CCNP Security


CCNP Security certification training is a composite of four modules that a professional must qualify in order to obtain this prestigious credential. This CCNP Security training will cover in detail each of the following four modules to ensure that participants gain core understanding of implementing security for Cisco devices:

  • SISAS (Cisco Secure Access Solutions) 1.0
  • SENSS (Cisco Edge Network Security Solutions) 1.0
  • SIMOS (Cisco Secure Mobility Solutions) 1.0
  • SITCS (Cisco Threat Control Solutions) 1.0
CCNA Security certification


Intended Audience

  • Network Security Specialist
  • Network Engineers
  • Network Security Administrator
  • Network Security Support Engineer

Enroll for this course right now and begin enhancing your career.

What you'll learn

SISAS (Cisco Secure Access Solutions)

Deploy Cisco’s Identity Services Engine and 802.1X secure network access. The goal of the course is to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution.

Understanding of Identity Services, 802.1X and EAP, Configure 802.1X Components

Brief of Cisco ISE Features and configure the fundamentals, Cisco ISE-Identity Service Engine with PKI, Cisco ISE Authentication, Cisco ISE with External Authentication

Certificate Based User Authentication, Authorization, Cisco TrustSec, Web Authentication and Guest Access, Web Authentication, Guest Access Services

Posture, Profiler, BYOD, Troubleshooting Network Access Control, Troubleshooting ISE

SENSS (Cisco Edge Network Security Solutions)

This course will be foundational knowledge and capabilities to implement and manage security on Cisco ASA firewalls, Cisco routers with the firewall feature set, and Cisco switches. You will gain hands-on experience with configuring various perimeter security solutions for mitigating outside threats and securing network zones. At the end of the course, you will be able to reduce the risk to your IT infrastructures and applications using Cisco switches, Cisco ASA, and router security appliance feature, as well as provide detailed operations support for these products.

Network Security Zoning, Cisco Module Network Security Architecture, Cisco SecureX Architecture, Cisco TrustSec Solution.

Understanding of Cisco Network Infrastructure Protection, Configuring Cisco IOS Control Plane Security Controls, Configuring Cisco IOS Management Plane Security Controls, Implementation of Cisco ASA Management Plane Security Controls, Implementation Cisco IOS Layer 2 and Layer 3 Data Plane Security Controls

Understanding of Network Address Translation, Implementation of Cisco ASA Network Address Translation, configuring Cisco IOS Software Network Address Translation

Introducing Cisco Firewall Threat Controls, Basic Cisco ASA Access Policies, Advanced Cisco ASA Application Inspection Policies, Cisco ASA Botnet Traffic Filtering, Cisco ASA Identity Based Firewall.

Configuring Basic Cisco IOS Software with Basic Zone-Based Firewall Access Policies

Advanced Cisco IOS Software ZBFW with Application Inspection Policies.

SIMOS (Cisco Secure Mobility Solutions)

Network security engineers with the knowledge and skills needed for protecting data traversing a public or shared infrastructure, such as the Internet, by implementing and maintaining Cisco VPN solutions. You will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions using Cisco ASA adaptive security appliances and Cisco IOS routers.

The Role of VPNs in Network Security, VPNs and Cryptography

Discussion on Secure Site-to-Site Connectivity Solutions, Configuring Point-to-Point IPsec VPNs on the Cisco ASA, Configuring Cisco IOS VTI-Based Point-to-Point IPsec VPNs, DMVPNs.

