larger cover

Add To My Wish List

Register your product to gain access to bonus material or receive a coupon.

CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide


  • This product currently is not for sale.
Not for Sale
  • About
  • Description
  • Sample Content
  • Updates


  • Revised edition of the #1 selling CCNP and CCIE preparation self-study guide
  • Book content is fully updated to align to the new CCNP and CCIE Security Core SCOR 350-701 exam objectives
  • Book and online materials are packed with features to help candidates master difficult testing methods on actual exams
  • Practice tests contain exam-realistic questions that closely mimic the difficulty of the actual exam
  • In-depth expert explanations of all protocols, commands, and technologies on the CCNP and CCIE Security Core SCOR 350-701 exam

  • Copyright 2020
  • Dimensions: 7-3/8" x 9-1/8"
  • Pages: 784
  • Edition: 1st
  • Book
  • ISBN-10: 0-13-597197-7
  • ISBN-13: 978-0-13-597197-0

Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide presents you with an organized test preparation routine using proven series elements and techniques. “Do I Know This Already?” quizzes open each chapter and allow you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

  • Master Cisco CCNP and CCIE Security Core SCOR 350-701 exam topics
  • Assess your knowledge with chapter-opening quizzes
  • Review key concepts with exam preparation tasks
  • Practice with realistic exam questions in the practice test software

CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide, from Cisco Press allows you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Best-selling author and leading security engineer Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This complete study package includes

  • A test-preparation routine proven to help you pass the exams
  • Do I Know This Already? quizzes, which allow you to decide how much time you need to spend on each section
  • Chapter-ending and part-ending exercises, which help you drill on key concepts you must know thoroughly
  • The powerful Pearson Test Prep Practice Test software, complete with 200 well-reviewed, exam-realistic questions, customization options, and detailed performance reports
  • More than an hour of video mentoring from the author
  • A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
  • Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, and video instruction, this official study guide helps you master the concepts and techniques that ensure your exam success.

This official study guide helps you master all the topics on the CCNP and CCIE Security SCOR 350-701 exam, including

  • Cybersecurity fundamentals
  • Cryptography
  • Software-Defined Networking security and network programmability
  • Authentication, Authorization, Accounting (AAA) and Identity Management
  • Network visibility and segmentation
  • Infrastructure security
  • Cisco next-generation firewalls and intrusion prevention systems
  • Virtual Private Networks (VPNs)
  • Securing the cloud
  • Content security
  • Endpoint protection and detection

Omar Santos, an active member of the cybersecurity community, leads several industry-wide initiatives and technology standard bodies. As Principal Engineer of the Cisco Product Security Incident Response Team (PSIRT), he mentors and leads engineers and incident managers in investigating and resolving security vulnerabilities. He has authored dozens of books, video courses, white papers, articles, security configuration guidelines, and best practices. He has been a featured speaker in many cybersecurity conferences around the world.

Companion Website:

The companion website contains 200 practice exam questions and exercises, more than an hour of video training, and much more.

Includes Exclusive Offers For Up to 80% Off Video Training, Practice Tests, and more

Pearson Test Prep online system requirements:

Browsers: Chrome version 73 and above; Safari version 12 and above; Microsoft Edge 44 and above.
Devices: Desktop and laptop computers, tablets running on Android v8.0 and iOS v13, smartphones with a minimum screen size of 4.7". Internet access required.

Pearson Test Prep offline system requirements:

Windows 10, Windows 8.1; Microsoft .NET Framework 4.5 Client; Pentium-class 1 GHz processor (or equivalent); 512 MB RAM; 650 MB disk space plus 50 MB for each downloaded practice exam; access to the Internet to register and download exam databases

Also available from Cisco Press for Cisco CCNP and CCIE Security study is the CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide Premium Edition eBook and Practice Test. This digital-only certification preparation product combines an eBook with enhanced Pearson Test Prep Practice Test.

This integrated learning package:

  • Allows you to focus on individual topic areas or take complete, timed exams
  • Includes direct links from each question to detailed tutorials to help you understand the concepts behind the questions
  • Provides unique sets of exam-realistic practice questions
  • Tracks your performance and provides feedback on a module-by-module basis, laying out a complete assessment of your knowledge to help you focus your study where it is needed most

