CCIE DC V2 Success: Mr. Keval Smart CCIE Data Center #56915, Mr. Vijay Pandey CCIE Data Center #56720, Mr. Victor Ade Adeboje CCIE Data Center, #56196 Mr. Binoy CCIE Data Center #56657, Mr. Muruguppan CCIE Data Center #56434, Mr. Pritish Patil CCIE Data Center #56048
CCIE Results
  • info@networkershome.com
  • Bangalore +91-8447971084

    Gurugram +91-8447971054

  • Delhi +91-9964999568

    or +91-8447971084

  • USA +1-408-753-0671

HOME > PROGRAMS > CCNP Security
Duration: 200 hours

CCNP Security

  • Course Summary
  • Course Content
  • Career Path ways

Outline:

Cisco Certified Network Professional Security (CCNP Security) certification program is designed to make one fit specifically to the job role of the Cisco Network Security Engineer.

A CCNP Security certified engineer is responsible for Security in various Networking devices and appliances. Also, supporting and troubleshooting VPNS, Firewalls, and IDS/IPS solutions for various networking environments is a part of his day to day work.

Cisco Certified Network Professional Security (CCNP Security) certification program is aligned specifically to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments. Achieving CCNP Security certification confirms that you have the knowledge and skills needed to test, deploy, configure, maintain, and troubleshoot the Cisco network security appliances and the Cisco IOS Software devices that comprise your network’s security. CCNP Security certification training is a composite of four modules that a professional must qualify in order to obtain this prestigious credential. This CCNP Security training will cover in detail each of the following four modules to ensure that participants gain core understanding of implementing security for Cisco devices:

CCNP Security consists of a Composite Course Curriculum so that the candidate will become able to clear the following Four Cisco Exams:

  • Implementing Cisco Edge Network Security Solutions (300-206)
  • Implementing Cisco Secure Access Solutions (300-208)
  • Implementing Cisco Secure Mobility Solutions (300-209)
  • Implementing Cisco Threat Control Solutions (300-210)
What I will learn?

Students will be able to configure & implement security features on Cisco Security Devices mainly Routers, Switches, ASA, NGFW, Firepower, NGIPS, WSA, ESA & ISE.

LABS on Real Devices

SNRS (Securing Networks with Cisco Router & Switches):

  1. 1. Basic Router Security
  2. 2. Standard Named ACL
  3. 3. Controlling Telnet Access & SSH
  4. 4. Extended ACL
  5. 5. Dynamic ACL
  6. 6. Reflexive ACL
  7. 7. Time Based ACL
  8. 8. CBAC (Context Based Access Control)
  9. 9. ZBPF (Zone Based Policy Firewall)
  10. 10. MQC (Modular QoS CLI)
  11. 11. Blackhole Routing using PBR
  12. 12. NAT TCP Load Balancing
  13. 13. Stateful High Availability NAT
  14. 14. NAT Virtual Interface
  15. 15. TCP Intercept
  16. 16. NBAR
  17. 17. Netflow
  18. 18. Routing Protocol Authentication: RIPv2
  19. 19. Routing Protocol Authentication: OSPF
  20. 20. Routing Protocol Authentication: EIGRP
  21. 21. Routing Protocol Authentication: BGP
  22. 22. Route Filtering with EIGRP
  23. 23. Route Filtering with OSPF
    24. Route Filtering with RIPv2
  24. 25. Control Plane Policing
  25. 26. Control Plane Protection
  26. 27. Management Plane Protection
  27. 28. Disabling Requisite Services
  28. 29. Controlling Device Access
  29. 30. CPU Protection
  30. 31. Selective Packet Discard
  31. 32. Controlling Device Services
  32. 33. Transit Traffic Control with Flexible Packet Matching
  33. 34. Congestion Management
  34. 35. IOS File System Security
  35. 36. Network Telemetry Identification & Classification of Security Events
  36. 37. BGP TTL Security
  37. 38. IPv6 Selective Packet Discard
  38. 39. IOS IPS
  39. 40. DHCP Snooping
  40. 41. Dynamic ARP Inspection
  41. 42. IP Source Guard
  42. 43. Preventing VLAN Hopping Attack
  43. 44. VLAN Access Lists
  44. 45. STP Protection
  45. 46. Protect Broadcast Storm
  46. 47. Preventing IP Spoofing
  47. 48. Port-Security
  48. 49. SNMP
  49. 50. IP Options

ASA (Adaptive Security Appliance):