Site-to-Site FlexVPN Solutions, Point-to-Point IPsec VPNs Using Cisco IOS FlexVPN, Hub-and-Spoke IPsec VPNs Using Cisco IOS FlexVPN, Spoke-to-Spoke IPsec VPNs Using Cisco IOS FlexVPN, Basic Cisco Clientless SSL VPN, Clientless SSL VPN Overview,Basic Cisco Clientless SSL VPN on Cisco ASA, Application Access in Cisco ASA Clientless SSL VPN,Advanced Authentication and Authorization in Clientless SSL VPN

Basic Cisco AnyConnect SSL VPN on Cisco ASA, Advanced Cisco AnyConnect SSL VPN on Cisco ASA, Advanced Authentication and Authorization in Cisco AnyConnect VPNs, Deploying Cisco AnyConnect IPsec/IKEv2 VPNs

Implementing Host Scan, Implementing DAP for SSL VPNs

SITCS (Cisco Threat Control Solutions)

Security threat controls by leveraging the capabilities of Cisco’s FirePOWER NGIPS, AMP, WSA, CWS, and ESA products and solutions. The hands-on labs enable to configure advanced Cisco security solutions for mitigating outside threats, and to secure traffic traversing the network and security systems.

Web Security Appliance (WSA) Solutions, Web Security Appliance integration, Web Security Appliance Identities and User Authentication Controls, Cisco Web Security Appliance Acceptable Use Control, Cisco Web Security Appliance Anti-Malware Controls, Web Security Appliance Decryption, Web Security Appliance Data Security Controls

Cloud Web Security Solutions, Implement Cloud Web Security Connectors, Web Filtering Policy in Cisco ScanCenter

Email Security Solutions,Email Security Appliance Basic Setup Components, Implement Email Security Appliance Basic Incoming and Outgoing Mail Policies

AMP for Endpoints Overview and Architecture, Customizing Detection and AMP Policy,IOCs and IOC Scanning, Implement AMP Connectors, AMP Analysis Tools

Cisco FireSIGHT System, Implement and Managing Cisco FirePOWER Devices, Configuring an Access Control Policy,File-Type and Network Malware Detection, Managing SSL Traffic with Cisco FireSIGHT, IPS Policy, Network Analysis Policy.

Lab Topics
SISAS (Cisco Secure Access Solutions)

Installing a Certificate in ISE, Local/Remote Identity Stores with Active Directory/LDAP and Sequence Lists, Examining and Configuring Supplicants.

802.1X: Wired Networks, 802.1X: MAR and EAP Chaining, 802.1X: MAC Authentication Bypass Implement Central WebAuth, Implement Guest Access and My Device Portal.

Configure Cisco ASA Application Inspection Policy, Implement Cisco ASA Identity Based Firewall.

SENSS (Cisco Edge Network Security Solutions)

Implement Cisco Policy Protection (CPP) and Management Plane Protection (MPP), Configure Traffic Telemetry Methods, Configure Layer 2 Data Plan Security

Configure Layer 2 Data Plan Security, Configure NAT on Cisco Adaptive Security Appliance (ASA) Firewall, Configure NAT on Cisco IOS Software, Configure Cisco ASA Access Policy

Configure Cisco ASA Application Inspection Policy, Implement Cisco ASA Identity Based Firewall

SIMOS (Cisco Secure Mobility Solutions)

Configure Site-to-Site Secure Connectivity, Configure Cisco IOS Static VTI Point-to-Point Tunnel, Configure DMVPN

Deploy Site-to-Site Secure Connectivity Using Cisco IOS FlexVPN, Hub-to-Spoke Secure Connectivity Using Flex VPN,Spoke-to-Spoke Secure Connectivity Using Flex VPN,ASA Basic Clientless SSL VPN

Application Access for ASA Clientless SSL VPN, Advanced AAA for ASA Clientless SSL VPN, ASA Basic AnyConnect SSL VPN, Advanced Cisco AnyConnect SSL VPN on Cisco ASA

SITCS (Cisco Threat Control Solutions)

Implement Web Security Appliance Explicit Proxy and User Authentication, Web Security Appliance Acceptable Use Control, Email Security Appliance Basic Policies

Configure Inline Interfaces and Create Objects, Create Access Control Policy Rules, Configure Network Discovery Detection, Create a File Policy, Create an Intrusion Policy, Create a Network Analysis Policy, Compare Trends, Create Correlation Policies

Frequently Asked Questions
Coming Soon

Contact us now to get CCNP Security enrollment fees and register for the course.

Click here to register now