Re: CCIE Lab Exam Opening Moves

Starting with the IPS initialization as a potential launch point. I LOVE it.
Thank you so very much Sadiq for taking the time for this feedback.

From: Sadiq Yakasai <sadiqtanko_at_gmail.com>
Date: Friday, October 19, 2012 7:07 AM
To: Anthony Sequeira <terry.francona_at_gmail.com>
Cc: "ccielab_at_groupstudy.com certification" <ccielab_at_groupstudy.com>
Subject: Re: CCIE Lab Exam Opening Moves

Very good - I like it! I had an attack plan as well when I went to bed with
the beast.

One thing worthy of including somewhere in there is saving the initial
configuration of all devices in the flash memory. Many times, in trying to
configure additional items that the exam requires, candidates end up
modifying the initial config and the only way to confirm what was initially
there is via a saved configuration. Some people would do this by copying the
running-config into note pad and saving (or just leaving it open on the
desktop). Greatly helps I tell you!

Also, as a strategy, I always did start with the IPS device (although not
critical). The IPS device can sometimes break a network into multiple
segments before its configured. Therefore, for me, to start building my
network, I always like to initialize it first (not necessarily complete the
whole IPS section). But this is just my preference.

HTH a bit.

Sadiq

On Fri, Oct 19, 2012 at 11:49 AM, Anthony Sequeira
<terry.francona_at_gmail.com> wrote:
> CCIE Security Challenge - 1 Week Out - Opening Moves
>
>
>
> I think it was my dear friend Bruce Caslow of NetMasterClass.com who first
> used the words opening moves when it comes to the CCIE Lab Exam.
>
>
>
> I have been speaking with many CCIE Security Instructors about the CCIE
> Security Exam and the smartest opening moves for this beast. It is pretty
> interesting because my approach and opening moves to this exam will vary
> dramatically from what I did in my Routing and Switching exam.
>
>
>
> In this post I am going to accomplish a couple of things:
>
>
>
> 1 - Write out my opening moves so I am completely clear on them for my
> upcoming CCIE Lab Exam attempt.
>
>
>
> 2 - Publish these in an as many spots as I can to gather any feedback about
> them, or collect some opening moves ideas that my peers and I had not
> thought of.
>
>
>
> 3 - share these moves with anyone that might be preparing for this CCIE
> Security Version 3 lab exam.
>
>
>
> 4 - share these strategies and the overall strategic approach for candidates
> of other CCIE tracks to get them thinking about such planning.
>
>
>
> So what are the opening moves I am planning to make in the CCIE Security 3.0
> Lab Exam? Here they are:
>
>
>
> Step 1 - Confirm the proper setup of my lab materials. Since this exam is
> paper-based - I will examine my lab notebook and make sure all pages appear
> to be there, and that they have not given me a Voice lab :-| I will then
> use any logical topology diagram in the lab notebook to ensure that my
> initial configurations have loaded properly. I will check one router and one
> ASA; or two routers if it appears I have to configure both ASAs from
> scratch. I will notify the proctor IMMEDIATELY should there be any issues
> with my initials. Time: 2 minutes
>
>
>
> Step 2 - I will then read the entire exam paper closely. I will try and spot
> interdependencies and pitfalls in how the security tasks relate to each
> other. ASA filtering, Zone-Based Firewall filtering, the IPS policy, and NAT
> are all areas worth noting considering that configurations here can easily
> cause lab exam failure. I will also examine the diagrams provided closely to
> ensure that they are going to work for me in the exam. I will determine at
> this point if I will be re-diagramming any areas. Time: 10 minutes
>
>
>
> Step 3 - I will then begin any re-diagramming I might need to do and start
> my first configuration. I presume I will be starting with an ASA, but I have
> certainly made no assumptions where I will begin as my lab will ultimately
> dictate that. Before beginning the configuration of any device - I will copy
> the initial configuration of that device into Notepad on the desktop. When I
> copy this configuration, I will visually parse it and look for any setting
> that Cisco may have introduced in the interest of forcing me to
> troubleshoot. Areas to look for include ACLs, VACLs, shutdown ports,
> incorrect or duplicate IPs, incorrect physical port settings, and default
> command reversals.
>
>
>
> Step 4 - start my Skipped Task Tracker and track any tasks that I am
> skipping, either due to level of difficulty, or the fact that the task would
> be best completed at a later time in the lab construction.
>
>
>
> Well, those are the opening moves my friends. I so look forward to feedback.
> I think just like in a game of chess, these opening moves can really set the
> tone for eventual success or failure. I do not plan on taking them lightly
> and winging it!9
>
>
>
> Anthony Sequeira, CCIE, CCSI, VCP
>
> http://www.stormwind.com
>
> Twitter: @compsolv
>
> Facebook: http://www.facebook.com/compsolv
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>

-- 
CCIEx2 (R&S|Sec) #19963
Blogs and organic groups at http://www.ccie.net