End of 2024 20% Discount Promotion
Only 17 days
Classroom
10/03/2025 (Monday)
Overview
This certification retired on 24th February 2020. Our closest replacement is CCNA.
Get both your CCNA Security and CCNP Security certifications in 17 days. On this course you'll learn how to reduce the risk to your IT infrastructures and applications using Cisco Switches, Cisco ASA, and the router security appliance feature.
CCNA Security
Develop your own security policies and protect your IT infrastructure with the CCNA Security certification. As prerequisite for the CCNP Security cert, this course will teach you how to:
- Develop security infrastructures
- Recognise threats and vulnerabilities to networks
- Mitigate and respond to security threats
CCNP Security
During the CCNP Security part of the course you'll learn how to plan and implement end-to-end network security measures using Cisco Switches, Cisco ASA, and the router security appliance feature.
You'll also learn about:
- How to configure and implement security on Cisco network perimeter edge devices such as a Cisco switch, Cisco router, and Cisco ASA firewall.
- Various Virtual Private Network (VPN) systems that Cisco has available on the Cisco ASA firewall and Cisco IOS software platforms.
- The different components and architecture of secure access, by utilising 802.1X and Cisco TrustSec.
- Advanced firewall architecture and configuration with the Cisco next-generation firewall, using access and identity policies.
Benefits
Exam 640-554 IINS is a prerequisite for the CCNP Security certification. You will study for, and take, the exam at the beginning of the course.
The CCNP Security program is designed to provide the skills necessary to function as a network security engineer responsible for Routers, Switches and other Cisco Security appliances. Students will learn through a mix of lecture and practical exercises how to deploy, support, and troubleshoot Firewalls VPNs and IDS solutions. The course will comprise all the modules needed for the complete CCNP Security certification.
Your CCNP Security certification will prove that you can:
- Secure the network infrastructure using Cisco security products and integrated technologies
- Deploy perimeter security, VPNs, and intrusion protection technologies and solutions
- Monitor and detect relevant security events
- Manage network security to protect productivity gains and reduce costs
Cisco certifications also afford you special membership benefits:
- A certificate of accomplishment.
- A wallet card, logo and designation for your personal promotion to clients or potential employers.
- Access to the secure Cisco on-line tracking system so you can download logos, and track your Cisco certification progress throughout your career.
Curriculum
CCNA Security
Common Security Threats
- Common security threats
Security and Cisco Routers
- Implementing security on Cisco routers
- Securing the data, control and management plane
- Cisco Security Manager
- Transition from IPv4 to IPv6
AAA on Cisco Devices
- Implementing AAA (authentication, authorization, and accounting)
- TACACS+
- RADIUS
- AAA
- AAA functionality
IOS ACLs
- Standard, extended, and named IP IOS access control lists (ACLs) to filter packets
- Considerations when building ACLs
- Implementing IP ACLs to mitigate threats in a network
Securing Network Management and Reporting
- Securing network management
- Implementing secure network management
Common Layer 2 Attacks
- Layer 2 security using Cisco switches
- VLAN security
- Implementing VLANs and trunking
- Implementing spanning tree
Cisco Firewall Technologies
- Operational strengths and weaknesses of the different firewall technologies
- Stateful firewalls
- Types of NAT used in firewall technologies
- Implementing zone-based policy firewall using CCP
- Implementing the Cisco Adaptive Security Appliance (ASA)
- Implementing Network Address Translation (NAT) and Port Address Translation (PAT)
Cisco IPS
- Considerations when deploying Cisco Intrusion Prevention System (IPS)
- IPS technologies
- Configuring Cisco IOS IPS using CCP
VPN Technologies
- Different methods used in cryptography
- VPN technologies
- The building blocks of IPSec
- Implementing an IOS IPSec site-to-site VPN with pre-shared key authentication
- Verify VPN operations
- Implementing Secure Sockets Layer (SSL) VPN using ASA device manager
CCNP Security
Implementing Cisco Edge Network Security Solutions - SENSS:
- Understanding and implementing Cisco modular Network Security Architectures such as SecureX and TrustSec.
- Deploy Cisco Infrastructure management and control plane security controls.
- Configuring Cisco layer 2 and layer 3 data plane security controls.
- Implement and maintain Cisco ASA Network Address Translations (NAT).
- Implement and maintain Cisco IOS Software Network Address Translations (NAT).
- Designing and deploying Cisco Threat Defense solutions on a Cisco ASA utilizing access policy and application and identity based inspection.
- Implementing Botnet Traffic Filters.
- Deploying Cisco IOS Zone-Based Policy Firewalls (ZBFW).
- Configure and verify Cisco IOS ZBFW Application Inspection Policy.
Implementing Cisco Secure Mobility Solutions - SIMOS:
- Describe the various VPN technologies and deployments as well as the cryptographic algorithms and protocols that provide VPN security.
- Implement and maintain Cisco site-to-site VPN solutions.
- Implement and maintain Cisco FlexVPN in point-to-point, hub-and-spoke, and spoke-to-spoke IPsec VPNs.
- Implement and maintain Cisco clientless SSL VPNs.
- Implement and maintain Cisco AnyConnect SSL and IPsec VPNs.
- Implement and maintain endpoint security and dynamic access policies (DAP).
Implementing Cisco Secure Access Solutions - SISAS:
- Understand Cisco Identity Services Engine architecture and access control capabilities.
- Understand 802.1X architecture, implementation and operation.
- Understand commonly implemented Extensible Authentication Protocols (EAP).
- Implement Public-Key Infrastructure with ISE.
- Understand the implement Internal and External authentication databases.
- Implement MAC Authentication Bypass.
- Implement identity based authorization policies.
- Understand Cisco TrustSec features.
- Implement Web Authentication and Guest Access.
- Implement ISE Posture service.
- Implement ISE Profiling.
- Understand Bring Your Own Device (BYOD) with ISE.
- Troubleshoot ISE.
Implementing Cisco Threat Control Solutions - SITCS:
- Understand Cisco ASA Next-Generation Firewall (NGFW)
- Deploy Cisco Web Security appliance to mitigate malware
- Configure Web Security appliance for acceptable use controls
- Configure Cisco Cloud Web Security Connectors
- Describe Cisco Email Security Solution
- Configure Cisco Email Appliance Incoming and Outgoing Policies
- Describe IPS Threat Controls
- Configure and Implement Cisco IPS Sensor into a Network
Exam Track
You will be prepared for, and sit, the following exams on site:
- Implementing IOS Network Security v2.0 - 640-554
- Implementing Cisco Edge Network Security Solutions - 300-206 SENSS
- Implementing Cisco Secure Mobility Solutions - 300-209 SIMOS
- Implementing Cisco Secure Access Solutions - 300-208 SISAS
- Implementing Cisco Threat Control Solutions -300-207 SITCS
What's Included
Courseware Included:
- Implementing Cisco IOS Network Security (IINS)
- Implementing Cisco Edge Network Security Solutions (SENSS)
- Implementing Cisco Secure Mobility Solutions (SIMOS)
- Implementing Cisco Secure Access Solutions (SISAS)
- Implementing Cisco Threat Control Solutions (SITCS)
Prerequisites
Exam 640-554 IINS is a prerequisite for the CCNP Security certification - this is included as part of the course. Valid CCNA in good standing is also recommended.