CCIE Security

CCIE Security

Key Features

Training Mode

Classroom and Online

Learning Method

Lecture & Self-Study

Lecture & Self-Study

1 Month

Training Hours

3 Hours per day

Hands on Labs

Yes

Study Material

Yes

Certificate

Yes

Batches

(Mon-Thu) & (Sat-Sun)

What will be the price?

Enquire now

CCIE Security Course Overview

Achieving CCIE Security certification proves your skills with complex security solutions. To earn CCIE Security certification, you pass two exams: a qualifying exam that covers core security technologies, and a hands-on lab exam that covers security technologies and solutions through the entire network lifecycle, from designing and deploying to operating and optimizing.

Lab Exam Description

The Cisco CCIE Security (v6.0) Lab Exam is an eight-hour, hands-on exam that requires a candidate to plan, design, deploy, operate, and optimize network security solutions to protect your network.

 Candidates are expected to program and automate the network within their exam, as per exam topics below.

 The following topics are general guidelines for the content likely to be included on the exam. Your knowledge, skills and abilities on these topics will be tested throughout the entire network lifecycle, unless explicitly specified otherwise within this documen

  1. Sr. Security engineer
  2. Lead Consultant Security
  3. Consulting systems engineer
  4. Technical Solutions Architect

There are no formal prerequisites for CCIE Security, but you should have a good understanding of the exam topics before taking the exam.

CCIE candidates are recommended to have five to seven years of experience with designing, deploying, operating and optimizing security technologies and solutions prior to taking the exam

All Cisco certifications are valid for 3 years.

Pass a qualifying exam

    Book Demo

    CCIE SECURITY Syllabus

    Implementing and Administering CCIE Security Course

    • 2 month of Instructor-led classroom training
    • 2 month of Virtual instructor-led group online training
    • 25 days of 1-on-1 training (It saves your time as you get a personal trainer for the entire duration of the boot camp.)

    Who are eligible for this course ?

    • Network engineers with Core exam – Implementing and Operating Cisco Security Core Technologies (SCOR 350-701)
    • Network engineer with at least five to seven years of professional experience with designing, deploying, operating and optimizing enterprise security technologies
    • Network engineers need to use an expert-level problem-solving process that includes options analysis to support complex network technologies and topologies
    • Network designers that design and support complex network technologies and topologies
    • Students and professionals in the IT and Technologies sector who wish to enhance their knowledge and acquire an internationally recognized professional certification which can improve their job prospects

    Course Outline

    Upon completion of this course, candidates will have the skills and knowledge to implement:

    • Implement core Cisco security solutions to provide advanced threat protection against cyber security attacks
    • Security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements
    • Configure Cisco Firepower Threat Defense technology
    • Implement advanced Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) features
    • Deploy and use Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS)
    • Detection of network-based malware and file type, NGIPS tuning
    • Configuration including application control, security intelligence, firewall, and network-based malware and file controls
    • Deploy and use Cisco Identity Services Engine (ISE) v2.4
    • Highly secure access control across wired, wireless, and VPN connections
    • Implement, use, and maintain Cisco Web Security Appliance (WSA)
    • Provide advanced protection for business email and control against web security threats
    • Deploy proxy services, use authentication, implement policies to control HTTPS traffic and access
    • Deploy and troubleshoot traditional Internet Protocol Security (IPsec), Dynamic Multipoint Virtual Private Network (DMVPN), FlexVPN, and remote access VPN
    • Design advanced automated security solutions for your network
    • Switch Port Configuration
    • Operation and Implementation of VLAN
    • Operation and Implementation of VTP
    • Operation and Implementation of STP
    • Protecting the Spanning Tree Protocol Topology
    • Operation and Implementation of RSTP and MST
    • Operation and Implementation of Ether-Channel
    • Operation and Implementation of DHCP and DHCP Relay Agent
    • Operation and Implementation of NTP
    • Operation and Implementation of HSRP, VRRP and GLBP
    • Operation and Implementation of Port Mirroring to Monitor Traffic
    • Operation and Implementation of Layer 2 Security Technologies
    • WSA Topology Introduction and Initial Configuration
    • WSA Installation on VMware Workstation and Basics
    • Explicit Proxy Mode URL Filtering Using Custom URL Categories
    • Explicit Proxy Mode URL Filtering Using Global Policy
    • Explicit Proxy Mode Download Limit For HTTP, HTTPS and FTP
    • Explicit Proxy Mode IP Base URL Blocking For HTTP, HTTPS and FTP
    • Explicit Proxy Mode URL Redirection
    • Explicit Proxy Mode Active Directory Integration and Proxy Authentication
    • Advanced Web Security: WSA Management and Command Line Interface (CLI) Basics
    • Advanced Web Security: WSA High Availability Using VRRP and PAC File
    • Advanced Web Security: How to enable HTTPS Proxy on WSA
    • Advanced Web Security: Time Range and Volume Quota
    • Advanced Web Security: AVC and Web Reputation Configuration Examples
    • Transparent Proxy Configuration Labs
    • Cisco Identity Services Engine configuration and implementations
    • Static and Default Routing on ASA
    • RIP, EIGRP, OSPF, BGP,SLA,NAT,CTP on ASA
    • Site-Site, Remote Access, SSL VPN on ASA
    • VPN Load balancing on ASA
    • Transparent Firewall on ASA
    • Security Context on ASA
    • Failover,MPF,IPv6, OSPFv3,O on ASA
    • NAT With IPv6 on ASA
    • Site-Site, SSL VPN With IPv6 on ASA
    • Advance Firewall Features With IPv6 on ASA
    • Dynamic Routing in Multiple Mode on ASA
    • Site-Site VPN in Multiple Mode on ASA
    • Site-Site VPN IPv6 in Multiple Mode on ASA
    • Implementation of IPSec and Cryptography
    • Implementation of Site-Site VPN, Remote Access VPN, SSL VPN
    • Implementation of DMVPN, GET VPN, Flex VPN and much more

