Hi everyone! I’m Jason.
For those of you that are familiar with my articles here on Train Signal Training, you already know that I’m CCNA certified and I’m currently working on my CCNP.
Since I just recently started my journey towards that goal, I figured I might as well share each and every step I take towards my CCNP it with all of you, so that you can have an idea of what my experiences were like — and what you can expect if you’re getting CCNP certified.
About Cisco’s Professional Certifications
The Cisco Certified Network Professional (CCNP) is Cisco’s Professional level of certification in the routing and switching field.
Since Cisco has several Professional level certifications, you might be wondering why I chose this path as opposed to, say, a CCNP Wireless, CCVP (Voice Specialist) or a CCSP (Security Specialist).
For me, it was more about my passion for the routing and switching environment. I also took into consideration the fact that the CCNP certification would help me advance my networking career faster and provide me with more opportunities, while I continue along the path to becoming an expert in Cisco.
However, the career path you choose might be different.
My advice on choosing your next level of Cisco certification would be to look for a field you really love while comparing it to your local job market needs. Currently in my region, Cisco routers and switches are selling faster than, let’s say, Cisco IP Phones, so if I had chosen the Voice path, I wouldn’t have gotten to really put my skills to work after attaining the cert.
So take your time and do lots of surveying to make sure that the path you choose has some kind of immediate market need and of course, that you have an interest for that field.
How to Become a CCNP
As you might already know, you need a valid CCNA certification in order to take any of the Professional level exams.
Based on the current CCNP requirements, you need to sit and pass 3 or 4 exams in order to become a CCNP. As with your CCNA, there’s also a composite exam, which can help you to attain your cert even faster.
These are the current exams as listed on Cisco’s Website:
- Building Scalable Cisco Internetworks (BSCI 642-901)
- Building Cisco Multilayer Switched Networks (BCMSN 642-812)
- Implementing Secure Converged Wide Area Networks (ISCW 642-845)
- Optimizing Converged Cisco Networks (ONT 642-825)
- Composite BSCI and BCMSN (642-892)
Today, I’ll be touching on the ISCW exam as this was the first exam I took and passed ( thankfully).
CCNP ISCW (642-845) Exam
The Implementing Secure Converged Wide Area Networks exam validates a Cisco professional’s ability to expand and secure corporate networks using Cisco routers and switches, more so, routers.
Topics consist of being able to secure routers and switches (also called hardening), configuring IPSec VPNs using both the CLI (Command Line Interface) and Cisco’s SDM (Security Device Manager), configuring CBAC Firewalls and site-to-site VPNs.
Below are the exam objectives as listed on Cisco’s Learning Network (BTW, I love this site):
Implement basic teleworker services
- Describe Cable (HFC) technologies
- Describe xDSL technologies
- Configure ADSL (i.e., PPPoE or PPPoA)
- Verify basic teleworker configurations
Implement Frame-Mode MPLS
- Describe the components and operation of Frame-Mode MPLS (e.g. packet-based MPLS VPNs)
- Configure and verify Frame-Mode MPLS
Implement a site-to-site IPSec VPN
- Describe the components and operations of IPSec VPNs and GRE Tunnels
- Configure a site-to-site IPSec VPN/GRE Tunnel with SDM (i.e. pre-shared key)
- Verify IPSec/GRE Tunnel configurations (i.e., IOS CLI configurations)
- Describe, configure, and verify VPN backup interfaces
- Describe and configure Cisco Easy VPN solutions using SDM
Describe network security strategies
- Describe and mitigate common network attacks (i.e., Reconnaissance, Access, and Denial of Service)
- Describe and mitigate Worm, Virus, and Trojan Horse attacks
- Describe and mitigate application-layer attacks (e.g., management protocols)
Implement Cisco Device Hardening
- Describe, Configure, and verify AutoSecure/One-Step Lockdown implementations (i.e., CLI and SDM)
- Describe, configure, and verify AAA for Cisco Routers
- Describe and configure threat and attack mitigation using ACLs
- Describe and configure IOS secure management features (e.g., SSH, SNMP, SYSLOG, NTP, Role-Based CLI, etc.)
