Become CCIE with Simulator FAQ

Should I use emulator like dynamips or buy real lab?
Well, it depends. Dynamips is an emulator that somehow “tricks” the real IOS image so it will boot and run on standard PC. So far it can run IOS for 7200 routers, 3600, 3700 and 2600 series. So if you need to practice features outside those IOS, then you can’t do it with dynamips and must go with real lab.

What does exactly dynamips lack of?
Performance, even it doesn’t matter for CCIE practice lab, features that must be run in hardware such as certain QoS, and all the features outside the supported IOS for example L2 and switching features from a normal 3550 or 3560 switch. And we need to be aware that if there is any issue, we need to be able to identify if the issue is from wrong config, IOS bugs, or bug from the dynamips itself. With real lab, it’s just wrong config and IOS bugs.

Which CCIE track do you think can be done with emulator only?
For Service Provider track, you can practice almost 100% of the topic. The focus of the lab is on SP infrastructure so personally I don’t think you need to spend much time to practice L2 switch features. For Routing & Switching I think dynamips can still be used to cover almost 90%. Despite it has support Ethernet module but it still can’t be used to test real L2 switch features such as VTP and STP. But all L3 features from 3550/3560 switch can be tested or will have the same behavior just as if we use normal router. For Security track the emulator can be used to test IOS FW, IOS IPS, VPN between routers and security features in routers (NAT, ACL, RTBH etc). But more than half of the features for this track require Firewall, VPN, IDS and Cisco Secure ACS. For the rest of tracks, I would say the emulator won’t help that much. Check the CCIE lab blueprint and CCIE lab equipments to give you the idea.

What would I miss from the real lab?
Using real lab we would be able to test all the features required in CCIE lab, real router with real performance, capable to test hardware-dependent features, ability to sell it back when we are done and last but not least, the noise I guess. I used to sleep next to my lab for months so sometime I feel that I can still hear the noise inside my head until now.

What would be your suggestion to cover the lacks from dynamips?
There are several options. You may invest and buy a complete real lab. The challenge to have real lab is we need to replicate as close as possible to the lab equipments. It means, it can be expensive. But the good thing is, if our lab is still in decent condition after we are done, we may be able to sell it again (to another CCIE candidates) without losing a penny at all. Another option is to rent an online rack. It has advantage since we can connect to it as long we have Internet and we don’t need to invest big pile of money in the beginning, but obviously the money won’t go back after we are done. The option that you may want to consider is using dynamips to practice and cover as many features as possible (such as R&S and Security) then go to online rack rental a couple of weeks before the exam. For track like security, you may want toinvest in Firewall and VPN hardware, then connect them to dynamips. To practice IDS and for final preparation before taking the exam, you can use online rack for several days. List down all your options then make the pros and cons from each of them before you decide.

Do you know people who passed using dynamips only?
Yes, I know many people have passed CCIE lab using dynamips/emulator. In fact, for my third lab which is Service Provider track I practiced only using the emulator similar like dynamips. And no, I won’t tell you what it is nor I would discuss about it in this blog.

Do you think the people who passed using dynamips/emulator only are not real CCIE, since they never touch real routers?
No, there is no such thing. Passing CCIE lab just means you pass a lab exam. What makes a difference later on is your experience and expertise in real life. So someone may pass CCIE using only emulator and never touch the real routers, and he is still a CCIE. Later on he can gain experience and expertise with real routers. That’s what matter at the end of the day.

Will you teach me how to configure dynamips/other emulator?
No. RTFM. Googling.

Will you send IOS for me to use in emulator?
No. It’s actually illegal to run IOS software without license, but for practice lab at home I don’t think Cisco would bother chasing you. But I won’t send any IOS.

How to find info if I have issue with dynamips?
Again, RTFM and googling. And you should join the forum and become active member to discuss it. As I mentioned above, if there is any issue when you practice CCIE with emulator, it may come from wrong config, IOS bugs or bug in dynamips. So by becoming active member in the forum, and if you are willing to use the emulator heavily, you can contribute if you think the issue is from dynamips itself. Help the community to maintain and develop this wonderful emulator.

So should I use emulator or buy real lab to practice CCIE?
[email protected]#$%^&* Scroll up and read again from beginning.

How to Pass CCIE Lab Insider’s Tips

Himawan Nugroho, CCIE #8171

Just another guy who wishes to be an expert one day. Discovers the future one day at a time. His greatest fear is becoming a guy without specialties.
The first and the only Indonesian Triple CCIE till date.

◆ Triple CCIE #8171 in Routing & Switching, Security and Service Provider track
◆ 8+ years experience in Networking: SP, Data Center, UC, Wireless, Security
◆ Broad experience within Asia Pacific and Middle East
             2000 – 2001 Schlumberger Omnes, Indonesia
                 NOC Engineer to maintain the internal network within Asia and Australia
             2001 – 2002 IBM Global Services, Indonesia
                 Pre-sales and Network Consultant
             2002 – 2006 Emirates Computers, Dubai, United Arab Emirates
                 Pre-sales, Lead Engineer, Network Consultant, Technical Project Manager
             2006 – now Cisco Advanced Services, Asia Pacific, based in Singapore
                 Network Consulting Engineer
◆ Currently working in several projects in different countries for Petronas (Malaysia), CAT (Thailand), Starhub Cable Vision (Singapore), VDC (Vietnam) and Telkomsel (Indonesia)

More Detail: How to Pass CCIE Lab Insider’s Tips |  PDF

How to Become a CCIE v2

Passing the elite level and world’s toughest certification from Cisco Systems, tips from someone who has done it three times
By Himawan Nugroho, CCIE#8171 (R&S, Security, SP)

I was digging through my own blog archive and found that my first post about How to Become a CCIE is quite old and need to get updated. In fact, I’m thinking to modify it in such a way so the same principle should be applied to any CCIE tracks, and even to any top level certification from other vendor. Without any intention to re-invent my own writing, I just put the updates and I tried to make it short this time. So if you’d like to read more about my experience taking the lab 3 times, I suggest you to read the original version and all related posts, starting with the summary of my journey. Btw, in case you haven’t noticed I’m trying to learn how to sell by using marketing hypes, hence the words “elite level”, “world’s toughest” and “from someone who has done it three times” yeah, right.

1. You still need to ask yourself “what’s the point?”

It’s still a very tough challenge. It’s still a long and tiring process. You will spend lots of efforts and money to get it. You still need to sacrifice your spare time and social life. So you should have at least one good reason why you want to do CCIE. And don’t try to fake the reason. No one can give you the answer and I bet no one other than you really cares what it is. But it’s important for you because this might be the only thing that can keep you going, that can wake you up from your laziness, that can make you come out from your frustration in the middle of your journey.
Once you know and believe in your reason, then decide which track you want to pursuit. Follow your heart, do only the track you like. Continue with collecting the information about that specific track: read the CCIE blueprint for both written and lab exam. Read Networkers slides to get a brief picture about the exam format and sample of the question (Yes they have a session for this, I remember I read and listened to the presentation conducted by CCIE SP proctors).

