Congratulations Kevin, Thanks for your pointers. I will be hitting up Piotr :-)
Hope you take some well deserved time off to decompress. Again, Congrats Sent from my iPhone > On Nov 21, 2013, at 10:09 AM, "Kevin Sheahan" <sheaha...@gmail.com> wrote: > > Gents, > > It is with great pleasure that I can tell you I’ve passed my CCIE Security > Lab on Tuesday in RTP. It has been a very difficult year both personally and > professionally to prepare for this exam. This was my third attempt. For > study, I leaned very heavily on IPExpert’s material/intructors/racks. Piotr > Kaluzny – I can’t speak highly enough about this guy – suffice it to say that > if you are feeling lost, get his attention and he will lead you in the right > direction. His expertise, patience, and all around cool-dudeness are > sincerely appreciated and valuable when you start to feel like you’re > drowning in the blueprint. I also used my own personal hardware and read A > LOT of Cisco configuration guides pertaining to blueprint (There are a lot of > “Notes” in those config guides that provide great info). > > Lessons learned: > > - My strategy played a very large role in time management and > organization during the exam. > o Build a table to keep track of…. EVERYTHING: > § Obj | Points | Desc | V1 | V2 | Comments > 1.1 4 ASAMC F Unable to ping <subnet>, check > later > 1.2 5 IPS-IVP P Re-verify @ end, core > objective. > § I would create and fill out this table (first 3 columns) as I’m reading > through the lab at the beginning. The “Comments” section became extremely > useful for me to shorten the amount of end-lab verification because instead > of re-reading the objective for verification I would only have to see what I > wrote down from previous verification failures. Anything with a “P” for pass > in the V2 column should be money in the bank, ensure that you’ve paid > attention to the fine details in the objective which can cause loss of points. > o Prep the lab: > § Pager 20 / Term length 20 > · This will allow you to execute long-output show commands later in > the day without the screen scrolling away from you. This should be done on > ALL devices. > § Logging > · ASA > o Logging console warnings / Logging on – This will tell you throughout > your lab when your ASA is denying traffic due to ACL and/or NAT failures. > Very useful! > · IOS > o Logging console – This will tell you when routing processes drop, when > ISAKMP is ON/OFF, etc. As well, this will allow for your debug output to show > up. > § Suspicion > · Switches and Routers > o Show access-list – Check for ACLs, you may find some that were designed > to screw with you and you may find some that are legitimately necessary. > Don’t change/add/remove ACL’s at this point, just make note of them at the > bottom on the page where you created your tracking table. This will make > troubleshooting simpler and faster later on. > o Show run – This is not a fine-tooth-comb type check. Just briefly scroll > through the running-config for every IOS device. If something looks out of > place (CoPP, CoPr, STP/Routing manipulation, etc), jot it down below your > tracking table for reference later. > o Draw a diagram? > § I didn’t do this, but it’s up to your personal preference. My feeling is > that the topology on the monitor is in great detail and only a few clicks > away. That, and I’ve managed to make a distracting mess everytime in my life > I’ve tried to draw a quick diagram. > o Quicksand > § This may be the same for you, maybe not. But for me, there is a point (or > a few) where I feel like the lab is swallowing me. Something is not working > the way I want it to, logs are scrolling, devices are misbehaving…. DON’T > PANIC. Move away from that objective, mark it down in your table and move on. > That feeling, like you’re sinking fast in quicksand, is the enemy. > o Close it out > § I’m not sure of the rules/points impact of some of the above changes, > namely changing the term length and enabling console logging. To be safe, > script changes for the end of the exam to remove this changes quickly if time > permits. Better safe than sorry I guess. > > I’m very excited to enjoy the holidays and a nice long study break. Good luck > and work hard at it, absolutely worth the achievement! > > Kevin Sheahan > CCIE # 41349 (Security) > _______________________________________________ > Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: > > iPexpert on YouTube: www.youtube.com/ipexpertinc
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc