Cisco CCNP Security (350-701 SCOR v1.0) Exam Objectives
The CCNP Security (Cisco Certified Network Professional Security) certification validates advanced knowledge and skills in securing Cisco networks. The core exam, 350-701 SCOR (Implementing and Operating Cisco Security Core Technologies), focuses on designing, implementing, and managing network security solutions to protect enterprise infrastructure against evolving cyber threats.
Why We Need It
With the increasing number of cyberattacks and security breaches, organizations demand professionals who can secure their networks, devices, and data. CCNP Security prepares IT professionals to handle real-world challenges by mastering threat detection, mitigation, VPNs, firewalls, identity services, and cloud security.
How It Is Useful
- Builds strong foundational and advanced skills in network security, cloud security, content security, and endpoint protection.
- Enhances understanding of Cisco’s advanced technologies like Cisco Secure Firewalls, ISE, Stealthwatch, and SecureX.
- Equips learners to work in roles such as Network Security Engineer, Security Analyst, or Security Consultant.
- Provides the core requirement for further CCNP Security concentration exams (specializations like VPN, Firewalls, Automation, etc.).
How It Can Help Your Career
- Positions you as a trusted expert in enterprise network security.
- Recognized globally by organizations that rely on Cisco infrastructure.
- Serves as a stepping stone toward CCIE Security, one of the most respected expert-level certifications in networking.
- Improves job opportunities and salary potential in the cybersecurity domain.
Exam and Certification Details
- Core Exam Code: 350-701 SCOR (Implementing and Operating Cisco Security Core Technologies)
- Exam Duration: 120 minutes
- Format: Multiple-choice and simulation-based questions
- Languages: English and Japanese
- Recommended Prerequisites: Understanding of networking fundamentals, CCNA-level knowledge, and basic security concepts
Validity and Renewal
- Validity Period: 3 years from the date of certification
- Renewal Options:
- Pass any professional-level or higher Cisco exam, or
- Earn Continuing Education (CE) credits through Cisco-approved training or activities
In Summary
The CCNP Security 350-701 SCOR v1.1 course empowers IT professionals to build and secure robust enterprise networks using Cisco’s latest technologies. It’s essential for anyone pursuing a career in network or cybersecurity, offering both practical skills and industry-recognized certification that validate your expertise in defending today’s digital infrastructure.
Domain 1.0 – Security Concepts (25%)
1.1 Explain common threats against on-premises, hybrid, and cloud environments
• On-premises: viruses, trojans, DoS/DDoS, phishing, rootkits, man-in-the-middle, SQL injection, XSS, malware
• Cloud: data breaches, insecure APIs, DoS/DDoS, compromised credentials
1.2 Compare common security vulnerabilities
• Software bugs, weak/hardcoded passwords, OWASP Top Ten, missing encryption ciphers, buffer overflow, path traversal, cross-site scripting/forgery
1.3 Describe functions of cryptography components
• Hashing, encryption, PKI, SSL, IPsec, NAT-T IPv4 for IPsec, preshared key, certificate-based authorization
1.4 Compare site-to-site and remote access VPN deployment types and components
• Virtual tunnel interfaces, IPsec, DMVPN, FlexVPN, Cisco Secure Client, high availability considerations
1.5 Describe security intelligence authoring, sharing, and consumption
1.6 Describe controls used to protect against phishing and social engineering
1.7 Explain Northbound and Southbound APIs in the SDN architecture
1.8 Explain Cisco DNA Center APIs for network provisioning, optimization, monitoring, and troubleshooting
1.9 Interpret basic Python scripts used to call Cisco Security appliance APIs
Domain 2.0 – Network Security (20%)
2.1 Compare network security solutions providing intrusion prevention and firewall capabilities
2.2 Describe deployment models of network security solutions and architectures (on-prem, hybrid, cloud)
