Thanks Mark. Yes I did leave them all open and strangely this time around my PuTTY windows were not set to always be on top. If they were, I was planning to change the setting (if I could) to make things more workable.
Kevin Sheahan CCIE # 41349 (Security) -----Original Message----- From: ccie_security-boun...@onlinestudylist.com [mailto:ccie_security-boun...@onlinestudylist.com] On Behalf Of Rieber, Mark Sent: Thursday, November 21, 2013 11:45 AM To: ccie_security@onlinestudylist.com Subject: [OSL | CCIE_Security] CCIE Sec Pass Awesome Kevin, congrats! Did you leave all your terminal windows to all your devices open the whole time? Did you find that cumbersome at times since they are pinned in front of everything else? Mark Rieber -----Original Message----- From: ccie_security-boun...@onlinestudylist.com [mailto:ccie_security-boun...@onlinestudylist.com] On Behalf Of ccie_security-requ...@onlinestudylist.com Sent: Thursday, November 21, 2013 7:36 AM To: ccie_security@onlinestudylist.com Subject: CCIE_Security Digest, Vol 89, Issue 24 Send CCIE_Security mailing list submissions to ccie_security@onlinestudylist.com To subscribe or unsubscribe via the World Wide Web, visit http://onlinestudylist.com/mailman/listinfo/ccie_security or, via email, send a message with subject or body 'help' to ccie_security-requ...@onlinestudylist.com You can reach the person managing the list at ccie_security-ow...@onlinestudylist.com When replying, please edit your Subject line so it is more specific than "Re: Contents of CCIE_Security digest..." Today's Topics: 1. CCIE Sec Pass (Kevin Sheahan) 2. Re: CCIE Sec Pass (Mulholland, Michael (DFP)) ---------------------------------------------------------------------- Message: 1 Date: Thu, 21 Nov 2013 10:09:38 -0500 From: "Kevin Sheahan" <sheaha...@gmail.com> To: <ccie_security@onlinestudylist.com> Subject: [OSL | CCIE_Security] CCIE Sec Pass Message-ID: <014201cee6cb$b4a0f500$1de2df00$@gmail.com> Content-Type: text/plain; charset="us-ascii" Gents, It is with great pleasure that I can tell you I've passed my CCIE Security Lab on Tuesday in RTP. It has been a very difficult year both personally and professionally to prepare for this exam. This was my third attempt. For study, I leaned very heavily on IPExpert's material/intructors/racks. Piotr Kaluzny - I can't speak highly enough about this guy - suffice it to say that if you are feeling lost, get his attention and he will lead you in the right direction. His expertise, patience, and all around cool-dudeness are sincerely appreciated and valuable when you start to feel like you're drowning in the blueprint. I also used my own personal hardware and read A LOT of Cisco configuration guides pertaining to blueprint (There are a lot of "Notes" in those config guides that provide great info). Lessons learned: - My strategy played a very large role in time management and organization during the exam. o Build a table to keep track of.. EVERYTHING: * Obj | Points | Desc | V1 | V2 | Comments 1.1 4 ASAMC F Unable to ping <subnet>, check later 1.2 5 IPS-IVP P Re-verify @ end, core objective. * I would create and fill out this table (first 3 columns) as I'm reading through the lab at the beginning. The "Comments" section became extremely useful for me to shorten the amount of end-lab verification because instead of re-reading the objective for verification I would only have to see what I wrote down from previous verification failures. Anything with a "P" for pass in the V2 column should be money in the bank, ensure that you've paid attention to the fine details in the objective which can cause loss of points. o Prep the lab: * Pager 20 / Term length 20 * This will allow you to execute long-output show commands later in the day without the screen scrolling away from you. This should be done on ALL devices. * Logging * ASA o Logging console warnings / Logging on - This will tell you throughout your lab when your ASA is denying traffic due to ACL and/or NAT failures. Very useful! * IOS o Logging console - This will tell you when routing processes drop, when ISAKMP is ON/OFF, etc. As well, this will allow for your debug output to show up. * Suspicion * Switches and Routers o Show access-list - Check for ACLs, you may find some that were designed to screw with you and you may find some that are legitimately necessary. Don't change/add/remove ACL's at this point, just make note of them at the bottom on the page where you created your tracking table. This will make troubleshooting simpler and faster later on. o Show run - This is not a fine-tooth-comb type check. Just briefly scroll through the running-config for every IOS device. If something looks out of place (CoPP, CoPr, STP/Routing manipulation, etc), jot it down below your tracking table for reference later. o Draw a diagram? * I didn't do this, but it's up to your personal preference. My feeling is that the topology on the monitor is in great detail and only a few clicks away. That, and I've managed to make a distracting mess everytime in my life I've tried to draw a quick diagram. o Quicksand * This may be the same for you, maybe not. But for me, there is a point (or a few) where I feel like the lab is swallowing me. Something is not working the way I want it to, logs are scrolling, devices are misbehaving.. DON'T PANIC. Move away from that objective, mark it down in your table and move on. That feeling, like you're sinking fast in quicksand, is the enemy. o Close it out * I'm not sure of the rules/points impact of some of the above changes, namely changing the term length and enabling console logging. To be safe, script changes for the end of the exam to remove this changes quickly if time permits. Better safe than sorry I guess. I'm very excited to enjoy the holidays and a nice long study break. Good luck and work hard at it, absolutely worth the achievement! Kevin Sheahan CCIE # 41349 (Security) -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_security/attachments/20131121/1660e1a2/attachment-0001.html> ------------------------------ Message: 2 Date: Thu, 21 Nov 2013 15:35:18 +0000 From: "Mulholland, Michael (DFP)" <michael.mulholl...