The Cisco CCNP Security certification validates your solid skills in implementing security solutions. This designation can be gained through passing two exams: one core – 350-701 (SCOR) and one concentration, which you are to choose from the pool of 6 available at the vendor’s official website. This certificate implies that you have at least 3 years of practical experience in applying security solutions.
The first exam you need to pass is 350-701 also called Implementing and Operating Cisco Security Core Technologies. It checks how good you are at using and implementing core security technologies, such as network/cloud/content security, endpoint protection & identification, secure network access, and visibility & enforcement. All the exam questions you are to complete with 2 hours. And before taking 350-701 evaluation, you are to pay $400 plus tax.
Consider the fact that along with the Cisco CCNP Security certification, this exam is also associated with the Cisco Certified Specialist – Security Core, and CCIE Security. The first one you gain at once after passing the exam, and the second one after succeeding one more lab exam of the expert level.
So, speaking of the exam content, it consists of 6 topics in which you should be competent in.
The first section that is called security concepts will check your skills to deal with the main threats that can be met in on-premises and cloud environments. It will also measure your skills to differentiate and compare main security vulnerabilities, and describe cryptography components as well as their functions. In addition, your capability to compare remote access VPN and site-to-site VPN deployment groups, describe security intelligence, and the role of the endpoint in securing users from phishing will be evaluated in this domain.
The second domain aims to verify your skills in network security. This comprises skills in describing deployment models of network security solutions and architectures to avert intrusion, describing components, benefits and capabilities of Flexible NetFlow and NetFlow records. Within this topic, you will also be asked to deal with network infrastructure security methods, access control policies, and malware protection. You should also be able to choose options for network security solutions. Besides, your skills to work with AAA for device, network access, and manage secure network will also be assessed in this part.
The third topic will evaluate your proficiency in securing the cloud. This involves the ability to find security solutions for cloud environments, use application and data security in cloud environments, describe security concepts in the given task, and configure cloud logging. In addition, you should demonstrate your skills to compare the security responsibility of the customer and provider. Delving into much detail, you should be proficient in dealing with cloud-delivered security solutions, patch management as well as security assessment in the cloud.
The fourth domain you should be ready for is focused on content security. Here, you are expected to have competency in using traffic redirection, configuring email security features, describing elements of Cisco Umbrella, checking secure internet gateway and web security features. This topic will also measure your proficiency in describing web proxy identity and transparent user identification.
The fifth topic is about endpoint protection and detection. In this section, you should be able to explain the reason for using an endpoint patching strategy, explain antivirus, dynamic file analysis, antimalware, retrospective security, and IOC. You also will be required to show your skills to define EPP and EDR, configure outbreak control, describe justifications for endpoint-based security, and endpoint posture assessment solutions.
The sixth topic focuses on your practical experience to prove network access device functionality, describe identity management, network access with CoA. Your skills to show the benefits of device compliance and of network telemetry will also be assessed. To add more, in this domain you should be able to explain exfiltration techniques, such as HTTPS, DNS tunneling, Messenger, IRC, and NTP.
After the completion of the core exam, it’s high time to sit for the specialist-level evaluation. Each exam is aimed to verify your skills in a special area, and earns you a certification of the specialist level. Thus, 300-710 (SNCF) is dedicated to checking your skills in securing networks with Cisco Firepower, 300-715 (SISE) is about using and configuring Cisco Identity Services Engine, 300-720 (SESA) about securing email with Cisco Email Security Appliance, 300-725 (SWSA) is about securing the web with the help of Cisco Web Security Appliance, 300-730 (SVPN) is about applying secure solutions with Virtual Private Networks, and 300-735 (SAUTO) is about automating and programming Cisco Security Solutions. Each evaluation lasts for 90 minutes and be ready to pay $300 for any of the mentioned exams.