I just passed the CCNA Security 640-553.
Obviously I can't go into the specifics - but its worth mentioning some highlights.
Lots on Zone Based Firewalls (being able to interpret zone-pairs -> policies -> class maps)
Layer 2 port security
Intimate understanding of how Phase 1 / 2 works in IPSEC. You should be able to teach this to a layman.
I had a couple questions on SSL VPNs (not sure if they were 'future' questions).
I used the Sybex study guide along with Jemery's CBT videos.