Beginning on May 10, OEQ for CCIE RS and Voice lab exam will not include the four Open Ended Core Knowledge Questions. Cisco introduced 4 questions to the CCIE R&S lab exam on February 2009 to eliminate cheating and stop fast growing rate of R&S numbers. They have achieved just partially the target for short period time. Next, on October 2009 Cisco decided to introduce the CCIE R&S v4.0 Blueprint with 2 hour troubleshooting section that cause that fast CCIE certificate numbers grow stopped and in next stage even decline the numbers in R&S.

The total lab time will remain the same – 8 hours with 2 hours troubleshooting section at the beginning of the exam.

As Cisco has explained OEQ will be removed because troubleshooting section is enough to take care about cheating.

The last day of the security bootcamp. We had a chance to take of adavntage some of security fetures in practice. 8+  mock lab with just a pice of material. We have tested ASA with basic failover with firewall contexts, DMVPN over FR and more. It kind of brainstorm with the lead of the bootcamp. It is always the best to learn fast and remeber conclusions based on the wrong answers.

It was hard week with a ton of material. Sorry but my posts were just a high overview what we have done this time. I have 3 days off so I will back next week to post you some nice fetures that I have learned thru these days. I will keep you updated.
In case you will have any further question just drop me mail.

It was the borest day I think almost all good known technologies: Securing the Control Plane, Securing the Management Plane, Securing the Data Plane and Advanced L2 Security. To be honest it was just overview and we didn’t cover all fetures (planed fetures based on Piotr’s plan). There is huge homework to do. You have to keep in mind that all of these stuff is important and required on the exam. Short question from the large pool and good answer = 2 more points to be a winner of the game.

Today was IPS, ACS, 802.1x. Tones of material in very short time. ACS with 802.1x it will be the hardest thing on the exam I think, why 🙂 ? you will answer this question once you figure out ACS configuration. Good luck.

BTW – Good news for all that would attend Security and Service Provider bootcamp in Warsaw in near future. New dates just have been posted on the Micronics Networking & Training Inc.

As I’ve promised you, here you are first day feedback.

We have started at 10 am from basic firewall stuff and went thru all ASA fetures like: NAT, MPF, Advanced protocol inspection, contexts, failover, QoS until ASA troubleshooting. Additionally at the end of the day we had nice short overview about basic and advanced IOS data plane security fetures like CBAC or ZPF.

What about trainer? Piotr has started calmly and secure his class. Some nice diagram draw on whitebord with slides were enough to understand the clue. Knowlede justified  by his practical experience on real deployments is what all students are looking for on training and what is always nice to see and hear. Unfortunately Piotr has completely opposite teach manner compared to Narbik what has impact on the way how he pass knowledge to students. 

Tomorrow the most important and interesting day I think – all VPN technologies.

I had a chance to attend the CCIE R&S Bootcamp twice, first one February 2009 and second one retake just before the exam at the end of May 2009 (both were organized in Warsaw, Poland). I was really impressed of Narbik’s lecture and manner of teach. He is a amazing CCIE trainer with a sense of humor that have real and solid technical experience in networking industry. Bootcamp was not only a way to prepare to CCIE Exam but especialy detail technical class that helped me understand some caveats.

Tomorrow I will have a chance to attend the CCIE Security bootcamp branded by Narbik Kocharians, but this time it will be heading by Piotr Matusiak not Narbik, but I hope it will be also good week with Cisco security technologies.

I’m going to post each day a short note about class detail and keep you updated.

My way towards CCIE number

I started my adventure with Cisco Networking in September 2003 when I attended to Cisco Networking Academy at my university.

In 2004, after CNA I passed my first Cisco certificate – CCNA. During my work in national ISP I achieved CCNP, CCDP, CCIP and CQS-FW.

CCIE was for me like natural next step on this long learning way. I started my preparation in January 2007 from assembling of my own rack. Later on it was just practice and practice of all Cisco technologies. Besides my physical home lab I used Dynamips (Cisco router emulator), it’s great tool for mobile learning. I used Dynamips mainly for testing technologies (e.g. routing, multicast, QoS, security) max 5 routers to emulate such environment.

Plan your study time

In my opinion it’s the most important part of your exam (even you didn’t reserve exam yet) here you are passing your lab or not, here you decide if you are able to spend next year of your time under learning. Of course everything depends how many hours you will be able to spend per day but for me it took about 2 years, but last half a year was very intensive with average 8 hours every day. You have to be aware that this “project” is very time demanding and you will need a support of your family and friends. There is no reward without renounce. From my experience the more intensive period you have just before the exam the better. Don’t forget to give you few days break just before the exam to refresh your mind and relax somehow ;).

You have to schedule your time and work for preparation.

First off all you have plan how your study will looks like, what materials you will use, what books and CCIE workbooks you will need to go thru.
Below you can find my basic network documentation that I have used during preparations.

Cisco Documentation

Exam tips

80% to success

You have to treat the exam like a game. You have to score minimum 80%. Basically it’s a final part of your project – implementation. Ability to mange the time is very important. Remember you don’t have to implement everything, but as much as you can. You have to done every core topics like L2 and L3, where you can miss the points it’s only minor topics like QoS, IP Services or Security.

OEQ – just practical theory has gone since 10 of May 🙂

Open Ended Question part has been added to the exam February 2009, and removed from the exam since 10 of May. So no worries. OEQ has gone! It was very important short part of exam that was introduced on February 2009 to stop the fast growing rate of R&S numbers.

Hard work with small break for lunch

Troubleshooting and configuration part. You have total 8 hours. The lab will now require hands-on troubleshooting of preconfigured network, in addition to configuration, so 2 hours for troubleshooting + 6 hours for configuration part.

To pass, you must have a passing score on each of the two sections of the lab exam.


The troubleshooting section presents a series of trouble tickets for preconfigured network, huge virtualized network. You need to diagnose and resolve the network issues.

You may proceed on to the configuration section once you finish the troubleshooting section, but you can’t go back to troubleshooting.


Regarding configuration, it’s time for careful reading, planning, making notes and drawing. You have to schedule all the section, what I mean is that you have to leave the sections that you are not aware how to configure the issue. Don’t worry if it takes more then one hour and you even don’t touch the console.

Insure your life

Save your initial configuration just in case for future use before you type and write your done work frequently during exam.

Save the time

It’s worth to using your favorite alias commands during your preparation way and then implement them on the real exam, example:

alias exec sip show ip interface brief
alias exec sir show ip route
alias exec sr show run
alias exec cc conf t

Good Luck!

Updated 09.06.2010