2. Use the mid-level certification
Now the step for all CCIE tracks are very clear and they all have mid-level certification (except CCIE storage). So if you want to take CCIE in Routing & Swithing you should learn CCNP. For CCIE Service Provider you should start with CCIP. For Voice it’s CCVP. And for Security it’s CCSP (the new Security lab doesn’t require extensive knowledge of routing & switching anymore, you may check its blueprint v2). Remember, using this mid-level certification doesn’t mean you have to pass it.
If you are one of the guys who wrote me email to say that certification is useless, want to take CCIE just to prove how good you are, doesn’t want to waste time with CCNA, CCNP/IP/SP/VP then it’s fine. Don’t take the exam but you can still utilize the resources to plan your study. The base knowledge for CCIE is already covered in the mid-level certification. So do the obvious and follow the flow: read the books for the mid-level of track you want to pursuit even you don’t have to take the exam. Passing the mid-level exam is important just as a review to ensure you have really understood the material covered by the certification. And you may want to get your knowledge to some extend to be certified by Cisco that can be considered a reward in your journey even you haven’t completed it.

3. A new way to build your home lab
Practice extensively in the lab is still the key to pass CCIE. But for certain tracks, R&S and SP, you can practice CCIE lab without having any real equipments. I have built a step-by-step guidance to do this with dynamips. Dynamips is a very popular emulator for Cisco IOS and now some people have released several front-end interface such as dynagen or GNS3 to make it easier to setup and build the topology. It’s an emulator to provide real router environment that can trick the real Cisco IOS so it will boot in normal PC. So it’s still need the real Cisco IOS software, and please don’t ask me to send you this.
Many people still wrote me email asking this question: is it possible to pass CCIE only with dynamips? Yes, it is. I have seen some of my friends did this. In fact, I did all my practice for CCIE SP only with (censored), something similar as dynamips. Censored = internal info to Cisco employees heheh. I’m planning to take the top level certification from other vendor (guess who :) ) using a similar emulator only. I want to do it just to utilize my spare time, to prove my point here, and obviously for fun.
You may still require to build home lab, or rent it online, for other CCIE tracks.

4. Passing written test still doesn’t prove anything
This is still the same point as my original post. You can read the written exam blueprint and compare it with the lab. Take the written test and feel its coverage. Then setup your lab after that, start doing the workbook, and feel the difference. For some tracks, studying for written test doesn’t add any value for the lab preparation.
For me, I don’t count the step to pass written test as part of my checklist to pass the lab. After you pass written exam, you are eligible to register for the lab. And that’s what it’s all about. Passing written test doesn’t mean you are half-CCIE. It doesn’t mean you are 20% or even 10% ready to take the lab. I count it as Step 0. From the written test you should start practicing in the lab and build the percentage of your progress. Use the lab blueprint as your guidance. Once you cover 100% in the list then you may be ready for your first attempt. Well, this is not always the case. I covered only 80% and passed in my first attempt. But don’t count on my experience!
So my point here is: never count passing written test as part of your CCIE lab preparation. Just look at it as administrative step required to register for the lab.

5. Read, read and read, then practice
I won’t list all the books that I read to prepare for all my CCIE labs. They are just so many of them! And sometime you just need to read few chapters from one book. The must-read book list is different for every track and may not updated. But you can start by checking on the book list from CCIE website. If you think it’s still too much, then I suggest you to again use the Lab Exam Blueprint as your guidance. Read about one scope of technology at a time. Read from CCO, since this is Cisco certification so it always makes sense to check the configuration guide and technical tips from their website. Material from Networkers (slides with sound) is still a good resource, and I think you can get this from Networkers Online.
Google is always our best friend. And you may be interested to subscribe for online books library such as Safari Books online. Check the list of their books first before you pay! The benefit of reading from a website like Safari is they provide a google-seach to find specific topic you want toread from several books.

6. Fast and Furious may not the trend anymore
Indeed you still need the speed in typing. I guess it will be difficult to pass CCIE if you still use only two fingers to type and always look at your keyboard when you do so. There is just not enough time! But it was a different experience when I did my R&S and Security with my SP lab. In the first two, there are many independent technology that I can skip to come back later on if I don’t know the answer. So my strategy at that time was to answer all questions that I know the obvious answers first. Then I went back to answer some of the questions that I’m not too sure about it. And the rest of the time was to answer all questions that I have no clue, and I used to depend on Documentation CD or restricted CCO documentation websites to find the answers. So normally I tried to complete 70-80% of the lab before lunch, since I know I need to spend many hours to read from documentation CD.
But in SP, it was a different story. Many topics are connected to another topics, many topics are built based on another topics as underlying protocol, and all decision we make to answer one topic may affect our answer for the topic we build on top of it. So the strategy that works for me at that time was “do it once, and do it right”. I needed to make sure I had answered the question correctly before I moved to the next question (unless it’s independent feature that I can skip). Even I can type IOS command quite fast but at that time I had only 1 hour left to re-check my work. And documentation CD is not our best friend anymore in SP lab. There is no time to read it and actually to be able to build a working topology all topics covered in the lab must be understood thoroughly, unless it’s related to features or enhancements.

7. Join the community
There is no doubt about this. Learn from others’ experience and share your own experience. Check the archive for all previous discussions. Answer the questions in the forum in order to get the answers for your questions to the forum. Build a healthy discussion forum! Respect each other and always think those people who are willing to answer are not getting paid for that so don’t be rude and push to get answers (unless you join a commercial forum or the forum that is created by vendor to answer your questions related to the product/workbook you purchase from them).
Same as what I wrote in my original post, it would be good if you can build a small discussion forum in your area that can meet offline. It’s always better to have someone to share your frustration or listening for someone’s experience to boost the spirit while having coffee together. CCIE is a one-man-journey type of experience but as I said in the original post, I was happy just to know there were others out there who might be doing the same thing and facing the same challenges. You are not the only one, even you are alone who must open the door, Neo.

