As I start this class for my recertification, I want to keep a log going to better understand the time investment and difficulty associated with it. Hopefully this can help you decide if this is the right class for you and how best to fit it into your own busy schedule (work/life/play).
This course (SCOR 1.0) is designed to help you prepare for CCNP/CCIE-level security certifications and will cover a variety of security-related topics. Purchasing this course from the Cisco Learning Network Store will give you 180 days to access it and complete it.
There are a whopping 32 sections in the table of contents with a "Summary Challenge" at the end of each section to test your retention. Doing well on these will surely affect your overall score which is important if you want to earn your CE credits for it.
At a high-level, the course says it will teach you:
- Describe information security concepts and strategies within the network
- Describe how various network security technologies work together to guard against attacks
- Implement access control on Cisco ASA appliance
- Implement basic features on Cisco FirePower Next-Generation Firewall
- Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
- Describe and implement basic web content security features and functions provided by Cisco Web Security Appliance
- Introduce VPNs and describe cryptography solutions and algorithms
- Deploy Cisco secure remote access connectivity solutions
- Describe Cisco Stealthwatch Enterprise solution
- Describe basics of Software-Defined Networks and network programmability
Day 1 - Let's get started!
Looks like the overall format will start with a set of introductory videos of a few minutes each, then each subsequent section will dig deeper into the specific topics mentioned in the videos. You'll recognize the illustrations used in the videos. Overall, it seems like a good format.
At the end of each sub-section, there's a question or two to test your knowledge.
Section 1 - Describing Information Security Concepts
This is an overall introduction to high-level security concepts including definition of Assets, Vulnerabilities, Countermeasures, Threats, Risks, CVE, and CVSS. If you've been keeping up with security from a high-level, regardless of the specific technology or products, this should be familiar and reinforce your knowledge.
1.1 - two intro videos, 22 mins total to define concepts and terms
1.2 - 1.6 - text, review questions
1.7 - summary review - questions/quiz - 7 questions
60-90 minutes - depending on your reading speed
Section 2 - Describing Common TCP/IP Attacks
This section goes over IP/TCP/UDP-related attacks and each section gets some detail. They also talk about the concept of different types of attacks like: Access, MITM (Man in the Middle), DoS/DDoS, spoofing, and Reflection/Amplification.
2.1 - 4 intro videos, 35 mins
2.2 - 2.8
2.9 - very short - Access Attacks
2.10 - MITM attacks, short video
2.11 - 2.14 - text, review questions
2.15 - summary review - questions/quiz - 14 questions
90-150 minutes - depending on your reading speed
Section 3 - Describing Common Network Application Attacks
Here, the training dives into different attacks that fall under Network-based attacks including: DNS tunneling, Web-based attacks, HTTP 302 cushioning, injections, XSS/CSRF, and Email-based attacks.
3.1 - 2 intro videos, 14 minutes
3.2 - 3.7
3.8 - SQL Injections - text + video
3..9 - 3.10
3.11 - summary challenge - 10 questions
90-120 minutes - depending on your reading speed
Overall, with breaks, interruptions, meals, and some goofing off, I probably spent about 4 hours going through those three sections. With a total of 32, that doesn't seem like a good pace, so I'll have to get "serious" if I want to push through this within... a week? That's just an arbitrary timeframe I've set, but I'd like to see how realistic that is when combined with work...