What skills does CCIE security check?

Certification: Cisco CCIE Security - Cisco Certified Internetwork Expert Security

The CCIE Security or the Cisco Certified Internetwork Expert Security acknowledge the knowledge and skills of an IT professional in implementing, maintaining and supporting the wide range of Cisco Networking Security Solutions applying the current and the most efficient technological advancements.

CCIE Security Skills:

  1. Vital Information Access
  2. Safeguard Networking Infrastructures
  3. Security System Management
  4. Can Operate and Implement Cisco Security Technologies and Solutions 
  5. Has Awareness on Security Policies and Procedures, Best Practices, and Standards
  6. Can Execute Security Protocols
  7. Implementing Application and Infrastructure Security
  8. Safeguards the Connectivity, Communications, and Network Security
  9. Can Configure and Troubleshoot Threats, Vulnerability Analysis, and Mitigation
  10. Comprehensive knowledge on Cisco Security Products, Features, and Management

In line with the present issues relating to network security, The Standard Security Track of CCIE is designed and developed to the current and upcoming matters with regard to security risks.

More than hacking threats and software viruses, the combined methods of the Security Track handles the networking security and the significance of data encryption. These are essential for external and internal communications, which is also functional for finance-related transactions.

A Certified CCIE Security Expert is skilled at executing the most recent Cisco security products. Aside form seeing just an overview of the security of a network, an IT expert in security must also know the integrity of the network and how reliable it is.

Meanwhile, a skilled security expert knows how to execute security solutions and knows the function of the products available in securing the network whilst considering the ethical standards for security. These experts are not only validated with their skills but on the areas of professionalism as well.

CCIE exams validate the skills and competitiveness of IT professionals in ways of explaining the functions of Cisco’s network security solutions and products. These individuals must know the following key concepts such as:

  1. Implementation
  2. Deployment
  3. Configuration
  4. Maintenance
  5. Troubleshoot

Cisco’s security-related products and solutions:

  1. IPv6 concepts
  2. IPv4 concepts
  3. Device hardening
  4. Firewalls
  5. Prevention of threats
  6. Identity services
  7. Policy management
  8. VPNs

An Overview on Infrastructure, Communications, Connectivity and Network Security:

Authentication and Authorization Technologies

  • Single sign-on
  • OTPs
  • LDAP and AD
  • RBAC 

VPNs

  • L2 versus L3
  • Tag Switching, MPLS, VRFs,

Mobile IP Networks

Wireless

  • SSID
  • Authentication and authorization
  • Rogue APs
  • Session establishment

Network addressing basics 

Tunneling protocols

  • IPv6 tunnel types 
  • GRE
  • NHRP

OSI layers 

IP/UDP/TCP Protocols 

LAN switching VTP, VLANs, Spanning Tree

Routing protocols BGP,RIP, EIGRP, OSPF

  • Basic functions and characteristics
  • Security features 

IP Multicast

  • IGMP and CGMP
  • Multicast Listener Discovery
  • PIM
  • MSDP

An Overview on Security Protocols:

  • PKI, PKIX, and PKCS
  • IEEE 802.1X
  • WEP, WPA, and WPA2
  • WCCP
  • SXP
  • MACsec
  • DNSSEC
  • RSA
  • RC4
  • MD5
  • SHA
  • DES
  • 3DES
  • AES
  • IPSec
  • ISAKMP
  • SSL
  • SSH
  • RADIUS
  • TACACS+
  • LDAP
  • EAP Methods (EAP-MD5, EAP-TLS, EAP-TTLS,EAP-FAST, PEAP, and LEAP)
  • IKE and IKEv2
  • GDOI
  • AH
  • ESP
  • CEP
  • DTLS and TLS

An Overview on Infrastructure Security and Application:

  • Syslog
  • NetBIOS, SMB and NetLogon
  • RPCs
  • VNC and RDP
  • PCoIP
  • OWASP
  • Manage Unnecessary Services
  • DHCP
  • DNS
  • SFTP and FTP
  • TFTP
  • NTP
  • HTTP
  • HTTPS
  • SMTP