8. Asking the right question is an art
Try to ask some silly questions or obvious questions that any CCIE lab proctors are not allowed to answer are not recommended. They are there in the lab to clarify the question, and sometime they can provide you hints to the answer. So use this chance wisely because you don’t want the proctors mark your face in his brain as someone who asks him the answer for CCIE lab.
More into that, I think it’s really good to build a culture on how to ask a question effectively. I received many emails asked me how to become a CCIE even now still working on CCNA? That’s easy, pass your CCNA first! Or I have seen some people throw one line question to the forum: how can I configure MPLS VPN? Why don’t you spend a little bit of your time to read the website, use google, RTFM, try it in your lab and when you are really stuck you can send your specific question with all required information such as the config and topology.
Learn how to ask effectively.
We all definitely need this even for the life outside CCIE lab.

9. Understand the lab question
I was not born in english-speaking country. And even I have spent 6 years working overseas, with English as daily business language, it was still difficult for me to understand some of the lab question. For my CCIE SP lab all the questions were straight forward. I went to the proctor only because I found some vague words and since I know how to ask I could even get the hints after I clarified the words with the proctor. So they are there in the lab to help you to clarify the questions. But that’s all.
And I found out when some lab questions are so confusing, it’s better to sit back and look at the topology as a whole and a unit. So try to understand what we are trying to build in the lab from helicopter view, not from the device or configuration perspective. For example, when I did my SP lab I looked at the drawing, read the questions, tried to understand what kind of network I have to build with all traffic flow and policy then it became easier for me when I worked on each question to put the configuration.

10. Skeptical attitude might the one you need the most
Trust no one, trust no solution. Don’t trust the configuration guide in Cisco website. Don’t believe what people say or write in the forum. Don’t trust the configuration and solution written in Ciscopress books. Don’t even trust the solution from the vendor for those CCIE workbooks that you must pay for it!
I’m not saying that all those resources are bad and should not be trusted. What I’m trying to say here is you should not trust any solution unless you prove it in your lab. It may work in the book but not in your case because you use different IOS. You may read it and think you have already understood the technology but then when it doesn’t work in the lab only you realize there is a missing part that you need to discover. And some people either make a typo in their solution or answer it with one way because of some consideration that you may not able to see.
So never stop asking: Why? How come it’s possible? Why the solution use that way? What if I answer it with this way? How to prove the concept really works? What if I add this on top of that? How to answer this question if I modify or add with that requirement? And so on.

11. CCIE is nothing but a mind game
You still need to read lots of books. You still need to practice extensively. You still need to make the strategy and plan your study accordingly. But on top of that, you really need the right mindset and attitude to pass. Other than being skeptical and consistently test the solution in the lab, you must be positive most of the time. You should believe you can achieve your target if you really spend efforts in doing so. Avoid unnecessary discussion and long debate about why you need to become a CCIE (you should do that in Step 1 above). Leave your discussion group if they keep telling you it’s very difficult to pass CCIE and you won’t be able to make it because you don’t have what it takes to pass. Or they say you don’t have same opportunity as the others who can pass. Everyone has the same chance to pass. During my journey I have proved that it’s not a matter of time, nor it’s a matter of support from the company or how many resources you have. It’s all about the mindset.
And other than being positive, you should develop ability to be adaptable as well, to make you ready for any surprises in the lab. You should know how to analyze a problem and use the right approach to solve it. This is required to ensure you can understand the requirements in the lab and choose the right method to answer. You need to be able to make decision and handle situation under pressure within limited amount of time. And you don’t risk your life in taking this CCIE anyway! So relax, try your best to be prepared, extremely prepared, but in the end if you make mistakes and fail, you lose nothing but the cost to take the lab. On the other side you will definitely learn something from your failure and gain more than what you lose.
So again, Everyone has the same chance to pass.
If someone tells you the otherwise, ask him to talk to me.

12. Enjoy every moment of it
What’s the point to do something if you don’t enjoy it? Again, this is the reason why Step 1 is very crucial. It’s very important to follow your heart. Because pursuing CCIE requires you to be focus and consistent, so it will be difficult if you don’t know why you want to do this in the first place. You must sacrifice your spare time and social life so it’s really important for those around who care to you to be part of the game. Discuss your plan with them and try to still make some contact with other human beings when you are not geeking out in the lab. I remember when I did my security I still spent some time with my family to go to the beach, even my mind was in Firewall-ACL-to-allow-BGP-traffic-with-NAT and IDS-fine-tuning-to-send-alert-only-after-certain-hits. I sacrificed my sleep to gain extra time to study. I sacrificed my lunch. I sacrificed my time that I normally used to chit chat with colleagues. But I still had fun doing my lab since at the same time I played the Matrix or the Simpsons next to my hyperterminal. And not to mention all those Linkin Park songs that I used to play over and over continuously.

And when you are preparing for CCIE, be in the moment. Make a 6-months study plan but do one thing at the time. If you haven’t passed the written then do this as Step 0. If you haven’t setup the lab then start reading documentation about the emulator or search for the hardware on ebay. If you must deal with busy schedule at work, try to have fun by read CCIE material in between your busy time or steal some time by locking yourself inside the toilet and read in there (I’m still doing this until now!). Feel every aspect of the journey. Be grateful when you have even a very short time to make progress in your study. And always try to enjoy every moment of it.
Okay, let’s say you pass. You may ask: now what?
Don’t ask me. Ask yourself.

CCIE is just the beginning of a bigger journey. There are several other CCIE tracks to chase or other exciting things to do in life such as working in large scale project where you have to use all your technical skills along with your ability to handle much complex situation. But frankly speaking, until now I still haven’t found another journey that could offer such tense atmosphere, learning experience, wide coverage of technology within short time, and fun all together outside CCIE. All the time was just for me and my lab.
As I wrote in my own post after I passed my 3rd lab:
CCIE was the only time when the world makes sense.
Have fun, everyone.

How to Become a CCIE?

Cracking CCIE Security Lab
By Himawan Nugroho, CCIE #8171 (R&S, Security)
Two weeks ago I passed my CCIE Security lab. It was my 2nd attempt in Brussels. I passed my CCIE Routing & Switching lab 5 years ago in Tokyo on 2nd attempt too. I become double CCIE in R&S and Security without taking any trainings or bootcamp. Only with self-study, countless hours in my home lab, and lots of Starbucks Mocca Frappucino.
Based on my experience taking 4 lab attempts, I try to write down the summary how I did it. This how-to is specific to CCIE Security lab, but the general idea can be applied to any CCIE tracks.
Scott Morris, Quad CCIE, wrote the article ‘So You Want To Be a CCIE?’ and it’s really worth reading. Yusuf Bhaiji, CCIE Security lab program manager and the author of CCIE Security Practice Labs wrote ‘Insider’s Tips on Earning Your CCIE in Security’ in Packet Magazine August 2004 page 18.

