CCIE Security (400-251 V5.0) Exam Cert Guide, 3rd Edition

5 out of 5
5
1 review
CCIEin8Weeks CCIE Security Study Guide V5.0

This all-purpose CCIE study guide (491 pages) methodically and precisely covers all of the objectives of the CCIE Security Written 400-251 V5.0 exam. This guide includes updated material from Cisco CCIE Evolving Technologies V1.1 Update, effective as of August 30 2018.

This study guide is part of our ALL-ACCESS Membership (billed month-to-month or annually) which also allows you to access all other products available on our catalog as long as your subscription remains active. You can cancel your subscription at anytime. We accept all major Credit Cards and PayPal.cciein8weeks all-access membership plans

Perimeter Security and Intrusion Prevention

1
Lesson 1: Describe, implement, and troubleshoot HA features on Cisco ASA and Cisco FirePOWER Threat Defense (FTD)
30

1.1 Describe, implement, and troubleshoot HA features on Cisco ASA and Cisco FirePOWER Threat Defense (FTD)

2
Lesson 2: Describe, implement, and troubleshoot clustering on Cisco ASA and Cisco FTD
30

1.2 Describe, implement, and troubleshoot clustering on Cisco ASA and Cisco FTD

3
Lesson 3: Describe, implement, troubleshoot, and secure routing protocols on Cisco ASA and Cisco FTD
30

1.3 Describe, implement, troubleshoot, and secure routing protocols on Cisco ASA and Cisco FTD

4
Lesson 4: Describe, implement, and troubleshoot different deployment modes such as routed, transparent, single, and multicontext on Cisco ASA and Cisco FTD
30

1.4 Describe, implement, and troubleshoot different deployment modes such as routed, transparent, single, and multicontext on Cisco ASA and Cisco FTD

5
Lesson 5: Describe, implement, and troubleshoot firewall features such as NAT (v4,v6), PAT, application inspection, traffic zones, policy-based routing, traffic redirection to service modules, and identity firewall on Cisco ASA and Cisco FTD
30

1.5 Describe, implement, and troubleshoot firewall features such as NAT (v4,v6), PAT, application inspection, traffic zones, policy-based routing, traffic redirection to service modules, and identity firewall on Cisco ASA and Cisco FTD


6
Lesson 6: Describe, implement, and troubleshoot IOS security features such as Zone-Based Firewall (ZBF), application layer inspection, NAT (v4,v6), PAT and TCP intercept on Cisco IOS/IOS-XE
30

1.6 Describe, implement, and troubleshoot IOS security features such as Zone-Based Firewall (ZBF), application layer inspection, NAT (v4,v6), PAT and TCP intercept on Cisco IOS/IOS-XE

7
Lesson 7: Describe, implement, optimize, and troubleshoot policies and rules for traffic control on Cisco ASA, Cisco FirePOWER and Cisco FTD
30

1.7 Describe, implement, optimize, and troubleshoot policies and rules for traffic control on Cisco ASA, Cisco FirePOWER and Cisco FTD

8
Lesson 8: Describe, implement, and troubleshoot Cisco Firepower Management Center (FMC) features such as alerting, logging, and reporting
30

1.8 Describe, implement, and troubleshoot Cisco Firepower Management Center (FMC) features such as alerting, logging, and reporting

9
Lesson 9: Describe, implement, and troubleshoot correlation and remediation rules on Cisco FMC
30

1.9 Describe, implement, and troubleshoot correlation and remediation rules on Cisco FMC

10
Lesson 10: Describe, implement, and troubleshoot Cisco FirePOWER and Cisco FTD deployment such as in-line, passive, and TAP modes
30

1.10 Describe, implement, and troubleshoot Cisco FirePOWER and Cisco FTD deployment such as in-line, passive, and TAP modes

11
Lesson 11: Describe, implement, and troubleshoot Next Generation Firewall (NGFW) features such as SSL inspection, user identity, geolocation, and AVC (Firepower appliance)
30

1.11 Describe, implement, and troubleshoot Next Generation Firewall (NGFW) features such as SSL inspection, user identity, geolocation, and AVC (Firepower appliance)

