In my quest to pursue my next certification I sat down and thought about what cert I should dedicate time studying for. There were many things I was interested in which is my first reason to pursue a cert. I was knee deep in Security products at work and even now that doesn’t seem to be going away anytime soon. Most of the products were Cisco, so it made sense to give the CCNP Security a shot. I looked online at Cisco’s site as a start and dived in. Months later, I passed the SCOR exam! I then chose to give the SESA exam a shot and passed (barely)! The CCNP Security however has been completed so I want to take some time to write about my experience related to exam material, relevancy, and difficulty.
Before diving into the exam material, I believe it is important to mention what it takes to earn the CCNP Security certification. To earn the CCNP Security, you will pass two exams. A core exam must be passed as well as one concentration exam. You can find the list of exams at Cisco’s site. There are several concentration exams. Passing a concentration exam also nets you an individual Specialist cert. As an example, if you are interested in learning more about Cisco’s Identity Services Engine, the 300-715 SISE might be the concentration exam for you. Passing that exam also grants you a Specialist cert. However, to obtain the full CCNP Security, you would need to pursue the core exam.
Material
When I study for a certification exam I like to rely on multiple resources. I want to read something. I want to watch something. I want to lab something. I believe doing each of those things can lead to success. Gain knowledge from multiple sources. I attacked the Core exam first (350-701 SCOR).
- The first thing I looked at was the Exam objectives and the outline. This is exactly what Cisco is expecting you to know for the exam. Copying this over to Microsoft’s OneNote, I could make individual notes under each of the topics in the outline as I study them.
- I ordered the CCNP and CCIE Security Core Official Cert Guide. The book was my main study source. I wouldn’t call the book an easy read at first. The first chapter is a journey, but it covers important fundamentals and dives into various attacks. My weaknesses are Cryptography and VPNs, which each have their own chapters. I found those chapters to be an uphill climb, but that might possibly be because I am weaker in those areas.
- I spoke to my manager about training. This led to be able to take the online, self-paced SCOR course on Cisco Digital Learning. This probably made the biggest impact since it included a few labs to follow through online.
- Finally, I was able to go through Pluralsight’s Cisco Core Security (by Craig Stansbury). I would usually watch this on my phone whenever I was out of the house or while laying in bed right before sleep.
As you can see, I had a plethora of material for the SCOR exam. However, it was the opposite for the concentration exam Securing Email with Cisco Email Security Appliance (300-720 SESA). The SCOR material covered Email Security, but it was not a deep dive. The SCOR exam glances over the importance of Email Security, how it works, and some of the components, but not everything. Studying for the SESA involved me recycling the above resources I had access to specifically only for Email Security information. Thankfully, my experience at work with Cisco’s ESA and CES made up for the lack of material.
Difficulty
For the SCOR exam, I did use the Official Cert Guide’s Pearson Test Prep engine that comes with the book. I also used Boson’s test engine for the SCOR practice tests. Between those two, I preferred the Boson test engine. The Pearson Test prep questions inserted a ton of fill in the blank questions. Those usually throw me for a loop. That probably led me to fail most of my practice test attempts. With that in mind, I went into the SCOR exam thinking it would be a very difficult exam. I believe reviewing all the topics the day before was a big help in passing the exam. I found the practice exams a bit more difficult than the actual test. However, I cannot say the same for the SESA Concentration exam. I’d like to say I spend a decent amount of time in the Email Security world, so I went into that test thinking that it would be an easy test. It was not. This was the test I barely passed. If I needed 10 points to pass, 10 points was exactly what I passed with. I believe the lack of material for the SESA exam led me to have a difficult time during the test since I simply relied on most of the material from the SCOR exam and my own personal experiences.
Relevancy
Is the CCNP Security exam relevant to what is happening in the world today? Yes! Especially Chapter 1 of the SCOR Official Cert Guide. Chapter 1 was one of the longest chapters as it covered a wide range of agencies, documents, attacks, and defenses. This is mostly general information that applies to the security world, not just Cisco security. As I mentioned earlier, this chapter is a journey, but one that was extremely educational. With everything we do in our professional lives, we should always have a security mindset. As I have experience with most of the security products covered in the guide, the SCOR and the SESA were personally relevant. The CCNP Security would be a certification to pursue if you are going to work with or have experience with the products. It’s mostly Cisco-centric and not a general security cert. My advice is to also pick a concentration exam that you might have experience with, or at least have some materials to use for your studies.
I found pursuing the CCNP Security to be a pleasant, but mildly challenging journey. It was not the most difficult certification I’ve pursued, but it made sure to keep my stress levels elevated during the exams. There is plenty of material and test engines out there for the core SCOR exam. If you are working with Cisco’s security products, give this one a try.
The Art of Network Engineering 