First of all, job positions that require the professionals to have this (ISC)² certificate are usually paid superbly. An individual with this credential can make an average of six-figure remunerations per annum but it depends on his/her location. Additionally, there is no lack of job roles for the security specialists, which means there is always an opening that you can fill when you have such a certification. For instance, it is estimated that there will be approximately 2 million extra security positions that will require the IT experts to fill them. Of great importance is the number of people who will fulfill these roles, and this is where a strong consideration for CISSP comes in. No doubt, this is a good reason to pursue this certificate but you shouldn’t jump right into it without putting some facts into consideration.

Below we share some objective views on choosing the CISSP certification as your goal.

• CISSP requires paid work experience

Your work experience will showcase whether you should strive to pursue this credential or not. For instance, if you are just starting out in the sector of information security, you won’t be able to do it. This doesn’t mean that if you take the exam, you won’t pass it; it is all about the prerequisite for pursuing this (ISC)² certification. You should have more than 5 years of paid work experience to qualify for this certificate. It is essential to point out that you can actually shorten the time by one year. However, you have four years to contend with, and nothing can be done about it. You just have to wait before you can attempt the CISSP certification test.

There are some other options that the professionals who starting out in the security field can consider. For those who want to earn their first job in the security field, CISSP is not the point to start. At this stage, you should seek to validate your basic skills. CompTIA Security+ and CompTIA CySA+ are two certificates you can consider to confirm your knowledge and skills, as well as increase your chance of landing an entry-level position.

CompTIA Security+ is an entry-level cybersecurity credential that requires a single exam. It is made up of about 90 questions, which must be completed within 90 minutes. The test is created to validate the candidates’ knowledge and skills in basic IT and security domains. CompTIA CySA+ is also an excellent choice for an entry-level IT security specialist. This credential was introduced in 2017 by CompTIA, and it was developed to bridge the gap between the skills required for the foundational CompTIA Security+ and the expert-level CASP+ certificates. You can continue to pursue CISSP after earning either of these certifications. However, you have to fulfill the requirements for years of experience before you obtain it.

• CISSP is great if you want to take up government jobs

For the professionals trying to get a job position in the government, CISSP is a great credential option. It satisfies the IA baseline certification requirements for taking up job roles in this realm. The baseline certificates for the government employees possess four different categories, including IAT, AIM, CSSP, and IASAE. (ISC)² CISSP takes its place in these categories, which means it is a great certification option for those individuals who want to get a government job title.

• CISSP requires recertification

This is actually a great thing because it helps you consistently update your skills so as not to become obsolete. To renew your certification, you have to earn the CPE credits, which are quite easy to achieve. Every 3 years, you have to submit at least 90 Group-A CPE credits, as well as the additional 30 Group-A or Group-B CPE credits to retain your credential. There are different educational activities that make up for these CPE credits. You earn one credit for each hour you spend learning. Some educational activities you can engage in include reading of whitepapers, books, or magazines; attending educational courses, presentations, seminars, or conferences; publishing a whitepaper, an article, or a book. You can also earn the credits by preparing to train or present information associated with information security; volunteering for charitable organizations, public sector, and government; performing special project-related work outside your normal work responsibilities; taking higher academic training courses. Generally, if you learn the topics covered in the eight security domains, you can claim the CPE credit hours. Of course, they should be not within your standard job activity. With an average of 40 CPE credits every year, you can easily meet up with the recertification requirements.

Please note that the Group-B credits cover the general professional and development activities that the certification holders may engage in. These include anything that is not within the scope of the security domains. Additionally, the activities that qualify for the Group-A CPE credits can also be used for the Group-B ones.

Conclusion

Your choice of obtaining the CISSP certificate will be determined by your professional goals, industry, and work experience. If you want to break into the information security field, this (ISC)² certification is the ideal choice. However, if you are an entry-level professional, it will not be a good starting point because you don’t have the prerequisite experience for it at this stage. Instead, you should pursue either CompTIA Security+ or CompTIA CySA+ to begin your journey in the world of information security. With experience you will earn, you can proceed to pursue the CISSP credential. This will be a good foundation for your future career path.

How about a new certification exam launched by Check Point? Today, managing security is a complex task demanding special knowledge and abilities. Security consolidation means bringing all security protections and functions under one umbrella. And it can be easily realized with R80 management course. This three-day course can help you spread your wings and make progress because it covers all the information you need to start-up, configure and manage the day-to-day operations of your Check Point infrastructure.