    What to expect in the lab exam?

    The 8 hours practical exam will assess candidate’s skills through the entire network lifecycle of designing, deploying, operating and optimizing complex network scenarios. The exam consists out of 2 modules that are fixed in time and will be delivered in a fixed sequence:

    The goal of this module is to measure ability to create, analyze, validate and optimize network designs, which is the base for all deployment activities. Candidates will need to:

    • Understand capabilities of different technologies, solutions and services
    • Translate customer requirements into solutions
    • Assess readiness to support proposed solutions

    The module is scenario-based, without access to any devices. Candidates will be provided with a set of documentation required to discern before answering web-based items.

    Examples of documentation include email threads, high-level design, network topology diagrams, customer requirements and restrictions, etc. Examples of web-based items include Drag-and-Drop, Multiple-Choice-Single-Answer, Multiple-Choice-Multiple-Answer, Dropdown items, etc.

    During this module backward navigation will be disabled. As such, candidates will not have full visibility on all questions within this module. Points value(s) associated to each item are not displayed within this module.

    Module 2: Deploy, Operate and Optimize (5 hours)

    What devices are used during practice?

    The practical exam tests candidates on solutions that can be configured using the below Equipment and software versions. Candidates may see more recent software versions during their attempt but will only be tested on features that are supported in the list below.

    Passing the exam requires a depth of understanding difficult to obtain without hands-on experience. Early in your preparation you should arrange access to equipment and software similar to that used on the exam.

    • Cisco Identity Services Engine (ISE): 2.4
    • Cisco Web Security Appliance (WSA): 9.2
    • Cisco Email Security Appliance (ESA): 11.1
    • Cisco Firepower Management Center Virtual Appliance: 6.2
    • Cisco Firepower NGIPSv: 6.2
    • Cisco Firepower Threat Defense: 6.2
    • Cisco Adaptive Security Virtual Appliance (ASAv): 9.4(3)
    • Cisco CSR 1000V Series Cloud Services Router: 15.5.(3), 16.6.3
    • Cisco StealthWatch SMC-FC: 6.10
    • Cisco FireAMP Cloud: 5.3
    • Cisco Wireless Controller (WLC): 8.3
    • Cisco DNA Center Release 1.3.1
    • L2IOSv: 15.2
    • Cisco Adaptive Security Appliance: ASA5512: 9.2
    • Cisco Adaptive Security Appliance: ASA5516: 9.8
    • Cisco Catalyst Switch: C3650: 16.6
    • Cisco Catalyst Switch: C3850: 3.7
    • Cisco Wireless Access Point: AP1852: 8.3
    • Test PC: Windows 10 Enterprise
    • AD/DNS: Window Server 2016
    • Linux Kali: 4.17
    • Cisco Anyconnect: 4.2

    Do you provide Placement Assistance, post completion of the training?

