Cisco Certified Network Professional Security (CCNP Security) certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.

Securing Networks with Cisco Routers and Switches (SECURE)

Course Objectives

  • Implement and maintain Cisco IOS Software infrastructure protection controls in a Cisco router- and switch-based network infrastructure.
  • Implement and maintain Cisco IOS Software threat control and containment technologies in a Cisco router-based perimeter infrastructure.
  • Implement and maintain Cisco IOS Software VPN technologies in a Cisco router-based WAN.
  • Implement and maintain Cisco IOS Software remote access VPN technologies in a Cisco router-based remote access solution.

Course Outline

  • Lesson 1: Deploying Network Foundation Protection Controls
  • Lesson 2: Deploying Advanced Switched Data Plane Security Controls
  • Lesson 3: Implementing Cisco Identity-Based Network Services
  • Lesson 4: Deploying Basic 802.1X Features
  • Lesson 5: Deploying Advanced Routed Data Plane Security Controls
  • Lesson 6: Deploying Advanced Control Plane Security Controls
  • Lesson 7: Deploying Advanced Management Plane Security Controls

Deploying Cisco ASA Firewall Solutions (FIREWALL)

Course Objectives

  • Evaluate the basic firewall technology, features, hardware models, and licensing options of the Cisco ASA security appliance.
  • Implement and troubleshoot basic Cisco ASA security appliance connectivity and device management plane features.
  • Configure and verify Cisco ASA security appliance network integration.
  • Configure and verify Cisco ASA security appliance policy.
  • Configure and verify high availability and virtualization on Cisco ASA security appliances.

Course Outline

  • Cisco ASA Adaptive Security Appliance Introduction
  • Basic Connectivity and Device Management
  • Network Integration
  • Cisco ASA Adaptive Security Appliance Policy Control
  • Cisco ASA Adaptive Security Appliance High Availability and Virtualization

Deploying Cisco ASA VPN Solutions (VPN)

Course Objectives

  • Describe the general properties of the Cisco ASA VPN subsystem
  • Implement and maintain Cisco clientless remote access SSL VPNs on the Cisco ASA adaptive security appliance VPN gateway.
  • Implement and maintain Cisco AnyConnect client-based remote access SSL VPNs on the Cisco ASA security appliance VPN gateway according to policies and environmental requirements.
  • Implement and maintain Cisco remote access IPsec VPNs on the Cisco ASA VPN gateway according to policies and environmental requirements.
  • Implement and maintain site-to-site VPN solutions on the Cisco ASA security appliance VPN gateway according to policies and environmental requirements.
  • Deploy endpoint security with Cisco Secure Desktop and DAP, and deploy and manage high-availability and high-performance features of the Cisco ASA security appliance.

Course Outline

  • The Cisco ASA Adaptive Security Appliance VPN Architecture and Common Components
  • Cisco ASA Adaptive Security Appliance Clientless Remote Access SSL VPN Solutions
  • Cisco AnyConnect Remote Access SSL Solutions
  • Cisco ASA Adaptive Security Appliance Remote Access IPsec VPNs
  • Cisco ASA Adaptive Security Appliance Site-to-Site IPsec VPN Solutions
  • High Availability and High Performance for Cisco ASA Adaptive Security Appliance VPNs

Implementing Cisco Intrusion Prevention System (IPS)

Course Objectives

  • Evaluate products and deployment architectures for the Cisco IPS product line.
  • Perform an initial implementation of a Cisco IPS sensor.
  • Implement an initial security policy using a Cisco IPS sensor according to local policies and environmental requirements.
  • Deploy customized policies to adapt Cisco IPS traffic analysis and response to the target environment.
  • Implement a basic Cisco IPS data management and analysis solution.
  • Implement complex Cisco IPS policy virtualization, high availability, and high performance solutions according to policy and environmental requirements.
  • Perform the initial setup of, and maintain specific Cisco IPS hardware.

Course Outline

  • Introduction to Intrusion Prevention and Detection, Cisco IPS Software, and Supporting Devices
  • Installing and Maintaining Cisco IPS Sensors
  • Applying Cisco IPS Security Policies
  • Adapting Traffic Analysis and Response to the Environment
  • Managing and Analyzing Events
  • Deploying Virtualization, High Availability, and High Performance Solutions
  • Configuring and Maintaining Specific Cisco IPS Hardware