I’m not trying to compete with them. They are the masters. I’m just another guy who has just passed CCIE lab recently and willing to share his way.
So here it is, my version of Cracking CCIE Lab:

1. Start with the self-assessment
Are you sure you want to do CCIE? As you may already heard: yes, CCIE is difficult, very rare people can pass in 1st attempt. Yes, CCIE is expensive, only the exam fee is $1250 and you still need to spend money to buildhome lab, buy books and workbooks and other resources. And yes, you certainly will not have your social life during the journey.
But if you really want to do it, if you really want to distinguish yourself and stand out from the crowd, I suggest you to do self-assessment as the first step.
Read CCIE lab blueprint. For Security lab, it’s on here.
CCIE blueprint will tell you the coverage of the lab and areas you need to focus on during your study. Then ask your self: are you familiar with those technology listed in the blueprint? If you have 4-5 years experience working in Cisco partner deploying Cisco security solutions on the field, you should know at least 60 to 70% of the blueprint easily. Then you just need to study for the rest 30%.
But even you don’t have much experience and feel completely lost reading the blueprint, CCIE lab is still achievable. Continue reading.

2. Use other certification as steeping stone
This is optional if you think you need some help for your study. Cisco has created certification career from basic, medium to expert level, which is CCIE.
Read the complete information here.
For CCIE Routing & Switching, CCNP can help you to learn routing, switching, Remote Access technology and troubleshooting skill.
For CCIE Security, you must learn Cisco security technology and you still need to deal with some Routing and Switching because the network in your lab must be built first before you can secure it.
So to learn Firewall, VPN, IDS and Router security at a time, you can use CCSP certification.
And to learn Routing, I recommend to take CCIP.
Why CCIP? Because in CCIP, you will learn about IGP Routing and BGP in advance. And you will learn Quality of Service. QOS is important because there are lots of attack mitigation techniques can be done using QOS. For example, instead of dropping ICMP flood traffic we can just limit the bandwidth, so we still can have legitimate ICMP traffic.
The MPLS exam is not important so you can either skip it or just take it and become CCIP.
Most of the switching part in Security lab is pre-configured. So you can just start by learning the security technology in Cisco 3550 switch. That should be enough for switching part. And this is one of the reasons why I don’t recommend CCNP for CCIE Security lab but CCIP instead.
Taking those certifications give you benefit to learn specific technology at a time and even you are not a CCIE yet, at least you will achieve CCSP and CCIP. Something is better than nothing.

3. Build your home lab
I believe having a home lab is compulsory. You can always rent a rack but you will have a fix schedule with them. With home lab you are the one who controls the schedule. And you can always try in your home lab directly every time you read something interesting or you just want to test the option in some IOS commands.
If you have tight budget, at least you should have few routers at home.
My recommendation for minimum home lab: 5 routers and 1 switch.
The cheapest routers that you still can use for CCIE lab is 2610 series.
They can run IOS Firewall natively and if it’s required you can boot Enterprise software for 2600 XM series with this trick.
You can find Cisco 2610 with less than $200 on eBay.
Don’t go to 2611 or 2620 since they only offer more interfaces or Fast Ethernet but they still run exactly the same software with 2610. You don’t need Fast Ethernet for sure and you can always create trunk to have multiple interfaces.
Buy 1 Cisco 2522 or 2523 as Frame-relay switch. Obviously you need WIC-1T modules and V35 back-to-back cables. Cisco 3550 switch, the one currently in CCIE Lab, is expensive so you can replace it with 2950 model. Cisco 2950 can’t runrouting and all enhance Layer 3 features, but you still can test those with rental lab.
For Security lab, you must have a PIX firewall. Either the smallest series, 506E, or franken PIX.
With 506E you have only 2 interfaces but again, you can make them as trunk to have multiple interfaces.
If you have option to buy either VPN concentrator or IDS, get the VPN.
Or you can rent a rack for several hours only to practice both of them.
So, with 4 Cisco 2610 routers, 1 Cisco 2522 FR switch, 1 Cisco 2950 (without Giga ports), 1 PIX 506E, and several WIC-1T modules and back-to-back cables, yourhome lab should not cost you more than $2000. And all of these can be sold once you pass.
You still need to spend some money to rent a rack, at least to practice VPN, IDS and 3550 features.

4. Passing written exam doesn’t mean anything
Based on my experience so far, I found out that studying written exam can’t help you much in the lab. Most of the time the material covered in written exam is completely different with the lab.
So until Cisco makes the written exam more related to the lab, I suggest to just pass it, even if you have to cram the material or use some practice test.
My suggestion is to read the written exam book just like CCIE Security Exam Certification Guide and then practice the questions using product like from boson.
With one note: don’t trust the answer from any practice test vendor. Find out the answer by yourself from CCO or Internet and this will accelerated your study. This kind of attitude will help you in the lab later on.
Passing CCIE written doesn’t mean you are a half-CCIE. For me, it doesn’t mean anything in fact. It’s only a pre-requisite exam that you must take before you can register for the lab.
Nothing to be proud of even if you score 100 in written. Last time I took the exam the passing score is only 70. Get 71 to pass and register for your lab. That’s what matters.

5. Read a lot
No single source can make you pass CCIE lab. You really need to read a lot from different resources: Cisco website, RFCs, Networkers, Ciscopress books, study forum, CCIE workbooks and any related links on the Internet.
Following is the list of resource I used during my CCIE Security study:
1. Cisco configuration example and TechNotes
2. Cisco technology support
3. Cisco documentation CD (univercd), which is basically the same with product configuration guide
4. Networkers Online presentation, it costs me 200 bucks but provides complete Networkers 2005 presentation in Las Vegas with sound and slide
6. Ciscopress CCIE Security Exam Certification Guide – H. Benyamin
7. Ciscopress Network Security Principles and Practices – Sadat Malik
8. Ciscopress Cisco ASA and PIX Firewall Handbook – Hucaby
9. Ciscopress Cisco Router Firewall Security – Richard Deal
10. Ciscopress CCIE Security Practice Labs – Yusuf Bhaiji
11. CCIE Security Workbook from Trinetnt
I have other CCIE Security workbooks from IP Expert, Internetwork Expert, 6colabs, Hello Computers, and CCBootcamp.
But during the last 4 months before my exam, I had been focusing only with Trinetnt. As per date, they are the most decent workbook and they cover almost everything in CCIE blueprint.
12. CCIE Lab forum: SecurityIE and trinet forum
Just FYI, I have already passed CCSP, CCIP and I have more than 5 years experience with various Cisco security products before I started my CCIE Security journey.

