A Closer Look at CCNP Security 300-206 (SENSS) Exam
As we mentioned earlier, Cisco kicked off the year with updating its security certifications, especially CCNP Security, and the launch of Cisco Cybersecurity Specialist certification. These changes, along with others, are meant to step up Cisco’s security certifications, putting them in line with the latest security trends. They also validate the skills that employers are searching for in their staff.
Today, we take a closer look at the 300-206 (SENSS) exam: Implementing Cisco Edge Network Security Solutions. It validates the candidates’ knowledge required to configure and implement security on Cisco network perimeter edge devices such as a Cisco Switch, Cisco Router, and Cisco ASA Firewall. The 300-206 exam focuses on the technologies used to secure the perimeter of a network such as Network Address Translation (NAT), ASA policy and application inspect, and Zone-Based Firewall on Cisco routers. Like most Cisco exams, this is a closed book exam, with the usual Cisco types of questions: Multiple-Choice Single Key, Multiple-Choice Multiple Key, Drag-and-Drop, Fill-in-the-Blank, Router Simulation, Testlet Queries, Simlet.
According to Cisco, the current version of the 300-206 exam includes the following topics.
Threat Defense (25%)
• 1.1 Implement Firewall
• 1.1.a Implement ACLs
• 1.1.b Implement static/dynamic NAT/PAT
• 1.1.c Implement object groups
• 1.1.d Describe threat detection features
• 1.1.e Implement Botnet traffic filtering
• 1.2 Implement Layer 2 security
• 1.2.a Configure DHCP snooping
• 1.2.b Describe dynamic ARP inspection
• 1.2.c Describe storm control
• 1.2.d Configure port security
• 1.2.e Describe common layer 2 threats and attacks and mitigation
• 1.2.f Describe private VLAN
• 1.2.g Describe MACSec
• 1.3 Configure device hardening per best practices
• 1.3.a Routers
• 1.3.b Switches
• 1.3.c Firewalls
• 1.4 Implement Firewalls
• 1.4.a Configure application filtering and protcol inspection
• 1.4.b Describe virtualized firewalls
Cisco Security Devices GUIs and Secured CLI Management (25%)
• 2.1 Implement SSHv2, SSL, SNMPv3 access on the network devices
• 2.2 Implement RBAC on the ASA/IOS CLI and on ASDM
• 2.3 Describe Cisco Prime Infrastructure
• 2.4 Describe CSM
• 2.5 Implement device managers
Management Services on Cisco Devices (12%)
• 3.1 Implement NetFlow exporter
• 3.2 Implement SNMPv3
• 3.3 Implement logging
• 3.4 Implement NTP with authentication
• 3.5 Describe CDP, DNS, SCP, SFTP, and DHCP
Troubleshooting, Monitoring and Reporting Tools (10%)
• Monitor firewall using analysis of packet tracer, packet capture, and syslog
Threat Defense Architectures (16%)
• 5.1 Design a firewall solution
• 5.2 Design Layer 2 security solution
Security Components and Considerations (12%)
• 6.1 Describe security operations management architecture
• 6.2 Describe Data Center Security components and considerations
• 6.3 Describe Collaboration security components and considerations
• 6.4 Describe common IPv6 security considerations
Interesting posts
SAP-C02 Amazon AWS Certified Solutions Architect Professional – Exam Preparation Guide Part 5
5. Exam Preparation – Domain 4 Hey everyone and welcome back. In today’s video we will be discussing about the important pointers for exams for domain four. So the first thing here is that you should know about tagging strategies, about resource groups, about the EC to pricing models here then the overview about S… Read More »
SAP-C02 Amazon AWS Certified Solutions Architect Professional – Exam Preparation Guide Part 4
4. Exam Preparation – Domain 3 Hey everyone and welcome back. Now in today’s video for important pointers for exams our focus would be on domain three. So the domain three is migration planning and it constitutes to be 15% of the examination. So let’s get started and see what are some of the important… Read More »
SAP-C02 Amazon AWS Certified Solutions Architect Professional – Exam Preparation Guide Part 3
3. Exam Preparation Part 02 – Domain 2 Hey everyone, and welcome back. Now, in today’s video, we will be continuing our journey, understanding some of the important pointers for exams for domain two. As we have discussed, even in the earlier video, be aware about the distinction on which use cases where DynamoDB would… Read More »
SAP-C02 Amazon AWS Certified Solutions Architect Professional – Exam Preparation Guide Part 2
2. Exam Preparation Part 01 – Domain 2 Hey everyone and welcome back in today’s video for important pointers. For exam, our focus would be on domain two. Now the domain two, which is designed for new solutions is one of the largest domains of this certification both in terms of the number of topics… Read More »
SAP-C02 Amazon AWS Certified Solutions Architect Professional – Exam Preparation Guide
1. Exam Preparation – Domain 1 Hey everyone and welcome back. Now in today’s video we will be discussing about some of the important pointers for exam as far as the domain one is concerned. Now the domain one is basically designed for organizational complexity and it constitutes to be twelve 5% of the overall… Read More »
69. Building the function for our API Hey everyone and welcome back. Now in the earlier lecture we discussed that there are two important components that we need. The first is the function and second is the API. So what we’ll be doing today is we will be creating a function after function is created.… Read More »