Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701) course is associated with the CCNP and CCIE Security Certifications. The course improves a candidate's knowledge of implementing and operating core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. The course, Implementing and Operating Cisco Security Core Technologies.

• 1.0 Security Concepts

  Candidates will understand how to Compare common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery and explain common threats against on-premises and cloud environments.

• 2.0 Network Security

  Candidates will understand how to compare network security solutions that provide intrusion prevention and firewall capabilities describe deployment models of network security solutions and architectures that provide intrusion prevention and firewall.

• 3.0 Securing the Cloud

  Participant will learn how to identify security solutions for cloud environments, Compare the customer vs. provider security responsibility for the different cloud service models, and understand the concept of DevSecOps (CI/CD pipeline, container orchestration, and security.

• 4.0 Content Security

  Participant will learn how to implement traffic redirection and capture methods, describe web proxy identity and authentication including transparent user identification, Compare the components, capabilities, and benefits of local and cloud-based email and web solutions (ESA, CES, WSA) amongst others.

• 5.0 Endpoint Protection and Detection

  Participant will learn how to compare Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions, explain antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry.

• 6.0 Secure Network Access, Visibility, and Enforcement

  Participant will learn how to describe identity management and secure network access concepts such as guest services, profiling, posture assessment and BYOD, Configure and verify network access device functionality such as 802.1X, MAB, WebAuth.

The Cisco CCIE Security training validate professionals who have the expertise to describe, design, implement, operate, and troubleshoot complex security technologies and solutions. Candidates will understand the requirements of network security, how different components interoperate, and translate it into the device configurations.

• 1.0 Perimeter Security and Intrusion Prevention

  Candidates will learn how to Describe, implement, and troubleshoot HA features on Cisco ASA and Cisco FirePOWER Threat Defense (FTD), describe, implement, and troubleshoot clustering on Cisco ASA and Cisco FTD, describe, implement, troubleshoot, and secure routing protocols on Cisco ASA and Cisco FTD Etc.

• 2.0 Advanced Threat Protection and Content Security

  Candidates will learn how to compare and contrast different AMP solutions including public and private cloud deployment models. Describe, implement, and troubleshoot AMP for networks, AMP for endpoints, and AMP for content security (CWS, ESA, and WSA), detect, analyze, and mitigate malware incidents.

• 3.0 Secure Connectivity and Segmentation

  Candidates will learn how to compare and contrast cryptographic and hash algorithms such as AES, DES, 3DES, ECC, SHA, and MD5 Compare and contrast security protocols such as ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, and MKA.

• 4.0 Identity Management, Information Exchange, and Access Control

  Candidates will learn how to implement, and troubleshoot various personas of ISE in a multi node deployment, implement, and troubleshoot network access device (NAD), ISE, and ACS configuration for AAA, implement, and troubleshoot AAA for administrative access to Cisco network devices using ISE and ACS.

• 5.0 Infrastructure Security, Virtualization, and Automation

  Candidates will learn how to identify common attacks such as Smurf, VLAN hopping, and SYNful knock, and their mitigation techniques describe, implement, and troubleshoot device hardening techniques and control plane protection methods, such as CoPP and IP Source routing.

• 6.0 Evolving Technologies v1.1

  Candidates will learn how to Compare and contrast public, private, hybrid, and multi cloud design considerations infrastructure, platform, and software as a service (XaaS) Performance, scalability, and high availability.