Prove your skills with CCNP Security Training and Certification

Prove your skills with CCNP Security Training and Certification

Categories: Cyber Security, Networking|Published On: November 26, 2021|7.3 min read|
About the Author

Syazana Khan

A writer and communications specialist with 2 years of experience in professional development and technology training.

Introducing the CCNP® Security certification program 

Be job-ready for key security roles. 

.

.The focus of cybersecurity is securing digital assets and protecting data, and the skills and knowledge gained through Cisco’s Cybersecurity certification and training programs can prepare you to do just that. Software and networking are becoming increasingly interconnected every day, by creating a greater need for robust, scalable security across all platforms – from networks to mobile devices. With intent-based networking, security teams can take advantage of automation to scale their security solutions. To maximize on these opportunities, today’s security professionals need a broader range of skills and deeper focus in strategic technology areas. The CCNP Security certification program furnishes you exactly that breadth and depth.  

The CCNP Security certification is designed to benefit you in validating your skills in a constantly evolving landscape of security technologies. The certification covers principal technologies and a security focus area of your choice. You choose where you want to focus. You can choose where you want to take your career.  

CCNP will set you apart being amongst the industry’s most widely recognized and respected certifications. It tells the world that the world you know what you are doing. In addition, completing any CCNP certification exam earns you a Cisco® Specialist certification, so you can gain recognition for your accomplishments along the way.  

 

 

CCNP Security Exam and Training Recommendations

Gaining the CCNP Security certification demonstrates your skills with security solutions. To earn CCNP Security, you pass two exams: a core exam and a security concentration exam of your choice. And now every exam in the CCNP Security program earns an individual Specialist certification, so you get recognized for your accomplishments along the way. 

  • The core exam focuses on your knowledge of security infrastructure. The core exam is also the qualifying exam for CCIE Security certification. Passing the core exam will qualify candidates to schedule and take the CCIE lab within the validity of their core exam. 
  • Concentration exams focus on emerging and industry-specific topics. You can prepare for concentration exams by taking their corresponding Cisco training courses. 

 

Core exam:

Required exam Recommended training
350-701 SCOR  Implementing and Operating Cisco Security Core Technologies (SCOR) 
This exam tests your knowledge of implementing and operating core security technologies, including: 

  • Network security 
  • Cloud security 
  • Content security 
  • Endpoint protection and detection 
  • Secure network access 
  • Visibility and enforcement 
The Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0 course helps you prepare for the Cisco® CCNP® Security and CCIE® Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower® Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch® Enterprise and Cisco Stealthwatch Cloud threat detection features.

 

 

 

Concentration exams (choose one):

Required exam Recommended training
300-710 SNCF  Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) 
This exam tests your knowledge of Cisco Firepower® Threat Defense and Firepower® 7000 and 8000 Series virtual appliances, including: 

  • Policy configurations 
  • Integrations 
  • Deployments 
  • Management and troubleshooting 
The Securing Networks with Cisco Firepower Next Generation Firewall (SSNGFW) v1.0 course shows you how to deploy and use Cisco Firepower® Threat Defense system. This hands-on course gives you knowledge and skills to use and configure Cisco® Firepower Threat Defense technology, beginning with initial device setup and configuration and including routing, high availability, Cisco Adaptive Security Appliance (ASA) to Cisco Firepower Threat Defense migration, traffic control, and Network Address Translation (NAT). You will learn how to implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features, including network intelligence, file type detection, network-based malware detection, and deep packet inspection. You will also learn how to configure site-to-site VPN, remote-access VPN, and SSL decryption before moving on to detailed analysis, system administration, and troubleshooting. 
Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) 
The Securing Networks with Cisco Firepower Next-Generation IPS (SSFIPS) v4.0 course shows you how to deploy and use Cisco Firepower® Next-Generation Intrusion Prevention System (NGIPS). This hands-on course gives you the knowledge and skills to use the platform features and includes firewall security concepts, platform architecture and key features; in-depth event analysis including detection of network-based malware and file type, NGIPS tuning and configuration including application control, security intelligence, firewall, and network-based malware and file controls; Snort® rules language; file and malware inspection, security intelligence, and network analysis policy configuration designed to detect traffic patterns; configuration and deployment of correlation policies to take action based on events detected; troubleshooting; system and user administration tasks, and more. 
300-715 SISE  Implementing and Configuring Cisco Identity Services Engine (SISE) 
This exam tests your knowledge of Cisco Identify Services Engine, including: 