6. Build your speed
Okay, now it’s time to practice and try all the technology listed in CCIE blueprint in your lab. Start slowly. Learn single topic at a time. Try to really understand all possibilities in one technology before move to different topic.
This is where the CCIE workbooks can really help. Good workbook like the one from Trinet provides minilabs to focus on single topic at a time.
I recommend to start slowly because studying CCIE sometime can be really frustrating. Especially when you stuck with one thing and don’t know where to find the answer. That’s why I against the idea to jump directly to complex lab scenarios. Single step at a time.
Once you get used with the lab flow, try to increase your speed.
Practice, practice, practice.
You need to be fast in the real lab. And there is no other way other than practice.
Keep repeating the same thing until your fingers, not only your brain, memorize how to configure any security technology listed in blueprint.
I use only the best workbooks to practice: Trinet and Bhaiji’s book.
I found out if you can complete 1 Trinet superlabs with less than 3 hours time, than your speed should be fine for real lab.
Obviously when you practice with any workbooks, you must understand why and when you should configure with certain way.

7. Join the community
You can’t win this battle by fighting alone. Join the community to meet other CCIE candidates and study together. I found SecurityIE forum is really helpful. There are a lot of security experts in that forum and the discussion is really depth. The forum archive is priceless.
Trinet forum was active when it was started. I was involved from beginning so I enjoyed my time discussing directly with Khawar Butt, the founder. I can see now there is very less response from Khawar anymore in that forum. But I believe you still can discuss with other CCIE candidates. And try to dig the archive to see whether things you are looking for have been discussed in the past.
If possible, try to create small discussion group. I met some wonderful people from those forum and we decided to study together. It’s always good to have somebody else to verify your weak points.
During my journey, I was really happy just to know that there are several people out there that I can discuss with every time I stuck in my lab at 3 am in the morning.

8. Learn how to ask
Make sure you know how to ask questions, to the study forum and during the real lab. Before you send something to the forum, please make sure to check the archive. Try to test it by yourself in your lab, and when you get stuck, copy the related configuration with show and debug output and send it to forum.
With this way, we can build a healthy discussion and most probably you will get positive answers.
This attitude is important when sitting in the real lab too. During my 2nd attempt, my proctor mentioned something like: “if you have any questions you can ask me, but most probably I will not answer”
So you need to know how to ask question to your proctor. Otherwise he will throw his pity look to you and say: I’m sorry I can’t answer that.
I believe if you know all the technology listed in the blueprint, and you already have this attitude, you should be able to ask smart question to the lab proctor. They are there to clarify the lab questions, and that’s the only thing you should try to get from them: clarification.
By asking the right question for sure.

9. Understand the Lab questions
Speed is critical, but you need to know how to answer too. So when you think you already have the speed, you need to dig each topic in more detail. There is no other way other than try any possible scenarios and read more to understand all technology in-depth. Check all the options from each IOS command, test it, run the debug, compare the result, then move to different technology and do the same thing.
During the real exam, don’t overlook and make assumption. Read the question carefully. And if you don’t understand something, you can ask clarification from the proctor.
Yusuf mentioned in his book that most candidates fail not because they don’t understand the technology, but because lack of understanding the question. Make sure you read his book several times to make sure you understand what he expects from the answer.

10. Trust no one, trust no solution
You should not trust any of your resources until you prove it by yourself.
This is the only attitude that can make you pass.
I found a lot of mistakes in Cisco sample configuration and workbook solution. Even Bhaiji’s book contains several errors. Study forum is good because people try to test something together. But are you sure the solution posted really works?
Why you have to bet, just try it by yourself in your lab.
Every time you see some scenarios and the answers, always ask the questions: What if? Why not using this? How if I modify that?
I like Trinet because the workbook provides general idea of the real lab and makes me really fast. But I don’t just believe their solution. I always tried to answer their scenarios with my own way, and then modified the scenarios, put more requirements and restrictions.
I often ended up with my own scenarios, which are much more difficult from the original.

11. It’s all in your mind
CCIE is completely a mind game. I failed 4 years ago in my 1st CCIE R&S attempt in Brussels because no one told me at that time how difficult CCIE lab was. Everyone I know always told me that the CCIE lab is so difficult that only few selected people who can pass it. And I’m certainly not one of them.
I went to my 1st attempt with this feeling, that I was not ready and CCIE questions would always be one step ahead me. It was 2 days exam and I was able to reach troubleshooting section on 2nd day. But I failed with 5 mark away from the passing grade. I felt terrible but I realized one thing: CCIE lab is achievable. If you have spent a lot of time to prepare, then it’s even possible to pass on your 1st attempt.
For my 2nd attempt in Tokyo 1 month later, I woke up in the morning and told myself in front of the mirror that I would become CCIE that day.
CCIE lab is an exam and the proctors are “only human”. I kept telling myself: there is no spoon.
I was able to keep my sense of humor even in Japan I had to use Japanese version of Windows and keyboard.
One and half hour before the troubleshooting section over, I have already walked out Cisco office with my CCIE number.
Indeed I failed in my 1st Security lab attempt last December. But I failed at that time because I was so confident and overlook several things. I was really sure that I would pass that day and made me forget one basic rule in CCIE lab: this is Cisco exam. They make the lab and they expect me to answer as per their solution.

12. The journey must be fun
In the end, CCIE lab is only an exam. Even it’s Goddamn hard to pass but this journey must be fun. Turn all the pressure as a power.
Use any supports around you: your family, friends, working environment.
Manage your time so even you will not have social life at all but at least you should enjoy it.
And If you fail, do the classic: learn from your mistakes.
Try to know exactly what your mistake is and address it once you go back home.
Never think to stop in the middle, no matter how many times you fail.
I always believe that there are 2 kinds of CCIE candidates out there: one who always makes excuses why they should not do it again and quit, and one who just jumps back into their lab and start debugging their mistake.
The second one will pass eventually and join the elite club of experts. The first one will join the club of losers.
Which one do you want to end up? The choice is yours.

Why Become A CCIE?

The CCIE is a very difficult and expensive (potentially VERY expensive) certification. So why in the world would anyone want to spend the time and money necessary to pass the CCIE lab exam and get their digits? While each CCIE candidate has their own reasons for doing this, there are some common benefits:

1 Salary

Oh the vulgarity of chasing filthy lucre! Regardless of your views on the whole “mo’ money, mo’ problems” debate, money is one of the leading motivations for many candidates seeking the CCIE. Because the CCIE is such a difficult and highly respected certification, there is a very competitive market for CCIEs. With high demand and low supply come high salaries. The CCIE has consistently been at or near the top of the certifications with the highest salaries. The current average salary for a CCIE is somewhere in the $93,000 – $111,000 (US dollars) range. I live in the Twin Cities area of Minnesota and I’ve been told that $125,000 is the average salary of a CCIE in this area. Brad Reese has a nice collection of links to various salary surveys. As with any “average” salary you need to take into account that there are likely other variables at play (years of experience, location, specialization, consultant versus permanent employee, etc) but suffice it to say, a CCIE can make a decent living.

