Passed SECURE, CCNP Security achieved!

I'm extremely happy to say that after about 6 months, I got my CCNP Security. My initial plan was to sit the exam in a week or two and do some final preparation in this time but work happened - in the next few weeks, I won't have much time to study. This is why I decided to not break my hardcore studying schedule. It never works out for me when I have to stop something and come back to it some weeks later.

The resources were the usual ones - ocg, cbt, quick reference, everything I could find on the web and lots of labbing. I went through all of these at least twice.

I have no complains towards the exam - I felt like it was a fair one and not hard like the others on the track(of course when you put a serious amount of effort into it, it should not be that challenging). Special thanks to the gang for the support and the tips throughout this. Good luck to Vask3n and the others pushing for the deadline. If I can help with something make sure to let me know.
Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.

Comments

  • colemiccolemic Posts: 1,568Member ■■■■■■■□□□
    congrats!
    Working on: CCSP, definitely, maybe. On the twitters: @mcole1008
  • RouteMyPacketRouteMyPacket Posts: 1,104Member
    Glückwünsche! It's good to see you complete the track. Nice to be well rounded with your CCNP R/S and Security

    Onward and upward, what kind of projects are you on currently? Getting to use and expand your Security skills? I'm unfortunately doing more R/S than Security lately : (
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • Master Of PuppetsMaster Of Puppets Posts: 1,210Member
    Vielen Dank! You have been especially helpful in these past months!

    I get to do some R&S stuff too since we are a smaller company but the majority of work is security. In the next couple of weeks I will be analyzing the network security of a client. After that come the suggestions and the implementation of those suggestions. While I help the others with the routing and switching, I am all alone when it comes to the security stuff so on larger projects with huge networks, it becomes a slow process. I also have to set up Snort in our company network which I have never done and I'm excited as hell. I have played around with Snort but not nearly as much as I would want and I haven't had the chance to set it up. But the hardest part is that I have to design the network security on 2 other large projects - something that is above my experience level. This is why I want to give everything I got and make sure I do a great job! I have designed a network security plan only once but it turned out pretty well. After all it is a great chance and, without a doubt, a major learning opportunity. I started in IT 1 year ago and although it was straight in security(because I spent years studying networking and practicing as much as I can before that) some of the things they give me at work are a little over my head. However, I like being thrown into the deep end as I learn quite a bit that way. My boss tells me I have great potential and entrusts me with stuff like that on purpose.

    Generally, I want to end up in pen testing so next will be the OSCP. Sadly, I don't know when I will be able to squeeze that in, timewise. I want to have as much time as I can to devote to it when I begin. That means that the hardcore studying continues but with a lot of books on pen testing and a lab with vulnarable VMs. I think I will even be able to take on pen testing responsibilities at work but at at a later time.

    I'm also tired of using Metasploit so a bigger dive into the manual process will come. I will better my C skills, read something like Violent Python(I'm already good with Python), get into web app exploits, learn sql etc.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • Vask3nVask3n Posts: 517Member
    Congrats Master, that is really great news. I knew you would slay this one. Looking forward to joining the ranks soon.
    Working on MS-ISA at Western Governor's University
  • RouteMyPacketRouteMyPacket Posts: 1,104Member
    Vielen Dank! You have been especially helpful in these past months!

    I get to do some R&S stuff too since we are a smaller company but the majority of work is security. In the next couple of weeks I will be analyzing the network security of a client. After that come the suggestions and the implementation of those suggestions. While I help the others with the routing and switching, I am all alone when it comes to the security stuff so on larger projects with huge networks, it becomes a slow process. I also have to set up Snort in our company network which I have never done and I'm excited as hell. I have played around with Snort but not nearly as much as I would want and I haven't had the chance to set it up. But the hardest part is that I have to design the network security on 2 other large projects - something that is above my experience level. This is why I want to give everything I got and make sure I do a great job! I have designed a network security plan only once but it turned out pretty well. After all it is a great chance and, without a doubt, a major learning opportunity. I started in IT 1 year ago and although it was straight in security(because I spent years studying networking and practicing as much as I can before that) some of the things they give me at work are a little over my head. However, I like being thrown into the deep end as I learn quite a bit that way. My boss tells me I have great potential and entrusts me with stuff like that on purpose.

    Generally, I want to end up in pen testing so next will be the OSCP. Sadly, I don't know when I will be able to squeeze that in, timewise. I want to have as much time as I can to devote to it when I begin. That means that the hardcore studying continues but with a lot of books on pen testing and a lab with vulnarable VMs. I think I will even be able to take on pen testing responsibilities at work but at at a later time.

    I'm also tired of using Metasploit so a bigger dive into the manual process will come. I will better my C skills, read something like Violent Python(I'm already good with Python), get into web app exploits, learn sql etc.

    Very cool, get Snort going and that will be a regularly used tool once you join a Compliance type team doing pen testing etc.

    Metasploit is ok, I actually used it last week while at Cisco while doing a NGFW lab so funny you mentioned that.
    Modularity and Design Simplicity:

    Think of the 2:00 a.m. test—if you were awakened in the
    middle of the night because of a network problem and had to figure out the
    traffic flows in your network while you were half asleep, could you do it?
  • broli720broli720 Posts: 394Member ■■■■□□□□□□
    Congrats! Should my focus at work change, I'll definitely head down the same path.
  • Master Of PuppetsMaster Of Puppets Posts: 1,210Member
    Thanks!

    lol good timing :D It is a pretty cool tool but I feel like I need a better understanding of the whole process. I think learning to do it manually will help with that. Once I'm confident I have a firm grasp on everything, I can resort to Metasploit without feeling like I'm cheating :D
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • JobeneJobene Posts: 63Member ■■■□□□□□□□
    Gratuliere ;)


    Metasploit is ok,
    Not only ok ;) ;)
    If you want to do pentesting i would start with ceh before oscp
  • PCHoldmannPCHoldmann Posts: 450Member
    Congrats!
    There's no place like ^$
    Visit me at Route, Switch, Blog
  • Master Of PuppetsMaster Of Puppets Posts: 1,210Member
    Jobene wrote: »
    Gratuliere ;)



    Not only ok ;) ;)
    If you want to do pentesting i would start with ceh before oscp

    Thanks! However, I will have to slightly disagree here. You can't qualify the CEH as a serious cert - it is very entry level and tests on some old tools. The only way you can benefit from it is if you are new to security or want some resume boost(as we know HR values it). Also, we are yet to see how EC-Council's fiasco will affect my last statement.
    Yes, I am a criminal. My crime is that of curiosity. My crime is that of judging people by what they say and think, not what they look like. My crime is that of outsmarting you, something that you will never forgive me for.
  • CEH is a toilet paper.
  • shednikshednik Posts: 2,005Member
Sign In or Register to comment.