With R80 course you’ll learn how to Install R80 management and a security gateway in a distributed environment, configure objects, rules, and settings to define a security policy, work with multiple concurrent administrators, and define permission profiles, configure a Virtual Private Network, and work with Check Point clustering, perform periodic administrator tasks as specified in administrator job descriptions. All you have to do is to get 6-month to 1-year experience with Check Point products recommended and to acquire fundamental knowledge of networking.

What are the benefits?

The advantages you gain after taking this course are incontestable. You’ll become prepared to defend against network threats. You’ll be able to evaluate existing security policies and optimize the rule base. You’ll think nothing of managing user access to corporate LANs. Monitoring suspicious network activities and analyzing attacks will become your hobby. And finally, you will implement Check Point backup techniques and troubleshoot network connections with no trouble at all.

Now let’s talk about the exam

To get Check Point Certified Security Administrator (CCSA) R80 Certification you have to go in for the exam 156-215.80. But it would be difficult to pass without proper knowledge. Let’s look at them.

• Check Point Technology Overview
• Security Policy Management
• Monitoring Traffic and Connections
• Network Address Translations
• Basic Concepts of VPN
• Managing User Access
• Working with ClusterXL
• Administrator Task Implementation

How I benefit from earning the Check Point certificate?

• CCSA’s rank higher than other security vendor professionals
• Validation you have the skills to implement the latest network security advancements
• Certified Professionals community, newsletter and special web access

The GIAC Security Essentials (GSEC) is an entry-level credential which has been specially designed for professionals seeking to demonstrate that they not only understand information security terminology and concepts, but also possess the skills and technical expertise necessary for “hands-on” security roles.

Holders of the GSEC demonstrate knowledge and technical skills in areas such as Wi-Fi protocols, identifying and preventing common and wireless attacks, network mapping, public switched telephony networks, access controls, authentication, password management, DNS, cryptography fundamentals, ICMP, IPv6, public key infrastructure, Linux, network mapping, network protocols and much more.

To achieve the GSEC credential, candidates need to pass the GIAC Security Essentials exam. The most notable thing about this exam is its price: $1,099. It is significantly pricier than Security+ or other exams of this level. Plus, you would need to invest time and money into your exam preparation. But is the GSEC certification really worth it?

First of all, this is a solid exam – please click here to access GSEC blueprint and objectives. It helps you stand out from the crowd as you apply for security positions, as opposed to the most candidates who only hold the Security+ credential. So, after all, the decision is yours, but as more and more candidates choose GIAC CSEC as their go-to entry level security certification, there’s a lot to think about.

What is GIAC?

Global Information Assurance Certification (GIAC) is an information security certification entity that specializes in technical and practical certification as well as new research in the form of its GIAC Gold program. SANS Institute founded the certification entity in 1999 and the term GIAC is trademarked by The Escal Institute of Advanced Technologies.

GIAC provides a set of vendor-neutral computer security certifications linked to the training courses provided by the SANS. GIAC is specific to the leading edge technological advancement of IT security in order to keep ahead of “black hat” techniques. Papers written by individuals pursuing GIAC certifications are presented at the SANS Reading Room on GIAC’s website.

Initially all SANS GIAC certifications required a written paper or “practical” on a specific area of the certification in order to achieve the certification. In April 2005, the SANS organization changed the format of the certification by breaking it into two separate levels. The “silver” level certification is achieved upon completion of a multiple choice exam. The “gold” level certification can be obtained by completing research paper and has the silver level as a prerequisite.

But First, What is ISACA?

In case you’re wondering, ISACA stands for Information Systems Audit and Control Association. This is an international professional association focused on IT Governance. The organization was created in the United States back in 1967. That year, a group of individuals working on auditing controls in computer systems started to become increasingly critical of the operations of their organizations. They identified a need for a centralized source of information and guidance in the field. In 1976 the association formed an education foundation to undertake large-scale research efforts to expand the knowledge of and value accorded to the fields of governance and control of information technology. The association became the Information Systems Audit and Control Association in 1994.

ISACA specifically targets IT professionals interested in the highest quality standards with respect to audit, control and security of information systems. The CISM certification holders demonstrate in-depth skills in security risk management, program development and management, governance, and incident management and response.

The CISM Credential and Certification Process

The Certified Information Security Manager (CISM) is ISACA’s flagship credential. This is a top certification for IT professionals involved in managing, developing and overseeing information security systems in enterprise-level applications, or who work on developing best organizational security practices. The CISM credential was introduced to security professionals in 2003 and has remained in high demand ever since.

