The CCNA Security certification is an excellent starting point for anybody that may be looking at entering the IT security world, predominately focused on securing and maintaining Cisco devices. But this just isn’t any certification, in fact, if you’re familiar with Cisco certifications then you’ll probably know that Cisco certifications are renowned for being difficult to pass. However, don’t let that stop you because nothing worth having is easy! Coupled with that, the CCNA Security certification is 8570.01M compliant by the United States Department of Defense (DoD), which is excellent for anybody in that line of work.
But certifications require effort! As with many certification exams, the CCNA Security requires hours upon hours of practice and studying in order to stand a chance in passing the exam. I know this because back in 2017, I passed my CCNA Security exam by spending a great deal of time learning the theory and applying what I’d learnt into labs.
So with that in mind, I have decided to create this article to share with you the tools and techniques that I used to pass the CCNA Security exam. It is worth mentioning that at the time of writing this, the CCNA Security exam is currently version 210-260 and this is the same exam I passed in 2017. However, if you’re new to the certification world and you’re not sure what version the exam is currently on, check out https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-security.html
So without further ado, let’s jump into a guide that should assist you along your way in passing your CCNA Security exam. I have structured this post in a way that makes it easy for you to digest the information given and I hope it will act as a checklist for you.
Step 1 :: Do I Have The Prerequisites For the CCNA Security Exam?
Before you can take the CCNA Security exam, you need to make sure that you meet the minimum requirements. You must have one of the following before you can take the CCNA Security exam:
- Any valid Cisco Certified Entry Networking Technician (CCENT) Certification
- Cisco Certified Network Associate Routing & Switching (CCNA R&S)
- Any Cisco Certified Internetworking Expert (CCIE) Certification
Prerequisites could change so please check by visiting the Cisco website to confirm them here: https://www.cisco.com/c/en/us/training-events/training-certifications/certifications/associate/ccna-security.html
Step 2 :: I’ve Decided That I Want to Take the CCNA Security Exam
So you’ve decided you want to take the CCNA Security exam? Well, I at least assume that you have if you’re reading this article.
Before you take the exam or even begin to study for the exam, you first need to understand what topics are covered and the type of technologies you need to learn. To find this information, head over to the Cisco website to review the CCNA Security Blueprint topics. Exam topics are provided for all Cisco certifications and should be reviewed so that you can organise the topics you want to learn. It is also important to take a look at the exam blueprints to understand the weighting of each topic, in other words, the likely hood of questions from a topic that you may receive during the exam.
Use the blueprint and decide how best to study each topic.
Step 3 :: I Need To Acquire Content To Learn These Exams
Yes we can read a lot of free content online in order to learn some of the topics covered within the blueprint but that will only get you so far before you need to spend some money acquiring books etc.
Here is a list of books and other online resources that I recommend.
The CCNA Security Official Certification Guide is a good starting point and covers the topics required for the exam. This certification is available from other retailers, however, where relevant I have shared the link to Cisco Press. The CCNA Security Official Certification Guide is available a physical book as well as an eBook. I also recommend the other resources mentioned in this section as some will give you a deeper explanation of some topics over others.
The 31 Days Before Your CCNA Security Exam book is amazing in my opinion. I recommend that you purchase this book to quickly recap and review topics covered for the exam. As the name suggests you should be looking at reviewing this book 31 days before your exam. If the physical book is purchased, the author also provides an helpful guide to follow as the days are counting down however I’m not too sure this is the same if eBooks are purchased but don’t quote me on that. If you’re reading this and you know different please let me know and I’ll update this section.
The CCNA Security Lab Manual is a must if you’re serious about learning the exam content and applying what you’ve learnt in your role or future role. It is worth mentioning that extra investment may be required to carry out some of the labs within this book, more information around labs are mentioned later on in this article.
The CCNA R&S Official Certification Guide is great if you plan on creating labs for the CCNA Security. The reason I say that is because depending on when you last worked in a R&S environment you may be a little rusty with things such as routing protocols that could involve the security aspect too so it’s always worth having a copy to hand.
Let me start by saying that Cisco’s Platinum Learning Library is not a cheap investment but if you’re serious about making it in the security industry and want to acquire as much knowledge as you can then it’s worth it. The Platinum Learning Library has a full online CCNA Security course with built-in extensive labs that don’t require any extra workload from your system. I personally used the Platinum Learning Library for the CCNA Security course and found the in-depth labs really useful. Check out the link below to learn more.
Step 4 :: I Want To Lab What I’ve Learnt
By now you should be armed with all the books you need to pass the exam but you now want to start putting into practice what you’ve learnt by creating labs. When I started out with the CCNA Security, Security, in general, was relatively new to me so it made sense for me to put into practice what I was learning. I was also serious about progressing in the field and worked within the industry already so having the ability to break things in my own environment so that I could better understand them was great.