While I would love to believe that companies pay high salaries solely based on expert level Cisco knowledge that is only one part of the salary equation when it comes to CCIE pay. Cisco’s Channel Partner Progam rewards companies by branding them as Select, Premier, Silver, or Gold partners. I won’t pretend to know much about the details of this program, but there is a stipulation by Cisco that each partner maintain a certain number of Cisco certified employees in certain technologies.

For instance a Gold partner requires:

12 unique certified individuals and all four of the following Advanced Specializations:

    • Routing & Switching
    • Security
    • Unified Communications
    • Wireless LAN

I think that this number fluctuates based on variables such as specialization and total sales, but I’m not sure. I have also heard that Gold partners (and possibly the other levels as well) need to maintain a certain number of CCIEs on staff in order to maintain their partner status. Cisco has a web page that shows the benefits of hiring a CCIE, one of those benefits is:

Preferred status is given to Cisco partners who employ CCIEs (find out more at Cisco Channel Programs).

On the same page Cisco also warns that losing a CCIE may affect partner status:

The benefits of Gold or Silver Channel Partner status are only available to companies who maintain the required number of certified staff.

So why does this mean more money for CCIEs? One of the benefits that a company receives for becoming a channel partner is a discount on Cisco equipment (I’ve heard that it’s a pretty hefty discount). That means that a partner can save substantial costs on equipment. In turn they can put in lower bids on contracts. If a company can save hundreds of thousands of dollars on equipment and bring in more business by hiring a CCIE, then they certainly can afford to pay that CCIE very well. The fact that a CCIE will be able to give expert level support to their customers may be an afterthought.

2 Accomplishment/Challenge

The CCIE is the most difficult Cisco certification (with the possible exception of the new CCDE program) and becoming a CCIE makes you a member of a pretty exclusive group of network professionals. For many candidates getting their digits is tangible display of their networking abilities. It looks awesome on a resume and effectively ends any networking bragfest:

“I’ve been working in networking since routers came with dip switches and I was the guy that the ARPAnet engineers called when they…”
“That’s adorable. I’m CCIE #12345.”
“Drat. I have been bested.”
“Yes you have, lesser engineer.”

Okay, that’s the way it goes down in my head at least. Becoming a CCIE gives one an air of authority (for better or worse). Does becoming a CCIE automatically make you the best engineer on your team? No. But at the very least it shows a dedication and technical prowess that few engineers can claim.

3 Job Advancement/Job Opportunities

This category ties together both of the previous categories. In some situations you may be happy with your salary and employer, but you want to move up the networking ladder. Or you may be looking for a new position outside of the company. Either way, having a CCIE will definitely set you apart from the crowd. It will also give you an advantage in the job market if you lose your current job (a very real possibility in the US at this time). Another benefit is that you’re more likely to be tasked with playing with the latest and greatest technology if you’re a CCIE. Your boss more likely to give that new CRS-1 or Nexus 7000 to a CCIE to play with….err, “test”.

4 Maintaining An Expert-Level Skillset

This one is not mentioned often and can also be looked at as a disadvantage of being a CCIE. Once you become a CCIE, there is an (unreasonable or not) expectation that you have an expert level knowledge of networking. When there’s a difficult issue or just whenever some smart-ass wants to test your knowledge; you will be expected to answer these questions – especially if you’re being paid handsomely. You’re going to want to remember all of those default timers, subnetting skills, LSA types, BGP commands, etc. that you worked hard to learn for the CCIE exam and lab. Instead of reviewing them before an exam or an interview, you’ll want to have them committed to memory so that you don’t become the CCIE that everyone whispers about (“He’s a CCIE and he doesn’t even know [insert technology here]“). Sure there are going to be cases where you’ll tell your inquisitors that you’ll need to research it and get back to them, but you’ll probably want to be quick with an accurate answer to most questions.

There are a multitude of lesser reasons for getting the CCIE such as Cisco Perks like better TAC service and Networker’s parties, but the ones that I have listed are the ones that I’ve heard most candidates use when asked why they are pursuing the CCIE. In my personal case, I started down the CCIE path mostly as a challenge. I wanted to see if I had what it takes to become a CCIE. While job advancement and salary were not at the top of my list, I would be lying if I said that they weren’t in the mix. I love working in IT because it’s one of those fields where more knowledge generally results in more opportunities and/or better pay.

So we’ve seen what the CCIE entails as well as some of the benefits.

CCIE Exam Policies

Candidates should be familiar with the policies for CCIE program participation, as stated below.

  • Conduct
    Candidates must agree they will not compromise the integrity or confidentiality of any Cisco certification exam or certification program. Prohibited actions are described in the Cisco Career Certifications and Confidentiality Agreement. Remedies for violating the policy can include a lifetime ban on all future exams and voiding of all previous certifications.
  • Confidentiality
    The questions and answers of the certification exams are the exclusive and confidential property of Cisco and are protected by Cisco’s intellectual property rights. Candidates taking Cisco exams must agree they have read and will abide by the terms and conditions of the Cisco Career Certifications and Confidentiality Agreement before beginning each exam.
  • Correspondence
    All official correspondence to certified CCIEs and candidates is sent to the email address in the CCIE database. This database is SEPARATE from the Cisco customer database. Changing

    an email address in the Cisco customer database does not automatically update the CCIE database. CCIEs and candidates must keep their CCIE email address updated in order to ensure they received all official correspondence.