Developed with experienced security professionals in mind, CISM certification sets new standards for IT security. To achieve this credential, candidates must agree to ISACA’s Code of Professional Ethics and pass a challenging certification exam. Furthermore, they are required to have a minimum of five years of proven security experience, comply with the Continuing Education Policy and submit a written application. Please note that some combinations of education and experience may be substituted to meet the experience requirement – check ISACA website for more information on this.

CISM Certification Prerequisites. To obtain the CISM credential, you must:

• Pass the CISM exam.
• Agree to the ISACA Code of Professional Ethics.
• Possess a minimum of five years of information security work experience, including at least three years of work experience in information security management in three or more of the job practice analysis areas. Experience must be verifiable and obtained in the preceding 10-year period prior to the application date or within five years after passing the exam. There are some exceptions to this requirement depending on current credentials held.
• Submit an application for CISM certification (processing fee is $50.) Credential must be obtained within five years of passing the exam.
• Agree to the CISM Continuing Education Policy.

CISM Exam Cost

ISACA members who register early pay $440 for the exam; non-members pay $625 for early registration. Regular registration fee for members is $490 and for non-members is $675. The CISM credential is valid for three years, and credential holders must pay an annual maintenance fee of $45 (ISACA members) or $85 (non-members). Credential holders are also required to obtain a minimum of 120 continuing professional education (CPE) credits over the three-year term to maintain the credential. At least 20 CPEs must be earned every year.

ISACA Certification Program

In addition to the CISM, ISACA offers numerous other certifications for those interested in information security and best practices. Other credentials worth considering include:

• Certified Information Systems Auditor (CISA) – for professionals working with information systems auditing, control or security.
• Certified in the Governance of Enterprise IT (CGEIT) – targets IT professionals working in enterprise IT management, governance, strategic alignment, value delivery and risk, resource and performance management.
• Certified in Risk and Information Systems Control certification (CRISC) – IT professionals seeking careers in all aspects of risk management

Interested in ISACA exams? Visit ExamCollection to find latest exam preparation materials.

1. Security and Risk Management (e.g., Security, Risk, Compliance, Law, Regulations, Business Continuity)
2. Asset Security (Protecting Security of Assets)
3. Security Engineering (Engineering and Management of Security)
4. Communication and Network Security (Designing and Protecting Network Security)
5. Identity and Access Management (Controlling Access and Managing Identity)
6. Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
7. Security Operations (e.g., Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
8. Software Development Security (Understanding, Applying, and Enforcing Software Security)

According to ISC, the CISSP exam is being updated to stay relevant amidst the changes occurring in the information security field. Refreshed technical content has been added to the Official (ISC)² CISSP CBK to reflect the most current topics in the information security industry today. Keep in mind that some topics have been expanded (e.g., asset security, security assessment and testing), while other topics have been realigned under different domains. ISC believes that the new CISSP exam will better reflect the technical and managerial competence required from an experienced information security professional to effectively design, engineer, implement and manage an organization’s information security program within an ever-changing security landscape.

Although the blueprint has gone down from 10 domains to 8, don’t be tricked into thinking that the exam has gotten easier – it’s not. The topics have been rearranged and refreshed, and the amount of information candidates should be proficient with has actually increased, not decreased.

The CISSP exam tests one’s competence in information security and  the (ISC)²^® common body of knowledge (CBK^®), which cover critical topics in security today, including risk management, cloud computing, mobile security, application development security and more. Candidates must have a minimum of five years of paid full-time work experience in 2 of the 10 domains. This vast breadth of knowledge and the experience it takes to pass the exam is what sets the CISSP apart. CISSP certification makes holders eligible for job functions like security consultant, security analyst, IT director, Chief Information Security Officer, and many more. CISSP certification is associated with some of the highest salaries in IT industry.

What is Network Forensics?

With a number of cybercriminals and cyber crimes steadily growing (no surprise as more and more various operations are conducted online), there is little wonder that digital forensics is on the rise. From government and law enforcement agencies to private companies and international corporations, digital security and forensics professionals are highly in demand. If you’re eying this career,  you need to know that network forensics experts should be capable of blocking the majority of system attacks, as well as, more importantly, to implicate the aggressors who manage to penetrate the system, or commit a cybercrime.

