www.noasolution.com www.noasolution.com

CCNP

The CCNP Security certification program is job–role-based for the Cisco Network Security Engineer responsible for security in routers, switches, networking devices, and appliances.

Skills validated in the program include choosing, deploying, supporting, and troubleshooting Firewalls, VPNs, and IDS/IPS solutions for their networking environments.

WHO SHOULD ATTEND

  • Anyone looking to further their networking knowledge.
  • The CCNP Security certification prepares you for the role of Network Security Specialist, Security Administrator and Netowrk Security Support Engineer.

WHAT YOU GET

  • Detailed Lab workbook.
  • Recorded video sessions for future reference with labs.
  • Full access to all videos any time online and downloadable.
  • Understanding technology and co-relating with some real time examples and scenarios
  • Complete core technology with detailed labs verification.

PREREQUISITE

CCNA Security or valid CCSP or any CCIE certification can act as a prerequisite.

TRAINING OPTIONS

  • Online Training
  • Onsite training
  • Instructor led Training
  • Video Training Series ( online/download )

Securing Networks with Cisco Routers and Switches (SECURE) v1.0

Exam Number: 642-637

Duration:90 minutes (60 – 70 questions)

This exam tests a candidate's knowledge and skills needed to secure Cisco IOS Software router and switch-based networks, and provide security services based on Cisco IOS Software.Candidates can prepare for this exam by taking the Securing Networks with Cisco Routers and Switches course.

Pre-Production Design


    • Choose Cisco IOS technologies to implement HLD
    • Choose Cisco products to implement HLD
    • Choose Cisco IOS features to implement HLD 2
    • Integrate Cisco network security solutions with other security technologies
    • Create and test initial Cisco IOS configurations for new devices/services

Complex Operations Support


    • Optimize Cisco IOS security infrastructure device performance
    • Create complex network security rules to meet the security policy requirements
    • Optimize security functions, rules, and configuration
    • Configure & verify NAT to dynamically mitigate identified threats to the network
    • Configure & verify IOS Zone Based Firewalls including advanced application inspections and URL filtering
    • Configure & verify the IPS features to identify threats and dynamically block them from entering the network
    • Maintain, update and tune IPS signatures
    • Configure & verify IOS VPN features
    • Configure & verify Layer 2 and Layer 3 security features

Advanced Troubleshooting


    • Advanced Cisco IOS security software configuraiton fault finding and repairing
    • Advanced Cisco routers and switches hardware fault finding and repairing

Implementing Cisco Intrusion Prevention System v7.0

Exam Number: 642-627

Duration:Approximately 90 minutes (60 – 70 questions)

This exam tests a candidate's knowledge and skills needed to deploy Cisco IPS-based security solutions.Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco IPS features, and provide detailed operations support for the Cisco IPS.

Pre-Production Design


    • Choose Cisco IPS technologies to implement HLD
    • Choose Cisco products to implement HLD
    • Choose Cisco IPS features to implement HLD
    • Integrate Cisco network security solutions with other security technologies
    • Create and test initial Cisco IPS configurations for new devices/services

Complex Support Operations


    • Optimize Cisco IPS security infrastructure device performance
    • Create complex network security rules, to meet the security policy requirements
    • Configure and verify the IPS features to identify threats and dynamically block them from entering the network
    • Maintain, update and tune IPS signatures
    • Use CSM and MARS for IPS management, deployment, and advanced event correlation.
    • Optimize security functions, rules, and configuration

Advanced Troubleshooting


    • Advanced Cisco IPS security software configuraiton fault finding and repairing
    • Advanced Cisco IPS sensor and module hardware fault finding and repairing

Deploying Cisco ASA Firewall Solutions (FIREWALL)


    • Exam Number: 642-618
    • Duration: Approximately 90 minutes (60-70 questions)

This exam tests a candidate's knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions.Successful candidates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA features, and provide detailed operations support for the Cisco ASA.

