Blog
Cisco introduces CCIE Security 400-251 V5.0 Written and Lab Exam
Cisco just published yet another update to CCIE Security Written and lab exams dubbed as Exam 400-251 (v5.0). It is quiet interesting to see another update rolling out on the back of an older one (350-018 V4.1) which took effect from July 25th 2016! Yet another interesting thing to see is v5.0 also implies changes to Cisco Security Lab exam as well.
Nonetheless, I am excited to see that Cisco is aggressively updating the exam blueprint to keep pace with the changes taking place in the security and networking industries. As I scanned through the changes in the official Cisco announcement, I noticed the following key areas that are worth noting.
- As we know, Cisco is an acquisition machine and recently snapped up Lancope (NBA/NetFlow), OpenDNS (cloud-delivered security), and SourceFire (FirePower product line) security companies. Both newly acquired and organically built (ex. ACI)products and solutions are now part of the new CCIE Security blueprint (v5.0)
- Overall exam blueprint now seems more consolidated (8 versus 6 exam sections)
- Identity Management, Information Exchange, and Access Control is the largest content contributor to the exam now (22% and 24% of the written and lab exams respectively)
- Security infrastructure products for perimeter security and intrusion prevention is the second largest content area when it comes written and lab exam content (21% and 23% of the written and lab exams respectively)
- It seems finally all of the VPN content is now consolidated into Secure Connectivity and Segmentation area (17% and 19% of the written and lab exams respectively)
- Infrastructure Security, Virtualization, and Automation now includes Cisco ACI and virtualized security domain
- There is no change to Evolving Technologies section across v4.1 and v5.0 exam blueprint. It continues to include SDN, Cloud and Internet of Things (IoT)
- Last but not least, Cisco also seems to be stepping up on transparency around the CCIE exam content with a lot of details for each section.
| CCIE Security V5.0 (takes effect on Jan 31 2017) | Domain Description | Written Exam % |
|---|---|---|
| Perimeter Security and Intrusion Prevention | Cisco FirePOWER, Cisco ASA, Cisco IOS ZBFW, DDoS Mitigation | 21% |
| Advanced Threat Protection and Content Security | AMP Solutions and Security Protocols | 17% |
| Secure Connectivity and Segmentation | IKE/IPSec, TrustSec, GETVPN, DMVPN, FlexVPN, Security protocols and algorithms | 17% |
| Identity Management, Information Exchange, and Access Control | ISE, RADIUS/TACACS+, WLAN Security and Protocols | 22% |
| Infrastructure Security, Virtualization, and Automation | Attacks, Cisco ACI, standard bodies, Cisco DNA/SAFE, NetFlow, ACLs etc. | 13% |
| Evolving Technologies | Cloud, SDN, IoT | 10% |
Do you believe that Cisco got the exam blueprint changes right? Share your take with us in the comments.
For more details, you can refer to the official Cisco announcement here.
How useful was this post?