CCNP Security (300-710 SNCF)

The CCNP Security (300-710 SNCF) exam tests your understanding of policy settings, integrations, deployments, management, and troubleshooting for Cisco Firepower® Threat Defense and Firepower® 7000 and 8000 Series virtual appliances. The exam’s major goal is to help you learn about sophisticated Next-Generation Firewall (NGFW) and Next-Generation Intrusion Prevention System (NGIPS) capabilities such as network intelligence, file type identification, network-based malware detection, and deep packet inspection.

Target Audience

This exam is suitable for the following candidates with the following profile –

• Security administrators
• Security consultants
• Network administrators
• System engineers
• Technical support personnel
• Channel partners and resellers
• Cisco integrators and partners

Exam Prerequisites

There are no official prerequisites required. However, there are few domains of which having a piece of knowledge would be an added advantage:

• Technical understanding of TCP/IP networking and network architecture.
• Basic familiarity with the concepts of Intrusion Detection Systems (IDS) and IPS.
• Knowledge of TCP/IP and basic routing protocols
• Familiarity with firewall, VPN, and Intrusion Prevention System (IPS) concepts

Exam Details

The exam code for the CCNP Security is 300-710 SNCF, and it costs $300. The exam will last 90 minutes. The test has a multiple-choice format. The certification is valid for three years. The test is offered in both English and Japanese.

Exam Registration

For registering you are required to follow the steps below:

• Create an account on Pearson VUE. If you already have an account on Pearson VUE, then login into the account.
• Select Proctored Exams and enter the exam number, 300-710.
• Follow the prompts to register and make the payment.

Exam Policies

There are various policies to which the candidate is required to adhere to. Cisco includes various exam policies to help candidates understand the terms and procedures for the certification exam. Some of them are:

Exam Retake Policy

The candidate has to wait for five calendar days, beginning the day after the failed attempt. However, once passed, a candidate must wait for a minimum of 180 days before taking the same exam with an identical exam number.

Exam Reschedule Policy

Candidates who want to reschedule their online proctored exam must contact Pearson VUE or access an online Pearson VUE account to reschedule the exam up until the scheduled start time of your appointment. However, failure to reschedule before your appointment time or failure to appear for your appointment will result in the forfeiture of your exam fee.

Cancellation Policy

To cancel online proctored exam candidates must contact Pearson VUE or access your online Pearson VUE account to cancel your exam up until the scheduled start time of your appointment. However, failure to cancel before your appointment time or failure to appear for your appointment will result in the forfeiture of your exam fee. 

Course Outline

The Cisco CCNP Security (300-710 SNCF) Exam covers the following topics –

Deployment : 30%

1.1 Implement NGFW modes (Cisco Documentation: Transparent or Routed Firewall Mode)

• Routed mode
• Transparent mode

1.2 Implement NGIPS modes (Cisco Documentation: Next-Generation Intrusion Prevention System (NGIPS))

• Passive
• Inline

1.3 Implement high availability options (Cisco Documentation: Configuring High Availability)

• Link redundancy
• Active/standby failover
• Multi-instance

1.4 Describe IRB configurations (Cisco Documentation: Configuring IRB)

Configuration: 30%

2.1 Configure system settings in Cisco Firepower Management Center (Cisco Documentation: Firepower Management Center Configuration Guide)

2.2 Configure these policies in Cisco Firepower Management Center (Cisco Documentation: Getting Started With Firepower)

• Access control
• Intrusion
• Malware and file
• DNS
• Identity
• SSL
• Prefilter

2.3 Configure these features using Cisco Firepower Management Center (Cisco Documentation: Cisco Firepower Management Center)

• Network discovery
• Application detectors (Open AppID)
• Correlation
• Actions

2.4 Configure objects using Firepower Management Center (Cisco Documentation: Navigating the Cisco Firepower Documentation)

• Object Management
• Intrusion Rules

2.5 Configure devices using Firepower Management Center (Cisco Documentation: Firepower)

• Device Management
• NAT
• VPN
• QoS
• Platform Settings
• Certificates

Management and Troubleshooting: 25%

• Troubleshoot with FMC CLI and GUI (Cisco Documentation: Cisco UCS Manager GUI Configuration Guide)
• Configure dashboards and reporting in FMC (Cisco Documentation: Working with Reports)
• Troubleshoot using packet capture procedures (Cisco Documentation: Packet Capture Procedures on Cisco Firepower Device)
• Analyze risk and standard reports (Cisco Documentation: Risk Reports)

