Call Now!

CCNP Security Course Syllabus

Exam Description: Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701) is a 120-minute exam associated with the CCNP and CCIE Security Certifications. This exam tests a candidate’s knowledge of implementing and operating core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. The course, Implementing and Operating Cisco Security Core Technologies, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Common Threats
  • On-premises: viruses, trojans, DoS/DDoS, phishing, rootkits, MITM, SQL injection, XSS, malware
  • Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials
Vulnerabilities & Cryptography
  • Software bugs, weak/hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, XSS/forgery
  • Functions of cryptography: hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key, certificate-based authorization
VPN & Security Intelligence
  • Site-to-site VPN vs remote access VPN: sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN, high availability, AnyConnect
  • Security intelligence authoring, sharing, and consumption
Endpoints & APIs
  • Role of endpoints in phishing/social engineering protection
  • North Bound and South Bound APIs in SDN
  • DNAC APIs for provisioning, optimization, monitoring, troubleshooting
  • Interpret basic Python scripts calling Cisco Security appliance APIs

Solutions & Deployments
  • Network security solutions with firewall and IPS
  • Deployment models and architectures
  • Components & benefits of NetFlow and Flexible NetFlow
Configuration & Hardening
  • Router, switch, wireless security configuration
  • Layer 2 methods: VLANs, VRF-lite, port security, DHCP snooping, ARP inspection, storm control, PVLANs, defense against MAC, ARP, VLAN hopping, STP, DHCP rogue
  • Device hardening: control plane, data plane, management plane, routing protocol security
Access & Management
  • Segmentation, access control, AVC, URL filtering, malware protection
  • Network security management: single/multidevice manager, in/out-of-band, CDP, DNS, SCP, SFTP, DHCP security
  • AAA: authentication/authorization, TACACS+, RADIUS, accounting, dACL
  • Secure network device management: SNMPv3, views, groups, users, authentication, encryption, logging, NTP auth
VPN Configuration
  • Site-to-site VPN using Cisco routers/IOS
  • Remote access VPN using AnyConnect client
  • Debug commands for IPsec tunnel troubleshooting

Cloud Security
  • Security solutions for public, private, hybrid, community clouds
  • Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)
  • Customer vs provider responsibility
  • Patch management, security assessment, cloud-delivered security (firewall, management, proxy, security intelligence, CASB)
DevSecOps & Data Security
  • DevSecOps: CI/CD pipeline, container orchestration, security
  • Application and data security in cloud environments
  • Cloud logging & monitoring
  • Application and workload security concepts

Traffic & Proxy
  • Traffic redirection and capture
  • Web proxy identity & authentication (transparent user ID)
Email & Web Security
  • Local & cloud-based email/web solutions (ESA, CES, WSA)
  • Web/email security deployment methods for on-premises & remote users
  • Email security: SPAM filtering, antimalware, DLP, blacklisting, encryption
  • Secure internet gateway & web security: blacklisting, URL filtering, malware scanning, URL categorization, web app filtering, TLS decryption
  • Cisco Umbrella: components, capabilities, configuration

Endpoint Security
  • Compare EPP and EDR solutions
  • Antimalware, retrospective security, IOC, antivirus, dynamic file analysis, endpoint telemetry
  • Outbreak control and quarantines
  • Endpoint-based security justifications
  • Endpoint device management and asset inventory (MDM)
  • Multi-factor authentication (MFA) strategy
  • Endpoint posture assessment
  • Endpoint patching strategy importance

Network Access & Identity
  • Identity management, guest services, profiling, posture assessment, BYOD
  • 802.1X, MAB, WebAuth configuration & verification
  • Network access with CoA
  • Device compliance & application control benefits
Exfiltration & Telemetry
  • Exfiltration techniques: DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP
  • Benefits of network telemetry
Security Products
  • Cisco Stealthwatch, Stealthwatch Cloud
  • Cisco pxGrid, Umbrella Investigate
  • Cisco Cognitive Threat Analytics, Encrypted Traffic Analytics
  • AnyConnect Network Visibility Module (NVM)

Copyright © 2025 | All rights reserved. Design By Creative Mind