CCNP Security

Overview

Cisco Certified Network Professional Security (CCNP Security) certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.

Prerequisites

Valid CCNA Security certification or any CCIE certification can act as a prerequisite.

Required Exam(s) Recommened Training
300-208 SISAS Implementing Cisco Secure Access Solutions (SISAS)
300-206 SENSS Implementing Cisco Edge Network Security Solutions (SENSS)
300-209 SIMOS Implementing Cisco Secure Mobility Solutions (SIMOS)
300-210 SITCS Implementing Cisco Threat Control Solutions (SITCS)

Implementing Cisco Secure Access Solutions (SISAS)

Prerequisites

  • CCNA Security or valid CCSP.
  • or any CCIE certification can act as a prerequisite

Course Content

Implementing Cisco Secure Access Solutions (SISAS) v1.0 is a newly created five-day instructor-led training course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Identity Services Engine and 802.1X secure network access. The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution. The student will gain hands-on experience with configuring various advance Cisco security solutions for mitigating outside threats and securing devices connecting to the network. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Cisco’s ISE appliance feature and provide operational support identity and network access control. Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:
  • Understand Cisco Identity Services Engine architecture and access control capabilities.
  • Understand 802.1X architecture, implementation and operation.
  • Understand commonly implemented Extensible Authentication Protocols (EAP).
  • Implement Public-Key Infrastructure with ISE.
  • Understand the implement Internal and External authentication databases.
  • Implement MAC Authentication Bypass.
  • Implement identity based authorization policies.
  • Understand Cisco TrustSec features.
  • Implement Web Authentication and Guest Access.
  • Implement ISE Posture service.
  • Implement ISE Profiling.
  • Understand Bring Your Own Device (BYOD) with ISE.
  • Troubleshoot ISE .

Course Outline

  • Course Introduction
  • Lab Guide
  • Threat Mitigation through Identity Services
  • Cisco ISE Fundamentals
  • Advance Access Control
  • Web Authentication and Guest Access
  • Endpoint Access Control
  • Troubleshooting Network Access Control

Implementing Cisco Edge Network Security Solutions (SENSS)

Prerequisites

  • CCNA Security or valid CCSP.
  • or any CCIE certification can act as a prerequisite

Course Content

Implementing Cisco Edge Network Security Solutions (SENSS) v1.0 is a newly created five-day instructor-led training course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. Additionally, it is designed to prepare security engineers with the knowledge and hands-on experience to prepare them to configure Cisco perimeter edge security solutions utilizing Cisco Switches, Cisco Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls. The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed security on Cisco ASA firewalls, Cisco Routers with the firewall feature set, and Cisco Switches. The student will gain hands-on experience with configuring various perimeter security solutions for mitigating outside threats and securing network zones. At the end of the course, students will be able to reduce the risk to their IT infrastructures and applications using Cisco Switches, Cisco ASA, and Router security appliance feature and provide detailed operations support for these products.

Course Objectives

  • Understanding and implementing Cisco modular Network Security Architectures such as SecureX and TrustSec.
  • Deploy Cisco Infrastructure management and control plane security controls.
  • Configuring Cisco layer 2 and layer 3 data plane security controls.
  • Implement and maintain Cisco ASA Network Address Translations (NAT).
  • Implement and maintain Cisco IOS Software Network Address Translations (NAT).
  • Designing and deploying Cisco Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection.
  • Implementing Botnet Traffic Filters.
  • Deploying Cisco IOS Zone-Based Policy Firewalls (ZBFW).
  • Configure and verify Cisco IOS ZBFW Application Inspection Policy.

Course Outline

  • Course Introduction
  • Cisco Secure Design Principles
  • Deploying Cisco Network Infrastructure Protection Solutions
  • Deploying NAT on Cisco IOS and Cisco Adaptive Security Appliance (ASA) Firewalls
  • Deploying Threat Controls on Cisco ASA Firewalls
  • Deploying Threat Controls on Cisco IOS Software

Implementing Cisco Secure Mobility Solutions (SIMOS)

Prerequisites

  • CCNA Security or valid CCSP.
  • or any CCIE certification can act as a prerequisite

Course Content

Implementing Cisco Secure Mobility Solutions (SIMOS) v1.0 is a newly created five-day instructor-led training (vILT) course that is part of the curriculum path leading to the Cisco Certified Network Professional Security (CCNP Security) certification. This course is designed to prepare network security engineers with the knowledge and skills they need to protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions. Students of this course will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:
  • Describe the various VPN technologies and deployments as well as the cryptographic algorithms and protocols that provide VPN security.
  • Implement and maintain Cisco site-to-site VPN solutions.
  • Implement and maintain Cisco FlexVPN in point-to-point, hub-and-spoke, and spoke-to-spoke IPsec VPNs.
  • Implement and maintain Cisco clientless SSL VPNs.
  • Implement and maintain Cisco AnyConnect SSL and IPsec VPNs.
  • Implement and maintain endpoint security and dynamic access policies (DAP).