Implement Cisco IOS firewall
- Describe the functions and operations of Cisco IOS Firewall (e.g., Stateful Firewall, CBAC, etc.)
- Configure Cisco IOS Firewall with SDM
- Verify Cisco IOS Firewall configurations (i.e., IOS CLI configurations, SDM Monitor)
Describe and configure Cisco IOS IPS
- Describe the functions and operations of IDS and IPS systems (e.g., IDS/IPS signatures, IPS Alarms, etc.)
- Configure Cisco IOS IPS using SDM
How I Studied for my CCNP ISCW Exam
From time to time, I also used Cisco’s Quick Learning Modules to hone in on specific topics.
I would usually read one chapter of the book, and then if I wasn’t too clear on it, I would watch the Chris Bryant videos on that particular topic, before re-reading the chapter again. I found this method really works for me because gradually the topics began to get really clear.
I would say it took me roughly about a month and a half to two months to prepare for this exam. This consisted of hours and hours of reading (lol, something I only recently started to like) from Sunday to Sunday.
Sometimes I read so much that my head started to hurt and I even complained to my Twitter buddies how I must be going blind, because after those intense periods of reading, I usually noticed the letters on other programs looking way smaller than they were (I still haven’t gotten my eyes checked to verify if I am indeed going blind lol).
Also, don’t forget to utilize Cisco’s Quick Learning Modules that can be found on their Learning Network website. There was one particular topic that gave me a tough time at first — IPSec VPNs — and really understanding how the different phases of authentication and negotiations worked. After looking at Cisco’s Quick Learning Module presentation on this topic, I was amazed at how quickly I grasped the concept.
This is another reason why having multiple learning sources can greatly help you with your exam preparation.
Practice Makes Perfect — Even for the CCNP ISCW Exam
Of course no Cisco exam is complete without some simulation being thrown into the mix and for this phase of my studies I used the famous GNS3.
In my opinion, this simulation totally beats any other simulation out there — reason being, you are using real Cisco IOS images and the only thing that is simulated is the hardware. Awesome stuff, I know.
With the GNS3 I was able to practice my IPSec VPN site-to-site configurations along with the basic MPLS configurations. Getting experience with CBAC Firewall configurations, Intrusion Prevention Systems and hardening Cisco routers all came from a project I was working on while I was studying. Yup, I’m a pretty lucky guy huh.
Part of the project consisted of installing and configuring a Cisco router to allow VPN access for clients, so I was able to practice with SDM (of course, before actually putting the gear into production).
How I Passed my CCNP ISCW Exam
After about 1.5 months of intense preparation, I felt really confident — confident enough to register for the exam.
The CCNP ISCW exam consists of approximately 50 to 60 questions that must be answered in 90 minutes.
Luckily for me, I’m currently in a location where English is not the main language so I was automatically awarded 30 minutes extra, and trust me — those 30 minutes came in handy. I actually used up all the time that was allotted to me.
So what does that say about the exam? Was it that difficult that I wasn’t able to complete it in the regular 90 minutes and had to use the extra 30 minutes?
Well, to be honest, I wouldn’t say it was extremely difficult, but it wasn’t easy either. Challenging would actually be the perfect word to describe the ISCW exam.
I think I spent more time than I should have on certain questions because I knew that once I clicked next, I would not be able to go back and review my answer. So remember, your first answer is your final answer on Cisco exams.
Then there were the simulation questions. These proved to be quite more challenging than I first thought, so I spent a lot of time working on these.
But all in all, it has been a very exciting experience. It provided me with exactly the skills I needed to complete the project I was working on at work while the exam itself and my approach to answering the questions, highlighted areas in which I needed to improve on for my next exam.
Best of luck to you! I hope you will continue to follow me along on my journey towards getting my CCNP! For me, the ONT (642-845) exam is next!
Quick List of Resources I Used to Prepare for my ISCW Exam
- Cisco Press CCNP ISCW Official Exam Certification Guide
- Cisco Press CCNP ISCW Quick Reference Sheets
- Cisco Learning Network
- Train Signal Chris Bryant CCNP Training Videos
- GNS3 Simulator