SCOR 350-701 Overview
The Implementing and Operating Cisco Security Core Technologies v1.0 (SCOR 350-701) exam is a 120-minute exam associated with the CCNP Security, Cisco Certified Specialist – Security Core, and CCIE Security certifications. This exam tests a candidate’s knowledge of implementing and operating core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. The course, Implementing and Operating Cisco Security Core Technologies, helps candidates to prepare for this exam.
Register For Free Demo Class
Today is the day you make a decision that can transform your life and IT career forever.
Implementing and Operating Cisco Security Core Technologies (350-701)
Implementing and Operating Cisco Security Core Technologies (SCOR 350-701) is a 120-minute exam associated with the CCNP and CCIE Security Certifications. This exam tests a candidate’s knowledge of implementing and operating core security technologies including network security, cloud security, content security, endpoint protection and detection, secure network access, visibility and enforcements. The course, Implementing and Operating Cisco Security Core Technologies, helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
1.0 Security Concepts
1.1 Explain common threats against on-premises and cloud environments
1.1.a On-premises: viruses, trojans, DoS/DDoS attacks, phishing, rootkits, man-in-themiddle attacks, SQL injection, cross-site scripting, malware
1.1.b Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials
1.2 Compare common security vulnerabilities such as software bugs, weak and/or hardcoded passwords, SQL injection, missing encryption, buffer overflow, path traversal, cross-site scripting/forgery
1.3 Describe functions of the cryptography components such as hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, pre-shared key and certificate based authorization
1.4 Compare site-to-site VPN and remote access VPN deployment types such as sVTI, IPsec, Cryptomap, DMVPN, FLEXVPN including high availability considerations, and AnyConnect
1.5 Describe security intelligence authoring, sharing, and consumption
1.6 Explain the role of the endpoint in protecting humans from phishing and social engineering attacks
1.7 Explain North Bound and South Bound APIs in the SDN architecture
1.8 Explain DNAC APIs for network provisioning, optimization, monitoring, and troubleshooting
1.9 Interpret basic Python scripts used to call Cisco Security appliances APIs
2.0 Network Security
2.1 Compare network security solutions that provide intrusion prevention and firewall capabilities
2.2 Describe deployment models of network security solutions and architectures that provide intrusion prevention and firewall capabilities
2.3 Describe the components, capabilities, and benefits of NetFlow and Flexible NetFlow records
2.4 Configure and verify network infrastructure security methods (router, switch, wireless)
2.4.a Layer 2 methods (Network segmentation using VLANs and VRF-lite; Layer 2 and port security; DHCP snooping; Dynamic ARP inspection; storm control; PVLANs to segregate network traffic; and defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
2.4.b Device hardening of network infrastructure security devices (control plane, data plane, management plane, and routing protocol security)
2.5 Implement segmentation, access control policies, AVC, URL filtering, and malware protection
2.6 Implement management options for network security solutions such as intrusion prevention and perimeter security (Single vs. multidevice manager, in-band vs. out-ofband, CDP, DNS, SCP, SFTP, and DHCP security and risks)
2.7 Configure AAA for device and network access (authentication and authorization, TACACS+, RADIUS and RADIUS flows, accounting, and dACL)
2.8 Configure secure network management of perimeter security and infrastructure devices (secure device management, SNMPv3, views, groups, users, authentication, and encryption, secure logging, and NTP with authentication)
2.9 Configure and verify site-to-site VPN and remote access VPN
2.9.a Site-to-site VPN utilizing Cisco routers and IOS
2.9.b Remote access VPN using Cisco AnyConnect Secure Mobility client
2.9.c Debug commands to view IPsec tunnel establishment and troubleshooting
3.0 Securing the Cloud
3.1 Identify security solutions for cloud environments
3.1.a Public, private, hybrid, and community clouds
3.1.b Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)
3.2 Compare the customer vs. provider security responsibility for the different cloud service models
3.2.a Patch management in the cloud
3.2.b Security assessment in the cloud
3.2.c Cloud-delivered security solutions such as firewall, management, proxy, security intelligence, and CASB
3.3 Describe the concept of DevSecOps (CI/CD pipeline, container orchestration, and security
3.4 Implement application and data security in cloud environments
3.5 Identify security capabilities, deployment models, and policy management to secure the cloud
3.6 Configure cloud logging and monitoring methodologies
3.7 Describe application and workload security concepts
4.0 Content Security
4.1 Implement traffic redirection and capture methods
4.2 Describe web proxy identity and authentication including transparent user identification
4.3 Compare the components, capabilities, and benefits of local and cloud-based email and web solutions (ESA, CES, WSA)
4.4 Configure and verify web and email security deployment methods to protect onpremises and remote users (inbound and outbound controls and policy management)
4.5 Configure and verify email security features such as SPAM filtering, antimalware filtering, DLP, block listing, and email encryption
4.6 Configure and verify secure internet gateway and web security features such as block listing, URL filtering, malware scanning, URL categorization, web application filtering, and TLS decryption
4.7 Describe the components, capabilities, and benefits of Cisco Umbrella
4.8 Configure and verify web security controls on Cisco Umbrella (identities, URL content settings, destination lists, and reporting)
5.0 Endpoint Protection and Detection
5.1 Compare Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR) solutions
5.2 Explain antimalware, retrospective security, Indication of Compromise (IOC), antivirus, dynamic file analysis, and endpoint-sourced telemetry
5.3 Configure and verify outbreak control and quarantines to limit infection
5.4 Describe justifications for endpoint-based security
5.5 Describe the value of endpoint device management and asset inventory such as MDM
5.6 Describe the uses and importance of a multifactor authentication (MFA) strategy
5.7 Describe endpoint posture assessment solutions to ensure endpoint security
5.8 Explain the importance of an endpoint patching strategy
6.0 Secure Network Access, Visibility, and Enforcement
6.1 Describe identity management and secure network access concepts such as guest services, profiling, posture assessment and BYOD
6.2 Configure and verify network access device functionality such as 802.1X, MAB, WebAuth
6.3 Describe network access with CoA
6.4 Describe the benefits of device compliance and application control
6.5 Explain exfiltration techniques (DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, Messenger, IRC, NTP)
6.6 Describe the benefits of network telemetry
6.7 Describe the components, capabilities, and benefits of these security products and solutions
6.7.a Cisco Stealthwatch
6.7.b Cisco Stealthwatch Cloud
6.7.c Cisco pxGrid
6.7.d Cisco Umbrella Investigate
6.7.e Cisco Cognitive Threat Analytics
6.7.f Cisco Encrypted Traffic Analytics
6.7.g Cisco AnyConnect Network Visibility Module (NVM)
Cisco Certified Network Associate (200-301 CCNA) is recommended before.
