Course Description:

CCNP Security also known as professional level certification in Network Security discipline. This certification is basically meant for aspirants seeking career in the field of network security by using vendor specific devices like ASA firewalls, Switches and IPS Systems. This certification basically deals in making individuals well equipped with skill set required while handling complex security issues incurring in enterprise networks.Also known as the new age CCSP (Cisco Certified Security Professional) certification, CCNP Security certification offered by ENTER-NETWORK trains aspirants on knowledge and skills necessary while testifying, deploying, configuring, maintaining andtrouble shooting Cisco devices used for providing network security.

Devices used for CCNP Security training our as follows:

1. Routers: 1841, 2611xm, 2801, 2811, 3640, 3825, 2911,

7204 series

2. Switches: 3550, 3560, 3750 series

3. Firewalls:5510, 5512x, 5515x series

4. IP Phones: 4240, 4255

5. Iron Port: S170

6. ISE: 3315

Training Highlights

1. Your daily class at ENTER-NETWORK starts with 2-3 hours of theoretical training inclusive of in-depth training on CCNP Security course. After completion of your theory class,practical sessions are conducted in our labs which are available 24×7, where you can practice and learn the actual working of the concepts learned for any number of hours you want to.

2. CCNP Security course training is given by CCIE Security(written) or CCIE Security (lab) certified trainers with 5-14 years of industry experience.

3. CCNP Security lab of EN consists of course specific devices:routers and switches with highly updated equipments and other required devices.

4. 24×7 lab assistance while you are practicing in labs providing immediate solutions to problems occurring,ensuring uninterrupted high quality practical training.

5. Availability of Wi-Fi access to enhance your practical learning experience.

6. Remote access to labs and devices within institute premises.

7. Access to in house practical workbooks within no time.

8. Doubt sessions ensuring complete understanding of the course at each and every step. CCNP Security certification offered by ENTER-NETWORK allows candidates to obtain professional level certification training in Security technologies. Training provided on Cisco Certified Network Professional Security at EN is beyond comparison as we believe in imparting 100% practical training to our students coming from different parts of the world. Having best pool of CCIE experts and World's Largest Cisco Labs, CCNP Security course training at ENTER-NETWORK is quite amazing as we carve the technical personalities of our students with our intense types of various classroom sessions.

Course Content:

Cisco Certified Network Professional : Security

1. Implementing TACACS+ and RADIUS and wired/wireless 802.1X ISE authentication/authorization policies, ISE end point identity configuration and Verify MAB Operation).

2. Implement Firewall (ASA or IOS) including ACLS,static/dynamic NAT/PAT, and object groups. Threat detectionfeatures and implement botnet traffic filtering. Describe and implement ASA security contexts, Layer 2 Security, dynamic ARP inspection, storm control, common layer 2 attacks and mitigation,and MACSec and configuring DHCP snooping, port security and IP source verification.

3. Troubleshoot, monitor (firewalls using analysis of packet tracer,capture and syslog).

4. Understand Threat Defense Architectures (Design a Firewall Solution, High-availability, Basic concepts of security zoning,Transparent & Routed Modes, Security Contexts, and Layer 2 Security Solutions). Implement defenses against MAC, ARP,VLAN hopping, STP, and DHCP rogue attacks

5. Understand and implement secure communications using VPN on routers and firewalls. Implement and troubleshoot Any Connect IKEv2 VPN and Any Connect SSLVPN on ASA and routers.Implement and troubleshoot Flex VPN (hub-Spoke on both IPV4 &IPV6) using local AAA and on routers. Implement and troubleshoot IPsec (with IKEv1 and IKEv2 for both IPV4 & IPV6)and DMVPN (hub-Spoke and spoke-spoke on both IPV4 & IPV6).Implement and troubleshoot clientless SSLVPN on ASA androuters.

6. Design VPN solutions and identify VPN technology considerations based on functional requirements and configuration output, and Identify functional components of GETVPN, FlexVPN, DMVPN, and IPsec.

7. Understand Cisco WSA (features and functionality, implement data security, WSA identity and authentication with transparent User identification). Describe web usage control, decryption policies traffic redirection and capture methods.

8. Understand Cisco ESA (features and functionality) and describe traffic redirection and capture. Implement email encryption, anti-spam policies, virus outbreak filter, DLP policies,anti-malware, inbound and outbound mail policies and authentication.

9. Understand Network IPS and implement traffic redirection and capture methods, network IPS deployment modes, event actions& overrides/filters, anomaly detection, risk ratings, and device hardening per best practices. Describe signatures engines and configure device hardening best practices.