The Evolving Landscape of the CCNP Security Exam Portfolio: What to Expect?

The Cisco CCNP Security certification is one of the most sought-after credentials in the networking industry, recognized globally for its comprehensive coverage of network security technologies and concepts. As the cybersecurity landscape continues to evolve, Cisco has updated the CCNP Security program to reflect the latest industry trends and demands. The revisions to the CCNP Security certification program are aimed at equipping network security professionals with the knowledge and skills necessary to safeguard modern network infrastructures against cyber threats.

Why Has Cisco Updated the CCNP Security Certification Program?

In today’s fast-paced world, products and technologies are evolving at an unprecedented rate, necessitating agile processes to keep up with these changes. Cisco recognizes this need and has introduced a new agile process to align its exams more quickly with the evolving industry and technological changes. This new process, called minor revisions, allows Cisco to update exam blueprints, equipment lists, and software more frequently to ensure that its content remains relevant. The changes made during a minor revision are kept to a minimum, up to 20%, to minimize any learning curves between revisions.

The primary objective of a minor revision is to ensure that the exam objectives are clear by further scoping out the exam blueprint. New blueprints are introduced to ensure that the exams remain relevant, while older products and technology solutions that are less relevant today are phased out. Although the overall domains within the exam blueprints have not changed, the minor revision ensures that the exam remains up-to-date with the latest technologies and industry trends.

What Specific Revisions are Made to the Exams Within the CCNP Security Exam Portfolio?

As a result of a minor revision, Cisco has made the following changes in the CCNP Security exams:

• 350-701 SCOR: The Implementing and Operating Cisco Security Core Technologies v1.1 exam’s domains, including Security Concepts, Network Security, Content Security, Endpoint Protection and Detection, Securing the Cloud, and Secure Network Access, Visibility, and Enforcement, remain unchanged from v1.0. However, some tasks have been expanded to cover hybrid and cloud solutions, and network management now includes NetConf, RestConf, and APIs. Additionally, endpoint antimalware has been expanded in the updated version of the exam
• 300-710 SNCF: The Securing Networks with Cisco Firewalls exam has been updated to v1.1. While all the domains (Deployment, Configuration, Management and Troubleshooting, and Integration) remain the same, the exam name has been modified to align with Cisco’s new naming convention of Cisco Firepower to Cisco Secure Firewall. New topics such as Cisco Security Analytics and Logging, Snort within Secure Firewall Threat Defense, on-premises and cloud deployments of virtual appliances, and new device management tools have been added to the exam.
• 300-715 SISE: The Cisco Identity Services Engine v1.1 exam has retained all its domains from v1.0, which include Architecture and Deployment, Web Auth and Guest Services, Policy Enforcement, Profiler, Endpoint Compliance, BYOD, and Network Access Device Administration. However, new technologies have been added to the exam blueprint, such as zero-touch provisioning, SAML IDP, Rest ID, and IBNS.
• 300-720 SESA: Compared to v1.0, the domains covered in the Securing Email with Cisco Secure Email Gateway v1.1 exam remain the same, including Administration, Spam Control with Talos SenderBase and Antispam, Content and Message Filters, LDAP and SMTP Sessions, Email Authentication and Encryption, and System Quarantines and Delivery Methods. However, the exam name has been changed to Cisco Secure Email Gateway from Cisco Email Security Appliance. The new exam blueprint includes the addition of virtual machines, certificate authorities, and logging.
• 300-725 SWSA: The Cisco Secure Web Appliance certification exam has undergone revisions in version 1.1. All domains, including Features, Configuration, Decryption Policies, Authentication, Proxy Services, Differentiated Traffic Access Policies, Acceptable Use Control, Malware Defense, and Reporting and Tracking Web Transactions, have remained the same. The exam’s name has been changed to Cisco Secure Web Appliance from Cisco Web Security Appliance. The blueprint has been updated to include high availability, transparent proxy, System Health Dashboard, and REST API support. However, the dynamic content analysis engine has been removed.
• 300-730 SVPN: All the domains in the Implementing Secure Solutions with Virtual Private Networks v1.1 exam, including Site-to-Site Private Networks on Routers and Firewalls, Remote Access VPNs, Troubleshooting Using ASDM and CLI, and Secure Communications Architectures, remain unchanged from v1.0. However, the implementation of DMVPN and FlexVPN has been enhanced to cover all aspects of these technologies.
• 300-735 SAUTO: The exam, Automating and Programming Cisco Security Solutions v1.1, maintains all the same domains as in v1.0, which includes Network Programmability Foundation, Network Security, Advanced Threat & Endpoint Security, and Cloud, Web, as well as Email Security. However, to keep the blueprint up-to-date, modifications have been made to reflect the growing use of Terraform in security automation. In particular, Puppet has been replaced by Terraform, and the Cisco XDR solution has been added to the exam.

The Introduction of the 300-740 SCAZT Concentration Exam

One significant change in the CCNP Security certification program is the introduction of a new concentration exam, Designing and Implementing Secure Cloud Access for Users and Endpoints v1.0 (300-740 SCAZT). The latest concentration added to the CCNP Security certification is centered on creating and executing security services for cloud-based applications of the future while adhering to best practices for cloud security architectures, design, operations, and service orchestration. As more companies worldwide adopt SaaS, hybrid, and multi-cloud environments to deploy their services and applications, cloud security engineers require specialized expertise and abilities to handle cloud-delivered applications that can be accessed by users on any device, from any location.

Summing Up

Overall, the revisions to the CCNP Security certification program reflect the rapidly changing landscape of cybersecurity and network infrastructure. By emphasizing core security technologies and emerging trends, the program prepares network security professionals to stay ahead of evolving threats and maintain secure network environments. Cisco’s commitment to providing the latest knowledge and skills to its certification holders ensures that they remain competitive in the rapidly changing technology landscape.