12
Lesson 12: Describe, detect, and mitigate common types of attacks such as DoS/DDoS, evasion techniques, spoofing, man-in-the-middle, and botnet
30

1.12 Describe, detect, and mitigate common types of attacks such as DoS/DDoS, evasion techniques, spoofing, man-in-the-middle, and botnet

13
Key takeaways: Perimeter Security and Intrusion Prevention
5

Perimeter Security and Intrusion Prevention Key takeaways

Advanced Threat Protection and Content Security

1
Lesson 1: Compare and contrast different AMP solutions including public and private cloud deployment models
30

2.1 Compare and contrast different AMP solutions including public and private cloud deployment models

2
Lesson 2: Describe, implement, and troubleshoot AMP for networks, AMP for endpoints, and AMP for content security (CWS, ESA, and WSA)
30

2.2 Describe, implement, and troubleshoot AMP for networks, AMP for endpoints, and AMP for content security (CWS, ESA, and WSA)

3
Lesson 3: Detect, analyze, and mitigate malware incidents
30

2.3 Detect, analyze, and mitigate malware incidents


4
Lesson 4: Describe the benefit of threat intelligence provided by AMP Threat GRID
30

2.4 Describe the benefit of threat intelligence provided by AMP Threat GRID


5
Lesson 5: Perform packet capture and analysis using Wireshark, tcpdump, SPAN, and RSPAN
30

2.5 Perform packet capture and analysis using Wireshark, tcpdump, SPAN, and RSPAN

6
Lesson 6: Describe, implement, and troubleshoot web filtering, user identification, and Application Visibility and Control (AVC)
30

2.6 Describe, implement, and troubleshoot web filtering, user identification, and Application Visibility and Control (AVC)

7
Lesson 7: Describe, implement, and troubleshoot mail policies, DLP, email quarantines, and SenderBase on ESA
30

2.7 Describe, implement, and troubleshoot mail policies, DLP, email quarantines, and SenderBase on ESA


8
Lesson 8: Describe, implement, and troubleshoot SMTP authentication such as SPF and DKIM on ESA
30

2.8 Describe, implement, and troubleshoot SMTP authentication such as SPF and DKIM on ESA

9
Lesson 9: Describe, implement, and troubleshoot SMTP encryption on ESA
30

2.9 Describe, implement, and troubleshoot SMTP encryption on ESA


10
Lesson 10: Compare and contrast different LDAP query types on ESA
30

2.10 Compare and contrast different LDAP query types on ESA


11
Lesson 11: Describe, implement, and troubleshoot WCCP redirection
30

2.11 Describe, implement, and troubleshoot WCCP redirection


12
Lesson 12: Compare and contrast different proxy methods such as SOCKS, Auto proxy/WPAD, and transparent
30

2.12 Compare and contrast different proxy methods such as SOCKS, Auto proxy/WPAD, and transparent


13
Lesson 13: Describe, implement, and troubleshoot HTTPS decryption and DLP
30

2.13 Describe, implement, and troubleshoot HTTPS decryption and DLP


14
Lesson: 14 Describe, implement, and troubleshoot CWS connectors on Cisco IOS routers, Cisco ASA, Cisco AnyConnect, and WSA
30

2.14 Describe, implement, and troubleshoot CWS connectors on Cisco IOS routers, Cisco ASA, Cisco AnyConnect, and WSA


15
Lesson 15: Describe the security benefits of leveraging the OpenDNS solution.
30

2.15 Describe the security benefits of leveraging the OpenDNS solution.


16
Lesson 16: Describe, implement, and troubleshoot SMA for centralized content security management
30

2.16 Describe, implement, and troubleshoot SMA for centralized content security management


17
Lesson 17: Describe the security benefits of leveraging Lancope
30

2.17 Describe the security benefits of leveraging Lancope

18
Key takeaways: Advanced Threat Protection and Content Security
5

Advanced Threat Protection and Content Security Key takeaways

Secure Connectivity and Segmentation

1
Lesson 1: Compare and contrast cryptographic and hash algorithms such as AES, DES, 3DES, ECC, SHA, and MD5
30

3.1 Compare and contrast cryptographic and hash algorithms such as AES, DES, 3DES, ECC, SHA, and MD5

2
Lesson 2: Compare and contrast security protocols such as ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, and MKA
30

