Cisco CCNP Security Certification Prep Classes

Securing Networks with Cisco Firepower v1.0 (SNCF 300-710) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate's knowledge of Cisco Firepower Threat Defense and Firepower, including policy configurations, integrations, deployments, management and troubleshooting. These courses, Securing Networks with Cisco Firepower, and Securing Networks with Cisco Firepower Next-Generation Intrusion Prevention System helps candidates prepare for this exam.

Implementing and Configuring Cisco Identity Services Engine v1.0 (SISE 300-715) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate's knowledge of Cisco Identify Services Engine, including architecture and deployment, policy enforcement, Web Auth and guest services, profiler, BYOD, endpoint compliance, and network access device administration. The course, Implementing and Configuring Cisco Identity Services Engine, helps candidates to prepare for this exam.

Securing Email with Cisco Email Security Appliance v1.0 (SESA 300-720) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate's knowledge of Cisco Email Security Appliance, including administration, spam control and antispam, message filters, data loss prevention, LDAP, email authentication and encryption, and system quarantines and delivery methods. The course, Securing Email with Cisco Email Security Appliance, helps candidates to prepare for this exam.

Securing the Web with Cisco Web Security Appliance v1.0 (SWSA 300-725) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate's knowledge of Cisco Web Security Appliance, including proxy services, authentication, decryption policies differentiated traffic access policies and identification policies, acceptable use control settings, malware defense, and data security and data loss prevention. The course, Securing Web with Cisco Email Security Appliance, helps candidates to prepare for this exam.

Implementing Secure Solutions with Virtual Private Networks v1.0 (SVPN 300-730) is a 90-minute exam associated with the CCNP Security Certification. This exam tests a candidate's knowledge of implementing secure remote communications with Virtual Private Network (VPN) solutions including secure communications, architectures, and troubleshooting. The course, Implementing Secure Solutions with Virtual Private Networks, helps candidates to prepare for this exam.

Automating and Programming Cisco Security Solutions v1.0 (SAUTO 300-735) is a 90-minute exam associated with the CCNP Security Certification and DevNet Professional Certification. This exam tests a candidate's knowledge of implementing Security automated solutions, including programming concepts, RESTful APIs, data models, protocols, firewalls, web, DNS, cloud and email security, and ISE. The course, Implementing Cisco Security Automation Solutions, helps candidates to prepare for this exam.

Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701) is a 120-minute exam associated with the CCNP and CCIE Security Certifications. This exam tests a candidate's knowledge of implementing and operating core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. The course, Implementing and Operating Cisco Security Core Technologies, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

SCHEDULE DATES - 280 Hour Program

Cisco CCNP Security Certification Objective

Securing Networks with Cisco Firepower SNCF 300-710

Implementing and Configuring Cisco Identity Services Engine SISE 300-715

Securing Email with Cisco Email Security Appliance SESA 300-720

Securing the Web with Cisco Web Security Appliance SWSA 300-725

Implementing Secure Solutions with Virtual Private Networks SVPN 300-730

Automating and Programming Cisco Security Solutions SAUTO 300-735

Implementing and Operating Cisco Security Core Technologies SCOR 350-701

Cisco CCNP Security Certification Prep Training Courses

Securing Networks with Cisco Firepower SNCF 300-710

Deployment

Implement NGFW modes

1. Routed mode
2. Transparent mode

Implement NGIPS modes

1. Passive
2. Inline

Implement high availability options

1. Link redundancy
2. Active/standby failover
3. Multi-instance

Describe IRB configurations

Configuration

Configure system settings in Cisco Firepower Management Center

Configure these policies in Cisco Firepower Management Center

1. Access contro
2. Intrusion
3. Malware and file
4. DNS
5. Identity
6. SSL
7. Prefilter

Configure these features using Cisco Firepower Management Center

1. Network discovery
2. Application detectors (Open AppID)
3. Correlation
4. Actions

Configure objects using Firepower Management Center

1. Object Management
2. Intrusion Rules

Configure devices using Firepower Management Center

1. Device Management
2. NAT
3. VPN
4. QoS
5. Platform Settings
6. Certificates

Management and Troubleshooting

Troubleshoot with FMC CLI and GUI

Configure dashboards and reporting in FMC

Troubleshoot using packet capture procedures

Analyze risk and standard reports

Integration

Configure Cisco AMP for Networks in Firepower Management Center

Configure Cisco AMP for Endpoints in Firepower Management Center

Implement Threat Intelligence Director for third-party security intelligence feeds

