The Cisco CCIE Security certification is of the top level on the security track within the Cisco Certification program. This designation is intended to validate your skills with complex security solutions. The process of obtaining this certification includes two steps: passing a qualifying exam, and a lab exam.
Before opting for the Cisco CCIE Security accreditation you should have at least 5 years of experience in working with designing, deploying, and optimizing security technologies. So, the first exam you are to pass is known as Implementing and Operating Cisco Security Core Technologies, coded as 350-701. Its main aim is to verify your knowledge of the data center infrastructure and demonstrate your proficient skills in working with network, cloud and content security, endpoint protection and detection, security network access, visibility and enforcement. The exam lasts for 2 hours within which you need to complete all the questions. To take this evaluation, you need to pay $400. Note, that the 350-701 exam leads not only to the expert-level certification in security, but also to the CCNP Security and Cisco Certified Specialist – Security Core designations.
Speaking of the list of topics, the exam comprises 6 domains you need to be competent in. The first topic refers to security concepts. In this part, you should be able to explain threats within on-premises and cloud environments. Thus, your knowledge of viruses, trojans, DoS/DDoS attacks, malware, as well as data breaches, insecure APIs will be evaluated. You also should demonstrate skills to differentiate security vulnerabilities such as software bugs, SQL injection, missing encryption, cross-site scripting/forgery, as well as remote access VPN and site-to-site VPN deployment types. Your proficiency in working with cryptography components, security intelligence consumption, authoring, and sharing, interpreting basic Python scripts will also be checked. Finally, this section evaluates how good you are at explaining the role of the endpoint in protecting human from social engineering attacks and phishing, DNAC APIs network provisioning, optimization, and monitoring, North Bound and South Bound APIs.
The second domain refers to network security. It explores your ability to compare network security solutions to prevent intrusion, describe deployment models of network security architectures, benefits and capabilities of NetFlow and Flexible NetFlow records, verify network infrastructure security methods. Also, you should show that you are able to apply access control policies, management options for network security solutions, configure secure access network management, AAA for network access and device, and check site-to-site VPN and remote access VPN.
The third domain is about securing the cloud. In this section, you should prove your skills to find and implement security solutions for cloud environments, describe the concept of DevSecOps, apply data security in cloud environments, configure cloud logging methodologies. You also should be knowledgeable of the customer and provider security responsibility, and how to describe workload security concepts.
The fourth domain is centered on content security. This part examines your competency in using traffic redirection and capture methods, describing web proxy authentication and identity, configuring email and web security deployment methods, as well as verifying email, internet gateway, and web security features. You also should be able to describe capabilities and components of Cisco Umbrella, along with verifying web security controls on it.
The fifth section covers the endpoint protection and detection topic. The exam questions in this domain will assess your skills to compare EPP and EDR solutions, explain antimalware, antivirus, endpoint-security telemetry, and the importance of using an endpoint patching strategy. You also should be able to describe the importance of MFA strategy, endpoint posture assessment solutions, and justifications for endpoint-based security.
The sixth subject area focuses on secure network access, visibility, and enforcement. In this part, you should demonstrate your skills to verify network access device functionality, describe secure network access concepts, network access with CoA, and the benefits of network telemetry. You also should be knowledgeable of the benefits of app control and device compliance, and be competent in describing components and capabilities of the security products and solutions, such as Cisco pxGrid, Cisco Umbrella Investigate, Cisco Encrypted Traffic Analytics, Cisco Stealthwatch, to mention a few.
The second step implies passing the CCIE Security v6.0 lab exam which lasts for 8 hours. This exam checks your skills to provide the whole network lifecycle from designing and deploying to managing and optimizing.
Having the CCIE Security certification in your pocket proves that you are a real expert in the chosen sphere and opens you an opportunity to earn about $101,369 per year, according to the Ziprecruiter website.