Cisco CCNP Security SCOR v1.1 (350-701) Cert Prep

Learn the essential cybersecurity skills and technologies covered in the 350-701 exam.

Introduction

• Welcome to Cisco CCNP SCOR (350-701) cert prep, part 1
• Getting hands-on practice

1. Fundamental Security Concepts

• On-premises threats
• Cloud-based threats
• Software vulnerabilities
• SQL injection
• Buffer overflow
• Cross-site request forgery
• Hashing
• Encryption
• Public key infrastructure (PKI)
• IPsec
• NAT-T for IPsec
• Pre-shared key authentication
• Site-to-site VPN
• Remote access VPN
• sVTI-based VPN
• DMVPN
• FlexVPN
• Cisco DNA Center overview
• Cisco DNA Center and vManage APIs
• Python scripts

2. Network Security

• IPS and firewall solutions
• Deployment models and architectures
• Device hardening
• Device management security
• NetFlow
• SNMPv3
• Role-based CLI access
• NTP with authentication
• VLANs
• VRF-lite
• Port security
• DHCP snooping
• Dynamic ARP inspection
• Storm control
• PVLANs
• TACACS+ and RADIUS
• Downloadable ACL (dACL)

3. Cloud Security

• Public, private, hybrid, and community clouds
• Cloud service models
• Customer vs. provider responsibility
• Patch management
• Security assessments
• Cloud-delivered security solutions
• DevSecOps
• Application and data security
• Policy management
• Cloud logging and monitoring
• Cloud application and workload security

4. Content Security

• Secure internet gateway
• Blacklisting and whitelisting
• URL filtering and categorization
• Malware scanning
• Web application filtering
• TLS decryption
• Traffic redirection
• User authentication
• Spam filtering
• Data loss prevention (DLP)
• Email encryption
• Email blacklisting
• Antimalware filtering
• Cisco Umbrella overview
• Cisco Umbrella identities
• Cisco Umbrella URL content settings
• Cisco Umbrella destination lists
• Cisco Umbrella reporting

5. Endpoint Protection

• Antimalware
• Retrospective security
• Indication of compromise (IOC)
• Antivirus
• Dynamic file analysis
• Endpoint device management
• Asset inventory
• Mobile device management (MDM)
• Multifactor authentication (MFA)
• Endpoint posture assessment
• Endpoint patching

6. Secure Access

• Guest services
• Profiling
• BYOD policies
• 802.1X
• MAB
• WebAuth
• DNS tunneling
• HTTPS
• Email
• File transfer protocols
• ICMP
• NTP
• Cisco Stealthwatch
• Cisco Stealthwatch cloud
• Cisco pxGrid
• Cisco CTA and ETA
• Cisco AnyConnect Network Visibility Module (NVM)

Conclusion

• Next steps