Integration: 15%

• Configure Cisco AMP for Networks in Firepower Management Center (Cisco Documentation: Cisco AMP for Networks)
• Configure Cisco AMP for Endpoints in Firepower Management Center (Cisco Documentation: AMP for Endpoints User Guide)
• Implement Threat Intelligence Director for third-party security intelligence feeds (Cisco Documentation: Cisco Threat Intelligence Director (TID))
• Describe using Cisco Threat Response for security investigations (Cisco Documentation: Cisco Threat Response)
• Show Cisco FMC PxGrid Integration with Cisco Identify Services Engine (ISE) (Cisco Documentation: Configure ISE 2.4 and FMC 6.2.3 pxGrid Integration)
• Describe Rapid Threat Containment (RTC) functionality within Firepower Management Center (Cisco Documentation: Cisco Rapid Threat Containment)

For more information about CCNP Security(300-710 SNCF) examination, click on CCNP Security (300-710 SNCF) FAQ.

Preparatory Guide for CCNP Security (300-710 SNCF)

Following this preparation guide will help you learn and understand every exam’s objectives. Here we are providing you with the best learning resources to qualify the exam. Here we are going to illustrate a detailed description to help you prepare for the exam with expert learning resources and study guide.

Refer the Exam Guide

For any examination, it is important to know the course outline and guide. Cisco also provides the complete course guide on its official website.  Since it is the most authentic site to provide any information regarding the CCNP Security 300-710 SNCF exam. After you’ve gone through the basic exam details. It’s time to hit the exam guide.

Official Cisco Training

Cisco provides an official training course to help candidates prepare for the 300-710 SNCF exam that is, the Implementing and Operating Cisco Security Core Technologies (SCOR) v1.0. This will help you prepare for the Cisco CCNP Security for senior-level security roles. 

This course covers the following:

• Describing information security concepts and strategies within the network
• Explain common TCP/IP, network application, and endpoint attacks
• Describing how various network security technologies work together to guard against attacks
• Implementing access control on the Cisco ASA appliance and Cisco Firepower Next-Generation Firewall
• Describing and implement basic email content security features and functions provided by the Cisco Email Security Appliance
• Describing and implement web content security features and functions provided by the Cisco Web Security Appliance
• Show Cisco Umbrella security capabilities, deployment models, policy management, and Investigate console
• Introducing VPNs and describe cryptography solutions and algorithms
• Providing a basic understanding of endpoint security and describe Advanced Malware Protection (AMP) for Endpoints architecture and basic features
• Examining various defenses on Cisco devices that protect the control and management plane
• Configure and verify Cisco IOS software Layer 2 and Layer 3 data plane controls
• Describing Cisco Stealthwatch Enterprise and Stealthwatch Cloud solutions
• Describing the basics of cloud computing and common cloud attacks and how to secure cloud environment

Private Group Training

Cisco offers Private group training that brings the Cisco classroom experience anywhere, whether it’s an office, or to an offsite location of your choice. This can deliver any Cisco course in this format, from certification classes to the latest technology and business transformation training. Moreover, Private group training is a convenient, cost-effective choice for groups with many people who all need the same training. 

Join Study groups

Joining study groups is a good way to get yourself fully involved with the certification exam you applied for. These groups will help you get up to date with the latest changes or any update happening exam. Also, these groups contain both beginners as well as professionals. You can ask any query related to the exam or you can talk about the exam without any hesitation. Moreover, here you can start any discussion about the issue related to the exam or any query. By doing so, you will get the best possible answer to your query.

Practice Tests

It is very important to practice what you have learned so that you are in a position to analyze your practice, by practicing you will be able to improve your answering skills that will result in saving a lot of time. Moreover, the best way to start doing practice tests is after completing one full topic as this will work as a revision part for you.

Start practicing with testpreptraining and become a certified Cisco CCNP Security(300-710 SNCF) now!