You are on page 1of 4

CCNP Security Certification

Learning@Cisco Overview

Increasing Demand for Network Security Practical Skills
Cisco has noticed the evolution of the network security professional and its relevance to the industry. The speed at which network security is evolving demands more practical hands-on skills in network security engineering and has made network security performance more visible to the entire organization. The network security engineers in the marketplace today understand the products and the discipline of good network security as well as the practices and mandates of industry and government for compliance while protecting their organizations from increasingly savvy threats seeking to compromise their systems. Cisco network security engineers have real-world security implementation and troubleshooting skills.

infrastructures using the latest Cisco security devices, technologies, and appliances. The curriculum emphasizes the real-world best practices of network security engineering utilizing Cisco IOS® Software security features, Cisco ASA adaptive security appliance features, secure virtual private network (VPN) connectivity, Cisco Intrusion Prevention Systems (IPSs), Cisco security management tools, and techniques to optimize these technologies in a single, integrated network security solution.

Achieving CCNP Security Certification
CCNP Security certification offers employers job-ready training and skills as tangible proof of experienced, professional-level network security engineers for today’s demanding security environment. Industry forecasts show that in the next five years, the industry will need double the number of network security professionals, and most of them will need to be recognized by an industry certification.

Job-Ready Practical Skills
The Cisco CCNP® Security certification program is a practical, relevant, job-ready certification curriculum aligned closely with the specific tasks expected of these highly demanded professionals. Cisco realizes that the role of the network security engineer is tasked with increased focus on configuration responsibilities as the technical consultant and device specialist on a security team; therefore, the CCNP® Security curriculum is specific to the best practices of the network security engineers using the latest Cisco equipment, devices, and appliances.

Requirements
The CCNP Security program is a three-year certification program intended to recognize the Cisco network security engineers who have the necessary skills to test, deploy, configure, maintain, and troubleshoot Cisco network security appliances and Cisco IOS Software devices that establish the security posture of the network. Prior to attempting the CCNP Security certification or any of its associated security specialist certifications, individuals must meet the requirements for the Cisco CCNA® Security certification and have at least one to three years of experience in the field of network security.

Network Security Engineering Best Practices
The CCNP Security program validates advanced knowledge and skills required to engineer secure network

© 2011 Cisco and/or its affiliates. All rights reserved. 18July2011

widely deployed. Table 1 Required Exams and Recommended Training Required Exams 640-802 or 640-822 & 640-816 640-553 Exam Name and Recommended Training Learning@Cisco Overview This formal NSA and CNSS certification gives Cisco the authority to recognize those candidates who have demonstrated that they have met the CNSS 4013 training standard. The following security specialist certifications are included in the CCNP Security curriculum: Implementing Cisco IOS Network Security (IINS) The CCNP Security curriculum requires the exams and recommended training shown in Table 2. high availability. site-tosite VPNs. Candidates who have met the standard will be issued a letter of recognition acknowledging their completion of the related requirements. these specialist certifications offer a convenient validation of skills and competency for network security solutions in the areas of intrusion prevention. All rights reserved. 642-617 642-647 CNSS 4013 Recognition The National Security Agency (NSA) and the Committee on National Security Systems (CNSS) recognize that Cisco security courseware meets the CNSS 4013 training standard. high-availability VPNs. Network Admission Control (NAC). consultants. and failover features (see Table 3). Table 2 CCNP Security Exams and Recommended Training Required Exams 642-637 Exam Name and Recommended Training Securing Networks with Cisco Routers and Switches (SECURE) Implementing Cisco Intrusion Prevention System (IPS) Deploying Cisco ASA Firewall Solutions (FIREWALL) Deploying Cisco ASA VPN Solutions (VPN) 642-627 Cisco ASA Security Specialist Certification The Cisco ASA Security Specialist certification recognizes security professionals who have attained specialized in-depth expertise and proven knowledge of the recommended best practices in designing. CCNA Composite or Interconnecting Cisco Network Devices 1 (ICND1) Interconnecting Cisco Network Devices 2 (ICND2) CCNP Security Product/Technology Security Specialist Certifications Within the CCNP Security curriculum are several network security engineering specialist certifications for cross training and staff development. including advanced protocol handling. The Cisco ASA Security Specialist certification is recognized as the benchmark security product certification for engineers. This letter of recognition can be used as confirmation of having met the CNSS 4013 requirements. Cisco IOS SSL VPN. © 2011 Cisco and/or its affiliates. This advanced standard is intended for System Administrators responsible for the security oversight or management of critical networks. and in use at leading enterprises and service providers worldwide. The Cisco ASA adaptive security appliance is a best-in-class product. the Cisco CCNP Security certification program provides the required training for network security professionals who assist federal agencies and private sector entities to protect their information and aid in the defense of the nation's vital information resources. 18July2011 . By being compliant. implementing. and architects who configure advanced Cisco ASA adaptive security appliance firewalls and VPN solutions. IEEE 802. maintaining. mobile access. VPNs. Intended for individuals who specialize in one or more technologies or products that make up the network security infrastructure. perimeter firewalls. remote-access VPN.CCNP Security Certification Prerequisite Skills and Knowledge Completion of the CCNA Security certification requires the prerequisite exams and recommended training shown in Table 1.1x. and Cisco IOS Software security features embedded in the latest Cisco routers and switches. and troubleshooting network security solutions using the adaptive security appliance technologies.

