Thanks Ayaz,

 

Regarding the differences between RTP and San Jose, there are no biggies.
The lab presentation is the same in both locations, you get a bit of a
longer lunch in San Jose but you have to walk a ways to the lunch area so
that's why. You still have plenty of time to eat and/or think in both
locations. No differences that could impact your lab, though.

 

Good luck!

 

Kevin Sheahan

CCIE # 41349 (Security)

 

From: Ayaz Merchant [mailto:merchanta...@gmail.com] 
Sent: Thursday, November 21, 2013 11:09 AM
To: Kevin Sheahan
Cc: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] CCIE Sec Pass

 

Kevin, A big congrats! You have given me some hope, after trying the lab and
seeing so many of my fellows fail, I was starting to doubt if v4 was
passable or not at this time. Now back to studying hard for me!!!

 

Any thoughts on the difference in your lab experience between RTP and San
Jose?

 

Ayaz

 

On Thu, Nov 21, 2013 at 9:09 AM, Kevin Sheahan <sheaha...@gmail.com
<mailto:sheaha...@gmail.com> > wrote:

Gents,

 

It is with great pleasure that I can tell you I've passed my CCIE Security
Lab on Tuesday in RTP. It has been a very difficult year both personally and
professionally to prepare for this exam. This was my third attempt. For
study, I leaned very heavily on IPExpert's material/intructors/racks. Piotr
Kaluzny - I can't speak highly enough about this guy - suffice it to say
that if you are feeling lost, get his attention and he will lead you in the
right direction. His expertise, patience, and all around cool-dudeness are
sincerely appreciated and valuable when you start to feel like you're
drowning in the blueprint. I also used my own personal hardware and read A
LOT of Cisco configuration guides pertaining to blueprint (There are a lot
of "Notes" in those config guides that provide great info).

 

Lessons learned:

 

-        My strategy played a very large role in time management and
organization during the exam.

o   Build a table to keep track of.. EVERYTHING:

*  Obj | Points |  Desc  | V1 | V2 | Comments
1.1         4       ASAMC    F                Unable to ping <subnet>, check
later
1.2         5       IPS-IVP    P                Re-verify @ end, core
objective.

*  I would create and fill out this table (first 3 columns) as I'm reading
through the lab at the beginning. The "Comments" section became extremely
useful for me to shorten the amount of end-lab verification because instead
of re-reading the objective for verification I would only have to see what I
wrote down from previous verification failures. Anything with a "P" for pass
in the V2 column should be money in the bank, ensure that you've paid
attention to the fine details in the objective which can cause loss of
points.

o   Prep the lab:

*  Pager 20 / Term length 20

*        This will allow you to execute long-output show commands later in
the day without the screen scrolling away from you. This should be done on
ALL devices.

*  Logging

*        ASA

o   Logging console warnings / Logging on - This will tell you throughout
your lab when your ASA is denying traffic due to ACL and/or NAT failures.
Very useful!

*        IOS

o   Logging console - This will tell you when routing processes drop, when
ISAKMP is ON/OFF, etc. As well, this will allow for your debug output to
show up.

*  Suspicion 

*        Switches and Routers

o   Show access-list - Check for ACLs, you may find some that were designed
to screw with you and you may find some that are legitimately necessary.
Don't change/add/remove ACL's at this point, just make note of them at the
bottom on the page where you created your tracking table. This will make
troubleshooting simpler and faster later on.

o   Show run - This is not a fine-tooth-comb type check. Just briefly scroll
through the running-config for every IOS device. If something looks out of
place (CoPP, CoPr, STP/Routing manipulation, etc), jot it down below your
tracking table for reference later.

o   Draw a diagram?

*  I didn't do this, but it's up to your personal preference. My feeling is
that the topology on the monitor is in great detail and only a few clicks
away. That, and I've managed to make a distracting mess everytime in my life
I've tried to draw a quick diagram. 

o   Quicksand

*  This may be the same for you, maybe not. But for me,  there is a point
(or a few) where I feel like the lab is swallowing me. Something is not
working the way I want it to, logs are scrolling, devices are misbehaving..
DON'T PANIC. Move away from that objective, mark it down in your table and
move on. That feeling, like you're sinking fast in quicksand, is the enemy.

o   Close it out

*  I'm not sure of the rules/points impact of some of the above changes,
namely changing the term length and enabling console logging. To be safe,
script changes for the end of the exam to remove this changes quickly if
time permits. Better safe than sorry I guess.

 

I'm very excited to enjoy the holidays and a nice long study break. Good
luck and work hard at it, absolutely worth the achievement!

 

Kevin Sheahan

CCIE # 41349 (Security)


_______________________________________________
Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos ::

iPexpert on YouTube: www.youtube.com/ipexpertinc
<http://www.youtube.com/ipexpertinc> 





 

-- 
Ayaz Merchant
merchanta...@gmail.com <mailto:merchanta...@gmail.com> 
773 368-4946 

_______________________________________________
Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos ::

iPexpert on YouTube: www.youtube.com/ipexpertinc

Reply via email to