Course Outline

  • Course Introduction
  • Fundamentals of VPN Technologies and Cryptography
  • Deploying Secure Site-to-Site Connectivity Solutions
  • Deploying Cisco IOS Site-to-Site FlexVPN Solutions
  • Deploying Clientless SSL VPN -Deploying AnyConnect VPN for Remote Access
  • Deploying Endpoint Security and Dynamic Access Policies & #61550; Lab Guide

Implementing Cisco Threat Control Solutions (SITCS)

Prerequisites

It is recommended, but not required, that students have the following knowledge and skills before attending this course:

  • CCNA Security Certification
  • any CCIE certification can act as a prerequisite

Course Content

This course provides network professional with the knowledge to implement Cisco FirePOWER NGIPS (Next-Generation Intrusion Prevention System) and Cisco AMP (Advanced Malware Protection), as well as Web Security, Email Security and Cloud Web Security. You will gain hands-on experience configuring various advance Cisco security solutions for mitigating outside threats and securing traffic traversing the firewall.

Course Outline

  • Course Introduction
  • Module 1: Network Security
  • Module 2: Network Threat Defense
  • Module 3: Cisco FirePOWER Next-Generation IPS (NGIPS)
  • Module 4: Security Architectures
  • Module 5: Troubleshooting, Monitoring and Reporting Tools

Exam Information

This exam tests whether a network security engineer knows the components and architecture of secure access, by utilizing 802.1X and Cisco TrustSec. This exam assesses knowledge of Cisco Identity Services Engine (ISE) architecture, solution, and components as an overall network threat mitigation and endpoint control solutions. It also includes the fundamental concepts of bring your own device (BYOD) using posture and profiling services of ISE. Candidates can prepare for this exam by taking the Implementing Cisco Secure Access Solutions (SISAS) course

Implementing Cisco Secure Access Solutions

Exam Number 300-208 SISAS
Associated Certifications CCNP Security
Duration 90 minutes (55 - 65 questions)
Available Languages English, Japanese
Register Pearson VUE

This exam tests the knowledge of a network security engineer to configure and implement security on Cisco network perimeter edge devices such as a Cisco switch, Cisco router, and Cisco ASA firewall. This exam focuses on the technologies used to strengthen security of a network perimeter such as Network Address Translation (NAT), ASA policy and application inspect, and a zone-based firewall on Cisco routers.

Implementing Cisco Edge Network Security Solutions

Exam Number 300-206 SENSS
Associated Certifications CCNP Security
Duration 90 minutes (65 - 75 questions)
Available Languages English, Japanese
Register Pearson VUE

The Implementing Cisco Secure Mobility Solutions (SIMOS) (300-209) exam tests a network security engineer on the variety of Virtual Private Network (VPN) solutions that Cisco has available on the Cisco ASA firewall and Cisco IOS software platforms. This 90-minute exam consists of 65-75 questions and assesses the knowledge necessary to properly implement highly secure remote communications through VPN technology, such as remote access SSL VPN and site-to-site VPN (DMVPN, FlexVPN). Candidates can prepare for this exam by taking the Implementing Cisco Secure Mobility Solutions (SIMOS) course.

Implementing Cisco Secure Mobility Solutions

Exam Number 300-209 SIMOS
Associated Certifications CCNP Security
Duration 90 minutes (65 - 75 questions)
Available Languages English, Japanese
Register Pearson VUE

This exam tests on advanced firewall architecture and configuration with the Cisco next-generation firewall, utilizing access and identity policies. Some older technologies have been removed, such as Cisco Intrusion-prevention system & Firewall CX. Coverage was added for Cisco NGFW, Cisco Firepower NGIPS and Cisco AMP (Advanced Malware Protection), as well as Web and Email Security solutions.

Implementing Cisco Threat Control Solutions

Exam Number 300-210 SITCS
Associated Certifications CCNP Security
Duration 90 minutes (65 - 75 questions)
Available Languages English
Register Pearson VUE

Schedule

Course Duration : 40 Hours
Our fresh batches for CCNA Routing and Switching program start on every Monday . We also run weekday and weekend batches to ensure flexibility for our students.

Weekday Batches Monday – Friday
Weekend Batches Saturday & Sunday

Please feel free to write us at training@ipknowledge.in for any queries related to program, upcoming schedule and fee.

Call: Pune: +91 0000000000 | Delhi: +91 0000000000