- Mid-level Security/Network engineers
- Network administrators
- Network support technicians
- Help desk technicians
Know about CCNP Security SCOR (350-701) training in Bangalore
CloudSynergy provides an Overview of the CCNP Security Core Technologies SCOR (350-710) Certification Training Course in Bangalore, Implementing and Operating CCNP Security Core Technologies of the SCOR Certification Training Course.
This course will teach you the skills and technology you’ll need to implement essential CCNP security solutions and defend against cybersecurity threats. You will learn about network security, cloud security, and content security, as well as endpoint protection, secure network access, visibility, and enforcement. You’ll gain a lot of practice deploying CCNP Firepower Next-Generation Firewall and CCNP Adaptive Security Appliance (ASA) Firewall, as well as configuring access control rules, mail policies, and 802.1X Authentication. You’ll receive some hands-on experience with the threat detection features of CCNP Stealthwatch Enterprise and CCNP Stealthwatch Cloud.
Implementing and Operating Cisco Security Core Technologies (350-701 SCOR), which leads to the new CCNP Security, CCIE Security, and Cisco Certified Specialist – Security Core certifications, is covered in this course, which includes self-paced content.
You should be able to do the following after completing this CCNP Security SCOR (350-710) training course from CloudSynergy,Bangalore:
- Describe the network’s information security principles and strategies.
- Describe TCP/IP, network application, and endpoint threats that are widespread.
- Explain how different network security technologies work together to prevent attacks.
- Use the Cisco ASA appliance and Cisco Firepower Next-Generation Firewall to implement access control.
- Describe and apply the Cisco Email Security Appliance’s basic email content security features and functions.
- Describe and apply the Cisco Web Security Appliance’s web content security features and functions.
- Investigate console and describe Cisco Umbrella® security capabilities, deployment models, and policy management.
- Introduce virtual private networks (VPNs) and discuss cryptography solutions and methods.
- Explain how to establish Cisco Internetwork Operating System (Cisco IOS®) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, as well as point-to-point IPsec VPNs on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW).
- Describe how to install 802.1X and Extensible Authentication Protocol (EAP) authentication, as well as how to deploy Cisco secure remote access connection solutions.
- Give a fundamental overview of endpoint security and outline the architecture and basic features of Advanced Malware Protection (AMP) for Endpoints.
- Examine the many defences that safeguard the control and management plane on Cisco devices.
- Configure and test Layer 2 and Layer 3 data plane controllers in Cisco IOS software.
- Explain the Stealthwatch Enterprise and Stealthwatch Cloud solutions from Cisco.
- Explain the fundamentals of cloud computing as well as various cloud assaults.
Our CCNP Security SCOR (350-710) training course in Bangalore, equips you with the information and skills you’ll need to succeed in senior security positions. It teaches professionals how to use basic CCNP security technologies to defend against cybersecurity threats. You can obtain hands-on experience deploying fundamental security technologies and learning best practises with CCNP security solutions with our CCNP Security training certification. Our training will help you pass the SCOR (350-710) training qualifying exam as well as the practical exam for the CCNP Security certification.
CloudSynergy’s CCNP Security v6.0 Program immerses you in intense lab practises to help you understand the complicated CCNP level technologies. The course includes a hands-on lab exam that covers security technologies and solutions across the whole network lifecycle, from design to deployment to operation and optimization.
The classes are led by a dual CCNP qualified and experienced instructor. The trainers maintain a brief balance between teaching and learning by providing extensive explanations and promoting group conversations. Aside from assured CCNP Physical Devices training, 24×7 Lab Access, free retakes, and flexible class dates for busy professionals, students will receive personalised attention from the teacher if any issues arise.