☕
Brinkles Pentesting Notebook
  • Introduction
    • My Journey to Pentesting
    • Twitter
    • Github
  • Certification Reviews
    • OSEP Review
    • CISSP Review
    • OSCP Review
    • RTJC Review
    • RTAC Review
    • CEH Review
    • CRTO Review
    • PNPT Review
    • eWPT Review
    • eJPTv1 Review
    • CCNP Security Review
    • CCNA Review
    • CompTIA Net +, A+ Review
  • C2 and Payloads
    • Sliver C2
    • Cobalt Strike
      • BOFs and Aggressor Scripts
        • Situational Awareness BOF
        • HOLLOW BOF
        • DLL_Version_Enumeration_BOF
        • InlineExecute-Assembly BOF
        • BOF.NET
        • C2-Tool-Collection BOFs
        • Inline-Execute-PE
      • Payloads
  • Tools
    • Internal Tools
      • BloodHound
      • Certi
      • Coercer
      • CrackMapExec
      • DCSync
      • DFSCoerce
      • DonPAPI
      • WMIEXEC
      • Kerberoasting
      • Lsassy
      • mitm6
      • Pcredz
      • PowerSploit
      • PrivExchange
      • Responder / RunFinger
      • Rubeus
      • Seatbelt
      • Seth
    • Web App Pentesting
      • Payload All The Things
        • Directory traversal
          • Deep Traversal
          • More Directory Traversal Payloads
        • SAML Injection
        • XXE - XML External Entity
        • XSS - Cross Site Scripting
        • XSLT Injection
        • XPATH injection
        • Upload Insecure Files
        • SQL injection
          • MSSQL Injection
          • MYSQL Injection
          • Oracle SQL Injection
          • PostgreSQL injection
          • SQLite Injection
        • Server Side Templates Injections
        • Server-Side Request Forgery
          • Payloads Included in Server-Side Request Forgery
        • Request Smuggling
        • OAuth
        • NoSQL injection
        • LDAP injection
        • Kubernetes
        • JSON Web Token
        • HTTP Parameter Pollution
        • GraphQL injection
        • CORS Misconfiguration
        • CRLF
        • Cross-Site Request Forgery
        • CSV Injection (Formula Injection)
        • File Inclusion
          • PHPINFOlfi.py
          • uploadlfi.py
  • Network Security
    • DMVPN GRE NHRP IPsec Profiles
    • Flex VPNs
    • GET VPN with Key Server
    • IKE Site to Site w/ IPSec
    • Point to Point GRE over IPSec
    • Remote Access VPN
    • Helpful Cisco Firewall CLI Commands
Powered by GitBook
On this page
  • Quick Review
  • Resources
  • Looking Back at the Exam

CCNP Security Review

Quick Review

This exam was tough! However, I learned a lot about the network security side that cisco provides as well as how to build/deploy/administer their firewall line. I did the SCOR and SNCF (Network Security Firepower) to obtain the CCNP-Security. Please see below for the resources I used to pass this certification. The CCNP-S concludes of two exams which I passed both after 8 months.

Resources

For the SCOR, I went through the CBT Nuggets Video/Lab Course @ https://www.cbtnuggets.com/home It was hard to lab up things because the SCOR tests you on ALL Cisco security solutions. My best technique was to read Cisco Documentation and White Pages that reflect the exam objectives list.

I also spammed Boson Practice Exams which helped tremendously. (Boson exams @ https://www.boson.com/ )

For the SNCF, I completed the Todd Lammle Video Course @ https://www.lammle.com/

After finishing the video course, I set up a FTD/FMC in my lab environment and configured different labs. I also studied Cisco White Pages as well as deployment guides to help pass the exam.

Looking Back at the Exam

The SNCF was my favorite portion of the exam. It actually taught me valuable information about everything and anything Cisco FTD/FMC/ASA related. The SCOR was alright... the VPN topologies I learned within CBTNuggets was awesome however the SCOR seemed to be just a marketing exam. What I mean by marketing exam was it didn't feel like you were learning much other than what Cisco offers in their security stack. The test was a multiple question format that almost seemed like a vocab quiz of their security stack. I was hoping to learn how to implement a bunch of the technologies to an "entry level" however was greatly disappointed. With that being said, the resources were amazing. I highly recommend CBTNuggets for any learning platform as well as Todd Lammle's video courses.

PreviouseJPTv1 ReviewNextCCNA Review

Last updated 2 years ago

Page cover image