Cybercriminals become harder and harder to identify as their get better at hiding their traces, so they are harder to identify. Network forensics collects data from network traffic and analyzes it for threats or intrusions. As a result, a good network forensics expert should have a very solid understanding of how the system is built, as well as possess great analytical skills and understand the trends of how traffic flows.

GNFA Certification

Previously, there has been no certification to validate the skills in network forensics. Recently,GAC has announced the very first credential of such kind, GNFA (GIAC Network Forensics Analyst), which will be available starting this Monday, November 3, 2014.

The GNFA certification was developed for professionals who want to validate their qualification to perform examinations employing network forensic artifact analysis. This requires 100% understanding of the fundamentals of network forensics, normal and abnormal conditions for common network protocols, the process and tools used to examine device and system logs, wireless communication and encrypted protocols.

GNFA Exam Will Cover the Following Topics/Objectives:

• Common Network Protocols – understanding of the behavior, security risks and controls of common network protocols.
• Encryption and Encoding – techniques and practices used to encode and encrypt common network traffic and common attacks on these controls.
• NetFlow Analysis and Attack Visualization – the use of NetFlow data and information sources to identify network attacks.
• Network Analysis Tools and Usage – open source packet analysis tools and their purpose to effectively filter and rebuild data streams for analysis.
• Network Architecture – design and deployment of a network employing diverse transmission and collection technologies.
• Network Protocol Reverse Engineering – the tools and techniques required to analyze diverse protocols and data traversing a network environment.
• Open Source Network Security Proxies – the architecture, deployment, benefits and weaknesses of network security proxies, common log formats and flow of data in a network environment.
• Security Event and Incident Logging – various log formats, protocols and the security impact of the event generating processes; configuration and deployment strategies to secure and position logging aggregators and collection devices throughout a network environment.
• Wireless Network Analysis the process to identify and control the risks associated with wireless technologies, protocols and infrastructure.

GNFA exam and certification are available starting November 3, 2014.

In case you have missed the big news released yesterday, we are happy to tell you that the new CompTIA Security+ exam is now officially available worldwide. Introduced yesterday, May 1, CompTIA’s new SY0-401 is now available worldwide in English, with more languages to be added within the next few months. According to the vendor, the new exam puts more emphasis on BYOD, mobile security and risk mitigation.

“This update reflects the changes and challenges IT professionals face in the realm of cybersecurity,” said Terry Erdle, executive vice president, skills certification and learning, CompTIA.

Well, so far it all sounds expected. Security challenges keep growing, and, especially with the ‘heartbleed’ disaster still being hot (with no end in sight), the update does not come as much of a surprise.

 UPD: We have just come across the fresh new braindumps for the SY0-401 exam available from 2 main certification training providers: TestKing and Pass4Sure.  Wonder when FREE Security+ VCEs reach ExamCollection…

These are the updates as outlined by CompTIA.

• Expansion of common protocols and services.
• Stronger emphasis on risk, including risk due to systems integration with third parties and how to plan for it.
• More on mobile security and BYOD.
• Risk mitigation in static environments including SCADA (supervisory control and data acquisition) and Android/iOS.
• Wider scenario based authentication, authorization and access control, including federation.

The new exam also includes more scenario-based objectives, which are often used for performance based questions in CompTIA exams. Don’t worry, however, if you get confused by the exam objectives currently available on the official CompTIA website. As of morning of May 2 here in Europe, they don’t seem to have been updated. We’ll be sure to keep you guys posted!

If you consider earning the Security+ credential, we can assure you that this is certainly a great one to have. This certification is widely recognized throughout the IT industry and around the world as a certification that designates knowledgeable professionals in the field of cybersecurity. More than 284,000 individuals have earned CompTIA Security+ certification.

CompTIA Security+ is widely recognized throughout the IT industry and around the world as a certification that designates knowledgeable professionals in the field of cybersecurity. More than 284,000 individuals have earned CompTIA Security+ certification.

CompTIA Security+ is accredited by the American National Standards Institute (ANSI) to show compliance with the ISO 17024:2012 standard. The certification is also approved by the U.S. Department of Defense and is required for its employees who specialize in this area. It’s also required by a number of leading IT companies worldwide. And, with the growing demand for IT security professionals, CompTIA Security+ is becoming even more attractive.