Describe using Cisco Threat Response for security investigations

Describe Cisco FMC PxGrid Integration with Cisco Identify Services Engine (ISE)

Describe Rapid Threat Containment (RTC) functionality within Firepower Management Center

Implementing and Configuring Cisco Identity Services Engine SISE 300-715

Architecture and Deployment

Configure personas

Describe deployment options

Policy Enforcement

Configure native AD and LDAP

Describe identity store options

1. LDAP
2. AD
3. PKI
4. OTP
5. Smart Card
6. Local

Configure wired/wireless 802.1X network access

Configure 802.1X phasing deployment

1. Monitor mode
2. Low impact
3. Closed mode

Configure network access devices

Implement MAB

Configure Cisco TrustSec

Configure policies including authentication and authorization profiles

Web Auth and Guest Services

Configure web authentication

Configure guest access services

Configure sponsor and guest portals

Profiler

Implement profiler services

Implement probes

Implement CoA

Configure endpoint identity management

BYOD

Describe Cisco BYOD functionality

1. Use cases and requirements
2. Solution components
3. BYOD flow

Configure BYOD device on-boarding using internal CA with Cisco switches and Cisco wireless LAN controllers

Configure certificates for BYOD

Configure blacklist/whitelist

Endpoint Compliance

Describe endpoint compliance, posture services, and client provisioning

Configure posture conditions and policy, and client provisioning

Configure the compliance module

Configure Cisco ISE posture agents and operational modes

Describe supplicant, supplicant options, authenticator, and server

Network Access Device Administration

Compare AAA protocols

Configure TACACS+ device administration and command authorization

Securing Email with Cisco Email Security Appliance SESA 300-720

Cisco Email Security Appliance Administration

Configure Cisco Email Security Appliance features

1. Hardware performance specifications
2. Initial configuration process
3. Routing and delivery features
4. GUI

Describe centralized services on a Cisco Content SMA

Configure mail policies

1. Incoming and outgoing messages
2. User matching
3. Message splintering

Spam Control with Talos SenderBase and Antispam

Control spam with Talos SenderBase and Antispam

Describe graymail management solution

Configure file reputation filtering and file analysis features

Implement malicious or undesirable URLs protection

Describe the bounce verification feature

Content and Message filters

Describe the functions and capabilities of content filters

Create text resources such as content dictionaries, disclaimers, and templates

1. Dictionaries filter rules
2. Text resources management

Configure message filters components, rules, processing order and attachment scanning

Configure scan behavior

Configure the Cisco ESA to scan for viruses using Sophos and McAfee scanning engines

Configure outbreak filters

Configure Data Loss Prevention (DLP)

LDAP and SMTP Sessions

Configure and verify LDAP servers and queries (Queries and Directory Harvest Attack)

Understand spam quarantine functions

1. Authentication for end-users of spam quarantine
2. Utilize spam quarantine alias to consolidate queries

Understand SMTP functionality

1. Email pipeline
2. Sender and recipient domains
3. SMTP session authentication using client certificates
4. SMTP TLS authentication
5. TLS email encryption

Email Authentication and Encryption

Configure Domain Keys and DKIM signing

Configure SPF and SIDF

Configure DMARC verification

Configure forged email detection

Configure email encryption

Describe S/MIME security services and communication encryption with other MTAs

Manage certificate authorities

System Quarantines and Delivery Methods

Configure quarantine (spam, policy, virus, and outbreak)

Utilize safelists and blocklists to control email delivery

Manage messages in local or external spam quarantines

Configure virtual gateways

Securing the Web with Cisco CCNP Web Security Appliance SWSA 300-725

Cisco WSA Features

Describe Cisco WSA features and functionality

1. Proxy service
2. Cognitive Threat Analytics
3. Data loss prevention service
4. Integrated L4TM service
5. Management tools