We have a few ways in which we can lab what we’ve learnt, these include virtual environments or physical labs.
Now one would normally say that it makes sense to create virtual labs because it’s easier and cheaper and yes although this is relatively true, the cost of a virtual environment is not always cheaper than buying physical kit off-the-bat. The reason I say this is because you can sometimes pick up Cisco physical kit cheaper than what it would cost to build or buy a brand new desktop or server to create virtual environments.
This is a personal decision that needs to be made, I am fortunate to have the best of both worlds (physical and virtual) but both have their pros and cons. I have listed a few pros and cons of having virtual over physical and vice-versa below:
|Physical||– Product Experience|
– Career Investment
– Ability To Become Familiar With The Equipment
– Ability To Run Hybrid Labs (Physical & Virtual)
– Utilise Features That Maybe Wouldn’t Be Available In Virtual Environments
– Integrate Hardware Into Your Home Network
– Requires You To Use Your Knowledge To Configure The Environment
|– Newer Equipment Can Be Expensive|
– Additional Licenses May Be Required
– Additional Expense on Electricity Bill
– Requires Space
– Can Be LOUD!
– Takes Longer To Set Up
– Requires Re-Configuration For New Labs
|Virtual||– Easier To Set Up|
– Easier To Aquire Licenses
– Cheaper To Operate
– Large Amounts Of Physical Space Not Required
– Integrate Labs Into Home Network
– Cheaper On The Electricity Bill
– Ability To Spin Up New Labs Quicker
|– As Labs Get Bigger, More Resources Required At Cost|
– Limited To Features That Can Be Used
– Can Not Run Hybrid Environments
– Virtual Environment Software May Need To Be Purchased
– Older Images May Not Have All The Latest Features
Personally, I love having a mix of both so that I can do more advanced labs that wouldn’t be supported using just virtual environments. I can also save on having to purchase new RAM or hardware to support ever-growing virtual environments but you have to weigh up your options and decide what is best for you.
To further break this subject down, I thought it would be beneficial to cover what physical and virtual equipment would be relevant for practising what is required for the CCNA Security exam.
I will only list the equipment that I deem is useful to practice specifically for this exam. I will be delivering a more in-depth walkthrough of what the equipment can be used for in a later article and video.
- x1 (x2 Max) Cisco Adaptive Security Appliance (ASA) 5505 any license should do but ideally you should get one with a perpetual license
- x3 Cisco Routers (1800, 1900, 2801, 2811 or 2900) with a Security Technology Package License
- x2 Cisco Switches (2960 or equivalent) with a K9 license
- x2 (x3 Max) Laptops/Computers. This is required if using x2 devices as test machines and x1 device as an Admin Machine. Preferably running a Windows Operating System but depending on labs, you may decide to run a flavour of Linux
When it comes to virtual environments there is a multitude of environments that can be used. This post is not intended to cover the different type of platforms that can be used but I will list just a few of them.
- Cisco VIRL
I have a few other posts that discuss the different virtual platforms here:
Now lets quickly look at the virtual equipment that can be used for the CCNA Security exam.
- x1 (x2 Max) Cisco Adaptive Security Appliance Virtual (ASAv) with an Evaluation License
- x3 Cisco Routers makes and models will vary depending on what virtual environment you decide to use and licenses may be required to use particular features
- x2 Cisco Switches makes and models will vary depending on what virtual environment you decide to use and licenses may be required to use particular features
Depending on the labs you decide to create, you may be required to download additional software to support those labs. I have listed the software that I used as part of my CCNA Security studies and provided links to save you time.
Note: This list is not exhaustive
- WinRadius – A free RADIUS server
- TFTP Server – A free TFTP server
- Putty – SSH/Telnet Client
- WinSCP – SFTP, SCP & FTP Client
- Cisco Configuration Professional (CCP) – GUI Device Management Tool
- Cisco Adaptive Security Device Manager (ASDM) – ASA Device Manager
Step 5 :: I’m Ready To Take The Exam, When Shall I Book It?
When you book the exam is on you! But what I will say is that you should book the exam when you feel confident that you’ve covered each topic in the blueprint and you are familiar with the concepts. The following steps are of those that I took in preparation for my CCNA Security exam, feel free to comment with your suggestions but this is what worked for me and I passed the exam the first time.
- Finish the CCNA Security Official Certification Guide and review the questions and answers for each chapter ensuring that 70% or more is achieved
- Finish the CCNA Security Version 2 Lab Manual
- Lab the topics that are not clear
- Book the CCNA Security Exam
- Review the 31 Days to CCNA Security Exam book and follow the countdown plan
- Review flashcards that were created throughout the study process
- Take the exam & PASS!
I hope this article has been informative and provided you with the information you require to ensure exam success. Feel free to reference, comment and come back to this post and let me know how you’ve scored in your CCNA Security exam.
If you enjoyed this article or found this helpful please support my GoFundMe page here