Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options
Checkout

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:

    $

CCNP Security e-Camp

Prepare for the CCNP Security certification exams.

GK# 1827

Course Overview

TOP

This course offers a complete solution to all the training you'll need to prepare for the Cisco Certified Network Professional Security (CCNP Security) certification exams. We provide in-depth coverage of Cisco topics covered in SENSS, SITCS, SISAS, and SIMOS.

The CCNP Security certification focuses on the daily job tasks of experienced network security professionals and engineers. Achieving CCNP Security certification confirms that you have the knowledge and skills needed to test, deploy, configure, maintain, and troubleshoot the Cisco network security appliances and the Cisco IOS Software devices that comprise your network's security.

You will receive in your e-Camp:

  • SIMOS Self-Paced e-Learning
  • SITCS Self-Paced e-Learning
  • SENSS Self-Paced e-Learning
  • SISAS Self-Paced e-Learning

 

Schedule

TOP
  • Delivery Format:
  • Date:
  • Location:
  • Access Period:

$

What You'll Learn

TOP

SENSS

  • Implement Cisco Modular Network Security Architectures Such as SecureX and TrustSec
  • Deploy Cisco Infrastructure Management and Control Plane Security Controls
  • Configure Cisco Layer 2 and Layer 3 Data Plane Security Controls
  • Implement and Maintain Cisco ASA Network Address Translations (NAT)
  • Implement and Maintain Cisco IOS Software Network Address Translations (NAT)
  • Design and deploy Cisco Threat Defense Solutions on a Cisco ASA Utilizing Access Policy and Application and Identity Based Inspection
  • Implement Botnet Traffic Filters
  • Deploy Cisco IOS Zone-Based Policy Firewalls (ZBFW)
  • Configure and Verify Cisco IOS ZBFW Application Inspection Policy

SITCS

  • Cisco ASA Next-Generation Firewall (NGFW)
  • Deploy Cisco Web Security Appliance to Mitigate Malware
  • Configure Web Security Appliance for Acceptable use Controls
  • Configure Cisco Cloud Web Security Connectors
  • Cisco Email Security Solution
  • Configure Cisco Email Appliance Incoming and Outgoing Policies
  • IPS Threat Controls
  • Configure and Implement Cisco IPS Sensor into a Network

SISAS

  • Cisco Identity Services Engine Architecture and Access Control Capabilities
  • 802.1X Architecture, Implementation and Operation
  • commonly Implemented Extensible Authentication Protocols (EAP)
  • Implement Public-Key Infrastructure with ISE
  • the implement Internal and External Authentication Databases
  • Implement MAC Authentication Bypass
  • Implement Identity Based Authorization Policies
  • Cisco TrustSec features
  • Implement Web Authentication and Guest Access
  • Implement ISE Posture Service
  • Implement ISE Profiling
  • Understand Bring Your Own Device (BYOD) with ISE
  • Troubleshoot ISE

SIMOS

  • Various VPN Technologies and Deployments as well as the Cryptographic Algorithms and Protocols that Provide VPN Security
  • Implement and Maintain Cisco Site-to-Site VPN Solutions
  • Implement and Maintain Cisco FlexVPN in Point-to-Point, Hub-and-Spoke, and Spoke-to-Spoke IPsec VPNs
  • Implement and Maintain Cisco clientless SSL VPNs
  • Implement and Maintain Cisco AnyConnect SSL and IPsec VPNs
  • Implement and Maintain Endpoint Security and Dynamic Access Policies (DAP)

Outline

TOP
Viewing outline for:

Self-Paced Outline

Implementing Cisco Edge Network Security Solutions (SENSS)

Secure Design Principals

  • Describe the concepts of Network Security Zones
  • Provide an overview of the Cisco modular network architecture blueprint
  • Describe the Cisco SecureX architecture as a context-aware security solution
  • Describe the Cisco TrustSec solution as a part of the Cisco SecureX architecture

Network Infrastructure Protection Deployment

  • Provide an overview of network infrastructure protection controls
  • Examine various defenses in Cisco IOS Software that protect the control plane
  • Describe some strategies to protect the Cisco IOS management plane
  • Describe some strategies to protect the Cisco ASA management plane
  • Describe the baseline forms of telemetry recommended for network infrastructure devices
  • Configure and verify Cisco IOS Software Layer 2 Data Plane Controls
  • Configure and verify Cisco IOS Software and Cisco ASA Layer 3 Data Plane Controls

NAT Deployment on Cisco IOS Software and Cisco ASA

  • Describe network address translation
  • Configure, verify, and troubleshoot network address translation on Cisco ASA
  • Configure, verify, and troubleshoot network address translation on Cisco IOS Software routers

Threat Controls Deployment on Cisco ASA

  • Overview of Cisco firewall threat controls
  • Describe and configure basic Cisco ASA access polices
  • Describe and configure advanced Cisco ASA access policies
  • Describe and configure reputation-based Cisco ASA access policies

