• +91 8970062214

CCNP SECURITY

 

 

Implementing Cisco Edge Network Security Solutions

    (300-206)   

Threat Defense

·        Implement firewall (ASA or IOS depending on which supports the implementation), ACLs, Implement static/dynamic NAT/PAT, object groups

·        Configure application filtering and protocol inspection, DHCP snooping, port security, IP source verification

·        Describe, ASA security contexts, dynamic ARP inspection, storm control

·        Implement Layer 2 Security

·        Describe common Layer 2 threats and attacks and mitigation, MACSec, threat detection features

Cisco Security Devices GUIs and Secured CLI Management

·        Implement SSHv2, HTTPS, and SNMPv3 access on the network devices

·        RBAC on the ASA/IOS using CLI and ASDM

·        Describe Cisco Prime Infrastructure Functions and use cases of Cisco Prime, Device Management, Cisco Security Manager(CSM), Functions and use cases of CSM Device Management

·        Implement Device Managers, ASA firewall features using ASDM

Management Services on Cisco Devices

·        Configure NetFlow exporter on Cisco Routers, Switches, and ASA

·        Implement SNMPv3 Create views, groups, users, authentication, and 0encryption logging on Cisco Routers, Switches, and ASA using Cisco best   practices, Implement NTP

·        Describe CDP, DNS, SCP, SFTP, and DHCP , CDP on routers and switches

Troubleshooting, Monitoring and Reporting Tools

·        Monitor firewall using analysis of packet tracer, packet capture, and syslog   

·        Analyze packet tracer on the firewall using CLI/ASDM, packet capture using CLI/ASDM, syslog events generated from ASA 

Threat Defense Architectures

·        Design a Firewall Solution High-availability, Security zoning, Transparent & Routed Modes Security Contexts, Layer 2 Security Solutions

·        Implement defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks, PVLANs

Security Components and Considerations

·        Describe Single device manager vs. multi-device manager

·        Describe Data Center security components and considerations Virtualization and Cloud security, Basic ASA UC Inspection features

·        Describe common Unified IPv6/IPv4 ACL on the ASA

 

 Implementing Cisco Secure Access Solutions

   (300-208) 

Identity Management/Secure Access

·        Implement Device Administration, accounting, Wired/Wireless 802.1x

·        Compare and select AAA options TACACS+, RADIUS

·        Describe Native AD and LDAP, Identity Management features and functionality of authentication and authorization

·        Describe identity store options (i.e., LDAP, AD, PKI, OTP, Smart Card, local), SGA, Named ACL, CoA, elements of a BYOD policy

·        Describe RADIUS flows AV pairs EAP types, supplicant, authenticator, server Supplicant options, 802.1X phasing (monitor mode, low impact, closed mode), AAA server Network access devices

·        Implement MAB, Network Authorization Enforcement dACL Dynamic VLAN assignment, BYOD access

·        Implement central web authorization, profiling, guest services, posturing

·        Describe Device registration My devices portal, supplicant provisioning

Threat Defense

·        Implement firewall

·        Describe SGA ACLs

Troubleshooting, Monitoringand Reporting Tools

Troubleshoot identity management solutions

·        Threat Defense Architectures Design highly secure wireless solution

Identity Management Architectures

·        Design AAA security solution, profiling security solution, posturing security solution, BYOD security solution, device admin security solutionDesign guest services security solution

      Implementing Cisco Secure Mobility Solutions

(300-209)

Secure Communications

·        Site-to-site VPNs on routers and firewalls

·        Describe GETVPN

·        Implement IPsec (with IKEv1 and IKEv2 for both IPV4 & IPV6)

·        Implement DMVPN (hub-Spoke and spoke-spoke on both IPV4 & IPV6)

·        Implement FlexVPN (hub-Spoke on both IPV4 & IPV6) using local AAA

·        Implement remote access VPNs

·        Implement AnyConnect IKEv2 VPNs on ASA and routers

·        Implement AnyConnect SSLVPN on ASA and routers

·        Implement clientless SSLVPN on ASA and routers

·        Implement FLEX VPN on routers

Troubleshooting, Monitoring, and Reporting Tools

·        Troubleshoot VPN using ASDM & CLI

·        Troubleshoot IPsec, DMVPN, FlexVPN , AnyConnect IKEv2 and SSL VPNs on ASA and routers

·        Troubleshoot clientless SSLVPN on ASA and routers

Secure Communications Architectures

·        Design site-to-site VPN solutions, Identify functional components of GETVPN, Flex VPN, DMVPN, and IPsec, remote access VPN solutions

·        VPN technology considerations based on functional requirements

·        Identify VPN technology based on configuration output

·        Identify functional components of FlexVPN, IPsec, and Clientless SSL

·        VPN technology considerations based on functional requirements

·        High availability considerations, Identify VPN technology

·        based on configuration output, Identify Any Connect client requirements

·        Clientless SSL browser and client considerations/requirements

·        Identify split tunneling requirements

·        Describe encryption, hashing, and Next Generation Encryption (NGE)

·        Compare and contrast Symmetric and asymmetric key algorithms

·        Identify and describe the cryptographic process in VPNs Diffie Hellman, IPsec ESP, AH, IKEv1, IKEv2, hashing algorithms MD5 and SHA, and authentication methods

