CCNP Security exam topics

CCNP Security Exam Overview:

The CCNP Security exam, which stands for the Cisco Certified Network Professional Security certification program is to be aligned distinctively to the job role of the Cisco Network Security Engineer which would be responsible for Security in Routers, Switches, Networking devices and appliances, as well as deploying, choosing, supporting and troubleshooting Firewalls, VPNs, and IDS/IPS solutions for their networking environments.

Prerequisites

The candidates who want to pursue the CCNP Security exam would require the valid CCNA Security certification or any CCIE certification would also act as a prerequisite

CCNP Security Exam Topics:

Implementing Cisco Secure Access Solutions:

The Implementing Cisco Secure Access Solutions or SISAS exam will be going to tests whether a network security engineer knows the architecture and components of secure access, by the utilization of the 802.1X and Cisco TrustSec. This 90-minute exam would be consisting of 55 to 65 questions and would be assessing the knowledge of Cisco Identity Services Engine (ISE) solution, architecture, and components as an overall endpoint control solutions and network threat mitigation. It would also include the fundamental concepts of BYOD, i.e. bring your own device, by utilizing the posture and profiling services of ISE.

The following topics are the universal guiding principle for the content likely to be included on the exam.

1. Identity Management or Secure Access     33%

2. Threat Defense         10%

3. Troubleshooting, Reporting and Monitoring Tools    07%

4. Threat Defense Architectures       17%

5. Identity Management Architectures      33%

Implementing Cisco Edge Network Security Solutions:

The Implementing Cisco Edge Network Security or SENSS exam is going to tests the knowledge of a network security engineer so as to implement and configure the security on Cisco networks perimeter edge devices like the Cisco router, Cisco switch, and Cisco ASA firewall. This 90-minute exam would be consisting of 65 to 75 questions and focuses on the technologies that would be used so as to strengthen the security of a network perimeter like the NAT which stands for the Network Address Translation, ASA policy and application inspection, and a zone-based firewall on Cisco routers.

1. Threat Defense         25%

2. Cisco Secure CLI Management and Security Devices GUIs   25%

3. Cisco devises Management Services      12%

4. Troubleshooting, Reporting and Monitoring Tools    10%

5. Threat & Defense Architectures       16%

6. Security Considerations and Components     12%

Implementing Cisco Secure Mobility Solutions:

The Implementing Cisco Secure Mobility Solutions or SIMOS exam is going to tests a network security engineer on the variety of Virtual Private Network or VPN solutions that Cisco has made available on the Cisco ASA firewall as well as the Cisco IOS software platforms. This 90-minute exam would be consisting of 65 to 75 questions and assesses the knowledge that would be necessary so as to properly implement the highly secure remote communications through VPN technology, like the remote access SSL VPN and site-to-site VPN (DMVPN, FlexVPN).

1. Secure Communications        32%

2. Troubleshooting, Reporting and Monitoring Tools    38%

3. Architectures of Secure Communications     30%

Implementing Cisco Threat Control Solutions:

The Implementing Cisco Threat Control Solutions or SITCS exam is part of the CCNP Security certification. It is going to tests a network security engineer on an advanced firewall configuration and architecture with the Cisco next-generation firewall, utilizing the access and identity policies. This new revision of the SITCS exam would be replacing the 300-207, and it will remove some older technologies, and adds coverage for both Cisco Firepower NGIPS and Cisco Advanced Malware Protection or Cisco AMP. This 90-minute exam is going to consist of 65 to 75 questions and covers integration of IPS or Intrusion Prevention System and context-aware firewall components, as well as the Web Email and Cloud Security solutions.

1. Content Security         27%

2. Network Threat Defense        22%

3. Cisco FirePOWER NGIPS or the Next-Generation IPS   20%

4. Security Architectures        17%

5. Troubleshooting, Reporting, and Monitoring Tools    14%

These are the topics included in the CCNP Security Exam and if you want some further help, you could join the SPOTO CCIE Club, so as to help your chances of earning this certification in single attempt.