How I Prepared for My CCIE Security v5 Written Exam

I would like to thank you for sending me congratulatory messages, liking and commenting on my posts when I passed the CCIE Security v5 written exam. I will try to share with you in this short article how I prepare to take the exam. The blueprint is described in this official link from Cisco. 

The learning matrix is also described here, and we would like to thank SPOTO and the team for their excellent work on the CCIE and CCDE tracks. Because I always tend to emphasize what everyone knows and avoid any misunderstanding, I would like to say that what I am describing here is not the best or ideal source or method to start preparing. But it can help because it contains some resources and information. 

In my previous article, "to be certified or not certified," I described how important certification is to IT engineers. Please see more information. In CCIE Security v5, Cisco tries to make it difficult for us to meet today market needs, including NGIPS, FW, NGFW, AAA, VPN (IPSec VPN, SSL VPN, DMVPN, and Flex VPN) and Cloud, SDN), NFV, Internet of things, automation. Etc. For this reason, this track is one of the most difficult tracks and certifications in the industry. When I started preparing it, I realized it would take all my time and effort, but CCIE Security was a project for me, not just a preparatory certification. It is difficult to be a technical account manager and prepare CCIE at first.

However, it is useful when I discuss network security events, issues, and new requirements based on certain Cisco technologies with my customers and my good colleagues on a daily basis. It is also helpful because I am responsible for some interesting projects, such as migration of Cisco ACS to ISE, migration of Cisco Ironport ESA to Cisco Cloud CES (for 100000 users), deployment and management of VPN implementation.  Practical experience is very helpful in preparing any certification. But we're undefined sure we can't undefined have it for all blueprints. The exam took me two years to prepare, including experiments and reading concepts. Yes, we have to do an experiment, even if it undefined just a written exam because we fixed the concept through the experiment.

However, don't try to experiment as deeply as you prepare for a laboratory exam. The time required: it depends on everyone undefined personal appointment, but for me, I work about two hours a day from Monday to Friday. Sunday is 4 to 6 hours. It is closed on Saturday. 

Resources:

IETF RFC:

RFC contains detailed information about protocols and technologies: the Cisco Guide contains very useful information. I like Cisco and Juniper documents because they are very organized. Cisco News Book: Cisco Press does a good job by publishing books written by leading experts in the field. I will list some useful books from Cisco Media below. Cisco forums and communities: in Cisco forums, we can discuss some implementation and configuration issues and how to work from a protocol or technical perspective. 

LinkedIn:

LinkedIn is a good source of learning because we can see updates about new technologies, we can read useful posts written by experts and experts, and we can share useful links. So use it to avoid letting contacts just contact lists or just send invitations to others without any added value.

Work with colleagues and help them (I prefer to list them as resources): at least for me, working with colleagues on certain technical issues or on certain projects is very helpful. Don't undefined underestimate anyone. My colleagues and I learned a lot. Try to let me know:) Here are some useful Cisco news books. 

IKEv2 IPsec Virtual Private Networks understand and deploy IKEv2 IPsec VPN and FlexVPN Cisco ISE for BYOD and Secure Unified Access in Cisco IOS-second version of Cisco firepower threat defense (FTD) IPv6 security end-to-end network security defense depth AAA identity management security Cisco ASA integrated next-generation firewall, IPS and VPN services, version 3 of Cisco undefined next-generation, secure solutions, all features in one. 

Cisco ASA- Fire-Services-NGIPS and-AMP TCP IP Illustrated Volume 1 below is a list of hardware and software. It will be extended in the future to include more physical devices for my CCIE security lab preparation. Dell Precision laptop workstations: i7 and 16GB RAM and 750GB hard drives with 256GB iPad Pro 9.7 (I highly recommend tablets for reading documents or taking notes).

Intel NUC:i7,32 GB RAM and 1TB SSD Synology DS216: 2 TB SAS Cisco switches for SAN: 3750 Series PoE 48 Intel NUC with vSphere 6.5 Vmware ESXi.

Installed EVE-NG: is installed as a virtual machine on Intel NUC. Thank you very much for reading this article. I hope anyone who prepares his or her CCIE security written test will help. It will also help those interested in preparing for a new certification.