Describe WSA solutions

1. Cisco Advanced Web Security Reporting
2. Cisco Content Security Management Appliance

Integrate Cisco WSA with Splunk

Integrate Cisco WSA with Cisco ISE

Troubleshoot data security and external data loss using log files

Perform initial configuration tasks on Cisco WSA

Configure an Acceptable Use Policy

Configuration Configure and verify web proxy features

Configure and verify web proxy features

1. Explicit proxy functionality
2. Proxy access logs using CLI
3. Active directory proxy authentication

Configure a referrer header to filter web categories

Proxy Services

Compare proxy terms

1. Explicit proxy vs. transparent proxy
2. Upstream proxy vs. downstream proxy

Describe tune caching behavior for safety or performance

Describe the functions of a Proxy Auto-Configuration (PAC) file

Describe the SOCKS protocol and the SOCKS proxy services

Authentication

Describe authentication features

1. Supported authentication protocols
2. Authentication realms
3. Supported authentication surrogates supported
4. Bypassing authentication of problematic agents
5. Authentication logs for accounting records
6. Re-authentication

Configure traffic redirection to Cisco WSA using explicit forward proxy mode

Describe the FTP proxy authentication

Troubleshoot authentication issues

Decryption Policies to Control HTTPS Traffic

Describe SSL and TLS inspection

Configure HTTPS capabilities

1. HTTPS decryption policies
2. HTTPS proxy function
3. ACL tags for HTTPS inspection
4. HTTPS proxy and verify TLS/SSL decryption
5. Certificate types used for HTTPS decryption

Configure self-signed and intermediate certificates within SSL/TLS transactions

Differentiated Traffic Access Policies and Identification Profiles

Describe access policies

Describe identification profiles and authentication

Troubleshoot using access logs

Acceptable Use Control

Configure URL filtering

Configure the dynamic content analysis engine

Configure time-based & traffic volume acceptable use policies and end user notifications

Configure web application visibility and control (Office 365, third-party feeds)

Create a corporate global acceptable use policy

Implement policy trace tool to verify corporate global acceptable use policy

Configure WSA to inspect archive file types

Malware Defense

Describe anti-malware scanning

Configure file reputation filtering and file analysis

Describe Advanced Malware Protection (AMP)

Describe integration with Cognitive Threat Analytics

Reporting and Tracking Web Transactions

Configure and analyze web tracking reports

Configure Cisco Advanced Web Security Reporting (AWSR)

1. Basic web usage
2. Custom filters

Troubleshoot connectivity issues

Implementing Secure Solutions with Virtual Private Networks SVPN 300-730

Site-to-site Virtual Private Networks on Routers and Firewalls

Describe GETVPN

Implement DMVPN (hub-and-spoke and spoke-to-spoke on both IPv4 & IPv6)

Implement FlexVPN (hub-and-spoke on both IPv4 & IPv6) using local AAA

Remote access VPNs

Implement AnyConnect IKEv2 VPNs on ASA and routers

Implement AnyConnect SSLVPN on ASA and routers

Implement Clientless SSLVPN on ASA and routers

Implement Flex VPN on routers

Troubleshooting using ASDM and CLI

Troubleshoot IPsec

Troubleshoot DMVPN

Troubleshoot FlexVPN

Troubleshoot AnyConnect IKEv2 and SSL VPNs on ASA and routers

Troubleshoot Clientless SSLVPN on ASA and routers

Secure Communications Architectures

Identify functional components of GETVPN, FlexVPN, DMVPN, and IPsec for site-to-site VPN solutions

Identify functional components of FlexVPN, IPsec, and Clientless SSL for remote access VPN solutions

Identify VPN technology based on configuration output for site-to-site VPN solutions

Identify VPN technology based on configuration output for remote access VPN solutions

Identify split tunneling requirements for remote access VPN solutions

Design site-to-site VPN solutions

1. VPN technology considerations based on functional requirements
2. High availability considerations

Design remote access VPN solutions

1. VPN technology considerations based on functional requirements
2. High availability considerations
3. Clientless SSL browser and client considerations and requirements

