This chapter is designed to assist you in your final preparation for the CCIE Security exam by providing you with an extensive lab that incorporates many of the technologies and concepts covered throughout this book. This lab requires a broad perspective and knowledge base. Any knowledge you have acquired through the practical examples presented in this guide and reallife network implementations will help you achieve the end goal: a routable network according to the security design criteria.
The CCIE lab exam was traditionally a 2-day lab held in various world-wide locations such as Sydney and Brussels along with the traditional sites based in San Jose and Raleigh. However, when the CCIE Security lab exam was introduced, it contained only a 1-day lab portion. In the 1-day CCIE Security lab practical exam, the candidate is presented with a number of simple and complex tasks, starting from the physical layer of the OSI model and continuing up to the application layer. Recent changes to the CCIE Security lab remove some of the fundamental routing and switching components to ensure that candidates are thoroughly tested for security rather than their knowledge of routing and switching, which is still a core skill. Hence, the exam is, by far, more difficult than the CCIE Routing and Switching lab. This sample lab still presents those fundamental tasks so that the reader can appreciate the level of difficulty in the practical exam.
When you are given the exam paper, it may appear that the questions are relatively easy, but as you read further into the paper, you will discover that the questions become increasingly more difficult. The lab questions were created so that highly complex questions have some hidden aspects to them, as you will discover in this sample lab exam.
To become a CCIE in the Security track, a candidate must successfully gain 80 exam points from a possible 100 points in 8 hours. What is not mentioned in many exam books and websites is the mental strength and drive required to maintain a high level of concentration for 8 hours. The exam is written so that readers start with basic tasks and build up gradually to more complex scenarios. Some tasks are dependant on prior questions being successfully completed, so it may be very easy to become lost very quickly in a lab exam environment.
Fortunately, you have, in your hands, a lab written by two former CCIE Security proctors, so this sample lab is a great start. If you can simulate exam conditions and successfully complete
this lab with a score of 80 points or more, you are well on your way to achieving your end goal after reading this book.
Each major task is given a point value, with no partial credit possible. This is as close as you will come to the real lab without having to actually sit in the lab and pay the lab fee of over U.S.$1,000.
This sample lab is presented in sections. A solution appears following each section. At the end of this sample CCIE Security lab (after the final configurations), I provide you with some additional sample CCIE Security questions to demonstrate other possible topics. No solutions are provided, so you can research and attempt to answer them on your own as you would if you were sitting in the real CCIE Security lab.
At the end of the main lab section, the final configurations are presented for your reference. If you have any questions on this lab, e-mail me at [email protected], and I will try to help clarify any questions you might have.
NOTE This lab draws together much of the content covered throughout this book. Keep in mind that there is not always one right or wrong way to accomplish many of the tasks presented here, but you should follow the parameters that are stipulated. You should also modify the tasks to make them even harder so that you are prepared for the worst-case scenario in the real lab.
Was this article helpful?