2.3 Describe components, capabilities, and benefits of NetFlow and Flexible NetFlow
2.4 Configure and verify network infrastructure security methods
• Layer 2 security: VLAN segmentation, port security, DHCP snooping, DAI, storm control, PVLANs, MAC/ARP/STP/DHCP rogue defense
• Device hardening: control plane, data plane, management plane
2.5 Implement segmentation, access control policies, AVC, URL filtering, malware protection, and intrusion policies
2.6 Implement management options for network security (single vs. multi-device manager, in-band vs. out-of-band, cloud vs. on-prem)
2.7 Configure AAA for device and network access (TACACS+, RADIUS)
2.8 Configure secure management for perimeter and infrastructure devices (SNMPv3, NETCONF, RESTCONF, secure syslog, NTP with authentication)
2.9 Configure and verify site-to-site and remote access VPNs
• Site-to-site VPN using Cisco IOS routers
• Remote access VPN using Cisco AnyConnect Secure Mobility Client
• Use debug commands for IPsec tunnel establishment and troubleshooting
Domain 3.0 – Securing the Cloud (15%)
3.1 Identify security solutions for cloud environments
• Public, private, hybrid, and community clouds
• Cloud service models: SaaS, PaaS, IaaS (NIST 800-145)
3.2 Compare security responsibility across cloud service models
• Patch management, security assessment in the cloud
3.3 Describe DevSecOps (CI/CD pipeline, container orchestration, secure software development)
3.4 Implement application and data security in cloud environments
3.5 Identify cloud security capabilities, deployment models, and policy management
3.6 Configure cloud logging and monitoring methodologies
3.7 Describe application and workload security concepts
Domain 4.0 – Content Security (15%)
4.1 Implement traffic redirection and capture for web proxies
4.2 Describe web proxy identity and authentication (transparent user identification)
4.3 Compare on-premises, hybrid, and cloud-based email/web solutions
• Cisco Secure Email Gateway, Cisco Secure Email Cloud Gateway, Cisco Secure Web Appliance
4.4 Configure and verify web and email security deployment methods for on-prem, hybrid, and remote users
4.5 Configure and verify email security features
• SPAM filtering, antimalware, DLP, blocklisting, email encryption
4.6 Configure and verify Cisco Umbrella Secure Internet Gateway and web security features
• Blocklisting, URL filtering, malware scanning, URL categorization, web app filtering, TLS decryption
4.7 Describe components, capabilities, and benefits of Cisco Umbrella
4.8 Configure and verify web security controls in Cisco Umbrella
• Identities, URL content settings, destination lists, reporting
Domain 5.0 – Endpoint Protection and Detection (10%)
5.1 Compare Endpoint Protection Platforms (EPP) and Endpoint Detection & Response (EDR)
5.2 Configure endpoint antimalware protection using Cisco Secure Endpoint
5.3 Configure and verify outbreak control and quarantines
5.4 Describe justifications for endpoint-based security
5.5 Describe the value of endpoint management and asset inventory (MDM)
5.6 Describe the importance of multifactor authentication (MFA)
5.7 Describe endpoint posture assessment solutions
5.8 Explain the importance of endpoint patching strategies
Domain 6.0 – Secure Network Access, Visibility, and Enforcement (15%)
6.1 Describe identity management and secure network access concepts
• Guest services, profiling, posture assessment, BYOD
6.2 Configure and verify network access control (802.1X, MAB, WebAuth)
6.3 Describe network access with Change of Authorization (CoA)
6.4 Describe benefits of device compliance and application control
6.5 Explain data exfiltration techniques
• DNS tunneling, HTTPS, email, FTP/SSH/SCP/SFTP, ICMP, messaging, IRC, NTP
6.6 Describe benefits of network telemetry
6.7 Describe components, capabilities, and benefits of Cisco security solutions
• Cisco Secure Network Analytics
• Cisco Secure Cloud Analytics
• Cisco pxGrid
• Cisco Umbrella Investigate
• Cisco Cognitive Intelligence
• Cisco Encrypted Traffic Analytics
• Cisco Secure Client Network Visibility Module (NVM)
