I recently obtained my CCNA Security certification after passing exam 640-554. I studied for about two months straight after earning the CCNA, so switching and routing concepts were still fresh in my mind, making it quite a bit easier to connect security concepts to networking components.
I found the exam to be orders of magnitude easier than the CCNA. I think that’s because many of the concepts are not very technical. For example, understanding the theory of Virtual Private Networks is one of the most important components of the exam, but knowing how to set them up was less important. Any ASA-related tasks were done in the exam simulators using the ASDM. Most IOS-related tasks using CCP. And once you under- stand the theory, it’s easy to fumble through GUIs (although I understanding including training for ASDM and CCP–they’re terrible unintuitive applications!)
If you already have your CCENT, CCNA, or lots of networking experience, you should go for this certification. It’s a simpler renewal option for your existing options, and you’ll also get a letter of recognition from the NSA acknowledging you as a Security Professional who meets CNSS 4011 training standards.
I read the official Cisco study guide several times over, practiced with the Transcender practice exam, and practiced on live equipment. I have two Cisco 2600 series routers, an 1841 router, two 2950-T Catalyst switches, and a Catalyst 3560-48PS switch at home. To practice firewall tasks, I found an unused ASA 1120 at work.
Once I finish my Bachelor’s degree I think I will continue my certification path with Cisco and pursue the CCNP Routing & Switching, then CCNP Security. I can see a CCIE in my future. ;-)