Identify Elliptic Curve Cryptography (ECC) algorithms

Automating and Programming Cisco Security Solutions SAUTO 300-735

Network Programmability Foundation

Utilize common version control operations with git (add, clone, push, commit, diff, branching, and merging conflict)

Describe characteristics of API styles (REST and RPC)

Describe the challenges encountered and patterns used when consuming APIs synchronously and asynchronously

Interpret Python scripts containing data types, functions, classes, conditions, and looping

Describe the benefits of Python virtual environments

Explain the benefits of using network configuration tools such as Ansible and Puppet for automating security platforms

Describe the event streaming capabilities of Firepower Management Center eStreamer API

Network Security

Describe the event streaming capabilities of Firepower Management Center eStreamer API

Describe the capabilities and components of these APIs

1. Firepower (Firepower Management Center and Firepower Device Management)
2. ISE
3. pxGRID
4. Stealthwatch Enterprise

Implement firewall objects, rules, intrusion policies, and access policies using Firepower Management Center API

Implement firewall objects, rules, intrusion policies, and access policies using Firepower Threat Defense API (also known as Firepower Device Manager API)

Construct a Python script for pxGrid to retrieve information such as endpoint device type, network policy and security telemetry

Construct API requests using Stealthwatch API

1. perform configuration modifications
2. generate rich reports

Advanced Threat & Endpoint Security

Describe the capabilities and components of these APIs

1. Umbrella Investigate APIs
2. AMP for endpoints APIs
3. ThreatGRID API

Construct an Umbrella Investigate API request

Construct AMP for endpoints API requests for event, computer, and policies

Construct ThreatGRID APIs request for search, sample feeds, IoC feeds, and threat disposition

Cloud, Web, and Email Security

Describe the capabilities and components of these APIs

1. Umbrella reporting and enforcement APIs
2. Stealthwatch cloud APIs
3. Cisco Security Management Appliance APIs

Construct Stealthwatch cloud API request for reporting

Construct an Umbrella Reporting and Enforcement API request

Construct a report using Cisco Security Management Appliance API request (email and web

Implementing and Operating Cisco Security Core Technologies SCOR 350-701

Security Concepts

Explain common threats against on-premises and cloud environments

1. On-premises: viruses, trojans, DoS/DDoS attacks, phishing, rootkits, man-in-the-middle attacks, SQL injection, cross-site scripting, malware
2. Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials

Compare common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery

Describe functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorization

Compare site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect

Describe security intelligence authoring, sharing, and consumption

Explain the role of the endpoint in protecting humans from phishing and social engineering attacks

Explain North Bound and South Bound APIs in the SDN architecture

Explain DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting

Interpret basic Python scripts used to call Cisco Security appliances APIs

Network Security

Compare network security solutions that provide intrusion prevention and firewall capabilities

Describe deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities

Describe the components, capabilities, and benefits of NetFlow and Flexible NetFlow records

Configure and verify network infrastructure security methods (router, switch, wireless)

1. Layer 2 methods (Network segmentation using VLANs and VRF-lite; Layer 2 and port security; DHCP snooping; Dynamic ARP inspection; storm control; PVLANs to segregate network traffic; and defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
2. Device hardening of network infrastructure security devices (control plane, data plane, management plane, and routing protocol security)

Implement segmentation, access control policies, AVC, URL filtering, and malware protection

Implement management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multidevice manager, in-band vs. out-of-band, CDP, DNS, SCP, SFTP, and DHCP security and risks)

Configure AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)

Configure secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)

Configure and verify site-to-site VPN and remote access VPN

1. Site-to-site VPN utilizing Cisco routers and IOS
2. Remote access VPN using Cisco AnyConnect Secure Mobility client
3. Debug commands to view IPsec tunnel establishment and troubleshooting

Securing the Cloud

Identify security solutions for cloud environments

1. Public, private, hybrid, and community clouds
2. Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)

Compare the customer vs. provider security responsibility for the different cloud service models

1. Patch management in the cloud
2. Security assessment in the cloud
3. Cloud-delivered security solutions such as firewall, management, proxy, security intelligence, and CASB