  • Architecture and deployment 
  • Policy enforcement 
  • Web Auth and guest services 
  • Profiler 
  • BYOD 
  • Endpoint compliance 
  • Network access device administration 
The Implementing and Configuring Cisco Identity Services Engine (SISE) v3.0 course shows you how to deploy and use Cisco® Identity Services Engine (ISE) v2.4, an identity and access control policy platform that simplifies the delivery of consistent, highly secure access control across wired, wireless, and VPN connections. This hands-on course provides you with the knowledge and skills to implement and use Cisco ISE, including policy enforcement, profiling services, web authentication and guest access services, BYOD, endpoint compliance services, and TACACS+ device administration. Through expert instruction and hands-on practice, you will learn how to use Cisco ISE to gain visibility into what is happening in your network, streamline security policy management, and contribute to operational efficiency. 

 

300-720 SESA  Securing Email with Cisco Email Security Appliance (SESA) 
This exam tests your knowledge of Cisco Email Security Appliance, including: 

  • Administration 
  • Spam control and antispam 
  • Message filters 
  • Data loss prevention 
  • LDAP 
  • Email authentication and encryption 
  • System quarantines and delivery methods
The Securing Email with Cisco Email Security Appliance (SESA) v3.1 course shows you how to deploy and use Cisco® Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. 

 

 

 

300-725 SWSA  Securing the Web with Cisco Web Security Appliance (SWSA) 
This exam tests your knowledge of Cisco Web Security Appliance, including: 

  • Proxy services 
  • Authentication 
  • Decryption policies 
  • Differentiated traffic access policies and identification policies 
  • Acceptable use control settings 
  • Malware defense 
  • Data security and data loss prevention 
The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

 

 

 

300-730 SVPN  Implementing Secure Solutions with Virtual Private Networks (SVPN) 
This exam tests your knowledge of implementing secure remote communications with Virtual Private Network (VPN) solutions, including: 

  • Secure communications 
  • Architectures 
  • Troubleshooting 
The Implementing Secure Solutions with Virtual Private Networks (SVPN) v1.0 course teaches you how to implement, configure, monitor, and support enterprise Virtual Private Network (VPN) solutions. Through a combination of lessons and hands-on experiences you will acquire the knowledge and skills to deploy and troubleshoot traditional Internet Protocol Security (IPsec), Dynamic Multipoint Virtual Private Network (DMVPN), FlexVPN, and remote access VPN to create secure and encrypted data, remote accessibility, and increased privacy. 

 

300-735 SAUTO  Implementing Automation for Cisco Security Solutions (SAUI) 
This exam tests your knowledge of implementing security automated solutions, including: 

  • Programming concepts 
  • RESTful APIs 
  • Data models 
  • Protocols 
  • Firewalls 
  • Web 
  • DNS 
  • Cloud and email security 
  • ISE 
The Implementing Automation for Cisco Security Solutions (SAUI) v1.0 course teaches you how to design advanced automated security solutions for your network. Through a combination of lessons and hands-on labs, you will master the use of modern programming concepts, RESTful Application Program Interfaces (APIs), data models, protocols, firewalls, web, Domain Name System (DNS), cloud, email security, and Cisco® Identity Services Engine (ISE) to strengthen cybersecurity for your web services, network, and devices. You will learn to work within the following platforms: Cisco Firepower® Management Center, Cisco Firepower Threat Defense, Cisco ISE, Cisco pxGrid, Cisco Stealthwatch® Enterprise, Cisco Stealthwatch Cloud, Cisco Umbrella®, Cisco Advanced Malware Protection (AMP), Cisco Threat grid, and Cisco Security Management Appliances. This course will teach you when to use the API for each Cisco security solution to drive network efficiency and reduce complexity.

 

 

Prerequisites 

There are no formal prerequisites for CCNP Security, but you should have a good understanding of the exam topics before taking the exam. 

CCNP candidates often also have three to five years of experience implementing security solutions. 

 

Cisco Continuing Education Program 

The Continuing Education program is intended to encourage candidates to maintain, grow, and diversify skillsets by offering flexible, configurable pathways to validate skills and recertify existing certifications. This will result in IT (Information Technology) professionals bringing value to their organization and the industry by maintaining their status as a Cisco professional. 

.

 

About the Author

Syazana Khan

A writer and communications specialist with 2 years of experience in professional development and technology training.