A madman's thoughts: the NSE8 exam
As some of you may know, I underwent the NSE8 Practical Exam in June of 2021. After spending the better part of 2 years studying, passing the NSE8 written, studying and labbing some more I am proud to announce that I have passed my NSE8 exam. In this post I'll go over a few things that I felt stood out and helped me get through the exam. And no, I will not reveal any content from the exam, we don't do that sort of thing here at Ultraviolet Networks.
So, let's begin with what started me on this madman's journey, as I put away my second NSE7 certification (Enterprise Firewall and then Advanced Threat Protection) I started working with customers in a more involved manner, working with FortiWeb, FortiADC, and other products within the Security Fabric portfolio, I was presented with the opportunity to take my NSE8 written, and figured "Ah what the heck, why not?".
I used the NSE8 public handbook to understand what technologies I needed to consider being included in the exam, and headed on over to Fortinet's NSE Institute to begin study. This content is freely available until at least the end of 2021, I would highly recommend taking advantage of the training portfolio, even if you didn't want to take the NSE8.
All the content I used for study was from the NSE institute, and the rest of my prep came from real world experience and lab time. For my lab I used Eve-NG and Fortinet VMs in trial mode on a NUC10i7FNH with 1 TB SATA SSD and 64GB of ram.
NSE8 Written Attempt #1
This was a fun one - NOT! This was during the height of the pandemic (June/July 2020), and Fortinet Exams were finally made available remotely with Pearson VUE. When I scheduled the exam, the NSE8 version of the exam was NSE8_810, and I had scheduled it for 2 weeks from that day to give me some final study time, and to get my head in the right space for an exam - I am a bad exam taker, I get worked up for nothing, so taking the time to get in the right headspace is vital for me, or take it immediately on the spot (This is important for later).
So, after fretting about this for 10 days, I finally arrived at the conclusion that I was as prepared as I could be, and let it go for 4 days.
The day of the exam, I was set up, in a starkly empty room according to Pearson VUE's requirements, got ready, and was presented with a weird error:
What the heck? I purposely loaded Windows on BootCamp on my Mac so I would have a fresh install with nothing screwing with it. I had tested with Pearson VUE's special version of the exam, and it was fine. The proctor didn't know what to do, they opened a ticket, and kept telling me I was doing something wrong, when I knew I wasn't. As a last resort I plugged directly into my cable modem, and still the same result. The proctor decided to call it - they opened an internal ticket and said I would hear back in 3 days.
3 days went by, and I heard nothing, so I emailed, and I was basically told that I had no recourse, and they were still looking into it and to give them 5 more days. At the end of 5 days, I had a voucher code to retake, and no reasonable explanation. I input the voucher code, scheduled the exam for the next day and...
NSE8 Written Attempt #2
More of the same - "ERR_TOO_MANY_REDIRECTS". Again, in discussing with my proctor, they asked me to ensure my system and internet connection meets the requirements, asked me if I downloaded the test exam. I exclaimed that I passed all tests and have done the following:
Clear the cache on Microsoft Edge – did not work
Tried In-private mode on Microsoft Edge – did not work
Use Google Chrome – did not work
Cleared the cache – did not work
Used Firefox – did not work
Cleared the cache on FireFox – did not work
Tired Internet explorer – did not work
Cleared the cache on IE – did not work
All the did not work result in the same error screen “too many redirects”
Tried a different computer with all the above done as well – no new results
Tried from my neighbor’s internet connection (different ISP) same issue
Tried from my in-laws house, same issue
I was provided with yet another voucher and told to try again in 3-5 days. At this point I was frustrated, and just wanted to take the darn test! So, I did what any madman would do, I looked up the CEO of Pearson VUE and emailed them and explained in great detail what I have been through (I was polite, and calm). What happened next, I did not expect...
NSE8 Written Attempt #3
An hour after I emailed the CEO of Pearson VUE (in retrospect it feels like a very 'I want to speak to the manager' move), I received an email back apologizing for the experience and that someone from the executive support team would be contacting me.
4 hours later a member of the Pearson VUE executive support team contacted me, had me go through some basics and was happy everything passed. Was told to try a new voucher this time I noted something different it said "NSE8_811". In talking with the Support Rep, she explained that Fortinet had updated the exam 2 days before I was scheduled to take attempt #1, I asked "Could it be that the system was trying to take me to the older version, and it was inaccessible due to the update?" she explained that it was possible. After that brief realization she told me I could choose to take the exam right now, or schedule it for a later date. I thought to myself "Ah screw it, I am as ready as I'm going to be!". And I took the exam right then and there, after the proctor validated the workspace was good, the exam was delivered - successfully this time - and I passed!
I don't blame Pearson VUE or anyone else for this, it's just a highly irregular circumstance, that I somehow have a knack for finding. Pearson VUE was awesome in helping me solve this. And I made sure I notified the staff accordingly.
Preparing for the practical
With the written out of the way I referred to the latest NSE8 Public Handbook for the practical exam, to understand what my areas of focus are. I had the opportunity to participate in the NSE8 Immersion Lab - it's basically a simulation of the NSE8 lab, however the topology and tasks are not the same. The goal is to get you familiar with how the practical exam would be delivered and navigating in the environment.
I kept emailing the Fortinet Training team for exam availability, and there were no exams scheduled for the first quarter of 2021, they would notify me when any new sessions were available. I kept labbing, taking what I had learned from NSE8 immersion, coming up with new scenarios, and keeping an eye on the NSE8 Public Handbook for any version updates.
On 6/3/21 the Fortinet Training team emailed me that they had a tentative practical exam session on June 23-24, if I was interested, I needed to let them know to get it scheduled. I of course, was interested, so after emailing back and getting the scheduling taken care of, began the final rundown of my labbing, going through much of the stuff I had learned over the last year since NSE8 written and the NSE8 Immersion course to make sure I still had what I felt I needed.