and respond to intrusion attempts (see Table 6). secure tunnels using IP Security (IPsec) VPN technology including public key infrastructure (PKI).1X authentication. Cisco VPN security specialists can configure. 3 © 2011 Cisco and/or its affiliates. user-based firewall. and maintain Cisco firewall solutions using the Cisco ASA adaptive security appliance and zone-based firewall solutions in Cisco routers and switches are in high demand. The Cisco firewall security specialist is a focused certification that validates skills and knowledge in implementing perimeter security solutions using Cisco security appliances. and troubleshoot this appliance to work well in a complete security solution. Cisco IOS Software IPS. implement. dynamic. as follows: zone-based policy firewall. and support these various VPN solutions using Cisco IOS Software and the robust Cisco ASA adaptive security appliance (see Table 7). troubleshoot. 642-637 Cisco IOS Security Specialist The Cisco IOS Software security specialist demonstrates the hands-on knowledge and skills required to secure networks using Cisco IOS Software security features embedded in the latest Cisco routers and switches as well as the widely deployed Cisco security appliances. 18July2011 . Cisco IPS specialists can operate and monitor Cisco IOS Software and IPS technologies to prevent.CCNP Security Certification Table 3 Cisco ASA Security Specialist Certification Required Exams 642-617 Exam Name and Recommended Training Learning@Cisco Overview Table 5 Cisco IOS Security Specialist Certification Required Exam 642-637 Exam Name and Recommended Training Deploying Cisco ASA Firewall Solutions (FIREWALL) Deploying Cisco ASA VPN Solutions (VPN) Securing Networks with Cisco Routers and Switches (SECURE) 642-647 Cisco IPS Specialist The Cisco IPS is a primary appliance to maintain the security posture of networks. All rights reserved. and Dynamic Multipoint VPN (DMVPN). Cisco VPN solutions are widely deployed in many of today’s networks. These certified specialists are actively involved in developing secure business solutions and designing and delivering multiple levels of secure access to the network (see Table 4). from simple point-topoint tunneling to multilayer. Professionals with the skills to design. configure. Many enterprises and service providers deploy these numerous VPN solutions at any given time for their various customers and organizations. and advanced switch security features (see Table 5). Virtual Tunnel Interface (VTI)/Dynamic VTI (DVTI). Cisco IOS Software security specialists are able to secure the network environment and provide security services based on Cisco IOS Software. 802. Information systems security (INFOSEC) and network professionals who have the skills to properly deploy and configure the Cisco IPS are in high demand. Table 4 Cisco Firewall Security Specialist Certification Required Exams 642-617 Exam Name and Recommended Training Implementing Cisco Intrusion Prevention System (IPS) Deploying Cisco ASA Firewall Solutions (FIREWALL) Securing Networks with Cisco Routers and Switches (SECURE) Cisco VPN Security Specialist Cisco offers numerous VPN solutions and configurations. maintain. understand. Cisco IPS specialists are professionals who can deploy. Table 6 Cisco Intrusion Prevention Security Specialist Certification Required Exam 642-627 Exam Name and Recommended Training Cisco Firewall Security Specialist Cisco firewalls are ubiquitous in the world of network security today. high-availability VPNs. Group Encrypted Transport VPN (GET VPN).

Updated training: Cisco Authorized Learning Partners are aware of the latest product and technology updates. certificate holders should pass any 642 exam that is part of the professional-level curriculum or any Cisco CCIE® written exam or Cisco CCDE™ written exam or current CCDE practical exam or Cisco Certified Architect (CCAr) interview and the CCAr board review before the certification expiration date. from instructor-led courses to remote-access labs and e-learning solutions to improve technology expertise.CCNP Security Certification Table 7 Cisco VPN Security Specialist Certification Required Exams 642-637 Exam Name and Recommended Training Learning@Cisco Overview Securing Networks with Cisco Routers and Switches (SECURE) Deploying Cisco ASA VPN Solutions (VPN) that they need to be successful in today’s competitive IT business environment. and specialists are active for two years. specialist.ciscolearningnetwork. High student satisfaction: Cisco Authorized Learning Partners are required to maintain a high level of satisfaction ratings. exam changes. ● ● Learn More For more information or to register for this program. visit http://www. Cisco Authorized Learning Partners offers a comprehensive set of training resources. CCNP Security exams can be utilized to recertify your professional and security specialist certifications. Authorized training ensures that certificate holders will gain the knowledge and expertise . To recertify. and professional-level certifications up to the point of expiration of the last certification achieved. Consistent expertise: Certified Cisco instructors assure students and businesses the same level of expertise. Accept Only the Best Only Cisco Authorized Learning Partners deliver the official CCNP Security curriculum. and service from one class to the next. Cisco professional-level certifications are valid for three years. Other benefits include the following: ● 642-647 Recertification ● Learning skills on the latest Cisco products and software: Authorized learning partners expose students to the latest revisions and newest products to help accelerate their skills for years to come. Achieving or recertifying any of the certifications in Tables 3-7 automatically extends active associate. quality. and teaching methods.com.