Over the past couple of weeks, I have been reading through Integrated Security Technologies and Solutions, Volumes I and II. At my current pace, I expect to finish Volume II within the next few days at around 50 hours of time invested since I picked things back up at the beginning of October – at 25 hours each, taking reasonably detailed outline-style notes, I think this has been a great investment of time to get me in the right headspace, help spark ideas and identify knowledge gaps more clearly, and get excited for the studying to come. Though I’m not yet perfectly hitting my 18-hour-per-week goal, I’ll get there in the short term, and so far the study schedule I have laid out seems to be effective as well as adaptive enough to work for my day-to-day life.
With that being said, as I round out the second book: what’s next? What, specifically, do I pick up and continue on with from here? I started thinking about this the other day, and I think my plan at the moment is going to be to continue hitting books and some online learning before I really begin investing serious time in lab practice.
Since the blueprint covers so many technologies, I started looking at it and thinking in terms of what I know well, what I know pretty well but could be more comfortable with, and what I have limited practical experience with.
For example, I am very, very comfortable with ISE, which makes up about 25% of the exam (at least). No, I probably couldn’t take a switch from zero to CTS in 15 minutes off the top of my head from scratch (because in the real world, sane people templatize configs 😉 ), but beyond labbing some specific things for speed and a general review of the technologies involved, I am not too concerned that I am going to see ISE-based lab scenarios I can’t work through. Not being cocky here – I will absolutely be investing dozens of hours into labbing with ISE just like everything else – but, from a familiarity perspective, I think my knowledge gap is minimal. On the other end of the spectrum, though, I have products like Stealthwatch, and ESA, which I have zero practical experience with and are going to take considerable time and effort for me to feel CCIE-Lab-level proficient.
So, as I thought about these things, I started trying to list them in order, from smallest skill-gap to widest, and in terms of strategy, I am planning to hit broad product topics first and work my way down from there. At a really high level, this is the order I think I am planning to tackle things, for now, once I wrap up ISTSv2:
- VPN Technologies – read through the SVPN 300-730 OCG, maybe take the exam
- FTD/NGIPS – read through the Secure Firewall OCG, and look through some sections of the older FTD and NGSS books as applicable
- Content Security Technologies – go through the 40-hour WSA and ESA courses on the Cisco Platinum Learning Library
- Endpoint Security – go through the 24-hour AMP4E course on the Cisco Platinum Learning Library
- Go through the 24-hour Security Automation course on the Cisco Platinum Learning Library
- Go through the Stealthwatch dCloud lab and read through the implementation guides as well as the relevant sections of the SCOR OCG again (Chapter 5 in particular)
- Go through the CBT Nuggets IPv6 course and supplement with IPv6: TPP
- Read through implementation and design guides for CTA and Threat Hunting, including dCloud labs
- Read through the ISO27k, RFC2827, and PCI-DSS standards
- Read through Cisco SAFE model
From here, I think I will have shored up the foundations so to speak, and it becomes a matter of pausing to reassess, and starting to dig into specific technologies and features more deeply; hitting config guides, Cisco Live session recordings, and really just going deeply through the blueprint topics one at a time in both theory and lab scenarios. At the moment, I still plan to use the Learning Matrix as a general guide, and I am strongly considering leveraging kbits CCIE Security course and Lab workbook if he does another sale – partly because it is the only Lab workbook for this track I am aware of at the moment, and partly because Khawar has a really great teaching style from the content of his that I have seen. I will likely start, though, with a combination of my own lab and the CCIE Practice Labs provided by Cisco, and see how I feel from there.
I feel like I won’t truly understand the lab and what I am up against until I just bite the bullet and sit for the exam, so at the moment I do still plan to make the first attempt in/around May of 2023. I’m treating this plan like I have treated my study schedule thus far in that it is not set in stone, but is a way for me to outline what I think is a reasonable starting point based on my gut, things that I seem to read about in other success stories, and input from peers.
Happy labbing!
CCIE #TBD 
Thank you for sharing your thoughts! 🙂
LikeLike