Next up: SECURE

Bl8ckr0uter

The title is pretty straight forward. I want to knock out the Cisco FW Specialist before years end and this is a the first step.


The LAB:

GNS3
Cisco 2610xm (x3)
Cisco 2950 (x2)
Cisco 1721

Cisco 2811 (2) - At work


Study Materials:

CCNP:Security Book
SNRS CBTs
Cisco CCNA:Security Lab Manual
Cisco Docs

I think this along with my experience and what I am doing everyday this should be enough. I am giving myself about 6 weeks on exam. Here we go!

lrb

Read the SECURE book on safari... was a pretty decent read and fairly heavy on dot1x. Best of luck for the studies!

Essendon

Good luck Kev! Go smash it and bring us a win...

SteveO86

Good luck! Keep us updated!

Bl8ckr0uter

Update: I've read the first 2 chapters of the book and plan to knock out 3 and 4 today. I am in school so most of my studying and labbing is going to happen over the weekends. I think that I may be able to knock out 5-7 this weekend. I'll probably end up putting a blog post on my lab about setting up 802.1x on my network. I still think I am on track but I may need to extended my target date a bit. We will see. I'd like to get done with the book by the end of the month than take a solid month of labbing and I should be able to get the exam done by the end of next month maybe very early November. We will see.

QHalo

GLHF. Keep up with the updates.

Bl8ckr0uter

One thing that I will say is that this book starts off pretty dry. Hopefully it will pick up as the chapters progress.

powerfool

IINS and SNRS had a huge amount of overlap for me. Really, the big difference was Port Security is the Layer 2 solution in IINS and Dot1X is the Layer 2 solution in SNRS. I would imagine that SECURE is not a huge deviation from SNRS.

SteveO86

I think it will depend on what you want to read about. I've read through the Secure eBook and while it's not very gripping but labbing during or after every chapter will make it stick.

By Chapter 7-8 It will get better

Bl8ckr0uter

I got side track with a few major deployments (and I have a few more coming up). I think that I should be able to knock this out in the second week of November. On the plus side, the major deployments have been mostly ASAs (and I have a ton more to do) so I should be able to get done with FIREWALL faster.

QHalo

How much overlap are you seeing with IINS and this? I know someone pointed out some stuff up the thread, just wondering if you have any more info.

Bl8ckr0uter

Quite a bit but I think this test is mainly over 802.1x and that wasn't really covered in CCNA:S.

SteveO86

Also I think Secure goes a lot in more depth with IOS VPN technologies.

Dynamic VTI's, GETVPN, DMVPN

Good stuff

lrb

I really wish more of the CCNP Security topics were applicable to my job, we are pretty much a Juniper shop for security Looking forward to the blog post on 802.1x!

Bl8ckr0uter

Me too. SECURE isn't as applicable as I thought it was going to be but that's ok I guess.

SteveO86

Bl8ckr0uter wrote: »

Me too. SECURE isn't as applicable as I thought it was going to be but that's ok I guess.

Perhaps Firewall or VPN will be more applicable for you? (Especially if you work more with ASA's)

Secure is more IOS related then ASA.

Bl8ckr0uter

Firewall would be the most worthwhile. I just want to get through secure since I need secure and firewall for Firewall specialist.

nicklauscombs

sounds like you're making some good progress. i can't wait to hear about your experience with these exams.

Bl8ckr0uter

Plus I am really on a packet analysis bug. Wireshark book really captured my interest and the NMAP book is up next (with TCP/Illustrated being sprinkled in there). SECURE is just boring but I have to get it done

SteveO86

Why not study for FIREWALL first, if it's more relevant to your day to day operations.

If you going to both exams anyway it doesn't matter which order you take them in so you might well take them in an order that benefits you most.

Bl8ckr0uter

Well my FIREWALL book did arrive today....

I just need to buckle down and get SECURE done.

powerfool

Stick with it. SECURE should have enough overlap from IINS that you don't want to lose momentum by switching to another exam. While it does cover 802.1X, just remember that Cisco has an exam that covers that in much greater detail... the NAC exam. Just remember your Port Security stuff from CCNA:S and see how you progress from there to 802.1X. It is really more theory than practical use, from what I remember.

Bl8ckr0uter

powerfool wrote: »

Stick with it. SECURE should have enough overlap from IINS that you don't want to lose momentum by switching to another exam. While it does cover 802.1X, just remember that Cisco has an exam that covers that in much greater detail... the NAC exam. Just remember your Port Security stuff from CCNA:S and see how you progress from there to 802.1X. It is really more theory than practical use, from what I remember.

That's my problem. I HATE things that aren't practical. I barely deal with switches, let alone 802.1x lol. But you are right. As much as I want to jump out of this exam, I know if I do that, I'll ended up spinning my wheels like I have for the last few months. I have a date for the test in mind so I need to work towards that. When I get bored I just grab my wireshark book and read through a chapter or two (and look at some pcaps). I am almost done with that one though so my next book is probably going to be nmap or tcp/illustrated.

Bl8ckr0uter

I totally neglected this thread but lets see. - I am 95% finished with the book (would have finished it this weekend but work/life got in the way).- I am working on the CBT nuggets- Labbing labbing labbing- Set to take this Jan 7thMy goal is to get 2 quality hours of labbing and cbts from here on out. I think I will be good.

nicklauscombs

looks like we will be sitting it pretty close together. looking forward to getting this one out of the way.