you're configuring) and a more comprehensive lab on Remotely Triggered Blackhole Filtering. Today is back to the IPexpert mini-labs, 4a this morning for some AAA fun. My next full labs aren't until next week, I have 3 so far before Xmas but I might add some more. Having them scheduled helps my focus I think, it's harder to make time for my own labs if I haven't that little voice at the back of my head telling me I'll be wasting rental fees....of course half the time that little voice is actually my wife...which, erm, also helps the focus

I do find your entries interesting. I really need to spend some time with PIX/ASA. It's been quite a while. All Checkpoint in my last shop. Anything you can recommend on ebay and a good book leading to a useful CCSP test?

Ahriakin

Well Dynamips includes the PIX now which is fantastic, there are only a few things you'd need time on an ASA for to work on the differences between them. As for books the Cisco PIX and ASA handbook is probably the single best, the Cisco ASA All in one.. guide is pretty good too and it covers things like the add in modules a little better but it won't cover pre 7.x software which is still of use in the realworld. Both go beyond pure CCSP level though, I don't know about the latest exams but when I did the SNPA 2 years ago the exam guide was quite good compared to those for the other appliances/sub-exams. If you want to go a bit deeper I'd add the Network Security Troubleshooting Handbook aswell, it covers debugs/logging etc. for all security processes in much more depth than any other source I've seen/read. It's also a pretty easy read and you can just pick the devices you need out of the chapter list.

Well just booked 5 more lab sessions, one IEWB before Xmas, and 4 more IPexpert for January. So that's 8 in total between now and the next attempt and enough to finish the full labs from the Ipexpert Workbook. I might add one or 2 more IEWB before then but with Xmas coming and the added expense of the re-sit it's a tighter balance of costs vs. return. Yes I need the practice and revision but there's only so much full sessions can do, I need to fill in some more gaps with study and my own min-labs.

Turgon

Ahriakin wrote:

Well Dynamips includes the PIX now which is fantastic, there are only a few things you'd need time on an ASA for to work on the differences between them. As for books the Cisco PIX and ASA handbook is probably the single best, the Cisco ASA All in one.. guide is pretty good too and it covers things like the add in modules a little better but it won't cover pre 7.x software which is still of use in the realworld. Both go beyond pure CCSP level though, I don't know about the latest exams but when I did the SNPA 2 years ago the exam guide was quite good compared to those for the other appliances/sub-exams. If you want to go a bit deeper I'd add the Network Security Troubleshooting Handbook aswell, it covers debugs/logging etc. for all security processes in much more depth than any other source I've seen/read. It's also a pretty easy read and you can just pick the devices you need out of the chapter list.

Well just booked 5 more lab sessions, one IEWB before Xmas, and 4 more IPexpert for January. So that's 8 in total between now and the next attempt and enough to finish the full labs from the Ipexpert Workbook. I might add one or 2 more IEWB before then but with Xmas coming and the added expense of the re-sit it's a tighter balance of costs vs. return. Yes I need the practice and revision but there's only so much full sessions can do, I need to fill in some more gaps with study and my own min-labs.

Thanks for that, and good luck with those sessions. Im doing more mini-labs myself these days. Very useful.

dynamik

Wow. I even got a surprise response from Turgon as well. Good info guys!

Maybe I didn't phrase my question perfectly, but just to be clear, I wasn't looking at the workbooks as a substitute for learning the background theory. I was curious how well you felt that represented the actual lab and how well they helped identify your weak points (so you could go back and review the theory).

I actually have Routing TCP/IP Volume 1 in the mail. I'll be done with my NA very soon, and it's full speed ahead after that. I think I'm going to tackle BSCI and BCMSN first. ISCW and CCNA: Security seem to be pretty similar, so I think I'll double-up on those, and then move into security. I'll have to find a place to squeeze in ONT for the NP though. Maybe I'll do that before ISCW... Anyway, the point I'm trying to make is that I'm going to start developing that foundation from the start!