Hi all, I sat the CCNA: Security this morning and passed. In retrospect I think I may have clocked more hours into studying for this than CCNA, I think I hit about 40 hours on CBT alone plus another 20 or so on Chris Bryant's Advantage and then extra time with the OCG book and especially printing out Cisco documentation from their website. Look for their official documentation on things like IPSec, implementing Site-to-Site VPNs, Layer 2 Security, and AAA. Again, these are official docs on the Cisco site. The actual number of questions on the exam varies but I think the passing score is usually around 804 (it was for me, and I got 70 questions).
My consensus with the CCNA Security CBT nuggets is that it was helpful, but to be honest at times it was hard to follow KB just cause the typing seems out of sync with his presentation (not sure if he records the presentation beforehand and then does a voice over?). Basically with the Jeremy Ciara series I didn't have to go through the vids as many times because he does the typing there on the spot and its a little slower paced.
The OCG book is excellent and is by KB. It isn't structured the same way as the CBT series so they don't resemble each other structure wise. However, be warned that the practice questions on the OCG guide generally seem a bit easy.
When studying AAA and messing around with it on your routers/GNS3, turn debugging on and look at what comes up if there is or is not a successful login, and remember the three responses an ACS server can give (PASS, FAIL, ERROR). Remember that the protocols used between the client (the router) and the ACS server are different and have different characteristics. The Layer 2 stuff is generally straightforward, remember how trunking works and how it can be dynamic or non-dynamic.
Here are some examples I would highly recommend. I have these printed and basically read them over and over until I can understand the concept well enough that I can skim through the packet without having to stop to understand something because I have already gone over it x times.:
Cisco IOS Security Configuration*Guide, Release*12.2 - AAA Overview* [Cisco IOS Software Releases 12.2 Mainline] - Cisco Systemshttps://learningnetwork.cisco.com/docs/DOC-7905Catalyst 6500 Release 12.2SX Software Configuration Guide - Port Security* [Cisco Catalyst 6500 Series Switches] - Cisco SystemsConfiguration Professional: Site-to-Site IPsec VPN Between ASA/PIX and an IOS Router Configuration Example - Cisco SystemsHow to Use CCP to Configure IOS IPS* [Cisco IOS Intrusion Prevention System (IPS)] - Cisco Systems
Don't underestimate the official Cisco sources/documentation because they are key to understanding the conepts.
