CCNP Security (350-701 SCOR EXAM)

Explore information security fundamentals, including the CIA triad, assets, vulnerabilities, threats, and countermeasures to strengthen organizational security posture.

Describe information security concepts by identifying threat sources, threats, vulnerabilities, and attack surfaces, and assess risk via vulnerability assessments, scanning, and risk management practices.

Explore common TCP/IP attacks, including DoS and DDoS, ICMP floods, man-in-the-middle, session hijacking, and IP address spoofing, and learn how tunneling and fingerprinting help attackers map networks.

Explore the attack surface and common TCP/IP attack vectors, including network, application, physical, and social engineering, and learn how to mitigate with access controls, MFA, and data loss prevention.

Explore common TCP/IP attacks—password attacks, spoofing, session hijacking, and malware—and learn practical mitigations, from VPN and bastion post access to network architecture controls.

Discover password attack techniques such as brute force, dictionary, and phishing, and learn to monitor logs and defend against DNS attacks by securing DNS servers and filtering traffic.

Explore common web-based attacks on WordPress, including compromised plugins, flash vulnerabilities, and rogue banner redirects. Learn mitigations through user education, input validation, proxies, Cisco Umbrella, and policy-driven countermeasures.

Explore common endpoint attacks such as buffer overflows, malware, worms, and APTs. Learn defenses with proxies, firewalls, and audit logs, and recognize phishing, spear phishing, whaling, and DNS poisoning.

Explore common endpoint attacks on web applications, including cross-site scripting, input manipulation, exploit kits, rootkits, privilege escalation, and ransomware scenarios.

Apply defense in depth as a layered security approach across networks and systems. Implement firewall, IDS/IPS, proxies, authentication, authorization, accounting, and server hardening to deter and contain attacks.

Describe email security policies, use cases, and proxies to protect corporate assets; implement malware checks, reputation filtering, authentication, and content screening, then apply threat analytics and dns protections.

Explore authentication, authorization, and auditing, emphasizing centralized AAA for enterprise networks, with VPN, RADIUS, TACACS, and identity access management to control access and monitor activity.

Discover deploying the Cisco adaptive security appliance firewall, comparing router mode and transparent mode, and configuring single or multiple contexts with bridge groups, MAC tables, and contextual policies.

Learn how Cisco ASA interfaces are named and secured with security levels, manage inbound and outbound traffic, and configure DMZ and management interfaces under default deny policies for network segmentation.

Explore Cisco ASA objects and object groups to centrally manage networks and services, propagate updates across multiple hosts, and simplify policy-driven configurations for efficient security administration.

Explore network address translation on the Cisco NSA appliance, contrasting static and dynamic NAT, inside vs outside, and the use of network and service objects within policy-based rules.

Configure network settings and nat on Cisco ASA through labs, using auto and manual nat, network and service objects to translate inside to outside traffic with granular rules.

Explore how Cisco ASA interface access control lists enforce inbound and outbound traffic with source, destination, and port rules, including global versus interface ACLs and time-based policies.

Apply and manage interface ACLs on Cisco ASA to control ingress and egress traffic, using network objects, nat, and explicit and implicit denies for partner, dmz, and internal networks.

explains how to build advanced access policies on Cisco ASA using class maps, policy maps, and service policies, covering static and dynamic handling, layer 3–7 traffic, and high availability options.

Explore Cisco's next generation firewall and the FTD operating system, covering access control, packet processing, NAT discovery policies, IP us, and file policies, with labs to reinforce learning.

Understand Cisco firepower next generation firewall deployment, including IDS vs IPS, inline versus tap, and IBS versus IP mode, with threat protection and stateful inspection.

Cisco Firepower NGFW uses Lena and Snort engines to process packets and enforce layer 2–4 to layer 7 policies, including access control, DNS, SSL, and intrusion prevention.

Explore how Cisco firepower NGFW uses objects as containers of configuration variables like network, geo location, and port, and how to manage and deploy policies.

Explore how to deploy email content security on Cisco platforms, evaluating ESEA, virtual appliance, and C solution options to protect email content and combat spam and attacks.

Explore smtp basics: client-server sessions, mail flow, envelopes and headers, the role of the mta, port 25, and dns mx records guiding delivery.

Explore the email pipeline from receipt to delivery, including MTA processing by the GSA and port twenty five, inbound and outbound policies, filters, attachments, DLP, Talos, and compliance.

Learn how public and private listeners route inbound and outbound email through the GSA, with hat and rat tables guiding external and internal connections, using port 25.

Define and apply the host access table to control external listener connections, manage incoming and outgoing flows, assign sender groups, and enforce sequential policy handling with reputation-based decisions.

Explain the recipient access table and how it differs from the host access table; configure accept or deny rules by domain, partial domain, user, email address, in top-down LDAP-integrated order.

Deploy the web security appliance on premises to intercept and mitigate threats inside the network, operating at layer 7 with rules, reputation analysis, and Talos integration.

Explore Cisco WSA overview, showing how the web security appliance complements defenses by analyzing traffic via Talos and enabling web filtering, malware protection, data loss prevention, and proxy modes.

Explore deployment options for the security appliance, including explicit proxy and transparent modes, with policy-based and layer 4–7 redirection guiding web traffic. Learn about WCCP and high-availability options.

Understand how the WSJ authenticates users to enforce internet access, using roles and realms, active or passive directory services, and policy-based controls with tracking for auditing.

Learn how HTTPS traffic decryption works with the WSJ appliance to inspect encrypted traffic, deploying root certificates, decryption policies, and top-down access and identity policies.