I. Exam Introduction
The CCNP Security (300-710 SPNC) exam measures your knowledge of policies, deployments, management, and troubleshooting about Cisco Firepower(r), Threat Defense and Firepower(r), 7000 and Firepower(r), 8000 Series virtual appliances. The main purpose of the exam is to teach you about Next-Generation Firewalls and Next-Generation Intrusion Prevention System capabilities like file type identification, network-based Malware detection, and deep packet inspection.
II. Target Audience
Candidates with the following profiles are eligible to take this exam:
-
Security professionals
-
Security consultants
-
Administrators of the network
-
System engineers
-
Support personnel for technical issues
-
Resellers and channel partners
-
Cisco partners and integrators
III. Exam Prerequisites
No formal prerequisites are required. There are a few areas where knowledge is an advantage:
-
TCP/IP networking technical understanding and network architecture
-
Basic knowledge of Intrusion Detection Systems, (IDS), and IPS.
-
Basic routing protocols and TCP/IP knowledge
-
Familiarity and familiarity with Intrusion Prevention Systems (IPS), VPN, and firewall concepts
IV. Exam Details
It costs $300 and is coded 300-710 SNCF. The exam takes 90 minutes. Multiple-choice questions are available. The certification is valid for 3 years. Both English and Japanese are accepted for the test.
V. Exam Registration
Follow these steps to register:
-
Register on Pearson VUE. Log in to your account if you already have one on PearsonVUE.
-
Choose Proctored Examinations and enter exam numbers 300-710.
-
Follow the prompts for registration and payment.
VI. Policies
Candidates must adhere to a variety of policies. Cisco offers several exam policies that will help candidates understand the requirements and processes for passing the certification exam. These are some of them:
-
Take Policy: The candidate must wait five calendar days beginning on the day following the unsuccessful attempt. A candidate who has passed must wait at least 180 days before taking another exam with the same number.
-
Exam Reschedule Policy: To reschedule an exam online, candidates must contact Pearson VUE. You can also access an online Pearson VUE account. Failure to cancel your appointment before the scheduled start time, or to show up for your appointment on time will result in your exam fee being forfeited.
-
Cancellation Policy: Online proctored exam cancellations must be made to Pearson VUE. You can also access your Pearson VUE online account to cancel your exam until the time it is scheduled to start. Failure to cancel your appointment before the scheduled start time, or failing to show up for your appointment, will result in your exam fee being forfeited.
VII. Course Outline
Cisco CCNP Security (300-710 SNCF Exam) covers the following topics:
-
Deployment: 30%
-
1.1 Implement NGFW mode (Cisco Documentation Transparent, Routed Firewall Mode).
-
Routed mode
-
Transparent mode
-
1.2 Implement NGIPS modes (Cisco Documentation: Next-Generation Intrusion Prevention System (NGIPS))
-
1.3 Implement high availability options. Cisco Documentation Configuring High Availability
-
Link redundancy
-
Standby/active failover
-
Multi-instance
-
1.4 Describe IRB configurations (Cisco Documentation Configuring IRB)
-
Configuration: 30%
-
2.1 Configure system configurations in Cisco Firepower Management Center (Cisco Documentation Firepower Management Center Configuration Manual).
-
2.2 Configure the following policies in Cisco Firepower Management Center (Cisco Documentation Getting Started with Firepower).
-
Control of access
-
Intrusion
-
Malware and file
-
DNS
-
Identity
-
SSL
-
Prefilter
-
2.3 Configure the following features with Cisco Firepower Management Center (Cisco documentation: Cisco Firepower Management Center).
-
Network discovery
-
Application detectors (Open AppID)
-
Correlation
-
Take Action
-
2.4 Configure objects with Firepower Management Center (Cisco Documentation Navigating Cisco Firepower Documentation)
-
Object Management
-
Intrusion Rules
-
2.5 Configure devices using Firepower Management Center (Cisco Documentation: Firepower)
-
Device Management
-
NAT
-
VPN
-
QoS
-
Setting up a platform
-
Certificates
-
Troubleshooting and Management: 25%
-
Troubleshooting FMC CLI/GUI (Cisco Documentation Cisco UCS Manager GUI Configuration guide
-
FMC Documentation: Working With Reports - Configure Dashboards and Reporting
-
Troubleshooting using packet capture procedures (Cisco documentation: Packet Capture Procedures on Cisco Firepower device).
-
Analyze risk and standard reporting (Cisco Documentation Reports).
-
Integration: 15%
-
Configure Cisco AMP for Networks in Firepower Management Center (Cisco Documentation Cisco AMP for Networks).
-
Firepower Management Center Configure Cisco AMP For Endpoints (Cisco Documentation AMP For Endpoints User Guide
-
Third-party security intelligence feeds can be implemented by the Implement Threat Intelligence Director (Cisco Documentation Cisco Threat Director (TID).
-
Describe Cisco Threat Response to security investigations (Cisco Documentation Cisco Threat Respond).
-
Cisco FMC PxGrid Integration With Cisco Identify Services Engine (ISE). (Cisco Documentation Configure ISE 2.4 & FMC 6.2.3 pxGrid Integr
-
Rapid Threat Containment (RTC), functionality in Firepower Management Center (Cisco Documentation Cisco Rapid Threat Containment).
VIII. Preparatory guide for CCNP Security (300-710 SNCF)
This preparation guide will help you to understand and learn about each exam's objectives. We have provided the best resources for you to pass the exam. This section will provide a detailed explanation to help you prepare for your exam using expert learning resources and a study guide.
IX. Refer to the Exam Guide
It is essential to understand the course outline and guide before taking any exam. Cisco also offers the complete course outline and guide via its official site. It is the best site to find information about the CCNP Security 300-710 SNCF exam. Once you have read the exam details, it is time to move on to more detailed information. Now it's time for the exam guide.
X. Practice Exams
You should practice what you have learned to be able to analyze your practice. By practicing, you can improve your answering skills which will save you a lot of time. Also, practice tests can be started after you have completed a topic. This will serve as a revision section.