Cisco 300-206 Certification Exam Syllabus

300-206 Syllabus, CCNP Security Exam Questions PDF, Cisco 300-206 Dumps Free, CCNP Security PDF, 300-206 Dumps, 300-206 PDF, CCNP Security VCE, 300-206 Questions PDF, Cisco CCNP Security Questions PDF, Cisco 300-206 VCEA great way to start the Cisco Certified Network Professional Security (SENSS) preparation is to begin by properly appreciating the role that syllabus and study guide play in the Cisco 300-206 certification exam. This study guide is an instrument to get you on the same page with Cisco and understand the nature of the Cisco CCNP Security exam.

Our team of experts has composed this Cisco 300-206 exam preparation guide to provide the overview about Cisco Implementing Cisco Edge Network Security Solutions exam, study material, sample questions, practice exam and ways to interpret the exam objectives to help you assess your readiness for the Cisco SENSS exam by identifying prerequisite areas of knowledge. We recommend you to refer the simulation questions and practice test listed in this guide to determine what type of questions will be asked and the level of difficulty that could be tested in the Cisco CCNP Security certification exam.

Cisco 300-206 Exam Overview:

Exam Name
Implementing Cisco Edge Network Security Solutions
Exam Number 300-206 SENSS
Exam Price $300 USD
Duration 90 minutes
Number of Questions 65-75
Passing Score Variable (750-850 / 1000 Approx.)
Recommended Training Implementing Cisco Edge Network Security Solutions - (SENSS)
Implementing Cisco Edge Network Security Solutions (SENSS) E-Learning
Cisco CCNP Security Certification Preparation Bundle E-Learning
Exam Registration PEARSON VUE
Sample Questions Cisco 300-206 Sample Questions
Practice Exam Cisco Certified Network Professional Security Practice Test

Cisco 300-206 Exam Topics:

Section Weight Objectives
Threat Defense 25%
1 Implement firewall (ASA or IOS depending on which supports the implementation)
a) Implement ACLs
b) Implement static/dynamic NAT/PAT
c) Implement object groups
d) Describe threat detection features
e) Implement botnet traffic filtering
f) Configure application filtering and protocol inspection
g) Describe ASA security contexts
2 Implement Layer 2 Security
a) Configure DHCP snooping
b) Describe dynamic ARP inspection
c) Describe storm control
d) Configure port security
e) Describe common Layer 2 threats and attacks and mitigation
f) Describe MACSec
g) Configure IP source verification
3 Configure device hardening per best practices
a) Routers
b) Switches
c) Firewalls
Cisco Security Devices GUIs and Secured CLI Management 25%
1 Implement SSHv2, HTTPS, and SNMPv3 access on the network devices
2 Implement RBAC on the ASA/IOS using CLI and ASDM
3 Describe Cisco Prime Infrastructure
a) Functions and use cases of Cisco Prime
b) Device Management
4 Describe Cisco Security Manager (CSM)
a) Functions and use cases of CSM
b) Device Management
5 Implement Device Managers
a) Implement ASA firewall features using ASDM
Management Services on Cisco Devices 12%
1 Configure NetFlow exporter on Cisco Routers, Switches, and ASA
2 Implement SNMPv3
a) Create views, groups, users, authentication, and encryption
3 Implement logging on Cisco Routers, Switches, and ASA using Cisco best practices
4 Implement NTP with authentication on Cisco Routers, Switches, and ASA
5 Describe CDP, DNS, SCP, SFTP, and DHCP
a) Describe security implications of using CDP on routers and switches
b) Need for dnssec
Troubleshooting, Monitoring and Reporting Tools 10%
1 Monitor firewall using analysis of packet tracer, packet capture, and syslog
a) Analyze packet tracer on the firewall using CLI/ASDM
b) Configure and analyze packet capture using CLI/ASDM
c) Analyze syslog events generated from ASA
Threat Defense Architectures 16%
1 Design a Firewall Solution
a) High-availability
b) Basic concepts of security zoning
c) Transparent & Routed Modes
d) Security Contexts
2 Layer 2 Security Solutions
a) Implement defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
b) Describe best practices for implementation
c) Describe how PVLANs can be used to segregate network traffic at Layer 2
Security Components and Considerations 12%
1 Describe security operations management architectures
a) Single device manager vs. multi-device manager
2 Describe Data Center security components and considerations
a) Virtualization and Cloud security
3 Describe Collaboration security components and considerations
a) Basic ASA UC Inspection features
4 Describe common IPv6 security considerations
a) Unified IPv6/IPv4 ACL on the ASA

Cisco SENSS Exam Description:

The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to configure and implement security on Cisco network perimeter edge devices such as a Cisco switch, Cisco router, and Cisco ASA firewall.

Rating: 4.9 / 5 (80 votes)