Thanks Ayaz,
Regarding the differences between RTP and San Jose, there are no biggies. The lab presentation is the same in both locations, you get a bit of a longer lunch in San Jose but you have to walk a ways to the lunch area so that's why. You still have plenty of time to eat and/or think in both locations. No differences that could impact your lab, though. Good luck! Kevin Sheahan CCIE # 41349 (Security) From: Ayaz Merchant [mailto:merchanta...@gmail.com] Sent: Thursday, November 21, 2013 11:09 AM To: Kevin Sheahan Cc: ccie_security@onlinestudylist.com Subject: Re: [OSL | CCIE_Security] CCIE Sec Pass Kevin, A big congrats! You have given me some hope, after trying the lab and seeing so many of my fellows fail, I was starting to doubt if v4 was passable or not at this time. Now back to studying hard for me!!! Any thoughts on the difference in your lab experience between RTP and San Jose? Ayaz On Thu, Nov 21, 2013 at 9:09 AM, Kevin Sheahan <sheaha...@gmail.com <mailto:sheaha...@gmail.com> > wrote: Gents, It is with great pleasure that I can tell you I've passed my CCIE Security Lab on Tuesday in RTP. It has been a very difficult year both personally and professionally to prepare for this exam. This was my third attempt. For study, I leaned very heavily on IPExpert's material/intructors/racks. Piotr Kaluzny - I can't speak highly enough about this guy - suffice it to say that if you are feeling lost, get his attention and he will lead you in the right direction. His expertise, patience, and all around cool-dudeness are sincerely appreciated and valuable when you start to feel like you're drowning in the blueprint. I also used my own personal hardware and read A LOT of Cisco configuration guides pertaining to blueprint (There are a lot of "Notes" in those config guides that provide great info). Lessons learned: - My strategy played a very large role in time management and organization during the exam. o Build a table to keep track of.. EVERYTHING: * Obj | Points | Desc | V1 | V2 | Comments 1.1 4 ASAMC F Unable to ping <subnet>, check later 1.2 5 IPS-IVP P Re-verify @ end, core objective. * I would create and fill out this table (first 3 columns) as I'm reading through the lab at the beginning. The "Comments" section became extremely useful for me to shorten the amount of end-lab verification because instead of re-reading the objective for verification I would only have to see what I wrote down from previous verification failures. Anything with a "P" for pass in the V2 column should be money in the bank, ensure that you've paid attention to the fine details in the objective which can cause loss of points. o Prep the lab: * Pager 20 / Term length 20 * This will allow you to execute long-output show commands later in the day without the screen scrolling away from you. This should be done on ALL devices. * Logging * ASA o Logging console warnings / Logging on - This will tell you throughout your lab when your ASA is denying traffic due to ACL and/or NAT failures. Very useful! * IOS o Logging console - This will tell you when routing processes drop, when ISAKMP is ON/OFF, etc. As well, this will allow for your debug output to show up. * Suspicion * Switches and Routers o Show access-list - Check for ACLs, you may find some that were designed to screw with you and you may find some that are legitimately necessary. Don't change/add/remove ACL's at this point, just make note of them at the bottom on the page where you created your tracking table. This will make troubleshooting simpler and faster later on. o Show run - This is not a fine-tooth-comb type check. Just briefly scroll through the running-config for every IOS device. If something looks out of place (CoPP, CoPr, STP/Routing manipulation, etc), jot it down below your tracking table for reference later. o Draw a diagram? * I didn't do this, but it's up to your personal preference. My feeling is that the topology on the monitor is in great detail and only a few clicks away. That, and I've managed to make a distracting mess everytime in my life I've tried to draw a quick diagram. o Quicksand * This may be the same for you, maybe not. But for me, there is a point (or a few) where I feel like the lab is swallowing me. Something is not working the way I want it to, logs are scrolling, devices are misbehaving.. DON'T PANIC. Move away from that objective, mark it down in your table and move on. That feeling, like you're sinking fast in quicksand, is the enemy. o Close it out * I'm not sure of the rules/points impact of some of the above changes, namely changing the term length and enabling console logging. To be safe, script changes for the end of the exam to remove this changes quickly if time permits. Better safe than sorry I guess. I'm very excited to enjoy the holidays and a nice long study break. Good luck and work hard at it, absolutely worth the achievement! Kevin Sheahan CCIE # 41349 (Security) _______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc <http://www.youtube.com/ipexpertinc> -- Ayaz Merchant merchanta...@gmail.com <mailto:merchanta...@gmail.com> 773 368-4946
_______________________________________________ Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos :: iPexpert on YouTube: www.youtube.com/ipexpertinc