  • Exam Violations
    Disclosure of test content is strictly prohibited. Please report any suspicious activity as described in Cisco’s Exam Violation Rules.
  • Lab Exam: Double Booking
    CCIE candidates are allowed to schedule only a single CCIE lab exam date at any location for each CCIE track. Double booking for lab exams in the same track, at either the same location or different locations, is not permitted by the database. Candidates will be allowed to simultaneously schedule lab exams for different tracks.
  • Lab Exam: Exam Rules
    Candidates for the CCIE written exam or lab exam are not allowed to bring anything into the exam room or take anything out. This includes, but is not limited to: notes, documentation, watches, laptops, keyboards, pagers, PDAs, and mobile phones. DO NOT confer or consult with anyone about the exam while taking the exam or after the exam is completed. During an exam, you may only discuss your exam with the lab engineer.
  • Lab Exam: Payment
    Price not confirmed and is subject to change until full payment is made.
    Types. Lab sites in China and Japan will only accept payment via wire transfer. All other locations accept online credit card payment (American Express, Visa, Mastercard, or Eurocard) See “Lab Exam: Scheduling and Payment” for details. You are responsible for any fees your financial institution may charge to complete the payment transaction.
    Due Date. Full payment must be received at least 90 days before the lab exam date. Only one e-mail notice is sent as a payment reminder. Payments generally take one to seven business days to process, so be sure to initiate payment in advance of the due date. It is important that if payment will be made by wire transfer, that the payment is scheduled well in advance to prevent the lab date being dropped. Exams for which payment is not received by the due date will be automatically dropped from the schedule. If you still wish to take the lab, you must rebook the exam online and complete your payment. There is no guarantee that your original date will still be available once it has been dropped for non-payment. If you bookan exam for a date less than 90 days away, you must complete payment on the day you book the exam or the registration cannot be submitted. Candidates are ultimately responsible for making the lab payment in a timely manner and Cisco will not be held liable for any candidates automatically dropped due to non-payment.
    Processing. Credit card payments entered into the system will be processed on the payment due date, exactly 90 days prior to your lab date, as will invoices for all payment types. Be sure the company name, invoicing address and email address are complete and accurate to ensure proper delivery of your invoice. No invoices will be generated before the lab exam due date.
  • Lab Exam: Rescheduling, Canceling and Postponing
    Prior to Due Date. Cancellations or changes to the exam date, location, or track must be made prior to the payment due date–90 days before the scheduled lab date. To make any changes, you must log into the Lab Scheduling tool and drop your current lab. Then you can reschedule according to preferred date, location and track. You may book an exam for a date less than 90 days away, if you complete payment on the day you book the exam.
    If you need to cancel an exam before the due date, and paid via a wire transfer that has already cleared, you are eligible for a full refund by requesting support via the Certifications Online Support tool.
    After Due Date. Changes and cancellations are not permitted after the payment due date–90 days prior to the scheduled lab date–and no refunds will be issued. If you are not able to attend your scheduled lab date, contact support to let them know the lab seat will not be used. You will still forfeit your payment, but you will be allowed to book another exam date immediately. If you do not contact support, you will be marked as a “no show” for the exam and be barred from booking another exam for 30 days.
    Candidates Requiring Visas. If you require a visa to attend your lab exam, it is strongly recommended you apply 10-12 weeks before your lab date. Candidates who fail to obtain required visas will still be bound by these cancellation policies and must cancel their lab exam before the payment due date to be eligible for a full refund. For more information in requesting a CCIE Invitation Letter, please visit our CCIE: Invitation Letter (Entrance Visa) Instant Answer.
  • Lab Exam: Reevaluation of Lab Results

    Exam results appeals are available for the routing and switching, security, and service provider technology tracks. Only exams with potential to change from fail to pass will have the option to request an appeal, based on years of historical data. Appeals are not available for the voice or storage tracks due to equipment limitations.

    An appeal consists of a second proctor loading your configurations into a rack to recreate the test and re-score the entire exam. This process takes up to three weeks after receipt of payment. Only one appeal per lab attempt is permitted.

    The result of the appeal is a confirmation of the existing fail or an update to a pass.

  • Payment Terms

    Make your request within 14 days following your exam date by using the “Request for Reread” link next to your lab record. Each appeal costs $250.00 USD plus any applicable local taxes. Payment is made online via credit card and your card will be charged upon receipt of the request. You may not cancel the appeal request once the process has been initiated. Refunds are given only when results change from fail to pass.

  • Lab Exam: Retakes
    All candidates must wait 30 days between CCIE lab attempts. Please note the 30 days starts from the day after a failed lab exam.
  • Lab Exam: Scoring
    You must obtain an overall score of at least 80% to pass the lab exam. You can view your lab exam results online (login required), usually within 48 hours. Results are Pass/Fail and failing score reports indicate major topic areas where additional study and preparation may be useful.
  • Lab Exam: Start Times
    Start times for exams are indicated in email can also found on the web page associated with each lab location (for a list, see Lab Exam Locations). Please verify your email address in your candidate profile so we can notify you of any changes. If you have any questions about the start time of your exam, please contact CCIE customer support through the Certifications Online Support tool . If you arrive more than two hours after the start of your exam, you will not be allowed to start. If you arrive less than two hours late, you will be allowed to start but you must finish with the rest of the group.
  • Logo Guidelines
    Certified CCIEs may only use the CCIE logo as provided and in accordance with the published Logo Guidelines.
  • Recertification
    To maintain active CCIE status, CCIEs are required to pass either a CCIE written exam of their choosing from among all of the currently available written exams, or a CCIE lab exam in a new track every 24 months. Candidates can only apply one passed written exam towards recertification for every 24 month recertification period. Certification candidates are responsible for keeping track of their certification expiration dates; your recertification deadline can be viewed online anytime (with login) at Certification Status. Subsequent recertification deadlines are always based on your original certification date, not on when you took your last recertification exam.
    If your CCIE recertification requirements are not completed on or before the certification’s expiration date, your CCIE certification will be suspended for one year. Candidates have one year to recertify their CCIE certification by passing the required written exam. If a candidate does not recertify prior to the one year suspension period, all CCIE certification requirements must be completed again to obtain the certification (pass both the written exam and the lab exam.) Please see Recertification for detailed information.
  • Travel Costs
    Under no circumstances will Cisco reimburse travel costs for CCIE lab exams.
  • Written Exam: Expiration
    Candidates must make an initial attempt of the CCIE lab exam within 18 months of passing the CCIE written exam. Candidates who do not pass must re-attempt the lab exam within 12 months of their last scored attempt in order for their written exam to remain valid. If a candidate does not pass the lab exam within three years of passing the written exam, he or she must retake the written exam before being allowed to attempt the lab exam again.
  • Written Exam: Retakes
    There is no limit to the number of attempts that can be made on the written exam. However, candidates must wait 5 calendar days between exam attempts. Once a candidate passes a particular written exam, he or she may not retake that same exam for at least 180 days. (Though rare, this may occur in certain recertification situations.)
  • Written Exam: Scoring
    Pass marks are set by using statistical analysis and are subject to change. The pass score is given on the Examination Score Sheet at the end of the test. Along with the candidate’s score, there is a notation of either PASS or FAIL. Scores on written exams are automatically downloaded from testing vendors, but may take up to 10 days to appear in the CCIE database.
  • CCIE Lab Exam Information

    CCIE Certification Involves Two Exams

    The focus is on identifying experts capable of understanding and navigating the subtleties, intricacies and challenges of end-to-end networking. To become certified, you must pass both a written qualification exam AND the corresponding hands-on lab exam. This section provides general information on CCIE exams; detailed information on the topics covered in the exams is found in the Track Details.

