Cisco began the year by updating its security certifications, particularly CCNP Security, as well as launching the Cisco Cybersecurity Specialist certification. These changes are intended to improve Cisco’s security certifications and keep them current with security trends. They also validate the skills that employers seek in their employees.
Today we will be taking a closer look at the 300206 (SENSS), exam: Implementing Cisco Edge Network Security Solutions. It validates candidates’ ability to configure and implement security on Cisco network edge devices like a Cisco Switch or Router and Cisco ASA Firewall. The 300-206 exam focuses upon the technologies that are used to secure the perimeter network, such as Network Address Translation (NAT), ASA Policy and Application Inspect and Zone-Based Firewall on Cisco routers. This exam is closed-book, just like other Cisco exams. It has the usual Cisco types questions: Multiple-Choice Single Key or Multiple-Choice Multiple Key. Drag-and-Drop and Fill-in-the-Blank. Router Simulation, Testlet Queries. Simlet.
Cisco says the current 300-206 exam covers the following topics: Threat Defense (25%)* 1.1.1 Implement Firewall* 1.1.b. Implement static/dynamic NTP/PAT*1.1.c. Implement object groups*1.1.d.e Describe threat detection mechanisms* 1.1.e Implement Botnet Traffic Filtering
* 1.2 Implement Layer 2, security* 1.2.b.a. Configure DHCP snooping* 1.2.c.c. Describe storm control* 1.2.d.e Describe common layer 2, threats and attacks and mitigation* 1.2.f Describe private VPN* 1.2.g Describe MACSec
* 1.3 Configure device hardening per best practices* 1.3.a Routers* 1.3.b Switches* 1.3.c Firewalls
* 1.4 Implement Firewalls*
Cisco Security Devices GUIs (25%)* 2.1 Secured CLI Management for Cisco Security Devices (25%)* 2.2 Implement SSHv2, SSL and SNMPv3 on network devices* 2.3 Implement RBAC on the ASA/IOS CLI, and on ASDM* 2.3 Describe Cisco Prime Infrastructure* 2.4 Describe CSM* 2.5 Implement device managers
Management Services on Cisco Devices (12%)*
Troubleshooting, Monitoring, and Reporting Tools (10%)* Monitor firewall by analysis of packet tracer and packet capture.
Threat Defense Architectures (16%)* Design a firewall solution* Design Layer 2 security solutions
Security Components and Considerations (12%)* 6. Describe security operations management architecture* 62.2 Describe data center security components and considerations* 63.3 Describe collaboration security components and considerations* 66.4
A closer look at CCNP Security 300–206 (SENSS Exam)