Cisco introduces CCIE Security 400-251 V5.0 Written and Lab Exam
Cisco just published yet another update to CCIE Security Written and lab exams dubbed as Exam 400-251 (v5.0). It is quiet interesting to see another update rolling out on the back of an older one (350-018 V4.1) which took effect from July 25th 2016! Yet another interesting thing to see is v5.0 also implies changes to Cisco Security Lab exam as well.
Nonetheless, I am excited to see that Cisco is aggressively updating the exam blueprint to keep pace with the changes taking place in the security and networking industries. As I scanned through the changes in the official Cisco announcement, I noticed the following key areas that are worth noting.
- As we know, Cisco is an acquisition machine and recently snapped up Lancope (NBA/NetFlow), OpenDNS (cloud-delivered security), and SourceFire (FirePower product line) security companies. Both newly acquired and organically built (ex. ACI)products and solutions are now part of the new CCIE Security blueprint (v5.0)
- Overall exam blueprint now seems more consolidated (8 versus 6 exam sections)
- Identity Management, Information Exchange, and Access Control is the largest content contributor to the exam now (22% and 24% of the written and lab exams respectively)
- Security infrastructure products for perimeter security and intrusion prevention is the second largest content area when it comes written and lab exam content (21% and 23% of the written and lab exams respectively)
- It seems finally all of the VPN content is now consolidated into Secure Connectivity and Segmentation area (17% and 19% of the written and lab exams respectively)
- Infrastructure Security, Virtualization, and Automation now includes Cisco ACI and virtualized security domain
- There is no change to Evolving Technologies section across v4.1 and v5.0 exam blueprint. It continues to include SDN, Cloud and Internet of Things (IoT)
- Last but not least, Cisco also seems to be stepping up on transparency around the CCIE exam content with a lot of details for each section.
| CCIE Security V5.0 (takes effect on Jan 31 2017) | Domain Description | Written Exam % |
|---|---|---|
| Perimeter Security and Intrusion Prevention | Cisco FirePOWER, Cisco ASA, Cisco IOS ZBFW, DDoS Mitigation | 21% |
| Advanced Threat Protection and Content Security | AMP Solutions and Security Protocols | 17% |
| Secure Connectivity and Segmentation | IKE/IPSec, TrustSec, GETVPN, DMVPN, FlexVPN, Security protocols and algorithms | 17% |
| Identity Management, Information Exchange, and Access Control | ISE, RADIUS/TACACS+, WLAN Security and Protocols | 22% |
| Infrastructure Security, Virtualization, and Automation | Attacks, Cisco ACI, standard bodies, Cisco DNA/SAFE, NetFlow, ACLs etc. | 13% |
| Evolving Technologies | Cloud, SDN, IoT | 10% |
Do you believe that Cisco got the exam blueprint changes right? Share your take with us in the comments.
For more details, you can refer to the official Cisco announcement here.