An Overview on Mitigation, Threats and Vulnerability Analysis

  • Generic Network Intrusion Prevention Concepts 
  • Packet Filtering 
  • Packet Inspectionand Content Filtering 
  • Posture and Endpoint Assessment 
  • QoS Marking Attacks 
  • OS and Software Exploits 
  • Security and Attack Tools 

Recognise and mitigate Common Attacks

  • Virus and Worm Outbreaks
  • Header Attacks
  • Tunneling Attacks 
  • Backdoor
  • Botnets
  • Wireless Attacks
  • DoS and DDoS Attacks
  • PING Floods and ICMP Attacks
  • MITM
  • Replay
  • Spoofing

An Overview on Cisco’s Security Products, Features and Management

  • Cisco Adaptive Security Appliance
  • Virtual security gateway 
  • Cisco Catalyst 6500 Series ASA Services Modules 
  • ScanSafe functionality and components 
  • Cisco Web Security Appliance and Cisco Email Security Appliance 
  • Security management
  • Cisco Security Manager
  • Cisco Adaptive Security Device Manager (ASDM)
  • Cisco IPS Device Manager (IDM)
  • Cisco IPS Manager Express (IME)
  • Cisco Configuration Professional
  • Cisco Prime 
  • Cisco Identity Services Engine
  • Cisco Secure ACS Solution Engine 
  • Cisco Network Admission Control Appliance Server 
  • Endpoint and client
  • Cisco NAT and IOS Firewalls
  • Cisco Intrusion Prevention Systems
  • Cisco IOS IPS 
  • Cisco AAA protocols and application
  • VSAs 

An Overview on Cisco’s Security Technologies and Solutions:

1. VPN Solutions:

  • · FlexVPN
  • · DMVPN
  • · GET VPN
  • · Cisco EasyVPN 

2. NetFlow

3. Wireless Security 

4. Network Segregation

5. Packet Filtering

6. Content Filtering 

7. QoS Application for Security 

8. Load Balancing

9. Router Hardening Features: PBR, CoPP, MPP, uRPF

10.Switch Security Features: NEAT, NDAC, Antispoofing, Port, STP and 11.MACSEC

12.VXLAN 

An Overview On Security Standards, Policies, Procedures and Best Practices:

  1. Risk Verification
  2. Change Management Process
  3. Incident Response
  4. Computer Security Forensic
  5. Desktop Security Risk Verification
  6. Security Policy Factors
  7. Information Security Standards
  8. Standards Bodies
  9. Industry Best Practices
  10. Common BCP and RFC
  11. Security Audit and Assessment

There are no known sources that can guarantee a CCIE Certification.  An aspiring CCIE Security Professional must work double time to join study forums, read related links from the Internet, Visit Cisco website and read all kinds of CCIE Workbooks available.

There are Bootcamps developed for CCIE Security candidates aspiring to enhance their skills and knowledge. It consists of detailed instructions, hands-on lab workshops to put a test to all the technologies known related to Internetworking Securities.

Earning a certification in CCIE security is a serious undertaking, which involves a lot of perseverance. According to Business Insider (2013), a Cisco Certified Internetworking Expert Security earn as much as $168,769. It is a high-paying job that rather comes with as much responsibility unlike any other. An organisation relies on the skills of an expert with regard to the safety of their data. Being entrusted with the most vital information access is a critical job. The skills and professionalism of an IT expert are always tested in this high-profile career.

Get 10% Discount on Your Purchase When You Sign Up for Email

This is a One TIME OFFER. You will never see this Again

10% OFF

Enter Your Email Address to Receive Your 10% OFF Discount Code Plus... Our Exclusive Weekly Deals

A confirmation link will be sent to this email address to verify your login.

* We value your privacy. We will not rent or sell your email address.