It is not hard to believe that the official curriculum of CCNA Security is subject to changes due to constant up-gradation of technology and its usage. Today, the Internet of Things (IoT) is spreading to touch the limits of e-business globally and it continues to increase, especially in operational and information technology fields. As regards the recent studies, we would have more than 50 billion things connected to the Internet in the next five years, therefore, network security will be a main concern and the need of the hour for network security professionals is to upgrade themselves with advanced technical standards.
Cisco has taken the initiative to revise the entry level program in network security. CCNA IINS v2 has been replaced by CCNA Security IINS v3 which is designed to help network engineers enhance their skill sets required to perform entry level administration and support CISCO Security Solutions, Whereas v2 was mostly dealing with IOS security.
“What’s new to learn with CCNA Security v3.0?” Let’s take a look:
The new curriculum involves advanced network security technologies such as:
Cisco Cloud Web Security (CWS) is a cloud-delivery web proxy that uses the Cisco worldwide threat intelligence to protect and secure the distributed enterprise. CWS helps in providing security against web-based threats and protects Software-as-a-Service (SaaS) applications that are accessible to enterprise employees wherever their physical location may be.
Cisco Identity Services Engine (ISE) has been introduced to provide secured user access over a wired, wireless, or VPN connection to the company’s routers and switches thereby using role-based access control policies. Cisco ISE is aimed and deployed to reduce the number of potential threats on your network from unknown threads.
Cisco Bring Your Own Device (BYOD) technology and environments is a solution-based technology. You have an option to tailor it according to your needs. It helps you design, manage, and control the access of your network and in planning day-to-day operations. It is a smart solution that increases the efficiency and flexibility of access points, network management, and mobile collaboration applications in an evolving network.
Cisco Next-Generation Intrusion Prevention System (NGIPS) gives a platform, a standardized one, to protect present network resources against the new and advanced threats by integrating real-time contextual awareness with intelligent security automation. Cisco FirePOWER 7000 and 8000 series are the most advanced and latest NGIPS devices that are capable of tracking attacks through your network.
The course can be pursued by:
- Network Security Specialist
- Security Technician
- Security Administrator
- Network Security Support Engineer
- Principle System Engineers
- Cisco Channel Partners
- Others who have interest and wish to make a career in Network Security.
Though it is highly recommended, but it is not a compulsion that students should have the following knowledge and skills:
- Knowledge of the Windows operating system
- Working knowledge of Cisco IOS networking and concepts
Required Exam to Obtain CCNA Security v3.0 Certification
After successfully completing the official CCNA Security curriculum, a candidate must appear and pass “Implementing Cisco Network Security v3.0” exam (exam code 210-260) to obtain the new CCNA Security Certification.
EXAM OBJECTIVES OF NEW CCNA SECURITY IINS V3.0
1. Security Concepts – This section includes security principles, threats, cryptography, and network topologies. It constitutes 12% of the questions asked in the exam.
2. Secure Access – This section deals with secure management, AAA concepts, 802.1X authentication, and BYOD. It makes 14% of the exam.
3. VPN (Virtual Private Networks) – This focuses on VPN concepts, remote access VPNs, and site-to-site VPNs. It is 17% of the exam.
4. Secure Routing & Switching – This section concentrates on VLAN security, mitigation techniques, layer 2 attacks, routing protocols, and overall security of Cisco routers. That is 18% of the exam.
5. Cisco Firewall Technologies – This section is 18% of the exam and focuses on stateful and stateless firewalls, proxy firewalls, application, and personal firewalls. Additionally, it concentrates on Network Address Translation (NAT) and other features of Cisco ASA 9.x.
6. IPS – It is 9% of the exam and this portion focuses on network-based and host-based IPS, deployment, and IPS technologies.
7. Content and Endpoint Security –Constituting 12% of the exam, this section checks your understanding on the endpoint, web-based, and email-based threats. Later it leads to apt and effective mitigation technology and techniques to counter those threats.
The revised CCNA Security (IINS v3.0) curriculum is designed to bring data, device, and administration together to have better network security, which is more relevant and valuable than ever. It is destined to meet the current business demand so that the network security professionals are able to acquire new knowledge, training and vital skills to be successful in evolving job roles.