Cisco 300-740 Certification Exam Syllabus

300-740 Syllabus, CCNP Security Exam Questions PDF, Cisco 300-740 Dumps Free, CCNP Security PDF, 300-740 Dumps, 300-740 PDF, CCNP Security VCE, 300-740 Questions PDF, Cisco CCNP Security Questions PDF, Cisco 300-740 VCEA great way to start the Cisco Certified Specialist Security Secure Cloud Access (SCAZT) preparation is to begin by properly appreciating the role that syllabus and study guide play in the Cisco 300-740 certification exam. This study guide is an instrument to get you on the same page with Cisco and understand the nature of the Cisco CCNP Security exam.

Our team of experts has composed this Cisco 300-740 exam preparation guide to provide the overview about Cisco Designing and Implementing Secure Cloud Access for Users and Endpoints exam, study material, sample questions, practice exam and ways to interpret the exam objectives to help you assess your readiness for the Cisco SCAZT exam by identifying prerequisite areas of knowledge. We recommend you to refer the simulation questions and practice test listed in this guide to determine what type of questions will be asked and the level of difficulty that could be tested in the Cisco CCNP Security certification exam.

Cisco 300-740 Exam Overview:

Exam Name Designing and Implementing Secure Cloud Access for Users and Endpoints
Exam Number 300-740 SCAZT
Exam Price $300 USD
Duration 90 minutes
Number of Questions 55-65
Passing Score Variable (750-850 / 1000 Approx.)
Recommended Training
Exam Registration PEARSON VUE
Sample Questions Cisco 300-740 Sample Questions
Practice Exam Cisco Certified Specialist Security Secure Cloud Access Practice Test

Cisco 300-740 Exam Topics:

Section Weight Objectives
Cloud Security Architecture 10% - Describe the components of the Cisco Security Reference Architecture
  • Threat intelligence
  • Security operations toolset
  • User/device security
  • Network security: cloud edge and on-premises
  • Workload, application, and data security

- Describe use cases and the recommended capabilities within an integrated architecture

  • Common identity
  • Converged multicloud policy
  • SASE integrations
  • Zero-trust network access

- Describe industry security frameworks such as NIST, CISA, and DISA
- Describe the SAFE architectural framework
- Describe the SAFE Key structure

  • Places in the Network
  • Secure Domains
User and Device Security 20% - Implement user and device authentication via identity certificates
  • Implement multifactor authentication for users and devices
  • Implement endpoint posture policies for user access to resources
  • Configure SAML/SSO and OIDC using an identity provider connection
  • Configure user and device trust using SAML authentication for a mobile or web application
Network and Cloud Security 20% - Determine security policies for endpoints to control access to cloud applications
  • URL filtering (web layer and DNS layer)
  • Advanced app control
  • Network protocol blocking such as FTP and bit torrent
  • Direct-internet-access for trusted business applications
  • Web application firewall
  • Reverse proxy

- Determine security policies for endpoints to control access to SaaS applications such as Office 365, Workday, and Salesforce
- Determine security policies for remote users using VPN or application-based
- Determine security policies for network security edge to enforce application policy

  • Security services edge
  • Cisco Secure Firewall (FTD and ASA)
Application and Data Security 25% - Describe the MITRE ATT&CK framework and attacker defense mitigation techniques
- Describe cloud security attack tactics and mitigation strategies
- Describe how web application firewalls protect against DDoS attacks
- Determine security policies for application enforcement using Cisco Secure Workload and enforcement agents
  • Lateral movement prevention
  • Microsegmentation

- Determine cloud (hybrid and multicloud) platform security policies based on application connectivity requirements (third- party providers such as AWS, Azure, and Google Cloud)

Visibility and Assurance 15% - Describe the Cisco XDR solution
- Describe use cases for visibility and assurance automation
- Describe benefits and capabilities of visibility and logging tools such as SIEM, Open Telemetry, and Cisco Secure Network Analytics
- Validate traffic flow and telemetry reports for baseline and compliance behavior analysis
- Diagnose issues with user application and workload access
  • Cisco Secure Network Analytics
  • Cisco Secure Cloud Analytics
  • Cisco Secure Cloud Insights
  • Cisco Secure Analytics and Logging

- Verify user access to applications and data using tools (firewall logs, Duo, Umbrella, and Cisco Secure Workload)
- Analyze application dependencies using tools such as firewall logs and Cisco Secure Workload

Threat Response 10% - Describe use cases for response automation
- Determine actions based on telemetry reports
- Determine policies based on security audit reports
- Determine action based on user or application compromise
  • Contain
  • Report
  • Remediate
  • Reinstantiate

Cisco SCAZT Exam Description:

Designing and Implementing Secure Cloud Access for Users and Endpoints v1.0 (SCAZT 300-740) is a 90-minute exam associated with the CCNP Security Certification. This exam certifies a candidate's knowledge of designing and implementing cloud security architecture, user and device security, network and cloud security, application and data security, visibility and assurance, and threat response.

Rating: 5 / 5 (77 votes)