Table of Contents

Introduction xxv
Chapter 1 Cybersecurity Fundamentals 2
    “Do I Know This Already?” Quiz 3
    Foundation Topics 6
    Introduction to Cybersecurity 6
    Defining What Are Threats, Vulnerabilities, and Exploits 8
    Common Software and Hardware Vulnerabilities 30
    Confidentiality, Integrity, and Availability 40
    Cloud Security Threats 47
    IoT Security Threats 51
    An Introduction to Digital Forensics and Incident Response 55
    Summary 74
    Exam Preparation Tasks 74
    Review All Key Topics 74
    Define Key Terms 76
    Review Questions 76
Chapter 2 Cryptography 78
    “Do I Know This Already?” Quiz 78
    Foundation Topics 80
    Introduction to Cryptography 80
    Fundamentals of PKI 93
    Exam Preparation Tasks 102
    Review All Key Topics 102
    Define Key Terms 103
    Review Questions 103
Chapter 3 Software-Defined Networking Security and Network Programmability 106
    “Do I Know This Already?” Quiz 106
    Foundation Topics 108
    Introduction to Software-Defined Networking 108
    Introduction to Network Programmability 132
    Exam Preparation Tasks 146
    Review All Key Topics 146
    Define Key Terms 147
    Review Questions 147
Chapter 4 Authentication, Authorization, Accounting (AAA) and Identity Management 150
    “Do I Know This Already?” Quiz 151
    Foundation Topics 154
    Introduction to Authentication, Authorization, and Accounting 154
    Authentication 155
    Authorization 167
    Accounting 169
    Infrastructure Access Controls 170
    AAA Protocols 172
    Cisco Identity Services Engine (ISE) 181
    Configuring TACACS+ Access 196
    Configuring RADIUS Authentication 202
    Additional Cisco ISE Design Tips 211
    Exam Preparation Tasks 214
    Review All Key Topics 214
    Define Key Terms 216
    Review Questions 216
Chapter 5 Network Visibility and Segmentation 220
    “Do I Know This Already?” Quiz 221
    Foundation Topics 224
    Introduction to Network Visibility 224
    NetFlow 225
    IP Flow Information Export (IPFIX) 237
    NetFlow Deployment Scenarios 242
    Cisco Stealthwatch 250
    Cisco Cognitive Threat Analytics (CTA) and Encrypted Traffic Analytics (ETA) 262
    NetFlow Collection Considerations and Best Practices 268
    Configuring NetFlow in Cisco IOS and Cisco IOS-XE 269
    Configuring NetFlow in NX-OS 283
    Introduction to Network Segmentation 285
    Micro-Segmentation with Cisco ACI 289
    Segmentation with Cisco ISE 290
    Exam Preparation Tasks 301
    Review All Key Topics 301
    Define Key Terms 302
    Review Questions 302
Chapter 6 Infrastructure Security 306
    “Do I Know This Already?” Quiz 307
    Foundation Topics 310
    Securing Layer 2 Technologies 310
    Common Layer 2 Threats and How to Mitigate Them 322
    Network Foundation Protection 332
    Understanding and Securing the Management Plane 334
    Understanding the Control Plane 336
    Understanding and Securing the Data Plane 337
    Securing Management Traffic 338
    Implementing Logging Features 362
    Configuring NTP 363
    Securing the Network Infrastructure Device Image and Configuration Files 364
    Securing the Data Plane in IPv6 365
    Securing Routing Protocols and the Control Plane 379
    Exam Preparation Tasks 387
    Review All Key Topics 387
    Define Key Terms 389
    Review Questions 389
Chapter 7 Cisco Next-Generation Firewalls and Cisco Next-Generation Intrusion Prevention Systems 392
    “Do I Know This Already?” Quiz 392
    Foundation Topics 395
    Introduction to Cisco Next-Generation Firewalls (NGFW) and
    Comparing Network Security Solutions That Provide Firewall Capabilities 411
    Deployment Modes of Network Security Solutions and Architectures That
    High Availability and Clustering 423
    Implementing Access Control 427
    Cisco Firepower Intrusion Policies 446
    Variables 449
    Platform Settings Policy 450
    Cisco NGIPS Preprocessors 450
    Cisco Advanced Malware Protection (AMP) 452
    Security Intelligence, Security Updates, and Keeping Firepower Software Up to Date 457
    Exam Preparation Tasks 458
    Review All Key Topics 458
    Define Key Terms 460
    Review Questions 460
Chapter 8 Virtual Private Networks (VPNs) 464
    “Do I Know This Already?” Quiz 464
    Foundation Topics 467
    Virtual Private Network (VPN) Fundamentals 467
    Deploying and Configuring Site-to-Site VPNs in Cisco Routers 479
    Configuring Site-to-Site VPNs in Cisco ASA Firewalls 502
    Configuring Remote Access VPNs in the Cisco ASA 511
    Configuring Clientless Remote Access SSL VPNs in the Cisco ASA 514
    Configuring Client-Based Remote-Access SSL VPNs in the Cisco ASA 525
    Configuring Remote Access VPNs in FTD 530
    Configuring Site-to-Site VPNs in FTD 541
    Exam Preparation Tasks 543
    Review All Key Topics 543
    Define Key Terms 544
    Review Questions 544
Chapter 9 Securing the Cloud 548
    “Do I Know This Already?” Quiz 549
    Foundation Topics 551
    What Is Cloud and What Are the Cloud Service Models? 551
    DevOps, Continuous Integration (CI), Continuous Delivery (CD), and
    Describing the Customer vs. Provider Security Responsibility for the Different Cloud Service Models 573
    Cisco Umbrella 577
    Cisco Email Security in the Cloud 582
    Cisco Cloudlock 584
    Stealthwatch Cloud 590
    AppDynamics Cloud Monitoring 590
    Cisco Tetration 593
    Exam Preparation Tasks 596
    Review All Key Topics 596
    Define Key Terms 597
    Review Questions 598
Chapter 10 Content Security 600
    “Do I Know This Already?” Quiz 600
    Foundation Topics 603
    Content Security Fundamentals 603
    Cisco WSA 604
    Cisco ESA 619
    Cisco Content Security Management Appliance (SMA) 624
    Exam Preparation Tasks 629
    Review All Key Topics 629
    Define Key Terms 630
    Review Questions 630
Chapter 11 Endpoint Protection and Detection 634
    “Do I Know This Already?” Quiz 634
    Foundation Topics 636
    Introduction to Endpoint Protection and Detection 636
    Cisco AMP for Endpoints 638
    Cisco Threat Response 654
    Exam Preparation Tasks 655
    Review All Key Topics 655
    Define Key Terms 655
    Review Questions 656
Chapter 12 Final Preparation 658
    Hands-on Activities 658
    Suggested Plan for Final Review and Study 658
    Summary 659
Glossary of Key Terms 660
Appendix A Answers to the “Do I Know This Already?” Quizzes and Q&A Sections 678
Appendix B CCNP Security Core SCOR (350-701) Exam Updates 686Online Element
Appendix C Study Planner
9780135971970, TOC, 3/18/2020


Download the errata (44 KB .doc)

Submit Errata

Unlimited one-month access with your purchase
Free Safari Membership