Threat Controls Deployment on Cisco IOS Software

  • Describe and configure Cisco IOS Zone-Based Policy Firewall
  • Describe and configure application inspection policies on Cisco IOS Zone-Based Policy Firewall

Implementing Cisco Threat Control Solutions (SITCS)

Cisco ASA (CX) NGFW Services

  • Describe the Cisco ASA (CX) NGFW solution
  • Describe the Cisco ASA (CX) NGFW management architecture and protocols
  • Describe how to configure Cisco ASA (CX) NGFW policy objects
  • Explain how to monitor Cisco ASA (CX) NGFW operations by using Cisco PRSM
  • Describe how to configure Cisco ASA (CX) NGFW access policies to match security requirements
  • Describe how to configure Cisco ASA (CX) NGFW identity policies to match security requirements
  • Describe how to configure Cisco ASA (CX) NGFW decryption policies to match security requirements

Cisco Web Security Appliance

  • Describe the Cisco Web Security Appliance main features
  • Describe the two Cisco Web Security Appliance integration methods (Explicit Proxy and Transparent Proxy)
  • Configure identities and user authentication
  • Configure URL filtering and application visibility and control
  • Configure inbound and outbound anti-malware controls Configure decryption policies
  • Configure data security controls to implement data loss prevention

Cisco Cloud Web Security

  • Describe the main features of the Cisco Cloud Web Security
  • Describe traffic redirection to Cloud Web Security through connectors, how to configure them on Cisco
  • ASA, Cisco WSA and Cisco IOS, and how to configure AnyConnect web security
  • Module
  • Describe how to configure web filtering policy and how to verify web filtering

Cisco Email Security Appliance

  • Illustrate the SMTP flows and conversations and provides a high level overview of the Cisco Email Security Appliance services
  • Describe the basic configuration components to setup the Cisco ESA, which includes the listener, LDAP queries, HAT, RAT, Mail Flow Policies and SMTP Routes table
  • Explain how to configure the different features within the incoming and outgoing mail policies (anti- spam, anti-virus, content filters, outbreak filters, data loss prevention)

Cisco Intrusion Prevention System

  • Describe the basic definitions and approaches to traditional intrusion prevention/detection systems and next generation IPS
  • Configure different Cisco IPS sensor interface modes
  • Configure the Cisco IPS sensor built-in signatures
  • Describe some methodologies for tuning a Cisco IPS sensor to properly manage false positive and negative events
  • Describes the methods and configuration procedures to create custom signatures on a Cisco IPS sensor
  • Enable the anomaly detection functionality on the Cisco IPS sensor
  • Enable the reputation-based features on the Cisco IPS sensor

Implementing Cisco Secure Access Solutions (SISAS) 

Threat Mitigation Through Identity Services

  • Describe the role of identity services in the secure access solution 
  • Implement 802.1X and EAP 
  • Jump start the secure access solution

Cisco ISE Fundamentals

  • Describe the key characteristics of Cisco ISE Enroll the Cisco ISE in the PKI
  • Implement Cisco ISE internal authentication 
  • Implement Cisco ISE external authentication

Advanced Access Control

  • Describe certificate-based client authentication in EAP-TLS.
  • Describe the authorization in Cisco ISE.
  • Describe the Cisco Security Group Access (SGA) solution and MACsec.

Web Authentication and Guest Access

  • Describe Cisco ISE WebAuth
  • Describe the guest service features of the Cisco ISE

Endpoint Access Control Enhancements

  • Describe the posture assessment and the use of NAC agents
  • Describe the Cisco ISE profiler and the endpoint identity groups
  • Describe the BYOD solution elements and device onboarding

Access Control Troubleshooting

  • Troubleshoot Cisco network access controls

Implementing Cisco Secure Mobility Solutions (SIMOS) 

Fundamentals of VPN Technologies and Cryptography

  • Describe the role of VPNs in network security
  • Describe cryptography solutions, algorithms, and protocols

Deploying Secure Site-to-Site Connectivity Solutions

  • Describe Cisco secure site-to-site connectivity solutions
  • Deploy point-to-point IPsec VPNs on the Cisco ASA
  • Deploy Cisco IOS VTI-based point-to-point IPsec VPNs
  • Deploy Cisco IOS DMVPNs

Deploying Cisco IOS Site-to-Site FlexVPN Solutions

  • Evaluate site-to-site VPN technologies
  • Describe the use of FlexVPN in point-to-point IPsec VPNs 
  • Describe the hub-and-spoke connectivity scenario that can be implemented using the FlexVPN framework 
  • Describe the spoke-to-spoke connectivity scenario that can be implemented using the FlexVPN framework

Deploying Clientless SSL VPN

  • Describe clientless SSL VPN and provide a general description of the SSL/TLS protocol 
  • Configure and verify baseline clientless SSL VPN remote access features of the Cisco ASA security appliance 
  • Deploy and manage advanced application-access features of a clientless Cisco SSL VPN 
  • Deploy and manage advanced authentication and authorization features of a clientless Cisco SSL VPN