Describe the concept of DevSecOps (CI/CD pipeline, container orchestration, and security

Implement application and data security in cloud environments

Identify security capabilities, deployment models, and policy management to secure the cloud

Configure cloud logging and monitoring methodologies

Describe application and workload security concepts

Content Security

Implement traffic redirection and capture methods

Describe web proxy identity and authentication including transparent user identification

Compare the components, capabilities, and benefits of local and cloud-based email and web solutions (ESA, CES, WSA)

Configure and verify web and email security deployment methods to protect on-premises and remote users (inbound and outbound controls and policy management)

Configure and verify email security features such as SPAM filtering, antimalware filtering, DLP, blacklisting, and email encryption

Configure and verify secure internet gateway and web security features such as blacklisting, URL filtering, malware scanning, URL categorization, web application filtering, and TLS decryption

Describe the components, capabilities, and benefits of Cisco Umbrella

Configure and verify web security controls on Cisco Umbrella (identities, URL content settings, destination lists, and reporting)

Endpoint Protection and Detection

Compare Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions

Explain antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry

Configure and verify outbreak control and quarantines to limit infection

Describe justifications for endpoint-based security

Describe the value of endpoint device management and asset inventory such as MDM

Describe the uses and importance of a multifactor authentication (MFA) strategy

Describe endpoint posture assessment solutions to ensure endpoint security

Explain the importance of an endpoint patching strategy

Secure Network Access, Visibility, and Enforcement

Describe identity management and secure network access concepts such as guest services, profiling, posture assessment and BYOD

Configure and verify network access device functionality such as 802.1X, MAB, WebAuth

Describe network access with CoA

Describe the benefits of device compliance and application control

Explain exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP)

Describe the benefits of network telemetry

Describe the components, capabilities, and benefits of these security products and solutions

1. Cisco Stealthwatch
2. Cisco Stealthwatch Cloud
3. Cisco pxGrid
4. Cisco Umbrella Investigate
5. Cisco Cognitive Threat Analytics
6. Cisco Encrypted Traffic Analytics
7. Cisco AnyConnect Network Visibility Module (NVM)

Cisco CCNP Security Certification Prep Program

• This course is designed for individuals who have basic computer user skills and who are interested in obtaining a job as an entry-level IT technician.
• HS Diploma/GED

Cisco CCNP Security Certification Prep Training Classes

Income Expectation

$96,322/yr

The average salary for a Cisco CCNP Security Certified Employee is $96,322 in New York City. Salary estimates are provided by CISCO.

Upon completion of this course, and the certifying exam(s), the student will be qualified to take a job as a

Cisco CCNP Security Certification Prep Training Classes

Cisco CCNP Security Certification Prep Training Courses

CISCO CCNP Data Center Certification Preparation Classes

CCNP Service Provider Certification Preparation Classes

CISCO CCNP Collaboration Certification Preparation Courses

CISCO CCNP Enterprise Certification Preparation Training

DevNet Professional Certification Prep Courses

Cisco CCNP Security Certification Prep Training Classes

$16,000

Securing Networks with Cisco Firepower v1.0 (SNCF 300-710) is a 90-minute exam associated with the CCNP Security Certification.

Implementing and Configuring Cisco Identity Services Engine v1.0 (SISE 300-715) is a 90-minute exam associated with the CCNP Security Certification.

Securing Email with Cisco Email Security Appliance v1.0 (SESA 300-720) is a 90-minute exam associated with the CCNP Security Certification.

Securing the Web with Cisco Web Security Appliance v1.0 (SWSA 300-725) is a 90-minute exam associated with the CCNP Security Certification.

Implementing Secure Solutions with Virtual Private Networks v1.0 (SVPN 300-730) is a 90-minute exam associated with the CCNP Security Certification.

Automating and Programming Cisco Security Solutions v1.0 (SAUTO 300-735) is a 90-minute exam associated with the CCNP Security Certification and DevNet Professional Certification.

Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701) is a 120-minute exam associated with the CCNP and CCIE Security Certifications.

Discount Vouchers