larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide (Inclusive Access)

Recorded Online Training

  • Your Price: $35.95
  • List Price: $35.95
  • Estimated Release: May 18, 2020
  • About Recorded Online Training
  • Almost like being there, our Recorded Online Training sessions are available for sale in recorded format.

    Link(s) and password to recorded WebExTMsession(s) accessible from your Account page after purchase.

Also available in other formats.

  • Description
  • Sample Content
  • Updates
  • Copyright 2020
  • Recorded Online Training
  • ISBN-10: 0-13-597175-6
  • ISBN-13: 978-0-13-597175-8

Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.


  • Master Cisco CCNP and CCIE Security Core SCOR 350-701 exam topics
  • Assess your knowledge with chapter-opening quizzes
  • Review key concepts with exam preparation tasks


This is the eBook edition of the CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide. This eBook does not include access to the companion website with practice exam that comes with the print edition.


CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide presents you with an organized test preparation routine through the use of proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.


CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide, focuses specifically on the objectives for the Cisco CCNP and CCIE Security SCOR exam. Best-selling author and leading security engineer Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.


Well regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time.


The official study guide helps you master all the topics on the CCNP and CCIE Security SCOR 350-701 exam, including:

  • Cybersecurity fundamentals
  • Cryptography
  • Software-Defined Networking security and network programmability
  • Authentication, Authorization, Accounting (AAA) and Identity Management
  • Network visibility and segmentation
  • Infrastructure security
  • Cisco next-generation firewalls and intrusion prevention systems
  • Virtual Private Networks (VPNs)
  • Securing the cloud
  • Content security
  • Endpoint protection and detection


CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide is part of a recommended learning path from Cisco that includes simulation and hands-on training from authorized Cisco Learning Partners and self-study products from Cisco Press. To find out more about instructor-led training, e-learning, and hands-on instruction offered by authorized Cisco Learning Partners worldwide, please visit www.cisco.com/web/learning/index.html
     