    Lab Exam Information

    Feature Image

    The Final Step in Earning Your CCIE

    Lab exams are eight-hour, hands-on exams that test the ability to configure and troubleshoot networking equipment and software. The topics covered on lab exams can be found on the Track Details pages, links provided on this page. Not all exams are offered at all Cisco CCIE lab locations; please consult Lab Exam Locations for specific details.

    Lab Scheduling and Payment

    A valid passing score on a written exam is required to schedule a lab exam. Written exam scores are automatically downloaded from testing vendors, but may take up to ten days to

    appear in your file. You will need the identification number you used to register for the written exam, the date of your passing exam and your passing score.
    Exams must be paid for at least 90 days before the scheduled lab date, or the reservation will be automatically cancelled. You will only receive one email notification reminding you to make your payment. You can verify the payment due date on an exam by logging in and viewing your Certification Status. Payment options depend on the location of the lab exam, as indicated in the table below.
    Payment processing generally takes one to seven days, so be sure to initiate the process well in advance of the payment due date. All payments will be posted exactly 90 days prior to your scheduled lab date, regardless of when you initiate the process. Invoices will not be issued until the payment is processed.

    Cost of Lab Exam

    Lab exams cost $1,400 USD each, not including travel and lodging. Costs may vary due to exchange rates and local taxes (VAT in Brussels and GST in Sydney). You are responsible for any fees your financial institution may charge to complete the payment transaction.

    Lab Exam Grading

    Each question on the lab has specific criteria. The labs are graded by proctors who ensure all criteria are met and points are awarded accordingly. The proctors use automatic tools to gather information from the routers to perform some preliminary evaluations, but the final determination of a correct or incorrect configuration is done by a trained proctor.


    You can view your lab exam results online (login required), usually within 48 hours. Results are Pass/Fail and failing score reports indicate major topic areas where additional study and preparation may be useful.

    Reevaluation of Results

    Exam results appeals are available for the routing and switching, security, and service provider technology tracks. Only exams with potential to change from fail to pass will have the option to request an appeal, based on years of historical data. Appeals are not available for the voice or storage tracks due to equipment limitations.

    An appeal consists of a second proctor loading your configurations into a rack to recreate the test and re-score the entire exam. This process takes up to three weeks after receipt of payment. Only one appeal per lab attempt is permitted.

    The result of the appeal is a confirmation of the existing fail or an update to a pass.

    Payment Terms
    Make your request within 14 days following your exam date by using the “Request for Reread” link next to your lab record. Each appeal costs $250.00 USD plus any applicablelocal taxes . Payment is made online via credit card and your card will be charged upon receipt of the request. You may not cancel the appeal request once the process has been initiated. Refunds are given only when results change from fail to pass.

    Lab Exams: Rescheduling, Cancellations and Refunds

    Important Restrictions

    Cancellations or changes to the date, location, or exam type must be made at least 90 days prior to the scheduled exam date. Cancellations or changes are made online by logging in and editing your Certification Status. If you have already paid and cancel at least 90 days before the exam date, you are eligible for a full refund by contacting CCIE customer support through the Certifications Online Support tool.

    Entrance Visas

    It is strongly recommended that, if you require an entrance visa to attend the lab, you apply for the visa 10-12 weeks before the scheduled lab date. If you do not obtain the required visa, you must still cancel your lab at least 90 days in advance to receive a refund.

    CCIE Written Exam Information

    CCIE Certification Involves Two Exams(Written and Lab)

    The focus is on identifying experts capable of understanding and navigating the subtleties, intricacies and challenges of end-to-end networking. To become certified, you must pass both a written qualification exam AND the corresponding hands-on lab exam. This section provides general information on CCIE exams; detailed information on the topics covered in the exams is found in the Track Details.

    Feature Image

    The First Step Toward Certification

    Written exams are computer-based, multiple choice exams lasting two hours and available at hundreds of authorized testing centers worldwide. You must pass the written exam before you are eligible to schedule the lab exam. The topics covered on written exams can be found on the Track Details pages, links provided on this page.

    Scheduling and Payment

    Payment and scheduling of written exams is arranged online through Pearson VUE primary test delivery partner. You will need to have the correct written exam number to register. You

    must also use the same candidate ID number for all exams that you take, to ensure your results appear in your CCIE profile.

    Cost of Written Exam

    Pearson VUE, Cisco’s primary test delivery partner offers written exams for $350 USD each, and beta exams, when available at a discounted price of $50 USD. Costs may vary due to exchange rates and local taxes (VAT in Brussels and GST in Sydney).


    Candidates must wait five days between written exam attempts. Once a candidate has passed the exam, he or she may not take the same exam again (for recertification purposes) for at least 180 days.


    Candidates must make an initial attempt of the CCIE lab exam within 18 months of passing the CCIE written exam. Candidates who do not pass must re-attempt the lab exam within 12 months of their last attempt in order for their written exam to remain valid. If a candidate does not pass the lab exam within three years, the written exam expires and must be passed again before the candidates will be allowed to schedule the lab.

    Beta Exams

    Each written exam version is offered first in beta form at a discounted cost of $50 USD. Beta exams are scheduled as you would other written exams and are available at all worldwide testing locations. A passing grade on the beta qualifies a candidate to schedule the lab exam. Results, however, are typically not available until six to eight weeks after the close of the beta. A candidate may attempt the beta exam only once during the beta period.

    CCNA 640-802 Online Practice

    Exam Description

    The 640-802 CCNA is the composite exam associated with the Cisco Certified Network Associate certification. Candidates can prepare for this exam by taking the Interconnecting Cisco Networking Devices Part 1 (ICND1) v1.0 and the Interconnecting Cisco Networking Devices Part 2 (ICND2) v1.0 courses. This exam tests a candidate's knowledge and skills required to install, operate, and troubleshoot a small to medium size enterprise branch network. The topics include connecting to a WAN; implementing network security; network types; network media; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; extending switched networks with VLANs; determining IP routes; managing IP traffic with access lists; establishing point-to-point connections; and establishing Frame Relay connections.

    Review Questions

    The following review questions are taken from the current CCNA curriculum.  These review questions reflect the actual questions you will receive on the live certification exam.

    [QUIZZIN 1]


    (ISC)2 CISSP Certification Self-Study Resources

    CISSP These series offer a progressive, self-paced study routine for (ISC)2 CISSP certification exams, with tools that help certification candidates learn exam topics, gain hands-on experience, prepare for the exam, and practice their test taking skills.


    VCP VMware Certified Professional vSphere 4 Self-Study Resources


    These series offer a progressive, self-paced study routine for VCP VMware Certified Professional vSphere 4 certification exams, with tools that help certification candidates learn exam topics, gain hands-on experience, prepare for the exam, and practice their test taking skills.


    1 599 600 601 602 603 606