    We are 100% committed to offer placement assistance to our students. Industry approved Resume Templates are provided to candidates as guidance to assist them in writing their resumes. We also provide students with FAQ interview questionnaire to help them prepare for their job interviews

    What is expected salary after the CCIE Security Training Course?

    On an average a CCIE Security  Certified Engineer with 5 plus years of experience gets salary in the range of INR 1,00,000 (1 Lac) per month in India.

    After CCIE Security training course, what is the Next Step?

     Learning never stops. We always recommend CCIE Enterprise Infrastructure v1.0 (Course link) training. There is huge demand for CCIE Security certified Engineers in market. These training and certification will establish your authority as an industry expert and provide you better career opportunities in the market.

    Course Objectives

    This course helps you prepare for the Cisco® CCNP® Security and CCIE® Security certifications and for senior-level security roles. In this course, you will master the skills and technologies you need to implement core Cisco security solutions to provide advanced threat protection against cybersecurity attacks. You will learn security for networks, cloud and content, endpoint protection, secure network access, visibility, and enforcements. You will get extensive hands-on experience deploying Cisco Firepower® Next-Generation Firewall and Cisco Adaptive Security Appliance (ASA) Firewall; configuring access control policies, mail policies, and 802.1X Authentication; and more. You will get introductory practice on Cisco Stealthwatch® Enterprise and Cisco Stealthwatch Cloud threat detection features..

    This course will help you:

    • Gain hands-on experience implementing core security technologies and learn best practices using Cisco security solutions
    • Prepare for the Implementing and Operating Cisco Security Core Technologies (350-701 SCOR) exam
    • Qualify for professional and expert-level security job roles

    Training Outline

    • Configure Network Settings and NAT on Cisco ASA
    • Configure Cisco ASA Access Control Policies
    • Configure Cisco Firepower NGFW NAT
    • Configure Cisco Firepower NGFW Access Control Policy
    • Configure Cisco Firepower NGFW Discovery and IPS Policy
    • Configure Cisco NGFW Malware and File Policy
    • Configure Listener, Host Access Table (HAT), and Recipient Access Table (RAT) on Cisco Email Security Appliance (ESA)
    • Configure Mail Policies
    • Configure Proxy Services, Authentication, and HTTPS Decryption
    • Enforce Acceptable Use Control and Malware Protection
    • Examine the Umbrella Dashboard
    • Examine Cisco Umbrella Investigate
    • Explore DNS Ransomware Protection by Cisco Umbrella
    • Configure Static VTI Point-to-Point IPsec IKEv2 Tunnel
    • Configure Point-to-Point VPN between the Cisco ASA and Cisco Firepower NGFW
    • Configure Remote Access VPN on the Cisco Firepower NGFW
    • Explore Cisco AMP for Endpoints
    • Perform Endpoint Analysis Using AMP for Endpoints Console
    • Explore File Ransomware Protection by Cisco AMP for Endpoints Console
    • Explore Cisco Stealthwatch Enterprise v6.9.3
    • Explore Cognitive Threat Analytics (CTA) in Stealthwatch Enterprise v7.0
    • Explore the Cisco Cloudlock Dashboard and User Security
    • Explore Cisco Cloudlock Application and Data Security
    • Explore Cisco Stealthwatch Cloud
    • Explore Stealthwatch Cloud Alert Settings, Watchlists, and Sensors

    After taking this course, you should be able to:

    • Describe information security concepts and strategies within the network
    • Describe common TCP/IP, network application, and endpoint attacks
    • Describe how various network security technologies work together to guard against attacks
    • Implement access control on Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
    • Describe and implement basic email content security features and functions provided by Cisco Email Security Appliance
    • Describe and implement web content security features and functions provided by Cisco Web Security Appliance
    • Describe Cisco Umbrella® security capabilities, deployment models, policy management, and Investigate console
    • Introduce VPNs and describe cryptography solutions and algorithms
    • Describe Cisco secure site-to-site connectivity solutions and explain how to deploy Cisco Internetwork Operating System (Cisco IOS®) Virtual Tunnel Interface (VTI)-based point-to-point IPsec VPNs, and point-to-point IPsec VPN on the Cisco ASA and Cisco Firepower Next-Generation Firewall (NGFW)
    • Describe and deploy Cisco secure remote access connectivity solutions and describe how to configure 802.1X and Extensible Authentication Protocol (EAP) authentication
    • Provide basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features
    • Examine various defenses on Cisco devices that protect the control and management plane
    • Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls
    • Describe Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
    • Describe basics of cloud computing and common cloud attacks and how to secure cloud environment