·        Describe PKI components and protection methods

·        Elliptic Curve Cryptography (ECC)

·        Compare and contrast SSL, DTLS, and TLS

  Implementing Cisco Threat Control Solutions

(300-210) 

Content Security

·        Cisco Cloud Web Security (CWS)

·        Describe the features and functionality, cloud detection technologies

·        Implement the IOS and ASA connectors, data security, WSA

·        Implement the Cisco, AnyConnect web security module

·        Implement web usage control, Implement AVC, antimalware

·        Implement decryption policies Cisco Web Security Appliance (WSA)

·        Describe the features and functionality, analysis tools

·        Identity and authentication, including transparent user identification

·        Implement web usage control, AVC, antimalware and AMP

·        Implement decryption policies, redirection and capture methods (explicit

·        proxy vs. transparent proxy), Cisco Email Security Appliance

·        Implement email encryption, antispam policies, virus outbreak filter

·        Implement DLP policies, antimalware and AMP

·        Implement traffic redirection and capture methods

·        Implement ESA GUI for message tracking, Cisco AMP for Networks

·        Network Threat Defense

·        Cisco Next-Generation Firewall (NGFW), Security Services

·        Implement access control policies (URL-filtering, reputation based, file filtering)

·        Configure and verify traffic redirection, (AMP), AMP integration

·        Compare and contrast AMP architectures (public cloud, private cloud)

·        Configure AMP endpoint deployments

·        Describe incident response functionality, sandbox analysis

Cisco FirePOWER Next-Generation IPS (NGIPS) Configurations

·        Describe traffic redirection and capture methods

·        Describe preprocessors and detection engines, SNORT rules

·        Implement event actions and suppression thresholds, correlation policies

·        Implement SSL decryption policies

·        Deployments, Deploy inline or passive modes

·        Deploy NGIPS as appliance, virtual appliance, or module within an ASA

·        Describe the need for traffic symmetry

·        Compare inline modes: inline interface pair and inline tap mode

Security Architectures

·        Design a web security solution, an email security solution

·        Compare and contrast Cisco Fire POWER NGFW,WSA, and CWS

·        Compare and contrast physical WSA and virtual WSA

·        Describe the available CWS connectors

·        Compare and contrast physical ESA and virtual ESA

·        Describe hybrid mode, Cisco FirePOWER solutions

·        Configure the virtual routed, switched, and hybrid interfaces

·        Configure the physical routed interfaces

Troubleshooting, Monitoring, and Reporting Tools

·        Compare and contrast FirePOWER NGFW, WSA, and CWS physical WSA and virtual WSA , CWS connectors, WSA Policy Trace tool 

·        Troubleshoot using CLI tools ESA and Policy Trace tool

·        Describe ESA reporting functionality

·        Troubleshoot using CLI tools Cisco FirePOWER

·        Describe the Cisco FirePOWER Management Center dashboards 

·        Implement health policy and Configure email, SNMP, and syslog alerts 

CCNP SECURITY TRAINING IN INDIA

Are you looking for the right platform where you can give new wings to your career by pursuing the best CCNP security training in India?

You will have some better options of fulfilling your requirement by going online at the right CCNP security institute in Bangalore or anywhere – a convenient location for you. However, you will have more options to make the right decision.

When it comes to enroll your name in the best CCNP security training in India or to get CCNP security certification in India, you will have some better options of fulfilling your requirement by reaching the right training institute or a platform here precise information about training institutes is provided. If you are looking for one such platform where you can get the right solutions and support, you will find Networkers Champ – an ideal and reliable platform bringing you the best courses.

Being a reliable and certified CCNP Security institute in Bangalore, it always focuses on giving boost to your career and makes you able to achieve new heights of success that you are waiting for.

Successfully completing such courses is the token of growth in life, higher salary, networking experts and become a trend setter in market in the same domain.

Course Fee

Security Courses Regular Track Fast Track Super Fast Track Week End's Cost in Indian Rupees
CCNP Security 4 Months (2hrs) 2 Months (4hrs) 1 Month (6hrs) 16 Weeks (3hrs) 50,000/-
CCNP SISAS (300-208) 1 Month (2hrs) 15 Days (4hrs) 7 Days (8hrs) 4 Week (3hrs) 16,000/-
CCNP SENSS (300-206) 1 Month (2hrs) 15 Days (4hrs) 7 Days (8hrs) 4 Week (3hrs) 16,000/-
CCNP SIMOS (300-209) 1 Month (2hrs) 15 Days (4hrs) 7 Days (8hrs) 4 Week (3hrs) 16,000/-
CCNP SITCS (300-207) 1 Month (2hrs) 15 Days (4hrs) 7 Days (8hrs) 4 Week (3hrs) 16,000/-
 

Exam Fee

Security Exam Subjects Cost in USD
CCNP SISAS (300-208) Implementing Cisco Secure Access Solutions $ 300.00
CCNP SENSS (300-206) Implementing Cisco Edge Network Security Solutions (SENSS) $ 300.00
CCNP SIMOS (300-209) Implementing Cisco Secure Mobility Solutions $ 300.00
CCIE SITCS (300-207) Implementing Cisco Threat Control Solutions $ 300.00