Table of Contents

Introduction xxv
Chapter 1 Cybersecurity Fundamentals 2
    “Do I Know This Already?” Quiz 3
    Foundation Topics 6
    Introduction to Cybersecurity 6
    Defining What Are Threats, Vulnerabilities, and Exploits 8
    Common Software and Hardware Vulnerabilities 30
    Confidentiality, Integrity, and Availability 40
    Cloud Security Threats 47
    IoT Security Threats 51
    An Introduction to Digital Forensics and Incident Response 55
    Summary 74
    Exam Preparation Tasks 74
    Review All Key Topics 74
    Define Key Terms 76
    Review Questions 76
Chapter 2 Cryptography 78
    “Do I Know This Already?” Quiz 78
    Foundation Topics 80
    Introduction to Cryptography 80
    Fundamentals of PKI 93
    Exam Preparation Tasks 102
    Review All Key Topics 102
    Define Key Terms 103
    Review Questions 103
Chapter 3 Software-Defined Networking Security and Network Programmability 106
    “Do I Know This Already?” Quiz 106
    Foundation Topics 108
    Introduction to Software-Defined Networking 108
    Introduction to Network Programmability 132
    Exam Preparation Tasks 146
    Review All Key Topics 146
    Define Key Terms 147
    Review Questions 147
Chapter 4 Authentication, Authorization, Accounting (AAA) and Identity Management 150
    “Do I Know This Already?” Quiz 151
    Foundation Topics 154
    Introduction to Authentication, Authorization, and Accounting 154
    Authentication 155
    Authorization 167
    Accounting 169
    Infrastructure Access Controls 170
    AAA Protocols 172
    Cisco Identity Services Engine (ISE) 181
    Configuring TACACS+ Access 196
    Configuring RADIUS Authentication 202
    Additional Cisco ISE Design Tips 211
    Exam Preparation Tasks 214
    Review All Key Topics 214
    Define Key Terms 216
    Review Questions 216
Chapter 5 Network Visibility and Segmentation 220
    “Do I Know This Already?” Quiz 221
    Foundation Topics 224
    Introduction to Network Visibility 224
    NetFlow 225
    IP Flow Information Export (IPFIX) 237
    NetFlow Deployment Scenarios 242
    Cisco Stealthwatch 250
    Cisco Cognitive Threat Analytics (CTA) and Encrypted Traffic Analytics (ETA) 262
    NetFlow Collection Considerations and Best Practices 268
    Configuring NetFlow in Cisco IOS and Cisco IOS-XE 269
    Configuring NetFlow in NX-OS 283
    Introduction to Network Segmentation 285
    Micro-Segmentation with Cisco ACI 289
    Segmentation with Cisco ISE 290
    Exam Preparation Tasks 301
    Review All Key Topics 301
    Define Key Terms 302
    Review Questions 302
Chapter 6 Infrastructure Security 306
    “Do I Know This Already?” Quiz 307
    Foundation Topics 310
    Securing Layer 2 Technologies 310
    Common Layer 2 Threats and How to Mitigate Them 322
    Network Foundation Protection 332
    Understanding and Securing the Management Plane 334
    Understanding the Control Plane 336
    Understanding and Securing the Data Plane 337
    Securing Management Traffic 338
    Implementing Logging Features 362
    Configuring NTP 363
    Securing the Network Infrastructure Device Image and Configuration Files 364
    Securing the Data Plane in IPv6 365
    Securing Routing Protocols and the Control Plane 379
    Exam Preparation Tasks 387
    Review All Key Topics 387
    Define Key Terms 389
    Review Questions 389
Chapter 7 Cisco Next-Generation Firewalls and Cisco Next-Generation Intrusion Prevention Systems 392
    “Do I Know This Already?” Quiz 392
    Foundation Topics 395
    Introduction to Cisco Next-Generation Firewalls (NGFW) and
    Comparing Network Security Solutions That Provide Firewall Capabilities 411
    Deployment Modes of Network Security Solutions and Architectures That
    High Availability and Clustering 423
    Implementing Access Control 427
    Cisco Firepower Intrusion Policies 446
    Variables 449
    Platform Settings Policy 450
    Cisco NGIPS Preprocessors 450
    Cisco Advanced Malware Protection (AMP) 452
    Security Intelligence, Security Updates, and Keeping Firepower Software Up to Date 457
    Exam Preparation Tasks 458
    Review All Key Topics 458
    Define Key Terms 460
    Review Questions 460
Chapter 8 Virtual Private Networks (VPNs) 464
    “Do I Know This Already?” Quiz 464
    Foundation Topics 467
    Virtual Private Network (VPN) Fundamentals 467
    Deploying and Configuring Site-to-Site VPNs in Cisco Routers 479
    Configuring Site-to-Site VPNs in Cisco ASA Firewalls 502
    Configuring Remote Access VPNs in the Cisco ASA 511
    Configuring Clientless Remote Access SSL VPNs in the Cisco ASA 514
    Configuring Client-Based Remote-Access SSL VPNs in the Cisco ASA 525
    Configuring Remote Access VPNs in FTD 530
    Configuring Site-to-Site VPNs in FTD 541
    Exam Preparation Tasks 543
    Review All Key Topics 543
    Define Key Terms 544
    Review Questions 544
Chapter 9 Securing the Cloud 548
    “Do I Know This Already?” Quiz 549
    Foundation Topics 551
    What Is Cloud and What Are the Cloud Service Models? 551
    DevOps, Continuous Integration (CI), Continuous Delivery (CD), and
    Describing the Customer vs. Provider Security Responsibility for the Different Cloud Service Models 573
    Cisco Umbrella 577
    Cisco Email Security in the Cloud 582
    Cisco Cloudlock 584
    Stealthwatch Cloud 590
    AppDynamics Cloud Monitoring 590
    Cisco Tetration 593
    Exam Preparation Tasks 596
    Review All Key Topics 596
    Define Key Terms 597
    Review Questions 598
Chapter 10 Content Security 600
    “Do I Know This Already?” Quiz 600
    Foundation Topics 603
    Content Security Fundamentals 603
    Cisco WSA 604
    Cisco ESA 619
    Cisco Content Security Management Appliance (SMA) 624
    Exam Preparation Tasks 629
    Review All Key Topics 629
    Define Key Terms 630
    Review Questions 630
Chapter 11 Endpoint Protection and Detection 634
    “Do I Know This Already?” Quiz 634
    Foundation Topics 636
    Introduction to Endpoint Protection and Detection 636
    Cisco AMP for Endpoints 638
    Cisco Threat Response 654
    Exam Preparation Tasks 655
    Review All Key Topics 655
    Define Key Terms 655
    Review Questions 656
Chapter 12 Final Preparation 658
    Hands-on Activities 658
    Suggested Plan for Final Review and Study 658
    Summary 659
Glossary of Key Terms 660
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 678
Appendix B CCNP Security Core SCOR (350-701) Exam Updates 686Online Element
Appendix C Study Planner
9780135971970, TOC, 3/18/2020

Unlimited one-month access with your purchase
Free Safari Membership