3.2 Compare and contrast security protocols such as ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, and MKA


3
Lesson 3: Describe, implement and troubleshoot remote access VPN using technologies such as FLEXVPN, SSL-VPN between Cisco firewalls, routers, and end hosts
30

3.3 Describe, implement and troubleshoot remote access VPN using technologies such as FLEXVPN, SSL-VPN between Cisco firewalls, routers, and end hosts


4
Lesson 4: Describe, implement, and troubleshoot the Cisco IOS CA for VPN authentication
30

3.4 Describe, implement, and troubleshoot the Cisco IOS CA for VPN authentication


5
Lesson 5: Describe, implement, and troubleshoot clientless SSL VPN technologies with DAP and smart tunnels on Cisco ASA and Cisco FTD
30

3.5 Describe, implement, and troubleshoot clientless SSL VPN technologies with DAP and smart tunnels on Cisco ASA and Cisco FTD


6
Lesson 6: Describe, implement, and troubleshoot site-to-site VPNs such as GETVPN, DMVPN and IPsec
30

3.6 Describe, implement, and troubleshoot site-to-site VPNs such as GETVPN, DMVPN and IPsec


7
Lesson 7: Describe, implement, and troubleshoot uplink and downlink MACsec (802.1AE)
30

3.7 Describe, implement, and troubleshoot uplink and downlink MACsec (802.1AE)


8
Lesson 8: Describe, implement, and troubleshoot VPN high availability using Cisco ASA VPN clustering and dual-hub DMVPN deployments
30

3.8 Describe, implement, and troubleshoot VPN high availability using Cisco ASA VPN clustering and dual-hub DMVPN deployments


9
Lesson 9: Describe the functions and security implications of cryptographic protocols such as AES, DES, 3DES, ECC, SHA, MD5, ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, MKA, RSA, SCEP/EST, GDOI, X.509, WPA, WPA2, WEP, and TKIP
30

3.9 Describe the functions and security implications of cryptographic protocols such as AES, DES, 3DES, ECC, SHA, MD5, ISAKMP/IKEv1, IKEv2, SSL, TLS/DTLS, ESP, AH, SAP, MKA, RSA, SCEP/EST, GDOI, X.509, WPA, WPA2, WEP, and TKIP


10
Lesson 10: Describe the security benefits of network segmentation and isolation
30

3.10 Describe the security benefits of network segmentation and isolation


11
Lesson 11: Describe, implement, and troubleshoot VRF-Lite and VRF-Aware VPN
30

3.11 Describe, implement, and troubleshoot VRF-Lite and VRF-Aware VPN


12
Lesson 12: Describe, implement, and troubleshoot microsegmentation with TrustSec using SGT and SXP
30

3.12 Describe, implement, and troubleshoot microsegmentation with TrustSec using SGT and SXP


13
Lesson 13: Describe, implement, and troubleshoot infrastructure segmentation methods such as VLAN, PVLAN, and GRE
30

3.13 Describe, implement, and troubleshoot infrastructure segmentation methods such as VLAN, PVLAN, and GRE


14
Lesson 14: Describe the functionality of Cisco VSG used to secure virtual environments
30

3.14 Describe the functionality of Cisco VSG used to secure virtual environments


15
Lesson 15: Describe the security benefits of data center segmentation using ACI, EVPN, VXLAN, and NVGRE
30

3.15 Describe the security benefits of data center segmentation using ACI, EVPN, VXLAN, and NVGRE

16
Key takeaways: Secure Connectivity and Segmentation
5

Secure Connectivity and Segmentation Key takeaways


Identity Management Information Exchange and Access Control

1
Lesson 1: Describe, implement, and troubleshoot various personas of ISE in a multinode deployment
30

4.1 Describe, implement, and troubleshoot various personas of ISE in a multinode deployment

2
Lesson 2: Describe, implement, and troubleshoot network access device (NAD), ISE, and ACS configuration for AAA
30

4.2 Describe, implement, and troubleshoot network access device (NAD), ISE, and ACS configuration for AAA


3
Lesson 3: Describe, implement, and troubleshoot AAA for administrative access to Cisco network devices using ISE and ACS
30