@dfpni.gov.uk> To: Kevin Sheahan <sheaha...@gmail.com>, "ccie_security@onlinestudylist.com" <ccie_security@onlinestudylist.com> Subject: Re: [OSL | CCIE_Security] CCIE Sec Pass Message-ID: <219dbe78a4c2084cbec29efdc3c9abd88a0a515...@pr-clus-excms09.nigov.net> Content-Type: text/plain; charset="iso-8859-1" kevin congratulations on your achievement well done From: ccie_security-boun...@onlinestudylist.com [mailto:ccie_security-boun...@onlinestudylist.com] On Behalf Of Kevin Sheahan Sent: 21 November 2013 15:10 To: ccie_security@onlinestudylist.com Subject: [OSL | CCIE_Security] CCIE Sec Pass Gents, It is with great pleasure that I can tell you I've passed my CCIE Security Lab on Tuesday in RTP. It has been a very difficult year both personally and professionally to prepare for this exam. This was my third attempt. For study, I leaned very heavily on IPExpert's material/intructors/racks. Piotr Kaluzny - I can't speak highly enough about this guy - suffice it to say that if you are feeling lost, get his attention and he will lead you in the right direction. His expertise, patience, and all around cool-dudeness are sincerely appreciated and valuable when you start to feel like you're drowning in the blueprint. I also used my own personal hardware and read A LOT of Cisco configuration guides pertaining to blueprint (There are a lot of "Notes" in those config guides that provide great info). Lessons learned: - My strategy played a very large role in time management and organization during the exam. o Build a table to keep track of.... EVERYTHING: * Obj | Points | Desc | V1 | V2 | Comments 1.1 4 ASAMC F Unable to ping <subnet>, check later 1.2 5 IPS-IVP P Re-verify @ end, core objective. * I would create and fill out this table (first 3 columns) as I'm reading through the lab at the beginning. The "Comments" section became extremely useful for me to shorten the amount of end-lab verification because instead of re-reading the objective for verification I would only have to see what I wrote down from previous verification failures. Anything with a "P" for pass in the V2 column should be money in the bank, ensure that you've paid attention to the fine details in the objective which can cause loss of points. o Prep the lab: * Pager 20 / Term length 20 * This will allow you to execute long-output show commands later in the day without the screen scrolling away from you. This should be done on ALL devices. * Logging * ASA o Logging console warnings / Logging on - This will tell you throughout your lab when your ASA is denying traffic due to ACL and/or NAT failures. Very useful! * IOS o Logging console - This will tell you when routing processes drop, when ISAKMP is ON/OFF, etc. As well, this will allow for your debug output to show up. * Suspicion * Switches and Routers o Show access-list - Check for ACLs, you may find some that were designed to screw with you and you may find some that are legitimately necessary. Don't change/add/remove ACL's at this point, just make note of them at the bottom on the page where you created your tracking table. This will make troubleshooting simpler and faster later on. o Show run - This is not a fine-tooth-comb type check. Just briefly scroll through the running-config for every IOS device. If something looks out of place (CoPP, CoPr, STP/Routing manipulation, etc), jot it down below your tracking table for reference later. o Draw a diagram? * I didn't do this, but it's up to your personal preference. My feeling is that the topology on the monitor is in great detail and only a few clicks away. That, and I've managed to make a distracting mess everytime in my life I've tried to draw a quick diagram. o Quicksand * This may be the same for you, maybe not. But for me, there is a point (or a few) where I feel like the lab is swallowing me. Something is not working the way I want it to, logs are scrolling, devices are misbehaving.... DON'T PANIC. Move away from that objective, mark it down in your table and move on. That feeling, like you're sinking fast in quicksand, is the enemy. o Close it out * I'm not sure of the rules/points impact of some of the above changes, namely changing the term length and enabling console logging. To be safe, script changes for the end of the exam to remove this changes quickly if time permits. Better safe than sorry I guess. I'm very excited to enjoy the holidays and a nice long study break. Good luck and work hard at it, absolutely worth the achievement! Kevin Sheahan CCIE # 41349 (Security) -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_security/attachments/20131121/5e0b03c9/attachment.html> ------------------------------ _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc End of CCIE_Security Digest, Vol 89, Issue 24 ********************************************* _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc
