CCNP and CCIE Security Core SCOR 350-701 Exam Cram

Book description

CCNP and CCIE Security Core SCOR 350-701 Exam Cram is the perfect study guide to help you pass the CCNP and CCIE Security Core SCOR 350-701 exam, providing coverage and practice questions for every exam topic. The book contains an extensive set of preparation tools, including topic overviews, exam alerts, CramSavers, CramQuizzes, chapter-ending review questions, author notes, tips, and an extensive glossary.

The book also contains the extremely useful Cram Sheet: a collection of essential facts in an easy to review format. Complementing all these great study tools is the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic practice questions. This assessment software offers you a wealth of customization options and reporting features, allowing you to test your knowledge in study mode, practice mode, or flashcard mode.

Covers the critical information youll need to know to score higher on your CCNP and CCIE Security Core SCOR 350-701 exam

  • Compare common security vulnerabilities such as software bugs, weak or hardcoded passwords, OWASP top ten, missing encryption ciphers, buffer overflow, path traversal, cross-site scripting/forgery

  • Configure AAA for device and network access such as TACACS+ and RADIUS

  • Implement segmentation, access control policies, AVC, URL filtering, malware protection, and intrusion policies

  • Identify security capabilities, deployment models, and policy management to secure the cloud

  • Configure cloud logging and monitoring methodologies

  • Implement traffic redirection and capture methods for web proxy

  • Describe the components, capabilities, and benefits of the Cisco Umbrella

  • Configure endpoint antimalware protection using Cisco Secure Endpoint

  • Describe the uses and importance of a multifactor authentication (MFA) strategy

Table of contents

  1. Cover Page
  2. About This eBook
  3. Title Page
  4. Copyright Page
  5. About the Authors
  6. About the Technical Reviewer
  7. Dedications
  8. Acknowledgments
  9. Contents at a Glance
  10. Reader Services
  11. Contents
  12. Command Syntax Conventions
  13. Introduction
    1. Goals and Methods
    2. How to Prepare for the Exam
    3. Chapter Format and Conventions
    4. Additional Elements
    5. Practice Questions
    6. How to Access the Pearson Test Prep (PTP) App
    7. Customizing Your Exams
    8. Updating Your Exams
    9. Who Should Read This Book?
    10. Strategies for Exam Preparation
    11. How This Book Is Organized
    12. Certification Exam Topics and This Book
    13. Taking the CCIE Security Core SCOR 350-701 Certification Exam
    14. Tracking Your Status
    15. How to Prepare for an Exam
    16. Assessing Exam Readiness
    17. Cisco CCIE Security Core SCOR 350-701 Certification in the Real World
    18. Exam Registration
    19. Book Content Updates
    20. Contacting the Authors
  14. Figure Credits
  15. Chapter 1. Security Concepts
    1. Explain Common Threats Against On-Premises and Cloud Environments
    2. Compare Common Security Vulnerabilities
    3. Describe Functions of the Cryptography Components
    4. Compare Site-to-Site VPN and Remote Access VPN Deployment Types
    5. Describe Security Intelligence Authoring, Sharing, and Consumption
    6. Explain the Role of the Endpoint in Protecting Humans from Phishing and Social Engineering Attacks
    7. Explain Northbound and Southbound APIs in the SDN Architecture
    8. Explain DNAC APIs for Network Provisioning, Optimization, Monitoring, and Troubleshooting
    9. Interpret Basic Python Scripts Used to Call Cisco Security Appliance APIs
    10. What Next?
  16. Chapter 2. Network Security
    1. Compare Network Security Solutions and Provide Intrusion Prevention and Firewall Capabilities
    2. Describe Deployment Models of Network Security Solutions and Architectures That Provide Intrusion Prevention and Firewall Capabilities
    3. Describe the Components, Capabilities, and Benefits of NetFlow and Flexible NetFlow Records
    4. Configure and Verify Network Infrastructure Security Methods (Router, Switch, and Wireless)
    5. Implement Segmentation, Access Control Policies, AVC, URL Filtering, and Malware Protection
    6. Implement Management Options for Network Security Solutions
    7. Configure AAA for Device and Network Access
    8. Configure Secure Network Management of Perimeter Security and Infrastructure Devices
    9. Configure and Verify Site-to-Site VPN and Remote Access VPN
    10. What Next?
  17. Chapter 3. Securing the Cloud
    1. Identify Security Solutions for Cloud Environments
    2. Compare Security Responsibilities for the Different Cloud Service Models
    3. Describe the Concepts of DevSecOps (CI/CD Pipeline), Container Orchestration, and Secure Software Development
    4. Implementing Application Security
    5. Identify Security Capabilities, Deployment Models, and Policy Management to Secure the Cloud
    6. Configure Cloud Logging and Monitoring
    7. Application Security Concepts
    8. What Next?
  18. Chapter 4. Content Security
    1. Web Proxy Fundamentals
    2. Web Proxy Identity and Authentication
    3. Content Security Overview
    4. Deploying Cisco Secure Web Appliance and Secure Email Gateway
    5. Secure Email Gateway Configuration
    6. Cisco Secure Web Appliance Configuration
    7. Cisco Umbrella Overview
    8. Cisco Umbrella Configuration
    9. What Next?
  19. Chapter 5. Endpoint Protection and Detection
    1. Endpoint Protection and Endpoint Detection and Response
    2. Cisco Secure Endpoint
    3. Outbreak Control and Quarantines
    4. Justifications for Endpoint Security
    5. Endpoint Management and Asset Inventory Tools
    6. Uses and Importance of a Multifactor Authentication Strategy
    7. Endpoint Posture Assessments to Ensure Endpoint Security
    8. Endpoint Patching Strategy
    9. What Next?
  20. Chapter 6. Secure Network Access, Visibility, and Enforcement
    1. Identity Management Concepts
    2. AAA Configuration
    3. RADIUS Change of Authorization
    4. Application Visibility and Control
    5. Data Exfiltration
    6. Network Telemetry
    7. Cisco Security Solutions
    8. What Next?
  21. Cram Sheet
    1. Assets, Threats, and Mitigations
    2. Attack Types
    3. Common Security Vulnerabilities
    4. Cryptographic Components
    5. Web and Email Security Key Terms
    6. Web Proxy Traffic Redirect Methods
    7. Secure Email Gateway Features
    8. Secure Web Appliance Features
    9. Firewall Threat Defense Deployment Modes
    10. Flexible NetFlow Fields
    11. Layer 2 Security Controls
    12. Noteworthy CLI Commands
    13. Endpoint Security Key Terms
    14. Secure Endpoint Features
    15. Secure Endpoint Policy Types
    16. Network Access Control Key Terms
    17. Cloud Computing Environments
    18. Cloud Service Models
    19. Cloud Computing Key Terms
    20. Cloud Security Controls and Threats
    21. Cisco Secure Workload Features
    22. Identity Services Engine (ISE) Features
    23. ISE Deployment Node Persona Types
    24. ISE Authentication Methods
    25. Secure Network Analytics Features
    26. Secure Network Analytics Node Types
  22. Index
  23. Glossary
  24. Where are the companion content files? - Register
  25. Code Snippets

Product information

  • Title: CCNP and CCIE Security Core SCOR 350-701 Exam Cram
  • Author(s): Joseph Mlodzianowski, Eduardo Mendonca, Nicholas Kelly, Eugenio Iavarone
  • Release date: April 2024
  • Publisher(s): Pearson IT Certification
  • ISBN: 9780137282586