4.3 Describe, implement, and troubleshoot AAA for administrative access to Cisco network devices using ISE and ACS


4
Lesson 4: Describe, implement, verify, and troubleshoot AAA for network access with 802.1X and MAB using ISE.
30

4.4 Describe, implement, verify, and troubleshoot AAA for network access with 802.1X and MAB using ISE.


5
Lesson 5: Describe, implement, verify, and troubleshoot cut-through proxy/auth-proxy using ISE as the AAA server
30

4.5 Describe, implement, verify, and troubleshoot cut-through proxy/auth-proxy using ISE as the AAA server


6
Lesson 6: Describe, implement, verify, and troubleshoot guest life cycle management using ISE and Cisco network infrastructure
30

4.6 Describe, implement, verify, and troubleshoot guest life cycle management using ISE and Cisco network infrastructure


7
Lesson 7: Describe, implement, verify, and troubleshoot BYOD on-boarding and network access flows with an internal or external CA
30

4.7 Describe, implement, verify, and troubleshoot BYOD on-boarding and network access flows with an internal or external CA


8
Lesson 8: Describe, implement, verify, and troubleshoot ISE and ACS integration with external identity sources such as LDAP, AD, and external RADIUS
30

4.8 Describe, implement, verify, and troubleshoot ISE and ACS integration with external identity sources such as LDAP, AD, and external RADIUS


9
Lesson 9: Describe ISE and ACS integration with external identity sources such as RADIUS Token, RSA SecurID, and SAML
30

4.9 Describe ISE and ACS integration with external identity sources such as RADIUS Token, RSA SecurID, and SAML


10
Lesson 10: Describe, implement, verify, and troubleshoot provisioning of AnyConnect with ISE and ASA
30

4.10 Describe, implement, verify, and troubleshoot provisioning of AnyConnect with ISE and ASA


11
Lesson 11: Describe, implement, verify, and troubleshoot posture assessment with ISE
30

4.11 Describe, implement, verify, and troubleshoot posture assessment with ISE


12
Lesson 12: Describe, implement, verify, and troubleshoot endpoint profiling using ISE and Cisco network infrastructure including device sensor
30

4.12 Describe, implement, verify, and troubleshoot endpoint profiling using ISE and Cisco network infrastructure including device sensor


13
Lesson 13: Describe, implement, verify, and troubleshoot integration of MDM with ISE
30

4.13 Describe, implement, verify, and troubleshoot integration of MDM with ISE


14
Lesson 14: Describe, implement, verify, and troubleshoot certificate based authentication using ISE
30

4.14 Describe, implement, verify, and troubleshoot certificate based authentication using ISE


15
Lesson 15: Describe, implement, verify, and troubleshoot authentication methods such as EAP Chaining and Machine Access Restriction (MAR)
30

4.15 Describe, implement, verify, and troubleshoot authentication methods such as EAP Chaining and Machine Access Restriction (MAR)


16
Lesson 16: Describe the functions and security implications of AAA protocols such as RADIUS, TACACS+, LDAP/LDAPS, EAP (EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-FAST, EAP-TEAP, EAP- MD5, EAP-GTC), PAP, CHAP, and MS-CHAPv2
30

4.16 Describe the functions and security implications of AAA protocols such as RADIUS, TACACS+, LDAP/LDAPS, EAP (EAP-PEAP, EAP-TLS, EAP-TTLS, EAP-FAST, EAP-TEAP, EAP- MD5, EAP-GTC), PAP, CHAP, and MS-CHAPv2


