CCIE Security v6 Exam Topics
CCIE Security v6 Exam Topics
CCIE Security v6 Exam Topics
The following topics are general guidelines for the content likely
to be included on the exam. Your knowledge, skills and abilities on
these topics will be tested throughout the entire network lifecycle,
unless explicitly specified otherwise within this document.
The exam is closed book and no outside reference materials are allowed.
1.3.c NAT
1.9 Policies and rules for traffic control on Cisco ASA and Cisco FTD
1.10 Routing protocols security on Cisco IOS, Cisco ASA and Cisco FTD
3.8 Cisco SAFE model to validate network security design and to identify threats
to different Places in the Network (PINs)
3.9 Interaction with network devices through APIs using basic Python scripts
4.2 Cisco switches and Cisco Wireless LAN Controllers for network access AAA
with ISE.
4.4 AAA for network access with 802.1X and MAB using ISE.
4.5 Guest lifecycle management using ISE and Cisco Wireless LAN controllers
4.10 Endpoint profiling using ISE and Cisco network infrastructure including
device sensor
4.15 pxGrid integration between security devices WSA, ISE, and Cisco FMC
5.1 AMP for networks, AMP for endpoints, and AMP for content security (ESA,
and WSA)
5.3 Perform packet capture and analysis using Wireshark, tcpdump, SPAN,
ERSPAN, and RSPAN
5.4 DNS layer security, intelligent proxy, and user identification using Cisco
Umbrella
5.5 Web filtering, user identification, and Application Visibility and Control (AVC)
on Cisco FTD and WSA.
5.8 HTTPS decryption and inspection on Cisco FTD, WSA and Umbrella
5.10 Cisco advanced threat solutions and their integration: Stealthwatch, FMC,
AMP, Cognitive Threat Analytics (CTA), Threat Grid, Encrypted Traffic
Analytics (ETA), WSA, SMA, CTR, and Umbrella