Cisco ASA adaptive security appliance Basic Configurations


    • Identify the ASA product family
    • Implement ASA licensing
    • Manage the ASA boot process
    • Implement ASA interface settings
    • Implement ASA management features
    • Implement ASA access control features
    • Implement Network Address Translation (NAT) on the ASA
    • Implement ASDM public server feature
    • Implement ASA quality of service (QoS) settings
    • Implement ASA transparent firewall

ASA Routing Features


    • Implement ASA static routing
    • Implement ASA dynamic routing

ASA Inspection Policy

    • Implement ASA inspections features

ASA Advanced Network Protections


    • Implement ASA Botnet traffic filter

ASA High Availability


    • Implement ASA Interface redundancy and load sharing features
    • Implement ASA virtualization feature
    • Implement ASA stateful failover

Deploying Cisco ASA VPN Solutions (VPN)

Exam Number: 642-648

Duration:Approximately 90 minutes (60 – 70 questions)

Common Cisco ASA adaptive security appliance VPN Configurations Components


    • Identify ASA VPN licensing requirements
    • Identify the components and features of AnyConnect 3.0 Mobility (VPN, NAM, Web Sec (ScanSafe), an Telemetry)
    • Implement ASA VPN connection profiles, group policies, and user policies
    • Implement Simple Certificate Enrollment Protocol (SCEP) proxy operations using Cisco Adaptive Security Device Manager (ASDM)
    • Implement local and external VPN authorization using ASDM
    • Implement VPN session accounting using ASDM
    • Implement Cisco Secure Desktop and Independent Host Scan operations using ASDM
    • Implement DAP operations using ASDM
    • Implement LOCAL CA operations for Secure Sockets Layer (SSL) VPNs using ASDM
    • Implement certificate maps using ASDM
    • Identify the ASA IPv6 VPN capabilities
    • Monitor and verify the resulting CLI commands resulting from the various VPN configurations on the ASA

ASA IP SEC S2S VPN


    • Implement a security high-level design according to policy and environmental requirements by identifying Cisco ASA IPSec S2S VPN features and supporting technologies
    • Implement basic IPSEC S2S VPN operations with PSK and digital certificates using ASDM
    • Implement basic IKEv2 based IPSEC S2S VPN operations using ASDM
    • Troubleshoot the initial provisioning IPSec S2S VPN applications due to misconfiguration

ASA EZVPN


    • Implement a security high level design according to policy and environmental requirements by identifying Cisco ASA VPN client features and supporting technologies
    • Implement basic EZVPN server operations on the ASA using ASDM

Basic EZVPN remote operations on the ASA 5505 using ASDM

    • Implement AnyConnect 3.0 IKEv2 RA VPN operations
    • Implement Client Services Server (CSS) feature
    • Troubleshoot the initial provisioning IPSec RA VPN applications due to misconfiguration

ASA AnyConnect SSL VPNs


    • Implement a security high-level design according to policy and environmental requirements by identifying Cisco ASA AnyConnect client features and supporting technologies
    • Implement DTLS operations using ASDM
    • Implement basic AnyConnect 3.0 full tunnel SSL VPN operations
    • Troubleshoot AnyConnect SSL VPN operations using DART
    • Implement AnyConnect Profiles using ASDM
    • Implement advanced authentication in AnyConnect Full Tunnel SSL VPNs (certificate and multi-authentication) using ASDM
    • Troubleshoot the initial provisioning client-based SSL VPN applications due to misconfiguration

ASA Clientless SSL VPNs


    • Implement a security high level design according to policy and environmental requirements by identifying Cisco ASA clientless SSL VPN features and supporting technologies
    • Implement basic Clientless SSL VPN operations using ASDM
    • Implement advanced applications access using ASDM
    • Implement the SSO features on the ASA in a clientless SSL VPN environment
    • Implement advanced authentication in clientless SSL VPNs (certificate and multi-authentication) using ASDM
    • Manage the clientless SSL VPN user interface and portal using ASDM
    • Implement basic portal customization
    • Troubleshoot the initial provisioning of Clientless SSL VPN applications due to misconfiguration

SSL VPN High Availability


    • Implement SSL and IPSEC VPN high availability features