CCNP Security Exam Overview:
The CCNP Security exam, which stands for the Cisco Certified Network Professional Security certification program is to be aligned distinctively to the job role of the Cisco Network Security Engineer which would be responsible for Security in Routers, Switches, Networking devices and appliances, as well as deploying, choosing, supporting and troubleshooting Firewalls, VPNs, and IDS/IPS solutions for their networking environments.
The candidates who want to pursue the CCNP Security exam would require the valid CCNA Security certification or any CCIE certification would also act as a prerequisite
CCNP Security Exam Topics:
Implementing Cisco Secure Access Solutions:
The Implementing Cisco Secure Access Solutions or SISAS exam will be going to tests whether a network security engineer knows the architecture and components of secure access, by the utilization of the 802.1X and Cisco TrustSec. This 90-minute exam would be consisting of 55 to 65 questions and would be assessing the knowledge of Cisco Identity Services Engine (ISE) solution, architecture, and components as an overall endpoint control solutions and network threat mitigation. It would also include the fundamental concepts of BYOD, i.e. bring your own device, by utilizing the posture and profiling services of ISE.
The following topics are the universal guiding principle for the content likely to be included on the exam.
1. Identity Management or Secure Access 33%
2. Threat Defense 10%
3. Troubleshooting, Reporting and Monitoring Tools 07%
4. Threat Defense Architectures 17%
5. Identity Management Architectures 33%
Implementing Cisco Edge Network Security Solutions:
The Implementing Cisco Edge Network Security or SENSS exam is going to tests the knowledge of a network security engineer so as to implement and configure the security on Cisco networks perimeter edge devices like the Cisco router, Cisco switch, and Cisco ASA firewall. This 90-minute exam would be consisting of 65 to 75 questions and focuses on the technologies that would be used so as to strengthen the security of a network perimeter like the NAT which stands for the Network Address Translation, ASA policy and application inspection, and a zone-based firewall on Cisco routers.
1. Threat Defense 25%
2. Cisco Secure CLI Management and Security Devices GUIs 25%
3. Cisco devises Management Services 12%
4. Troubleshooting, Reporting and Monitoring Tools 10%
5. Threat & Defense Architectures 16%
6. Security Considerations and Components 12%
Implementing Cisco Secure Mobility Solutions:
The Implementing Cisco Secure Mobility Solutions or SIMOS exam is going to tests a network security engineer on the variety of Virtual Private Network or VPN solutions that Cisco has made available on the Cisco ASA firewall as well as the Cisco IOS software platforms. This 90-minute exam would be consisting of 65 to 75 questions and assesses the knowledge that would be necessary so as to properly implement the highly secure remote communications through VPN technology, like the remote access SSL VPN and site-to-site VPN (DMVPN, FlexVPN).
1. Secure Communications 32%
2. Troubleshooting, Reporting and Monitoring Tools 38%
3. Architectures of Secure Communications 30%
Implementing Cisco Threat Control Solutions:
The Implementing Cisco Threat Control Solutions or SITCS exam is part of the CCNP Security certification. It is going to tests a network security engineer on an advanced firewall configuration and architecture with the Cisco next-generation firewall, utilizing the access and identity policies. This new revision of the SITCS exam would be replacing the 300-207, and it will remove some older technologies, and adds coverage for both Cisco Firepower NGIPS and Cisco Advanced Malware Protection or Cisco AMP. This 90-minute exam is going to consist of 65 to 75 questions and covers integration of IPS or Intrusion Prevention System and context-aware firewall components, as well as the Web Email and Cloud Security solutions.
1. Content Security 27%
2. Network Threat Defense 22%
3. Cisco FirePOWER NGIPS or the Next-Generation IPS 20%
4. Security Architectures 17%
5. Troubleshooting, Reporting, and Monitoring Tools 14%
These are the topics included in the CCNP Security Exam and if you want some further help, you could join the SPOTO CCIE Club, so as to help your chances of earning this certification in single attempt.