Prove your skills with Cisco CCNP Security Training and Certification
Prove your skills with Cisco CCNP Security Training and Certification
Introducing the Cisco CCNP Security certification program
Be job-ready for key security roles.
The focus of cybersecurity is securing digital assets and protecting data, and the skills and knowledge gained through Cisco’s Cybersecurity certification and training programs can prepare you to do just that. Software and networking are becoming increasingly interconnected every day, by creating a greater need for robust, scalable security across all platforms – from networks to mobile devices. With intent-based networking, security teams can take advantage of automation to scale their security solutions. To maximize on these opportunities, today’s security professionals need a broader range of cybersecurity skills and deeper focus in strategic technology areas.
The Cisco CCNP Security certification program furnishes you exactly that breadth and depth.
The Cisco CCNP Security certification is designed to benefit you in validating your skills in a constantly evolving landscape of security technologies. The certification covers principal technologies and a security focus area of your choice. You choose where you want to focus. You can choose where you want to take your career.
Cisco CCNP certifications will set you apart being amongst the industry’s most widely recognized and respected certifications. It tells the world that the world you know what you are doing. In addition, completing any CCNP certification exam earns you a Cisco® Specialist certification, so you can gain recognition for your accomplishments along the way.
Cisco CCNP Security Exam and Training Recommendations
Gaining the CCNP Security certification demonstrates your skills with security solutions. To earn CCNP Security, you pass two exams: a core exam and a security concentration exam of your choice. And now every exam in the CCNP Security program earns an individual Specialist certification, so you get recognized for your accomplishments along the way.
- The core exam focuses on your knowledge of security infrastructure. The core exam is also the qualifying exam for CCIE Security certification. Passing the core exam will qualify candidates to schedule and take the CCIE lab within the validity of their core exam.
- Concentration exams focus on emerging and industry-specific topics. You can prepare for concentration exams by taking their corresponding Cisco training courses.
Core exam:
| Required exam | Recommended training |
|---|---|
| 350-701 SCOR | Implementing and Operating Cisco Security Core Technologies (SCOR) |
This exam tests your knowledge of implementing and operating core security technologies, including:
|
The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco® CCNP® Security and CCIE® Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower® Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch® Enterprise and Cisco Stealthwatch Cloud threat detection features.
|
Concentration Exams (Choose one):
| Required exam | Recommended training |
|---|---|
| 300-710 SNCF | Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention (SFWIPF) |
This Exam tests and builds your knowledge of Cisco Firewall and Intrusion Prevention, including:
|
This course introduces you to the key concepts and technologies behind Cisco’s advanced firewall and intrusion prevention solutions. Through hands-on labs and expert instruction, you will learn how to configure, manage, and troubleshoot Cisco Firepower Threat Defense (FTD) and Intrusion Prevention System (IPS) features.
This practical training equips you with the skills to implement robust firewall policies, detect and mitigate evolving threats, and enhance visibility into network traffic. By the end of the course, you will be able to apply Cisco’s security capabilities to protect enterprise networks, improve compliance, and strengthen operational security. |
| 300-740 SCAZT | Designing and Implementing Secure Cloud Access for Users and Endpoints |
This exam and course builds your expertise in:
|
The SCAZT training equips you with the comprehensive knowledge and hands-on skills needed to secure cloud access for modern enterprise environments. You’ll master the design of cloud security architectures, implement robust access controls for users and endpoints, and integrate multi-layered protections—including applications, data, network, and threat monitoring.
This immersive 5-day instructor-led course (virtual or on-site) tackles frameworks like NIST, CISA, and DISA, introduces the Cisco Security Reference Architecture and SAFE, and dives into essential technologies such as certificate-based authentication, Duo MFA, ISE for endpoint compliance, and SSO via SAML/OpenID Connect. You’ll also explore Cisco Umbrella, SD-WAN with ThousandEyes, Secure Workload deployment, Secure Firewall, XDR, and automated threat response techniques. By completing this course, you’ll gain practical experience and strategic insight into securing cloud-based user access — armed with the tools and confidence to elevate your organization’s cloud security posture. |
| 300-715 SISE | Implementing and Configuring Cisco Identity Services Engine (SISE) |
This exam tests your knowledge of Cisco Identify Services Engine, including:
|
The Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 course shows you how to deploy and use Cisco® Identity Services Engine (ISE) v2.4, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and use Cisco ISE, including policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration. Through expert instruction and hands-on practice, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency.
|
| 300-720 SESA | Securing Email with Cisco Email Security Appliance (SESA) |
This exam tests your knowledge of Cisco Email Security Appliance, including:
|
The Securing Email with Cisco Email Security Appliance (SESA) v3.1 course shows you how to deploy and use Cisco® Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management.
This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention.
|
| 300-725 SWSA | Securing the Web with Cisco Web Security Appliance (SWSA) |
This exam tests your knowledge of Cisco Web Security Appliance, including:
|
The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats.
Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.
|
| 300-730 SVPN | Implementing Secure Solutions with Virtual Private Networks (SVPN) |
This exam tests your knowledge of implementing secure remote communications with Virtual Private Network (VPN) solutions, including:
|
The Implementing Secure Solutions with Virtual Private Networks (SVPN) v1.0 course teaches you how to implement, configure, monitor, and support enterprise Virtual Private Network (VPN) solutions. Through a combination of lessons and hands-on experiences you will acquire the knowledge and skills to deploy and troubleshoot traditional Internet Protocol Security (IPsec), Dynamic Multipoint Virtual Private Network (DMVPN), FlexVPN, and remote access VPN to create secure and encrypted data, remote accessibility, and increased privacy.
|
| 300-735 SAUTO | Implementing Automation for Cisco Security Solutions (SAUI) |
This exam tests your knowledge of implementing security automated solutions, including:
|
The Implementing Automation for Cisco Security Solutions (SAUI) v1.0 course teaches you how to design advanced automated security solutions for your network. Through a combination of lessons and hands-on labs, you will master the use of modern programming concepts, RESTful Application Program Interfaces (APIs), data models, protocols, firewalls, web, Domain Name System (DNS), cloud, email security, and Cisco® Identity Services Engine (ISE) to strengthen cybersecurity for your web services, network, and devices. You will learn to work within the following platforms: Cisco Firepower® Management Center, Cisco Firepower Threat Defense, Cisco ISE, Cisco pxGrid, Cisco Stealthwatch® Enterprise, Cisco Stealthwatch Cloud, Cisco Umbrella®, Cisco Advanced Malware Protection (AMP), Cisco Threat grid, and Cisco Security Management Appliances. This course will teach you when to use the API for each Cisco security solution to drive network efficiency and reduce complexity.
|
Did we mention that hiring managers
lover certified candidates?
Prerequisites
There are no formal prerequisites for CCNP Security, but you should have a good understanding of the exam topics before taking the exam.
CCNP candidates often also have three to five years of experience implementing security solutions.
Cisco Continuing Education Program
The Continuing Education program is intended to encourage candidates to maintain, grow, and diversify skillsets by offering flexible, configurable pathways to validate skills and recertify existing certifications. This will result in IT (Information Technology) professionals bringing value to their organization and the industry by maintaining their status as a Cisco professional.
Frequently Asked Questions (FAQs)
The CCNP Security certification program prepares you for today’s professional-level job roles in security technologies. One of the industry’s most respected certifications, CCNP validates the core knowledge you need while providing the flexibility to choose a focus area.
To earn CCNP Security, you pass two exams: a core exam and a concentration exam of your choice
