About Cisco CCNP Security Certification
The Cisco CCNP Security certification is designed to validate the individuals’ expertise in security solutions. To get this certificate, the applicants are required to complete two exams. The first one is the core test referred to as 350-701 SCOR. It measures one’s knowledge and skills in implementing and operating fundamental security technologies. Besides the core exam, the students need to pass one concentration test that focuses on the specific technical area.
The Cisco CCNP Security certification is designed for the network security specialists who are responsible for securing network devices and appliances, routers and switches, as well as deploying, supporting and troubleshooting VPNs, Firewalls, and IDS/IPS solutions within the networking environments.
There are no official requirements for obtaining this professional-level certification. However, it is important that the candidates have a good comprehension of the exam topics before attempting the test. In addition, it is strongly recommended that the learners have three to five years of experience in implementing security solutions.
Key Exam Details
The 350-701 SCOR exam lasts for 120 minutes. The question formats that you may face in your test include the following: multiple choice, multiple answer, single answer, fill-in-the-blank, drag and drop, and testlets. To build the foundation for this core exam, the applicants can sign up for the official training course, Implementing and Operating Cisco Security Core Technologies (SCOR), offered on the vendor’s website. This test can be taken in the English and Japanese languages. You can schedule it on the Pearson VUE platform after paying the fee of $300 and selecting the exam delivery option: an online proctored test or an in-person session at the nearest center.
Once you are done with the core exam, you can proceed with a concentration test. You can choose one exam from the list, depending on the industry of your preference. The successful completion of both these tests makes you eligible for the CCNP Security certification.
Exam Topics & Subtopics
The Cisco 350-701 exam measures the candidates’ abilities to perform various cybersecurity tasks. A detailed description of its topics with their weight is provided below:
- Security Concepts (25%)
Within this subject area, the students need to demonstrate their competency in explaining most frequent threats against Cloud and on-premises environments; comparing most frequent security vulnerabilities, including SQL injection, software bugs, hardcoded/weak passwords, buffer overflow, missing encryption, cross-site forgery/scripting, path traversal; explaining the roles of the cryptography elements, including encryption, hashing, SSL, PKI, IPsec, certificate-based and pre-shared key authorization; comparing remote access VPN deployment and site-to-site VPN classes, including IPsec, sVTI, DMVPN, FLEXVPN, Cryptomap; explaining security intelligence consumption, authoring, and sharing; describing the endpoint function in protecting the individuals from social engineering and phishing attacks; describing North Bound as well as South Bound APIs within the SDN architecture; explaining DNAC APIs for network optimization, provisioning, monitoring, troubleshooting; interpreting fundamental Python scripts utilized to call Cisco Security appliances APIs.
- Network Security (20%)
Here the examinees are required to have the relevant skills in network security solutions, providing firewall capacities and intrusion prevention; explaining network architectures and security solutions deployment models, providing firewall capacities and intrusion prevention; explaining the components, capacities, and advantages of NetFlow as well as Flexible NetFlow records; verifying and customizing network infrastructure security approaches (switch, router, wireless); executing access control policies, segmentation, malware protection, AVC, and URL filtering; executing management options for network security solutions, including perimeter security and intrusion prevention (CDP, SCP, SFTP, DNS, Single versus multidevice manager, out-of-band versus in-band, DHCP risks and security); customizing AAA for network and device access (authorization & authentication, RADIUS as well as RADIUS flows, TACACS+, dACL, accounting); customizing safe network management of infrastructure and perimeter security devices (safe device management, groups, users, authentication, encryption, SNMPv3, secure logging).
- Cloud Security (15%)
This objective entails the following skills: defining security solutions within the Cloud environments (community, hybrid, public Clouds; Cloud service models, such as SaaS, PaaS, IaaS (NIST 800-145)); comparing the customer versus provider security responsibility for different Cloud service models (security evaluation in Cloud; patch management in Cloud; Cloud-delivered security solutions, including security intelligence, CASB, management, proxy); explaining the DevSecOps principle (container orchestration, CI/CD pipeline, and security); executing data and application security within the Cloud environments; defining security capacities, policy management, deployment models to secure Cloud; customizing Cloud logging and monitoring approaches; explaining workload and application security principles.
- Content Security (15%)
In the framework of this domain, the applicants need to prove that they are capable of executing capture methods and traffic redirection; explaining web authentication and proxy identity comprising transparent user identification; differentiating the capacities, components, and advantages of Cloud-based and local email as well as web solutions (WSA, ESA, CES); verifying and customizing web/email security deployment approaches to preserve remote and on-premises users (outbound/inbound controls as well as policy management); verifying and customizing email security features, including antimalware filtering, SPAM filtering, email encryption, blacklisting, DLP; verifying and customizing web security features and secure internet gateway, including malware scanning, blacklisting, URL categorization, URL filtering, TLS decryption, web application filtering; explaining the Cisco Umbrella components, capacities, and advantages; verifying and customizing web security controls within Cisco Umbrella (destination lists, reporting, URL content settings, identities).
- Endpoint Detection and Protection (10%)
This subject area comes with such abilities as differentiating Endpoint Protection Platforms as well as Endpoint Detection and Response solutions; describing retrospective, antimalware security, dynamic file analysis, Indication of Compromise, antivirus, and endpoint-sourced telemetry; verifying and customizing quarantines to limit infection; explaining reasons for endpoint-based security; explaining the function of endpoint device handling as well as asset inventory, including MDM; explaining the multifactor authentication (MFA) utilization and value; explaining endpoint posture evaluation solutions to assure endpoint security; describing the endpoint patching strategy value.
- Secure Visibility, Network Access, and Enforcement (15%)
This topic covers one’s skills in identity management and secure network access principles, including guest services, posture assessment, BOYD, profiling; verifying and customizing network access device functionality, including WebAuth, MAB, 802.1X; explaining network access with CoA; explaining the advantages of device application and compliance control; explaining the exfiltration methods (HTTPS, DNS tunneling, email, ICMP, SCP/FTP/ SFTP/SSH, Messenger, NTP, IRC); explaining the network telemetry advantages; determining the capacities, components, and advantages of security solutions and products, such as Cisco pxGrid, Cisco Stealthwatch, Cisco Stealthwatch Cloud; Cisco Umbrella Investigate; Cisco AnyConnect Network Visibility Module (NVM), Cisco Encrypted Traffic Analytics, Cisco Cognitive Threat Analytics.
Available Job Roles
If you want to build a successful career in the cybersecurity field, then you should consider going for the Cisco CCNP Security certification. Some of the job titles that you can pursue after earning this certificate include:
- IT Infrastructure Engineer
- Network Engineer
- Security Analyst
- Security Engineer
- Network Technician
- Support Engineer
According to PayScale.com, the certified professionals can get an average of $113,000 per year. However, the exact remuneration will depend on specific factors, such as your level of experience and the type of the company you apply for.