  1. 1. Hardware, IOS Upgradation& ASDM
  2. 2. Basic ASA Configuration: Interfaces, Security Levels and Ether Channel
  3. 3. ASA Fundamentals: Access Control Lists
  4. 4. Licensing of ASA
  5. 5. Packet Processing
  6. 6. Understanding Connection Profiles
  7. 7. Routing in ASA: Static, Default, RIPv2, EIGRP, OSPF, BGP, IS-IS
  8. 8. ASA Management (Local & Remote)
  9. 9. NAT Basics in ASA: Object NAT & Twice NAT
  10. 10. Static NAT
  11. 11. Dynamic NAT
  12. 12. NAT Exemption
  13. 13. Static Policy NAT
  14. 14. Dynamic Policy NAT
  15. 15. Bidirectional NAT
  16. 16. Modular Policy Framework
  17. 17. FTP, DNS, SMTP, HTTP & ICMP Inspection
  18. 18. Virtual Firewalls (ASAv)
  19. 19. Redundant Interfaces
  20. 20. Multi-Context Firewall
  21. 21. Active-Standby Failover (Single Context)
  22. 22. Active-Active Failover (Multi-Context)
  23. 23. Transparent Firewall
  24. 24. Threat Detection
  25. 25. Time Based Access Control
  26. 26. Qos: Priority Queuing
  27. 27. QoS: Traffic Policing
  28. 28. QoS: Traffic Shaping
  29. 29. QoS: Prioritization
  30. 30. SLA Route Tracking
  31. 31. DHCP
  32. 32. URL Filtering
  33. 33. Troubleshooting with Packet Tracer, Capture Tools &TCPDump
  34. 34. Firepower installation
  35. 35. FMC Integration
  36. 36. Policy Implementation in Firepower
  37. 37. FTD Installation & Basic Configuration
  38. 38. FTD: Policy Enforcements
  39. 39. FTD High Availability
  40. 40. Integration with AMP, ISE &Splunk

VPN (Virtual Private Network):

  1. 1. Next Generation Encryption & Hashing
  2. 2. IPSec suite
  3. 3. VPN: Connection establishment (Packet Level)
  4. 4. AAA for Network Access
  5. 5. VPN Implementation in ASA
  6. 6. Group Policies
  7. 7. Configuring User Attributes
  8. 8. Integration with External Servers for AAA & Policies
  9. 9. SSL VPN: Overview
  10. 10. Deployment of Anyconnect VPN & Troubleshoot
  11. 11. Authentication Strategies: CRLs & OCSP
  12. 12. Authorization with AAA & DAPs
  13. 13. Anyconnect Integration with Cisco Secure Desktop
  14. 14. Anyconnect High Availability
  15. 15. Clientless SSL VPN including Authentication Strategies & DAPs Authorization
  16. 16. Customizing Clientless Portal
  17. 17. Clientless SSL VPN High Availability
  18. 18. Cisco VPN Client
  19. 19. Easy VPN: Authentication, Authorization & High Availability: Client, Network Extension Mode without & with
  20. 20. Introduction of IPSec Site-to-Site VPNs including High Availability with Mechanism i.e. Packet exchange b/w peers
  21. 21. LAN-to-LAN Tunnel without NAT-T
  22. 22. LAN-to-LAN Tunnel with NAT-T
  23. 23. Point-to-Point GRE
  24. 24. Encrypting GRE Tunnels using IPSec
  25. 25. Native IPSec Tunnel Interface with S-VTI
  26. 26. mGRE Tunnel
  27. 27. DMVPN (Phase 1, 2 & 3)
  28. 28. GETVPN
  29. 29. Configuring Router as a CA Server
  30. 30. Flex-VPN: DVTI – SVTI
  31. 31. Flex-VPN: Server – Client
  32. 32. HA (IPSecStateful Failover) &QoS
  33. 33. Call Admission Control for IKE
  34. 34. IPSec Load Balancing (ASA Cluster)
  35. 35. Troubleshoot VPN Connectivity

Identity Management with ISE (2.1) & ACS (5.8)

  1. 1. Privilege Levels
  2. 2. AAA
  3. 3. ISE Installation
  4. 4. Registration with Self-Signed & CA-Signed Certificate
  5. 5. AD Integration
  6. 6. Backup & Restore
  7. 7. Network Access with Radius
  8. 8. Device Administration with TACACS+
  9. 9. MAB, Profiling & Probing
  10. 10. Dot1x (Wired & Wireless) using EAP, PEAP & EAP-TLS
  11. 11. CWA (Wired & Wireless Meraki: BYOD)
  12. 12. LWA
  13. 13. Posture Validation
  14. 14. Trustsec (NAC Agent & Web Agent)
  15. 15. Macsec
  16. 16. Integration of Splunk with ISE
  17. 17. Integration with WSA & ESA
  18. 18. ACS Installation, Bootstrapping & AD Integration
  19. 19. Command Authorization
  20. 20. TACACS+ User Authentication & Authorization
  21. 21. IOS Authentication Proxy
  22. 22. Authentication Proxy on ASA
  23. 23. 802.1x Authentication with ACS
  24. 24. Super Lab – 1
  25. 25. Super Lab – 2

WSA, ESA, IPS (NGIPS)

  1. 1. Basic Installation including DNS & Routing
  2. 2. WSA Identities & Access Policies
  3. 3. AD Integration
  4. 4. User Authentication
  5. 5. Custom URL Categories
  6. 6. Application Visibility & Control
  7. 7. Web Reputation
  8. 8. Transparent Proxy with Router, Switch & ASA
  9. 9. ESA: Spam Filtering
  10. 10. Deployment of IPS & NGIPS
Jobs:

Below are a few job roles for which CCNP Security certified candidates can apply and opt for:

  • System Security Engineers
  • Network Security Administrators
  • Network Security Support Specialists
  • Network Security Engineers
  • Network Security Consultants

 

Future Training & Learning:

To advance their career and increase their knowledge domain candidates can opt for any of the following certification programs in different tracks:

Apply for this Course

Enquire Now
FREE WEEKLY UPDATES
Get the latest content first.
We respect your privacy.

Stay updated with upcoming training opportunities.

Latest Results and updated information on new Course Launch.Be the first one to know.