NSE8 Practical Attempt #1
I arrived in Dallas, TX the night of 6/22 - it was a Tuesday. I was tired so I went straight to bed. Woke up in the morning (feelin' like P. Diddy - wait that's not supposed to happen), got a workout in, ate breakfast, and headed off to Fortinet's office in Plano, TX.
When I got to the Plano office I was directed to the room in which we'll be taking the test. There were several stations there, and we were told to choose one. A laptop and external monitor were provided by Fortinet, all electronics (Laptops, Phones, Smart Watches, etc..) were taken from us by the proctor and put into the corner of the room. It felt weird not getting the hourly reminder to stand, or any other alerts from my electronics.
The proctor gave a brief presentation about what to expect from the exam, some tips on taking the exam, and we were told to start. We had 8 hours on the first day, and 6 on the second. The exam was comprised of several tasks split into Day 1 and 2. Day 1 tasks could only be accessed on Day 1, and on Day 2 you could access both Days' tasks.
And so I began with the tasks, my goal on Day 1 was to get through all of Day 1's tasks, so I would have a look at, and know what I needed to study for that evening. As I was working through the tasks, I was mindful not to spend a lot of time on any one task, I needed to get through them all that day. Before I knew it, it was lunch time "Crap, 3 hours gone" was my thought. That afternoon I managed to get through all the tasks - even if some weren't completed.
I left the exam site that day questioning my existence (ok, that's a bit dramatic, but hear me out) as there were a few tasks that were very close to things I did on a day in and day out basis that I just could not get working - sorry, can't say what they are - and it was frustrating.
I ate dinner at the hotel bar/grill that night and studied those tasks that I for-whatever-reason-I-couldn't-make-work. And went to bed, though I really didn't sleep well.
I got out of bed, got a workout in, breakfast, and headed off to the Fortinet Office. I arrived and got some coffee to work out the cobwebs and waited until the proctor allowed us to start with our tasks again. I immediately went back to review 2 of the tasks that stumped me on Day 1 - I got them knocked out. Took stock of the other tasks that had me wondering, conceded that my head wasn't in the right space so I would revisit if there was time, and started with the Day 2 tasks. Many of which seemed to go more easily for me, and again lunch came along quicker than expected.
I managed to get through the Day 2 tasks with an hour of exam time left, I knew I owed it to myself to get through the tasks that I hadn't done well with. And on one of the tasks that I seriously did more times than not, I realized I missed a minor - YET VERY IMPORTANT - step, so I took care of that and - as Emeril Lagasse would say - BAM! it started working. Rejuvenated by the success, the remainder of the tasks became obvious, and I was able to get those working as well - or at least I thought they were.
The Day 2 tasks I am not sure how well I did with, but I did as best I could, there were some tasks that I know I didn't complete, and others I wasn't entirely sure about given some of the ways we’re supposed to test the outcome of the task. In my head the configuration was correct, but the testing wasn't working - but not due to the config being wrong, just another aspect of the testing. I can't reveal too much without giving something away here. So, I had something there that I thought was right, but I wasn't 100% because I couldn't validate. This was the case for a few tasks.
3:00PM arrived and we were done. That's it, I felt better than the first day, and was at peace with the effort provided. I felt that there's a chance I passed, but also a chance I did not - I was very unsure. I suppose if I felt like I aced it, it probably wouldn't be a good thing, and feeling like I totally bombed wouldn't be great either.
A fellow test taker and I went to dinner at this place called Hard Eight Barbecue, oh man, what a place, we had a feast!
During the exam we were told it would take approximately 2 weeks for the exam to be graded and verified. Looking at it retrospectively I feel silly for pointing this out, but it was the LONGEST wait ever, it went well beyond the 2 weeks (it actually took 3). I woke up the morning of the 16th of July which was a Friday and to my dread/excitement was an email with the subject of "Official NSE8 Communication: June 2021".
Thank you for your...
...Congratulations on becoming part of an elite group...
"WOOOOOHOOOO!" - I woke up my Wife who was startled and my 4 year old daughter was excited, but didn't know why. I went for a celebratory run, and it was a pretty awesome day!
Here's what I believe enabled me to be successful with the exam:
Reference the training material at the NSE Institute and the Fortinet Docs site - frankly it's all you need
Any supplemental guidance will be provided in the NSE8 Public Handbook
Speaking of the NSE8 Public Handbook - keep an eye on it, it's updated periodically
When taking the written exam, take your time read the question, read your answers, read the question again, and begin the process of elimination
For the practical exam - lab as much as you can, yes, the trial images aren't fully featured from a crypto standpoint; that shouldn't stop you however. Everything you need to lab things up is available in those images. If you're an NSE7 and work for a partner you'll have access to the FortiDemo labs on FNDN, that might help you learn certain concepts
If you can, get in to an NSE8 Immersion course - it does require that you at least have passed your NSE8 (or have it scheduled in the near future)
When in the practical, do not spend more than 10-15 minutes on a single task. Come back to it, if need be, get through as many tasks as possible
Don't try to memorize everything, you get access to the product manuals in the exam. Try to minimize the amount of time spent digging through these, as they're in PDF and the search function is limited
Read the guidance in the NSE8 Public Handbook, read it again
In conclusion, this is not meant to be an easy exam, it's meant to be difficult, and not only to test your knowledge of Fortinet, but also your ability to troubleshoot, and creatively solve certain challenges, it's meant to test the limits of your thinking. And while some tasks may not be representative of the real world, the exam itself is we are always put in situations that force us to think creatively, this exam is no different. Now I just got to hold on to the darn thing by passing the written every 2 years. Hooray!
Thanks for reading, madman out!