Deploying Cisco AnyConnect VPNs

  • Configure, verify, and troubleshoot a basic Cisco AnyConnect SSL VPN on a Cisco ASA security appliance 
  • Configure, verify, and troubleshoot advanced features of Cisco AnyConnect SSL VPNs 
  • Configure, verify, and troubleshoot advanced authentication and authorization in Cisco AnyConnect
  • VPNs 
  • Configure, verify, and troubleshoot a Cisco AnyConnect IPsec/IKEv2 VPN on Cisco ASA security appliances

Endpoint Security and Dynamic Access Policies

  • Implement Cisco HostScan for both clientless and full-tunnel SSL VPNs
  • Integrate DAP with Host Scan on the Cisco ASA security appliance

Labs

TOP
Viewing labs for:

Self-Paced Labs

Implementing Cisco Edge Network Security Solutions (SENSS)

Lab 1: Configuring Configure Cisco Policy Protection (CPP) and Management Plane Protection (MPP)

Lab 2: Configure Traffic Telemetry Methods

Lab 3: Configure Layer 2 Data Plan Security

Lab 4: Configure Layer 2 Data Plan Security

Lab 5: Configure NAT on Cisco Adaptive Security Appliance (ASA) Firewall

Lab 6: Configure NAT on Cisco IOS Software

Lab 7: Configure Cisco ASA Access Policy

Lab 8: Configure Cisco ASA Application Inspection Policy

Lab 9: Configure Cisco ASA Botnet Traffic Filter

Lab 10: Configure Cisco ASA Identity Based Firewall

Lab 11: Configure Cisco IOS Software Zone-Based Firewall (ZBFW)

Lab 12: Configure Cisco IOS Software ZBFW Application Inspection Policy Lab Activity Solutions

 

Implementing Cisco Threat Control Solutions (SITCS)

Lab 1: Configure Cisco Web Security Appliance Explicit Proxy and User Authentication

Lab 2: Configure Cisco Web Security Appliance Acceptable Use Controls

Lab 3: Configure Cisco Email Security Appliance Basic Policies

Lab 4: Accessing the AMP Public Cloud Console

Lab 5: Customizing Detection and AMP Policy

Lab 6: IOCs and IOC Scanning

Lab 7: Deploying AMP Connectors

Lab 8: AMP Analysis Tools

Lab 9: Configure Inline Interfaces and Create Objects

Lab 10: Create Access Control Policy Rules

Lab 11: Configure Network Discovery Detection

Lab 12: Create a File Policy

Lab 13: Create an Intrusion Policy

Lab 14: Create a Network Analysis Policy

Lab 15: Compare Trends

Lab 16: Create Correlation Policies

 

Implementing Cisco Secure Access Solutions (SISAS) 

Lab 1: Installing a Certificate in ISE

Lab 2: Local/Remote Identity Stores with Active Directory/LDAP and Sequence Lists

Lab 3: Examining and Configuring Supplicants

Lab 4: 802.1X: Wired Networks

Lab 5: 802.1X: MAR and EAP Chaining

Lab 6: 802.1X: MAC Authentication Bypass

Lab 7: Implement Central WebAuth

Lab 8: Implement Guest Access and My Device Portal

Lab 9: Implement Posture Service

Lab 10: Implement the Profile Service

Lab 11: Implementing TrustSec and MACsec

 

Implementing Cisco Secure Mobility Solutions (SIMOS) 

Lab 1: Implement Site-to-Site Secure Connectivity on the Cisco ASA

Lab 2: Implement Cisco IOS Static VTI Point-to-Point Tunnel

Lab 3: Implement DMVPN

Lab 4: Implement Site-to-Site Secure Connectivity Using Cisco IOS FlexVPN

Prerequisites

TOP
  • Cisco Certified Network Associate (CCNA) certification
  • Cisco Certified Network Associate (CCNA) Security certification
  • Knowledge of Microsoft Windows operating system

Who Should Attend

TOP
  • Network security engineers
  • Engineers involved in the implementation and support of Cisco security solutions
  • Engineers looking to achieve the Cisco Certified Networking Professional Security certification

Vendor Credits

TOP

This course can be purchased using Cisco Learning Credits (CLCs).

  Cisco Digital Learning

Master Cisco technologies on your own schedule. The digital learning version of this course includes access to these elements for 12 months.

  • Bookmarking tools
  • Progress analytics
  • Gamification with leaderboards
  • Searchable glossary
  • Lab recordings
  • Instructor Videos
  • Student Guide
  • Discovery and Integrated Labs
  • Content Review Questions
  • Challenge Tests and Labs
Find out more
Course Delivery

This course is available in the following formats:

Self-Paced

On-demand content enables you to train on your own schedule.



Request this course in a different delivery format.
Enroll