    Exam & Training

    Exam Name Exam Code Duration Cost Registration
    CCIE Security v6.0                                             – 8 Hours 1600 USD CCIE Portal

    Training Plan & Schedule

    Classroom

    Date Course Batch Register
    05 December 2022 CCIE Security Weekdays (Mon-Fri) Enquire now
    11 December 2022 CCIE Security Weekend (Sat-Sun) Enquire now
    19 December 2022 CCIE Security Weekdays (Mon-Fri) Enquire now
    25 December 2022 CCIE Security Weekend (Sat-Sun) Enquire now

    Virtual Classroom

    Date Course Batch Register
    05 December 2022 CCIE Security Weekdays (Mon-Fri) Enquire now
    11 December 2022 CCIE Security Weekend (Sat-Sun) Enquire now
    19 December 2022 CCIE Security Weekdays (Mon-Fri) Enquire now
    25 December 2022 CCIE Security Weekend (Sat-Sun) Enquire now

    CCIE Security Success Stories

    Prakash CCIE

    I recently participated in a CCIE Training course from Mumbai Networks and I must say that I was thoroughly impressed with the quality of the program. The course was well organized and the content was comprehensive and up-to-date. The instructor was extremely knowledgeable and provided helpful insights throughout the course. I was able to understand the concepts clearly and gain valuable skills and information. I would highly recommend CCIE Training to anyone looking to take their IT career to the next level.

    Harmony Murray CCIE

    I recently completed the CCIE Training course and I'm incredibly impressed with the quality of the content from Mumbai Networks. The instructors did an excellent job of breaking down complex topics into easily digestible concepts. They also provided plenty of practical exercises to ensure that I was able to apply the knowledge to real-world scenarios. The course also made sure to cover all of the topics that I needed to know in order to become a CCIE certified professional. I would highly recommend this course to anyone looking to gain more technical knowledge and certification.

    Martin Hicks CCIE

    Recently took Mumbai Networks CCIE Training program and I am extremely pleased with the results. The instructors were knowledgeable and professional, the course material was comprehensive and well-structured, and the support staff were always available to answer any questions that I had. Throughout the program, I was able to develop my technical skills and gain a better understanding of the technology. I would highly recommend this program to anyone looking to pursue a career in networking.

    Hanna Tucker CCIE

    Attended a CCIE Training course with Mumbai Networks and I'm so glad I did. The instructors were experienced and knowledgeable, and the course material was comprehensive and well thought out. The labs were challenging yet manageable, and I learned a great deal of valuable information throughout the course. I really appreciate the hands-on learning approach that CCIE Training offers, and I highly recommend their courses to anyone looking to gain a deeper understanding of networking technologies.

    Suresh CCIE

    The course materials were easy to follow and the instructors were knowledgeable and experienced. The course was well laid out and the course material was comprehensive and up-to-date. I was also pleased with the personalized support I received from the instructors. I would definitely recommend Mumbai Networks CCIE Training to anyone looking for a comprehensive course to gain their certification.

    Rahul CCIE

    Completed CCIE Training with Mumbai Networks and was very impressed with the quality of the material and instruction. The instructor was well-versed in the subject matter and was able to provide real-world examples to illustrate the concepts. The course was very comprehensive, covering topics such as networking protocols, routing, switching, and security. I was also able to take advantage of the lab environment and practice the concepts I had learned in the course. Overall, I'm very pleased with the quality of the CCIE Training course and would highly recommend it to anyone looking for a comprehensive training program.

    FAQ on CCIE Security

    The total exam is worth 100 points and the passing grade is 80 percent. The passing rate for first attempts is very low, so expect the possibility of taking the exam more than once. Cisco will not release the passing rate.

    E-mail your question to [email protected]. All questions receive a response from the CCIE team within 72 hours.

    You will be escorted outside the lab. You receive an e-mail notification within 24 hours. The e-mail advises you to log on to Cisco.com and enter your written exam results (written exam date, score, and your candidate ID will be required), and you will be presented with a breakdown of the main sections and your percentage score in each section. You can fill in a critique regarding your lab experience; be sure to provide all the feedback you have—good or bad. Candidates can receive free lab attempts for valid excuses or lab inconsistency and human errors. For the price of U.S.$1250 plus taxes, you want to make sure you have been given every opportunity to pass.