While Cisco is now redesigning and re-adjusting its Security track, it does not compete with CASP that much. The way the way Cisco and CompTIA certifications compare remains the same: Cisco certifications are vendor-based, and focus entirely on Cisco solutions and technology. CompTIA certifications, on the other hand, are vendor-neutral, and focus on the general security approaches, technologies and solutions. So, CASP’s direct competition would be CISSP (which was one of the best paid IT certifications last year by the way), and not Cisco. But before comparing CASP to CISSP further, let’s take a closer look at this CompTIA certification and the exam it requires.

CompTIA Advanced Security Practitioner (CASP) Certification And Exam

Like other CompTIA credentials, the Advanced Security Practitioner (CASP) Certification is vendor-neutral. While it does not have any formal prerequisites, it requires candidates to have 10+ years of experience. This is a way more advanced step after the CompTIA Security+ certification.

The CASP exam is an internationally targeted validation of advanced-level security skills and knowledge. As mentioned earlier, the CASP certification is intended to follow CompTIA Security+ or equivalent experience and has a technical, hands-on focus at the enterprise level.

The CASP exam validates that the successful candidate has the technical knowledge and skills required to conceptualize, design, and engineer secure solutions across complex enterprise environments. Successful candidates apply critical thinking and judgment across a broad spectrum of security disciplines to propose and implement solutions that map to enterprise drivers.

The CASP exam consists of 80 queries covering the following areas:

• Enterprise Security
• Risk Mgmt, Policy/Procedure and Legal
• Research & Analysis
• Integration of Computing, Communications, and Business Disciplines

Detailed CASP exam blueprint can be downloaded from the CompTIA website.

CASP Vs. CISSP

So how does CASP compare to CISSP? The latter is widely recognized, and is often considered to be the global standard for security professional certifications. Many IT professionals choose CISSP as it’s perceived to carry more weight and be more popular among employers.

This is partially explained by the fact that CISSP has been around much longer that CASP, but also by the fact that the CISSP exam is much longer and significantly harder, as many experts state. CISSP exam is 6 hour long and consists of 250 queries (CASP exam consists of 80 queries and lasts 2 hours). Candidates are also required to have verified prior experience, and, after they pass the exam, they need to acquire a written authorization from someone who holds the certification and thinks they’re worthy of holding the certification.

So what are the benefits of CompTIA’s Advanced Security Practitioner (CASP) certification? The US Department of Defense has recognized CASP as certification required for its employees at a IAT-3 or IAM-2 level. While it’s evident that CISSP certification is more comprehensive and offers more knowledge about information security. Yet, CompTIA’s CASP has its clear benefits (easier and cheaper exam, no formal prerequisites, easier to obtain, no written recommendations required, etc) and can be a huge career booster for experienced IT security professionals in the government structures and business enterprises alike.

The new CCNP Security program targets Cisco Network Security Engineers responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.

The 300-207 Implementing Cisco Threat Control Solutions (SITCS) exam validates the skills of a network security engineer on advanced firewall architecture and configuration with Cisco’s Next Generation Firewall (NGFW). This exam covers integration of Intrusion Prevention System (IPS) and context-aware firewall components, as well as Web (Cloud) and Email Security solutions. Candidates can prepare for this exam by taking the Implementing Cisco Threat Control Solutions (SITCS) course.

Like 300-206 and most other Cisco exams, 300-207 is a closed book exam, with no reference materials being allowed. According to Cisco, 300-207 covers the following topics:

1.0 Content Security (22%)

1.1 1.1 Implement Cisco CX

• 1.1.1 1.1.a Describe features and functionality
• 1.1.2 1.1.b Implement web usage control
• 1.1.3 1.1.c Implement AVC
• 1.1.4 1.1.d Implement decryption policies
• 1.1.5 1.1.e Describe traffic redirection and capture methods

1.2 1.2 Implement Cisco Cloud Web Security

• 1.2.1 1.2.a Describe features and functionality
• 1.2.2 1.2.b Implement IOS and ASA connectors
• 1.2.3 1.2.c Implement AnyConnect web security module
• 1.2.4 1.2.d Describe web usage control
• 1.2.5 1.2.e Describe AVC
• 1.2.6 1.2.f Describe anti-malware
• 1.2.7 1.2.g Describe decryption policies

1.3 1.3 Implement Cisco WSA

• 1.3.1 1.3.a Implement data security
• 1.3.2 1.3.b Describe traffic redirection and capture methods

