CCIE Security

The Cisco Certified Internetwork Expert Security (CCIE Security) program recognizes security experts who have the knowledge and skills to architect, engineer, implement, troubleshoot, and support the full suite of Cisco security technologies and solutions using the latest industry best practices to secure systems and environments against modern security risks, threats, vulnerabilities, and requirements.

Prerequisites

There are no formal prerequisites for CCIE certification. Prior professional certifications or training courses are not required. As a CCIE Security candidate, you must first pass the written qualification exam and then the corresponding hands-on lab exam. You are expected to have an in-depth understanding of the exam topics and strongly encouraged to have three to five years of job experience before attempting certification.

Step One: CCIE Security Written Exam

You must pass the two-hour, written qualification exam covering network security concepts and some equipment commands before you are eligible to schedule the lab exam.

• 400-251 Written Exam Information
• Schedule and Pay Information for the Written Exam

Step Two: CCIE Security Lab Exam

The eight-hour lab exam tests your ability to get a secure network running in a timed test situation. You must make an initial attempt of the CCIE lab exam within 18-months of passing the CCIE written exam. Candidates who do not pass must reattempt the lab exam within 12 months of their last scored attempt in order for their written exam to remain valid. If you do not pass the lab exam within three years of passing the written exam, you must retake the written exam before being allowed to attempt the lab exam again.

• Lab Exam v5.0 Information
• Schedule and Pay Information for the Lab Exam

400-251 CCIE Security Written Exam

The written exam is a two-hour test with 90–110 questions that validate experts who have the knowledge and skills needed to architect, design, engineer implement, operate, and troubleshoot complex security technologies and solutions. Candidates must understand network security requirements, how different components and systems interoperate, and translate these security requirements into device configurations. The exam is closed book and no outside reference materials are allowed.

• 400-251 CCIE Security exam topics
• Register for the exam
• Read current exam policies and requirements

CCIE Security Lab Exam v5.0

The eight-hour hands-on exam requires a candidate to plan, design, implement, operate, and troubleshoot complex security scenarios for a given specification. Knowledge of troubleshooting is an important skill and candidates are expected to diagnose and solve issues as part of the CCIE Security Lab Exam.

• Schedule and Pay for the Lab Exam
• Read current exam policies and requirements
• CCIE Lab Exam locations
• Mobile CCIE Labs locations

Active CCIE status shows your commitment to maintaining expert-level knowledge in an industry critical to the success of virtually every organization. CCIEs are encouraged to continually expand their technical knowledge and are required to pass a recertification exam every two years. If you do not complete your recertification before the deadlines, your CCIE certification will be suspended and you and your employer will lose the benefits associated with your expert status. You have one year to reinstate your CCIE status before you become inactive and must begin the certification process all over again.

Recertification Deadline

• Your recertification deadline can be viewed online anytime (with login) at Certification Status.
• Subsequent recertification deadlines are always based on your original certification date, not on when you took your last recertification exam.
• Candidates must make an initial attempt of the CCIE lab exam within 18 months of passing the CCIE written exam. Candidates who do not pass must reattempt the lab exam within 12 months of their last scored attempt in order for their written exam to remain valid. If a candidate does not pass the lab exam within three years of passing the written exam, he or she must retake the written exam before being allowed to attempt the lab exam again.

Recertification Details

• To maintain active status, every 24-months CCIEs have the flexibility and option to recertify using one of the options below before the certification expiration date:
  • Earn the required credits through the Cisco Continuing Education Program, or
  • Pass any current CCIE Written Exam OR CCIE Lab Exam, or
  • Pass the current CCDE Written Exam OR current CCDE Practical Exam, or
  • Pass the Cisco Certified Architect (CCAr) interview AND the CCAr board review to extend lower certifications.
• CCIE certification automatically extends other Cisco Certifications, such as CCNP or CCNA.
• Candidates can only apply one passed written exam or the earned required credits using Cisco Continuing Education Program towards recertification for every 24 month recertification period.
• Candidates must wait 15 calendar days between attempts at the written exam.
• Certification candidates are responsible for keeping track of their certification expiration dates. Please plan your recertification accordingly. If your CCIE recertification requirements are not completed on or before the certification's expiration date, your CCIE certification will be suspended for one year. Candidates have one year to recertify their CCIE certification by passing the required written exam. If a candidate does not recertify prior to the one year deadline and your employer will be notified. Suspended candidates have one year to recertify their CCIE certification by passing the required written exam or practical lab before their expert level certification becomes permanently inactive. Inactive CCIE professionals lose all benefits and must pass both the CCIE written and lab exams again.
• Achieving or recertifying CCIE automatically extends your active Entry, Associate, Professional or other Expert level certification(s), or Specialist certifications up to the expiration date of the latest CCIE, CCDE or CCAr certification achieved.
• Be sure to use the same ID number you were assigned for your original qualification exam to ensure your profile is updated accurately. If you have any questions about which ID number to use, contact CCIE support.