Ccnp Security Course Outline May 2026

The Cisco Certified Network Professional (CCNP) Security certification is a professional-level credential designed to validate your skills in securing complex network infrastructures. To earn this certification, you must pass two exams: the mandatory Core Exam (SCOR 350-701) and one Concentration Exam of your choice. 1. Mandatory Core Exam: SCOR 350-701

The Implementing and Operating Cisco Security Core Technologies (SCOR) exam covers the foundational knowledge required for any security professional.

Security Concepts (25%): Common threats in on-premises, cloud, and hybrid environments; security vulnerabilities like SQL injection and cross-site scripting.

Network Security (20%): Comparing IPS and firewall solutions; implementing network foundation protection (NFP) and securing routing protocols. ccnp security course outline

Securing the Cloud (15%): Security solutions for cloud environments and shared responsibility models.

Content Security (15%): Implementing web proxy redirection, authentication, and Cisco Umbrella.

Endpoint Protection and Detection (10%): Comparing EPP and EDR solutions; managing malware and outbreaks. What you learn: Decryption policies, access policies, and

Secure Network Access, Visibility, and Enforcement (15%): Identity management concepts (BYOD, profiling, posture) and Cisco ISE basics. 2. Concentration Exam Options

You must choose one of the following to complete your CCNP Security certification: Exclusive Cisco CCNP Security Syllabus - Updated 2026

Module 1: Adaptive Security Appliance (v9.14) ASA Overview and History. ASA deployment. Bootstrapping and basic ASA configuration. Network Kings Domain 5: Endpoint Protection and Detection (10%) The

Cisco CCNP Security Gets a Major Upgrade: What You Need to Know

Target audience

Network engineers, security engineers, and IT professionals with CCNA-level knowledge or equivalent experience.

Option D: 300-725 SWSA (Securing Web with Cisco Web Security Appliance)

Best for: Web gateway engineers.

  • What you learn: Decryption policies, access policies, and data security policies.
  • Key lab skill: Bypassing decryption for banking URLs while scanning social media.

Domain 5: Endpoint Protection and Detection (10%)

The network edge is now the endpoint.

  • AMP (Advanced Malware Protection): File trajectory analysis, retrospective security, and endpoint isolation.
  • EDR (Endpoint Detection and Response): Orbital scanning and threat hunting.
  • Posture Assessment: Ensuring endpoints meet compliance (antivirus, patching) before granting access via ISE.

4.1 300-710 SNCF (Securing Networks with Cisco Firepower)

  • Focus: Next-generation firewall (NGFW) configuration using Firepower Threat Defense (FTD) and Firepower Management Center (FMC).
  • Key skills: Access control policies, intrusion prevention (Snort), file/malware inspection, and high-availability deployments.

Prerequisites

  • Understanding of TCP/IP, routing, switching
  • Basic knowledge of network security concepts (firewalls, VPNs)
  • Recommended: CCNA or equivalent