Overview
Cisco Certified Network Professional Security (CCNP Security) certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.
Duration: 160 hours
Course Outline
Implementing Cisco Secure Access Solutions (SISAS)
Threat Mitigation through Identity Services
- Identity Services
- 802.1X and EAP
- Configure 802.1X Components
ISE Fundamentals
- Describe Cisco ISE Features and configure the fundamentals
- Cisco ISE with PKI
- Cisco ISE Authentication
- Cisco ISE with External Authentication
Advance Access Control
- Certificate Based User Authentication
- Authorization
- Cisco TrustSec
Web Authentication and Guest Access
- Web Authentication
- Guest Access Services
Endpoint
- Posture
- Profiler
- BYOD
Troubleshooting Network Access Control
- Troubleshooting ISE
Implementing Cisco Edge Network Security Solutions (SENSS)
Secure Design Principles
- Course Overview
- Network Security Zoning
- Cisco Module Network Security Architecture
- Cisco SecureX Architecture
- Cisco TrustSec Solution
Deploying Network Infrastructure Protection
- Introducing Cisco Network Infrastructure Protection
- Deploying Cisco IOS Control Plane Security Controls
- Deploying Cisco IOS Management Plane Security Controls
- Deploying Cisco ASA Management Plane Security Controls
- Deploying Cisco Traffic Telemetry Methods
- Deploying Cisco IOS Layer 2 and Layer 3 Data Plane Security Controls
Deploying NAT on Cisco IOS and Cisco ASA
- Introducing Network Address Translation
- Deploying Cisco ASA Network Address Translation
- Deploying Cisco IOS Software Network Address Translation
Deploying Threat Controls on Cisco ASA
- Introducing Cisco Firewall Threat Controls
- Deploying Basic Cisco ASA Access Policies
- Deploying Advanced Cisco ASA Application Inspection Policies
- Deploying Cisco ASA Botnet Traffic Filtering
- Deploying Cisco ASA Identity Based Firewall
Deploying Threat Controls on Cisco IOS Software
- Deploying Basic Cisco IOS Software with Basic Zone-Based Firewall Access Policies
- Deploying Advanced Cisco IOS Software ZBFW with Application Inspection Policies
Implementing Cisco Secure Mobility Solutions (SIMOS)
Fundamentals of VPN Technologies and Cryptography
- The Role of VPNs in Network Security
- VPNs and Cryptography
Deploying Secure Site-to-Site Connectivity Solutions
- Introducing Cisco Secure Site-to-Site Connectivity Solutions
- Deploying Point-to-Point IPsec VPNs on the Cisco ASA
- Deploying Cisco IOS VTI-Based Point-to-Point IPsec VPNs
- Deploying Cisco IOS DMVPNs
Deploying Cisco IOS Site-to-Site FlexVPN Solutions
- Introducing Cisco IOS Site-to-Site FlexVPN Solutions
- Deploying Point-to-Point IPsec VPNs Using Cisco IOS FlexVPN
- Deploying Hub-and-Spoke IPsec VPNs Using Cisco IOS FlexVPN
- Deploying Spoke-to-Spoke IPsec VPNs Using Cisco IOS FlexVPN
- Deploying Basic Cisco Clientless SSL VPN
- Clientless SSL VPN Overview
- Deploying Basic Cisco Clientless SSL VPN on Cisco ASA
- Deploying Application Access in Cisco ASA Clientless SSL VPN
- Deploying Advanced Authentication and Authorization in Clientless SSL VPN
Deploying Cisco AnyConnect VPNs
- Deploying Basic Cisco AnyConnect SSL VPN on Cisco ASA
- Deploying Advanced Cisco AnyConnect SSL VPN on Cisco ASA
- Deploying Advanced Authentication and Authorization in Cisco AnyConnect VPNs
- Deploying Cisco AnyConnect IPsec/IKEv2 VPNs
Deploying Endpoint Security and Dynamic Access Policies
- Implementing Host Scan
- Implementing DAP for SSL VPNs
Implementing Cisco Threat Control Solutions (SITCS)
Cisco ASA (CX) NGFW
- Describing the Cisco (CX) NGFW Services
- Describing the Cisco ASA (CX) NGFW Management Architecture
- Configuring Cisco ASA (CX) NGFW Policy Objects
- Monitoring Cisco ASA (CX) NGFW Operations
- Configuring Cisco ASA (CX) NGFW Access Policies
- Configuring Cisco ASA (CX) NGFW Identity Policies
- Configuring Cisco ASA (CX) NGFW Decryption Policies
Cisco Web Security Appliance
- Describing the Cisco Web Security Appliance Solutions
- Integrating the Cisco Web Security Appliance
- Configuring Cisco Web Security Appliance Identities and User Authentication Controls
- Configuring Cisco Web Security Appliance Acceptable Use Controls
- Configuring Cisco Web Security Appliance Anti-Malware Controls
- Configuring Cisco Web Security Appliance Decryption Configuring
- Configuring Cisco Web Security Appliance Data Security Controls
Cisco Cloud Web Security
- Describing the Cisco Cloud Web Security Solutions
- Configuring Cisco Cloud Web Security Connectors
- Describing the Web Filtering Policy in Cisco ScanCenter
Cisco Email Security Appliance
- Describing the Cisco Email Security Solutions
- Describing the Cisco Email Security Appliance Basic Configuration Concepts
- Configuring Cisco Email Security Appliance Incoming and Outgoing Mail Policies
- Describing IPS Threat Controls
Cisco Intrusion Prevention Systems
- Integrating Cisco IPS Sensor into a Network
- Configuring Basic Cisco IPS Settings
- Tuning Cisco IPS Signatures
- Configuring Custom Cisco IPS Signatures
- Configuring Cisco IPS Anomaly-Detection
- Configuring Cisco IPS Reputation-Based Features