+ Reply to Thread
Page 1 of 10 1 2345 ... Last
Results 1 to 25 of 242
  1. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #1

    Default YFZblu's CCNA: Security journey (640 554)

    Hey all--

    After achieving my CCNA, I decided to specialize with the CCNA Sec track. I've never done anything like this before, but I'm going to post daily to this thread to keep a running log of my experiences; good and bad. I don't have much to offer now in terms of security, just my security+. So as you'll see in my later posts I'm quite green to IT security besides basic terminology and concepts.

    So here is my plan of attack: I'm probably going to read the book the first time without taking many notes or lab'ing much at all. I strictly want to gain a high-level understanding of the concepts. Hopefully by the time I complete the book the first time (~3 weeks) there will be more resources available for the new exam such as CBT Nuggets and/or Train Signal. Once those video tutorials are released, I will then re-read the book in conjunction with the video tutorials, to gain a more granular understanding of the topics. Hopefully by this time I will also have my ASA 5505 in-hand for some serious lab study.

    All in all, I'd like to do this in under three months - For someone with just a CCNA and no practical experience in security and no paid experience in networking, I think this is an aggressive goal. I'm currently going to school full time and working full time + on call, so I can't spend 6 hours a night on this like I want to After the enormous amount of time I spent on the CCNA, I promised my wife I'd back off a little as well.

    I also hope this thread can serve as a hub for others to post their experiences to during their CCNA Sec journey. Good luck to all!

    Edit: The book I'm reading is: 640-554 CCNA Security, Official Cert Guide. Authors are Keith Barker and Scott Morris.
    Last edited by YFZblu; 08-08-2012 at 07:47 PM.
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Apr 2012
    Location
    Philippines
    Posts
    800

    Certifications
    MCSA Win7, MCSA 2003 & 2008, MCS, CCNA, VCP5
    #2
    Good luck! Do you work with Cisco at your job?
    Reply With Quote Quote  

  4. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #3
    Yeah, we're a Cisco shop - As of now I only have privileged exec access to our network hardware; so when an issue arises I mostly just take a look around and help diagnose the issue before the network engineers fix it. So I definitely wouldn't say I work with the tech every day.
    Reply With Quote Quote  

  5. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #4
    Why the CCNA:Sec?

    Hmm, you might be a good candidate for CCNP as you work around the equipment and help troubleshoot?
    Reply With Quote Quote  

  6. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #5
    I decided on CCNA Sec for a couple of reasons. First, I want to move my career in the security direction as soon as possible. Secondly my company employs two types of network guys: Field engineers who handle R&S, and security engineers who deal with ACL's, ASA appliances, and policies. Having both an R&S CCNA as well as the CCNA sec will potentially open either door when it comes time to get hired - When my time comes to join the network folks, I don't really care how I get in as long as I get in.
    Reply With Quote Quote  

  7. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #6
    Roger that. I guess this goes without saying, you already have a lab for CCNA:Sec? If so, What do you have - I'd like to copy someone's lab
    Reply With Quote Quote  

  8. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #7
    As of now I haven't added anything to my CCNA lab which consists of:

    3x 2950 switch
    3x 2600 series routers
    1x 871 router

    I'm still waiting to hear back from a re-seller I know to find out if he has any ASA 5505's laying around.
    Reply With Quote Quote  

  9. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #8
    We have liftoff - I went ahead and read Chapter 1. Very basic stuff:

    -Discussed Confidentiality, Integrity, Accounting
    -Types of attacks
    -Discussed risk and how to mitigate it, transfer it, or eliminate it
    -Other security terms: Vulnerability, threat, etc.

    It's a short chapter, only 11 pages. It looks like the first few chapters are short and set the stage for the vendor-specific information and configuration to begin.
    Reply With Quote Quote  

  10. Network Consultant FloOz's Avatar
    Join Date
    Dec 2011
    Posts
    1,588

    Certifications
    B.S. CSIT; CompTIA A+, Network+; CCNA, DA; CCNP R&S; CCDP
    #9
    goodluck in your studies!
    Reply With Quote Quote  

  11. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #10
    Day 2:

    I read chapters two and three, which were quite short as well. I ended up breaking my 'no note taking' rule for the first read of the book, simply due to the amount of terminology involved in the first few chapters. Chapters two and three covered some nice things:

    -SecureX architecture
    -Defense in depth
    -Concept (and reality) of border-less networks
    -Administrative, logical, and physical threat countermeasures

    A quote I liked from the book: "An ounce of prevention is worth one pound of cure"
    Reply With Quote Quote  

  12. Senior Member zrockstar's Avatar
    Join Date
    Jan 2012
    Location
    NC
    Posts
    370

    Certifications
    CCNA, Network+, CSE
    #11
    Hey Blu, I have started the same book, currently on Chapter 7. I am trying to work through some lab issues in GNS3 currently, but let's keep in touch and help each other out through the study.
    Reply With Quote Quote  

  13. Matrix(Config)# Roguetadhg's Avatar
    Join Date
    Jan 2012
    Location
    SC
    Posts
    2,380

    Certifications
    #Cisco: NA #CompTIA: A.N.S
    #12
    YFZblue, Does the physical book come with a full-book pdf file included with the cd?
    Reply With Quote Quote  

  14. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #13
    It just comes with a free 45-day Safari subscription, which hosts the book online - But no PDF format unfortunately.
    Reply With Quote Quote  

  15. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #14
    Quote Originally Posted by zrockstar View Post
    Hey Blu, I have started the same book, currently on Chapter 7. I am trying to work through some lab issues in GNS3 currently, but let's keep in touch and help each other out through the study.

