CCIE Security v5

aftereffectoraftereffector Posts: 525Member
Welcome to the future!

Cisco announced the long-awaited update to version 5.0 of the CCIE Security written and lab exams, effective January 31, 2017. The last day to test using version 4.1 will be January 30, and those intending to use version 4.0 of the written exam must test by July 24, 2016.

There are six domains on the new CCIE test: Perimeter Security and Intrusion Prevention; Advanced Threat Protection and Content Security; Secure Connectivity and Segmentation; Identity Management, Information Exchange, and Access Control; Infrastructure Security, Virtualization, and Automation; and Evolving Technologies. Some of the technologies tested include the following:
  • Cisco ASA and Firepower Threat Defense (FTD) 6.x
  • Cisco Firepower Management Center (FMC) 6.x
  • Cisco Next Generation IPS (NGIPS) 6.x
  • Advanced Malware Protection (AMP) for Networks, Endpoints, and content security (CWS, ESA, and WSA)
  • AMP Private Cloud
  • AMP ThreatGrid
  • Cisco Email Security Appliance (ESA) 9.x
  • Cisco Web Security Appliance (WSA) 9.x
  • Cisco Cloud Web Security (CWS)
  • OpenDNS
  • Cisco ISE 2.x
  • Cisco ACS 5.x
  • Cisco APIC-EM
  • ASAv, WSAv, ESAv, and NGIPSv
EasyVPN and legacy IPS are no longer on the blueprint.
CCIE Security - this one might take a while...

Comments

  • IristheangelIristheangel ABL - Always Be Labbin' Pasadena, CAPosts: 4,114Mod Mod
    Yep! I saw it change last night but the press release wasn't out yet. w00t w00t! Knew this was coming. It's like Christmas!

    p.s. nice avatar.
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
  • aftereffectoraftereffector Posts: 525Member
    I figured you'd like it :D

    More info on the new lab is available here: https://learningnetwork.cisco.com/community/ccie-security-v5-written-lab-exam In particular, check out the CCIE Security v5.0 Hardware and Software list. It's almost entirely VMs, with the exception of a C3850 switch, a 5512-X ASA, a 2504 WLC, a 1602E Aironet, and a 7965 IP phone. Everything else is a VM: ISE 2.1.0, ACS 5.8.0.32, WSA 9.2, ESA 9.7, WLC 8.0, FMC 6.0.1+6.1, NGIPSv 6.0.1, FTD 6.0.1, IOSv L2 15.2, IOSv L3 15.5(2)T, CSR 1000V 3.16.02.S, ASAv 9.6.1, Windows 7, Server 2008, APIC-EM 1.2, CUCM 8.6, and AnyConnect 4.2.

    Maybe in 2018 Microsoft will give them a couple of Server 2012R2 licenses? icon_lol.gif
    CCIE Security - this one might take a while...
  • IristheangelIristheangel ABL - Always Be Labbin' Pasadena, CAPosts: 4,114Mod Mod
    I think I have a server big enough to handle that :)
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
  • sucanushiesucanushie Posts: 163Member
    I have all that in my Lab now!

    I'm writing the SISAS exam at Live. Hopefully be done CCNP bu the end of the year, just in time to get to work on this!

    Exciting stuff.
  • IristheangelIristheangel ABL - Always Be Labbin' Pasadena, CAPosts: 4,114Mod Mod
    Aftereffector, are you ready to do this?
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
  • aftereffectoraftereffector Posts: 525Member
    Is anyone ever ready for the CCIE? LOL

    I'm going to give it a try!
    CCIE Security - this one might take a while...
  • darkestclowndarkestclown Posts: 15Member ■□□□□□□□□□
    All we need is one of the diminishing number of online IT Training Companies to produce a workbook and videos. I guess this is what I have been waiting for to get me studying for CCIE Security now..... I will probably need another server or two to host all that virtualization.
  • IristheangelIristheangel ABL - Always Be Labbin' Pasadena, CAPosts: 4,114Mod Mod
    Is anyone ever ready for the CCIE? LOL

    I'm going to give it a try!

    It gets easier after your first :)
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
  • darkestclowndarkestclown Posts: 15Member ■□□□□□□□□□
    Also noted this:

    The web-based delivery infrastructure supporting the v5.0 lab exam is very similar to v4.0. The format of the lab exam itself, however, has changed significantly. The v5.0 lab exam now comprises three modules:
    1. Troubleshooting Module
    2. Diagnostic Module
    3. Configuration Module
    Completely different delivery to the IE I did. Interesting times...
  • IristheangelIristheangel ABL - Always Be Labbin' Pasadena, CAPosts: 4,114Mod Mod
    So Diag will be a joke, configuration will be fun, and tshoot will make us sweat.

    As far as the workbooks, there is a lot of overlap even though it doesn't look like it:
    - NAT (post 8.3 though)
    - VPN (minus EasyVPN)
    - ISE (They added TrustSec + pxGrid but dot1x, guest, etc are all easier in the newer versions)
    - WSA/ESA - these parts aren't new. There's a couple features added and you can do pxGrid integration with ISE. This might be where you have to step outside the workbook
    IOS hardening - This isn't really new
    BS, MS, and CCIE #50931
    Blog: www.network-node.com
    Bonus TE Fun: Nerd Photos
  • chrisonechrisone Senior Member Posts: 1,798Member ■■■■■■■■□□
    Excellent! interesting stuff :)

    hmmm wondering if I should change from DC to Security? I would still be in the security realm and technically this is associated with my job role as a security engineer :)
    2019 Goals:
    Courses: Real World Red Team Attacks- AppSec Cali 2019 (complete), Active Directory Attacks for Red and Blue Teams Advanced Edition - BlackHat,
    Certs: SLAE, Certified Red Team Professional - Pentester Academy (in progress), Certified Red Team Expert - Pentester Academy
Sign In or Register to comment.