DENY IP – road to CCIE security

CCIE security written resources

Posted in Books, CCIE written, Study approach by denyip on August 27, 2008

As I wrote in my profile I passed CCIE written in summer 2007 ..So for sure I wont be able schedule lab in 18 months after passing so I need pass it again … I dont study separately for written – my approach is theory – lab – theory at this stage.. For example when did study for  TACACS+… First I went through RFC, security books chapters than did simple labs with debugs etc.. than I reviewed theory again

My MAIN  resources for theory part are:

1) RFC

You can use this search engine a find proper RFC for Radius, Ldap, IPsec… There is lot of valuable  informations

1)CCBOOTCAMP’s 2008 Cisco CCIE Security Written Study Guide

For my studies I bought its with  Quick reference sheet only one CCIE written book on the market. I bought ebook with 24 Hour Print Option – I printed all pages immediately after downloading

Authors of that book are Colby LeMair (CCIE 12968 from Cisco), Farrukh Haroon (network engineer from middle east – CCSP studying for CCIE – little bit strange for me but why not) and Brad Elis (CCIE 5796 CEO of Network learning)
I think book is very good written  – all topics from the written blue print are covered pretty well. It has 565 pages. The book table of contents is similar as blueprint for written . In the end of every chapter is set of tough questions…

2) Network Security Principles and Practices (CCIE Professional Development) (CCIE Professional Development)

Its quite old book but really well written and there are few great section (like AAA, IPSEC, GRE, IOS firewall)

3) Cisco website

If I need some configuration examples or some guide I search Cisco web … It doesnt apply for all topics but there is few really good documents for written exam

4) CCIE Security Exam Quick Reference Sheets

Its really quick reference , but I plan use it in final stage when you need quick review of all topics

Tagged with: , ,

8 comments

Following the blueprint

Posted in Study approach by denyip on July 22, 2008

As has been already written several times in the LAB you can expect ANYTHING from the Blueprint… So i decide to organize all my study notes according this blueprint … there is 6 major topics

  1. Firewall
  2. VPN
  3. Intrusion Prevention System (IPS)
  4. Identity Management
  5. Advanced Security
  6. Network Attacks

My firefox bookmarks for CCIE are organized exactly in this style and order.. If I see some interesting config guide, tutorial etc. related to CCIE security I bookmark the page and place to the proper folder. |
Structure of my mailbox what I use for newsgroups like groupstudy or OSL is exactly same six folders (plus lot of subfolders)… So if need get some information (ideas for lab) i just open my bookmarks or my email folder….

If you look to the right topics for blog entries have same structure as well (maybe some topics are missing because there are no posts but I hope soon we will have complete blueprint)

Tagged with: , , , , , , , ,

leave a comment

NO PAIN, NO GAIN

Posted in Study approach by denyip on July 17, 2008

If I am lacking motivation for my CCIE study I always watch following KILL BILL II. movie scene with PEI MEI

Do you think is there any relation between that scene and CCIE (or other) study??? I think yes – Uma Thurman wants master kung-fu as I want master networking knowledge. She needs to work very, very hard to get to the top level as I need to work very, very hard to get my CCIE.
During her “bootcamp” :))) with PEI MEI she suffers a lot but thanks this she gets excellent kung-fu skills (and later it will save her life). You probably know great poverb NO PAIN, NO GAIN and its true if you want to get to an expert level (and It doesnt matter if its football, dancing, surgery ot networking). Some people are talented but they still need work hard to get expert level… I dont think Iam extra talented for networking so need to work much more harder…but back to the movie

I love the dialogue when Uma first time comes to PEI MEI… So I changed little bit that dialogue .. Imagine CCIE candidate is Uma and CCIE proctor is PEI MEI

(NOTE: I know CCIE proctors are very nice persons – but in following conversation CCIE proctor represents difficulty of the exam)

Proctor: Your master told me you’re not entirely unschooled. What training do you possess?
CCIE candidate: I am proficient in DMVPN. And I am more than proficient in firewalling
Proctor: Don’t make me laugh. Your anger amuses me. Do you believe you are my match?
CCIE candidate: No.
Proctor:Is it your wish to fail the lab?
CCIE candidate: No.
Proctor: You breathe hard. Is there anything you do well? — Oh yes, you know firewalling. Go to that rack.
Proctor: Plug the console cable… Let’s see how good you really are. Configure firewall ASA to allow BGP traffic with NAT
Proctor: Your ability really is quite poor.
Proctor: Give up? Or care to try again? Your configuration skill is amateur at best
Proctor: I asked you to show me what you know, and you did. Not a goddamn thing.

….

It always helps me to realize that only hard work leads to the success, there are no shortcuts….. I have just started my CCIE security preparation but i know i need to sacrifice my personal and social life..

Tagged with: , ,

1 comment