    Sounds good!
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    Jun 2010
    Location
    Vermont
    Posts
    596

    Certifications
    SNAP+
    #15
    Good luck on your studies!!!

    Quote Originally Posted by YFZblu View Post
    I'm still waiting to hear back from a re-seller I know to find out if he has any ASA 5505's laying around.
    You might want to check ebay as well. Some good deals on good equipment can be found. Although, I believe you wont need them unless you go on to CCNP/Sec.
    Reply With Quote Quote  

  17. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #16
    ^ Will do - It looks like I'm going to have to spend about $250 minimum for the ASA device. I'll try to hold out for a better deal, we'll see.
    Reply With Quote Quote  

  18. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #17
    Day 2.5 - I couldn't sleep, so I thought I'd get another chapter in tonight.

    Chapter 4:

    -Network Foundation Protection (NFP): Securing the Management Plane, Control Plane, and Data Plane
    -Read about some intriguing tools such as Unicast Reverse Path Forwarding, and TCP Intercept

    Yet another short chapter. Chapter five begins some configuration with CCP, I'm looking forward to that!
    Reply With Quote Quote  

  19. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #18
    Day 3:

    Family time tonight, no opportunities to read. I went ahead and installed CCP on a Server 2008 box I have at the house, and I'll get to it tomorrow
    Reply With Quote Quote  

  20. Senior Member sthompson86's Avatar
    Join Date
    Apr 2010
    Location
    Pearl, Ms
    Posts
    370

    Certifications
    A.A.S Computer Technology, CCNA, CCENT, A+, Network+, Security+
    #19
    I have my CCNA Sec book in the mail.. CCP never heard of that lol.. Lots to look forward too!
    Reply With Quote Quote  

  21. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #20
    Day 4: Didn't read, unfortunately. I had a busy day at work and just wanted to relax.

    ------------------------------------------------------------------------------------------------------------------------------------------------
    Day 5:

    Chapter 5: Protecting network infrastructure with CCP. Really good information in this chapter! I went ahead and installed CCP on a server and I was able to use all features with my 871 router. So far CCP seems like a significant upgrade over SDM. CCP is easy to navigate and has some really cool features. This chapter covered:

    -Preparing the router to allow HTTP/S connections and setting up level 15 authentication on the local database
    -Discovering a router or a community of routers
    -Creating user profiles to impose configuration restrictions
    -Configuration templates
    -CCP Security audit
    -CCP One step lockdown

    So far everything seems pretty straight forward, and the writing style of the book has worked out nicely for me. I don't think I'll jump into chapter 6 today; instead I'm going to review the notes I've made from chapters 1-5 and play around with the basic functions of CCP a little bit more.
    Reply With Quote Quote  

  22. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #21
    Quote Originally Posted by sthompson86 View Post
    I have my CCNA Sec book in the mail.. CCP never heard of that lol.. Lots to look forward too!
    Great! Hopefully we can get a group of CCNA Sec hopefuls on the forums to help each other along the way.
    Reply With Quote Quote  

  23. Senior Member zrockstar's Avatar
    Join Date
    Jan 2012
    Location
    NC
    Posts
    370

    Certifications
    CCNA, Network+, CSE
    #22
    Quote Originally Posted by YFZblu View Post
    Great! Hopefully we can get a group of CCNA Sec hopefuls on the forums to help each other along the way.
    I would be down with this, maybe a Skype or g-chat session once a week?
    Reply With Quote Quote  

  24. Senior Member YFZblu's Avatar
    Join Date
    Nov 2011
    Posts
    1,423

    Certifications
    A+, N+, S+, CCNA, CCNA:Sec, GSEC, GCIH, GCFE
    #23
    That could work. But we can't have you running off to CCDA!
    Reply With Quote Quote  

  25. Senior Member zrockstar's Avatar
    Join Date
    Jan 2012
    Location
    NC
    Posts
    370

    Certifications
    CCNA, Network+, CSE
    #24
    Quote Originally Posted by YFZblu View Post
    That could work. But we can't have you running off to CCDA!
    LOL, the lack of gear is getting me down man!
    Reply With Quote Quote  

  26. Senior Member sthompson86's Avatar
    Join Date
    Apr 2010
    Location
    Pearl, Ms
    Posts
    370

    Certifications
    A.A.S Computer Technology, CCNA, CCENT, A+, Network+, Security+
    #25
    Quote Originally Posted by YFZblu View Post
    Great! Hopefully we can get a group of CCNA Sec hopefuls on the forums to help each other along the way.

    I would be interested.
    Reply With Quote Quote  

+ Reply to Thread
Page 1 of 10 1 2345 ... Last

Social Networking & Bookmarks