Cisco Certified Internetwork Expert Security (CCIE Security) Certification

  1. CCIE Security Information

5 Myths of Cloud Computing - HP

7 Deadly Network Security Sins: A Guide for Protection

Best Practices for Making BYOD Simple and Secure




What is the CCIE Security certification?
The Cisco Certified Internetwork Expert Security certification (CCIE Security) is Cisco's premier networking and security credential designed to demonstrate a candidate’s expert-level knowledge in implementing, configuring, maintaining and troubleshooting complex Cisco network security solutions for the enterprise. It is one of the numerous specialist CCIE tracks that candidates can choose from.
Who is the CCIE Security certification for?
The CCIE Security credential is aimed at experienced network professionals who wish to demonstrate advanced networking knowledge with a specific focus on network security. Typical CCIE Security job descriptions might include:
  • Network Security Engineer/Manager
  • Security Test Analyst
  • Senior Engineer Security Operations
  • Senior Network Administrator
  • Network Consulting Engineer
  • Network Architect, etc.
Because of the difficulty and the cost of obtaining the CCIE, there is a good recognition of the credential in the marketplace. Coupled with the relative scarcity of CCIE holders (there are approx. 40,000 CCIE’s worldwide, with reportedly fewer than 5000 CCIE Security holders), this can potentially lead to enhanced career and remuneration opportunities for qualified CCIE’s.
Are there any prerequisites for the CCIE Security certification?
While there are no formal prerequisites required to take the CCIE Security exam, the process is not for the faint-hearted. It is therefore recommended that candidates should not only have at least three to five years of appropriate job experience before attempting to earn this credential but also be prepared to invest significant time and money into the certification process.
How do I obtain the CCIE Security certification?
To earn the CCIE Security certification candidates need to prove their ability through both a theoretical test and a comprehensive, hands-on, practical lab test.

CCIE Security Written Exam

The written exam, designated 350-018, is closed book (meaning no outside reference material may be used) and consists of 90-110 multiple-choice questions with two hours to complete them. The exam tests the candidate’s ability in implementing, deploying, configuring, maintaining, and troubleshooting Cisco network security solutions and products, as well as current industry best practices and internetworking fundamentals.

Candidates receive their exam result immediately upon completion of the exam. Once the written exam has been passed, candidates can then apply to take the 8-hour lab exam. Candidates may not take the lab exam until the written exam has been passed.

CCIE Security Lab Exam

The CCIE Security lab exam is also a closed book affair. The lab exam requires candidates to complete a number of hands-on tasks – typically configuring a series of secure networks to a predetermined list of specifications – within the given 8-hour time period.

Candidates must make their first attempt at the lab exam within 18 months from the date of passing the written exam. If the candidate fails the lab, they have a further 12 months to reattempt. Candidates must pass the lab exam within three years of passing the written exam otherwise they will have to retake the written exam again.

The candidate’s lab performance is graded by the exam proctor, and candidates can see the result of their lab exam online typically within 48 hours after the exam.
What is the passing score?
The passing score for the written exam is set by statistical analysis and is subject to change. The exam is scored on a scale of 300-1000 points, with questions being allocated different scoring ‘weights’ according to the difficulty of the question.

For the lab exam, candidates must achieve a score of at least 80% to pass.
What if I fail?
Candidates failing the written exam section of the CCIE Security credential must wait for a period of at least 15 days before taking the test again. Payment of the applicable exam fee must be paid for each attempt at passing the exam.

Candidates who fail the lab portion of the exam (the first time) must wait at least 30 days before retaking the exam for the second time. Failing the second time incurs a wait time of 90 days before the next attempt. All subsequent retakes from that point incur a 90 day wait.

For candidates who fail the lab portion of the exam, there is the option to have a ‘review’ if the candidate thinks the result might be in question. This involves having a second proctor go through the candidate’s responses and answers to the lab exam to determine if the original ‘fail’ was correct. There is a US$400 fee to apply for a review.
What does the exam cost?
The CCIE Security credential is an expensive one to earn. At the time of writing, the cost for the written portion of the exam is US$400, while the cost for the lab exam is US$1600. Candidates also need to factor in costs associated with travelling to and from the exam location. In the case of the written exam, Pearson VUE have a large number of offices worldwide so the travel cost to the exam location is likely to be negligible for most candidates. The lab exam however is only available in 9 worldwide locations and only at certain times of the year (not including the mobile CCIE lab). For most candidates this will mean flight tickets, hotel rooms, local transport, food and other expenses.
What are the CCIE Security recertification requirements?
All CCIE’s, regardless of their specific track, are required to recertify every two years. In order to remain active, the CCIE candidate must either:
  • Pass any current CCIE Written Exam or CCIE Lab Exam, or
  • Pass the current CCDE Written Exam or current CCDE Practical Exam, or
  • Pass the Cisco Certified Architect (CCAr) interview as well as the CCAr board review
Candidates must complete their recertification exam before the expiry date of their current CCIE credential.
Where can I take the CCIE Security exam?
The written exam part of the CCIE Security certification can be taken at any Pearson VUE testing station. They have offices worldwide. The lab exam, however, is only available at certain locations around the world and only on specific dates. See here for details. There are also ‘mobile CCIE labs’ which travel around from location to location. Click here for details about the locations of the mobile CCIE lab.