| |
|
|
The CCNP Security course is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNs, and IDS/IPS solutions for their networking environments. This course is also recommended for Internetwork professionals
who seek Cisco Certified Network Professional (CCNP) Security certification. The certification replaces the CCSP certification and is tuned specifically to the role of the Cisco Network Security Engineer.
|
| |
|
|
| |
|
|
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice. |
| |
| Pre-Production Design |
 |
Choose Cisco IOS technologies to implement HLD |
|
Choose Cisco products to implement HLD |
|
Choose Cisco IOS features to implement HLD 2 |
|
Integrate Cisco network security solutions with other security technologies |
|
Create and test initial Cisco IOS configurations for new devices/services |
|
| |
| Complex Operations Support |
|
Optimize Cisco IOS security infrastructure device performance |
|
Create complex network security rules to meet the security policy requirements |
|
Optimize security functions, rules, and configuration |
|
Configure & verify NAT to dynamically mitigate identified threats to the network |
|
Configure & verify IOS Zone Based Firewalls including advanced application inspections and URL filtering |
|
Configure & verify the IPS features to identify threats and dynamically block them from entering the network |
|
Maintain, update and tune IPS signatures |
|
Configure & verify IOS VPN features |
|
Configure & verify Layer 2 and Layer 3 security features |
|
| |
| Advanced Troubleshooting |
|
Advanced Cisco IOS security software configuraiton fault finding and repairing |
|
Advanced Cisco routers and switches hardware fault finding and repairing |
|
| |
| |
|
|
| |
Implementing Cisco Intrusion Prevention System v7.0 (IPS v7.0) exam is associated with the Cisco Certified Security Professional certification. This exam tests a candidate's knowledge and skills needed to deploy Cisco IPS-based security solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco IPS features, and provide detailed operations support for the Cisco IPS. Candidates can prepare for this exam by taking the Implementing Cisco Intrusion Prevention System course. |
|
| |
|
|
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice. |
| |
| Pre-Production Design |
|
Choose Cisco IPS technologies to implement HLD |
|
Choose Cisco products to implement HLD |
|
Choose Cisco IPS features to implement HLD |
|
Integrate Cisco network security solutions with other security technologies |
|
Create and test initial Cisco IPS configurations for new devices/services |
|
| |
| Complex Support Operations |
|
Optimize Cisco IPS security infrastructure device performance |
|
Create complex network security rules, to meet the security policy requirements |
|
Configure and verify the IPS features to identify threats and dynamically block them from entering the network |
|
Maintain, update and tune IPS signatures |
|
Use CSM and MARS for IPS management, deployment, and advanced event correlation. |
|
Optimize security functions, rules, and configuration |
|
| |
| Advanced Troubleshooting |
|
Advanced Cisco IPS security software configuraiton fault finding and repairing |
|
Advanced Cisco IPS sensor and module hardware fault finding and repairing |
|
| |
| |
|
|
| |
The 642-617 Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0) exam is associated with the CCSP, CCNP Security and Cisco Firewall Specialist certifications. This exam tests a candidate's knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA Firewall Solutions course |
|
| |
|
| The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice. |
| |
| Pre-Production Design |
|
Choose ASA Perimeter Security technologies/features to implement HLD based on given security requirements |
|
Choose the correct ASA model to implement HLD based on given performance requirements |
|
Create and test initial ASA appliance configurations using CLI |
|
Determine which ASA licenses will be required based on given requirements |
|
| |
| Complex Operations Support |
|
Optimize ASA Perimeter Security features performance, functions, and configurations |
|
Create complex ASA security perimeter policies such as ACLs, NAT/PAT, L3/L4/L7 stateful inspections, QoS policies, cut-thru proxy, threat detection, botnet detection/filter using CLI and/or ASDM |
|
Perform initial setup on the AIP-SSM and CSC-SSM using CLI and/or ASDM |
|
Configure, verify and troubleshoot High Availability ASAs (A/S and A/A FO) operations using CLI and/or ASDM |
|
Configure, verify and troubleshoot static routing and dynamic routing protocols on the ASA using CLI and/or ASDM |
|
Configure, verify and troubleshoot ASA transparent firewall operations using CLI |
|
Configure, verify and troubleshoot management access/protocols on the ASA using CLI and/or ASDM |
|
| |
| Describe Advanced Troubleshooting |
|
Advanced ASA security perimeter configuraiton/software/hardware troubleshooting using CLI and/or ASD fault finding and repairing |
|
| |
|
|
| |
Deploying Cisco ASA VPN Solutions (VPN v1.0) exam is associated with the CCSP, CCNP Security and Cisco VPN Specialist certifications. This exam tests a candidate's knowledge and skills needed to deploy Cisco ASA-based VPN solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA VPN features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA VPN Solutions course. |
|
| |
| |
|
| The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice. |
| |
| Pre-Production Design |
|
Choose ASA VPN technologies to implement HLD based on given requirements |
|
Choose the correct ASA model and license to implement HLD based on given performance requirements |
|
Choose the correct ASA VPN features to implement HLD based on given corporate security policy and network requirements |
|
Integrate ASA VPN solutions with other security technology domains (CSD, ACS, Device managers, Cert servers, etc.) |
|
| |
| Complex Operations Support |
|
Optimize ASA VPN performance, functions, and configurations |
|
Configure and verify complex ASA VPN networks using features such as DAP, CSD, Smart tunnels, Anyconnect SSLVPN, Clientless SSLVPN, Site-to-Site VPN, RA VPN, certificates, QOS, etc. to meet security policy requirements. |
|
Create complex ASA network security rules using such features as ACLs, DAP, VPN profiles, certificates, MPF, etc, to meet the corporate security policy |
|
| |
| Advanced Troubleshooting |
|
Perform advanced ASA VPN configuration and troubleshooting |
|
| |
