I finished last year with an incomplete challenge and lots of things in my to-do list. This exam was one of them, so I ended up moving lots of my objectives to 2018
I presented this exam at the beginning of November-17 and failed with few or a lot of incorrect questions. It really took me by surprise some of the things that I thought I knew needed more re-enforcing on my end. It is also very important to understand that these exams are also created with technology in mind, and many of them get to be un-updated for a while, so I was also tested on things that are End of Life (which I think got the best of me)
Leaving all the venting and bitching aside, I learned lots of things from when I failed it to last week that I finally passed it.
I made myself a list, which I think will become some sort of multiple posts in the future, but wanted to include few things that made the difference for me while studying for almost 2 months on and off.
One more thing, before we get to the list, a lab was a big differentiator, get used to the CLI, get used to the different configurations, and more important, have fun doing it.
role-based access control cisco
https://www.packetmischief.ca/2015/03/13/role-based-access-control-in-ios/
Private VLANs configuration example
https://learningnetwork.cisco.com/docs/DOC-16110
cisco email security appliance
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/cli_reference_guide/b_CLI_Reference_Guide/b_CLI_Reference_Guide_chapter_0100.html
https://www.cisco.com/c/en/us/products/collateral/security/email-security-appliance/data-sheet-c78-729751.pdf
Netflow flexible configuration
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/fnetflow/configuration/15-mt/fnf-15-mt-book/fnf-fnetflow.html
Cisco Prime Security Manager
https://www.cisco.com/c/en/us/products/security/prime-security-manager/index.html
configure logging on cisco router
http://ciscorouterswitch.over-blog.com/article-logging-options-in-the-cisco-ios-121622558.html
cisco asa packet trace and packet capture example
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118097-configure-asa-00.html
cisco asa ctiqbe inspection
https://www.cisco.com/c/en/us/td/docs/security/asa/asa72/configuration/guide/conf_gd/inspect.html#wp1228619
dynamic arp inspection
http://packetlife.net/blog/2010/aug/18/dhcp-snooping-and-dynamic-arp-inspection/
http://www.ciscopress.com/articles/article.asp?p=1181682&seqNum=8
arp access-list configuration example
https://www.cisco.com/c/en/us/support/docs/switches/catalyst-3550-series-switches/64844-mac-acl-block-arp.html
traffic storm control
https://www.cisco.com/c/en/us/td/docs/routers/7600/ios/12-1E/configuration/guide/storm.html
cisco asa eigrp configuration example
https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/91264-eigrp.html
snmp3 configuration ASA | router & switch
http://ciscorouterswitch.over-blog.com/article-how-to-configure-snmp-v3-on-cisco-asa-and-ios-117417981.html
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/snmp/configuration/xe-3se/3850/snmp-xe-3se-3850-book/nm-snmp-snmpv3.html
cisco asa1000v to asav
https://www.cisco.com/c/en/us/products/collateral/security/asa-1000v-cloud-firewall/data_sheet_c78-687960.html
asav
https://www.cisco.com/c/en/us/products/collateral/security/adaptive-security-virtual-appliance-asav/datasheet-c78-733399.html
asa bridge groups
http://tacocatsays.blogspot.com/2017/06/configure-bvi-bridge-group-on-asa5506x.html
asa failover config and explanation
https://www.cisco.com/c/en/us/td/docs/security/asa/asa91/configuration/general/asa_91_general_config/ha_failover.html
cisco asa specific snmpv3
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/monitor_snmp.html#27045
cisco asa cli configuration aaa
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/aaa_servers.html
ntp authentication configuration asa
https://docs.secureauth.com/display/docs/Configuring+NTP+on+the+Cisco+ASA
cisco asa multicast support
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/route_multicast.html
cisco asa botnet traffic filter configuration
https://www.cisco.com/c/en/us/td/docs/security/asa/special/botnet/guide/asa-botnet.html
Cisco web security appliance
https://www.cisco.com/c/en/us/products/collateral/security/content-security-management-appliance/datasheet-c78-729630.html
cisco vnmc policy manager
https://www.cisco.com/c/en/us/td/docs/net_mgmt/virtual_network_mgmt_center/2-0/quick-start-guide/VNMC-20-QuickStart.html#wp77590
hardening a cisco Switch | Router | Firewall
https://security-24-7.com/hardening-guide-for-cisco-routers-and-switches/
IPv6 First-Hop Security Configuration Guide
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/ipv6_fhsec/configuration/xe-16/ip6f-xe-16-book/ip6-ra-guard.html
Context-Based Access Control Firewall, Cisco IOS Release 15M&T
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_data_cbac_fw/configuration/15-mt/sec-data-cbac-fw-15-mt-book/sec-cbac-fw-sup-trp.html
asa Configuring Multiple Context Mode
https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_contexts.html
enabling scp on a cisco router
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_ssh/configuration/xe-16/sec-usr-ssh-xe-16-book/sec-usr-ssh-sec-copy.html
cisco asa nat configuration examples
https://www.cisco.com/c/en/us/td/docs/security/asa/asa95/configuration/firewall/asa-95-firewall-config/nat-reference.html
cisco prime infrastructure audit tools – Auditing Device Configurations to Ensure Compliance
https://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/infrastructure/3-0/user/guide/pi_ug/compliance.html
What to look Forward to?
If you made it this far on this post before getting distracted by the amount of Links, be sure that there will be more information in the upcoming days. – In the meantime thank you for sticking up and enjoy the reading!
About the Author:
Andres Sarmiento, CCIE # 53520 (Collaboration)
With more than 13 years of experience, Andres is specialized in the Unified Communications and Collaboration technologies. Consulted for several companies in South Florida, also Financial Institutions on behalf of Cisco Systems. Andres has been involved in high-profile implementations including Cisco technologies; such as Data Center, UC & Collaboration, Contact Center Express, Routing & Switching, Security and Hosted IPT Service provider infrastructures.