17
Lesson 17: Describe, implement, and troubleshoot identity mapping on ASA, ISE, WSA and FirePOWER
30

4.17 Describe, implement, and troubleshoot identity mapping on ASA, ISE, WSA and FirePOWER


18
Lesson 18: Describe, implement, and troubleshoot pxGrid between security devices such as WSA, ISE, and Cisco FMC
30

4.18 Describe, implement, and troubleshoot pxGrid between security devices such as WSA, ISE, and Cisco FMC

19
Key takeaways: Identity Management, Information Exchange, and Access Control
5

Identity Management, Information Exchange, and Access Control Key takeaways

Infrastructure Security Virtualization and Automation

1
Lesson 1: Identify common attacks such as Smurf, VLAN hopping, and SYNful knock, and their mitigation techniques
30

5.1 Identify common attacks such as Smurf, VLAN hopping, and SYNful knock, and their mitigation techniques


2
Lesson 2: Describe, implement, and troubleshoot device hardening techniques and control plane protection methods, such as CoPP and IP Source routing.
30

5.2 Describe, implement, and troubleshoot device hardening techniques and control plane protection methods, such as CoPP and IP Source routing.


3
Lesson 3: Describe, implement, and troubleshoot management plane protection techniques such as CPU and memory thresholding and securing device access
30

5.3 Describe, implement, and troubleshoot management plane protection techniques such as CPU and memory thresholding and securing device access


4
Lesson 4: Describe, implement, and troubleshoot data plane protection techniques such as iACLs, uRPF, QoS, and RTBH
30

5.4 Describe, implement, and troubleshoot data plane protection techniques such as iACLs, uRPF, QoS, and RTBH


5
Lesson 5: Describe, implement, and troubleshoot IPv4/v6 routing protocols security
30

5.5 Describe, implement, and troubleshoot IPv4/v6 routing protocols security


6
Lesson 6: Describe, implement, and troubleshoot Layer 2 security techniques such as DAI, IPDT, STP security, port security, DHCP snooping, and VACL
30

5.6 Describe, implement, and troubleshoot Layer 2 security techniques such as DAI, IPDT, STP security, port security, DHCP snooping, and VACL


7
Lesson 7: Describe, implement, and troubleshoot wireless security technologies such as WPA, WPA2, TKIP, and AES
30

5.7 Describe, implement, and troubleshoot wireless security technologies such as WPA, WPA2, TKIP, and AES


8
Lesson 8: Describe wireless security concepts such as FLEX Connect, wIPS, ANCHOR, Rogue AP, and Management Frame Protection (MFP)
30

5.8 Describe wireless security concepts such as FLEX Connect, wIPS, ANCHOR, Rogue AP, and Management Frame Protection (MFP)


9
Lesson 9: Describe, implement, and troubleshoot monitoring protocols such as NETFLOW/IPFIX, SNMP, SYSLOG, RMON, NSEL, and eSTREAMER
30

5.9 Describe, implement, and troubleshoot monitoring protocols such as NETFLOW/IPFIX, SNMP, SYSLOG, RMON, NSEL, and eSTREAMER


10
Lesson 10: Describe the functions and security implications of application protocols such as SSH, TELNET, TFTP, HTTP/HTTPS, SCP, SFTP/FTP, PGP, DNS/DNSSEC, NTP, and DHCP
30

5.10 Describe the functions and security implications of application protocols such as SSH, TELNET, TFTP, HTTP/HTTPS, SCP, SFTP/FTP, PGP, DNS/DNSSEC, NTP, and DHCP


11
Lesson 11: Describe the functions and security implications of network protocols such as VTP, 802.1Q, TCP/UDP, CDP, LACP/PAgP, BGP, EIGRP, OSPF/OSPFv3, RIP/RIPng, IGMP/CGMP, PIM, IPv6, and WCCP
30

5.11 Describe the functions and security implications of network protocols such as VTP, 802.1Q, TCP/UDP, CDP, LACP/PAgP, BGP, EIGRP, OSPF/OSPFv3, RIP/RIPng, IGMP/CGMP, PIM, IPv6, and WCCP


12
Lesson 12: Describe the benefits of virtualizing security functions in the data center using ASAv, WSAv, ESAv, and NGIPSv
30

5.12 Describe the benefits of virtualizing security functions in the data center using ASAv, WSAv, ESAv, and NGIPSv


13
Lesson 13: Describe the security principles of ACI such as object models, endpoint groups, policy enforcement, application network profiles, and contracts
30