1.4 1.4 Implement Cisco ESA

• 1.4.1 1.4.a Describe features and functionality
• 1.4.2 1.4.b Implement email encryption
• 1.4.3 1.4.c Implement anti-spam policies
• 1.4.4 1.4.d Implement virus outbreak filter
• 1.4.5 1.4.e Implement DLP policies
• 1.4.6 1.4.f Implement anti-malware
• 1.4.7 1.4.g Implement inbound and outbound mail policies
• and authentication
• 1.4.8 1.4.h Describe traffic redirection and capture methods

2.0 Threat Defense (23%)

• 2.1 Implement network IPS
• 2.1.a Describe traffic redirection and capture methods
• 2.1.b Configure network IPS
• 2.1.c Describe signatures
• 2.1.d Implement event actions
• 2.1.e Configure event action overrides
• 2.1.f Implement risk ratings
• 2.1.g Describe router-based IP

2.2 Configure Device Hardening per Best Practices

• 2.2.a IPS
• 2.2.b Content Security appliances
• 2.3 Implement Network IPS
• 2.3.a Describe signatures
• 2.3.b Configure blocking
• 2.3.c Implement anomaly detection

3.0 Devices GUIs and Secured CLI (16%)

• 3.1 Implement Content Security

4.0 Troubleshooting, Monitoring and Reporting Tools (19%)

• 4.1 Configure IME and IP logging for IPS
• 4.2 Monitor Content Security
• 4.3 Monitor Cisco Security intelliShield

5.0 Threat Defense Architectures (8%)

• Design IPS solution

6.0 Content Security Architectures (12%)

• 6.1 Design web security solution
• 6.2 Design email security solution
• 6.3 Design application security solution

Explore Cisco VCE files at Examcollection!

As we mentioned earlier

Today, we take a closer look at the 300-206 (SENSS) exam: Implementing Cisco Edge Network Security Solutions. It validates the candidates’ knowledge required to configure and implement security on Cisco network perimeter edge devices such as a Cisco Switch, Cisco Router, and Cisco ASA Firewall. The 300-206 exam focuses on the technologies used to secure the perimeter of a network such as Network Address Translation (NAT), ASA policy and application inspect, and Zone-Based Firewall on Cisco routers. Like most Cisco exams, this is a closed book exam, with the usual Cisco types of questions: Multiple-Choice Single Key, Multiple-Choice Multiple Key, Drag-and-Drop, Fill-in-the-Blank, Router Simulation, Testlet Queries, Simlet.

According to Cisco, the current version of the 300-206 exam includes the following topics.
Threat Defense (25%)
• 1.1 Implement Firewall
• 1.1.a Implement ACLs
• 1.1.b Implement static/dynamic NAT/PAT
• 1.1.c Implement object groups
• 1.1.d Describe threat detection features
• 1.1.e Implement Botnet traffic filtering

• 1.2 Implement Layer 2 security
• 1.2.a Configure DHCP snooping
• 1.2.b Describe dynamic ARP inspection
• 1.2.c Describe storm control
• 1.2.d Configure port security
• 1.2.e Describe common layer 2 threats and attacks and mitigation
• 1.2.f Describe private VLAN
• 1.2.g Describe MACSec

• 1.3 Configure device hardening per best practices
• 1.3.a Routers
• 1.3.b Switches
• 1.3.c Firewalls

• 1.4 Implement Firewalls
• 1.4.a Configure application filtering and protcol inspection
• 1.4.b Describe virtualized firewalls

Cisco Security Devices GUIs and Secured CLI Management (25%)
• 2.1 Implement SSHv2, SSL, SNMPv3 access on the network devices
• 2.2 Implement RBAC on the ASA/IOS CLI and on ASDM
• 2.3 Describe Cisco Prime Infrastructure
• 2.4 Describe CSM
• 2.5 Implement device managers

Management Services on Cisco Devices (12%)
• 3.1 Implement NetFlow exporter
• 3.2 Implement SNMPv3
• 3.3 Implement logging
• 3.4 Implement NTP with authentication
• 3.5 Describe CDP, DNS, SCP, SFTP, and DHCP

Troubleshooting, Monitoring and Reporting Tools (10%)
• Monitor firewall using analysis of packet tracer, packet capture, and syslog

Threat Defense Architectures (16%)
• 5.1 Design a firewall solution
• 5.2 Design Layer 2 security solution

Security Components and Considerations (12%)
• 6.1 Describe security operations management architecture
• 6.2 Describe Data Center Security components and considerations
• 6.3 Describe Collaboration security components and considerations
• 6.4 Describe common IPv6 security considerations