5.13 Describe the security principles of ACI such as object models, endpoint groups, policy enforcement, application network profiles, and contracts


14
Lesson 14: Describe the northbound and southbound APIs of SDN controllers such as APIC-EM
30

5.14 Describe the northbound and southbound APIs of SDN controllers such as APIC-EM


15
Lesson 15: Identify and implement security features to comply with organizational security policies, procedures, and standards such as BCP 38, ISO 27001, RFC 2827, and PCI-DSS
30

5.15 Identify and implement security features to comply with organizational security policies, procedures, and standards such as BCP 38, ISO 27001, RFC 2827, and PCI-DSS


16
Lesson 16: Describe and identify key threats to different places in the network (campus, data center, core, edge) as described in Cisco SAFE
30

5.16 Describe and identify key threats to different places in the network (campus, data center, core, edge) as described in Cisco SAFE


17
Lesson 17: Validate network security design for adherence to Cisco SAFE recommended practices
30

5.17 Validate network security design for adherence to Cisco SAFE recommended practices


18
Lesson 18: Interpret basic scripts that can retrieve and send data using RESTful API calls in scripting languages such as Python
30

5.18 Interpret basic scripts that can retrieve and send data using RESTful API calls in scripting languages such as Python


19
Lesson 19: Describe Cisco Digital Network Architecture (Cisco DNA) principles and components.
30

5.19 Describe Cisco Digital Network Architecture (Cisco DNA) principles and components.

20
Key takeaways: Infrastructure Security, Virtualization, and Automation
5

Infrastructure Security, Virtualization, and Automation Key takeaways


Evolving Technologies v1.1

1
Lesson 1: Cloud
30

1.0 Cloud

1.a Compare and contrast public, private, hybrid, and multi-cloud design considerations

1.a (i) Infrastructure, platform, and software as a service (XaaS)

1.a (ii) Performance, scalability, and high availability

1.a (iii) Security implications, compliance, and policy

1.a (iv) Workload migration

1.b Describe cloud infrastructure and operations

1.b (i) Compute virtualization (containers and virtual machines)

1.b (ii) Connectivity (virtual switches, SD-WAN and SD-Access)

1.b (iii) Virtualization functions (NFVi, VNF, and L4/L1)

1.b (iv) Automation and orchestration tools (cloud center, DNA-center, and Kubernetes)

2
Lesson 2: Network Programmability (SDN)
30

2.0 Network programmability (SDN)

2.a Describe architectural and operational considerations for a programmable network

2.a (i) Data models and structures (YANG, JSON and XML)

2.a (ii) Device programmability (gRPC, NETCONF and RESTCONF)

2.a (iii) Controller based network design (policy driven configuration and northbound/ southbound APIs)

2.a (iv) Configuration management tools (agent and agent-less) and version control systems (Git and

SVN)

3
Lesson 3: Internet of things (IoT)
30

3.0 Internet of things (IoT)

3.a Describe architectural framework and deployment considerations for Internet of Things (IoT)

3.a (i) IoT technology stack (IoT Network Hierarchy, data acquisition and flow)

3.a (ii) IoT standards and protocols (characteristics within IT and OT environment)

3.a (iii) IoT security (network segmentation, device profiling, and secure remote access)

3.a (iv) IoT edge and fog computing (data aggregation and edge intelligence)

4
Key takeaways: Evolving Technologies V1.1
5

Evolving Technologies V1.1 Key takeaways

This course is for Network Engineers, System Admins, DevOps and Developers who would like to level up their skill set to Cisco CCIE Security 400-251 V5.0.
You will need to have basic know-how of computer networking and Cisco products, preferably Cisco CCNA or CCNP certifications.
You will be able to understand concepts of Cisco Routing and Switching technologies.

Last Update

September 2018

5
5 out of 5
1 Ratings

Detailed Rating

Stars 5
1
Stars 4
0
Stars 3
0
Stars 2
0
Stars 1
0

{{ review.user }}

{{ review.time }}
 

Show more
Please, login to leave a review
Add to Wishlist
Enrolled: 500 students
Lectures: 90
Level: Intermediate
trustpilot-reviews-cciein8weeks