7/30/2019 Ccna Security Exam Topisc

1/3

1992-2013 Cisco Systems Inc. All Rights Reserved. Generated on 2013-06-23-07:00

1

640-554 Exam Topics

640-554 IINS Exam Topics

Exam Description

The 640-554 Implementing Cisco IOS Network Security (IINS) exam is associated with

the CCNA Security certification. This exam tests a candidate's knowledge of securing

Cisco routers and switches and their associated networks. It leads to validated skills

for installation, troubleshooting and monitoring of network devices to maintain integrity,

confidentiality and availability of data and devices and develops competency in the

technologies that Cisco uses in its security infrastructure.

Candidates can prepare for this exam by taking the Implementing Cisco IOS Network

Security (IINS) course.

Exam Topics

The following topics are general guidelines for the content likely to be included on the

Implementing Cisco IOS Network Security (IINS) exam. However, other related topics may

also appear on any specific delivery of the exam. In order to better reflect the contents of the

exam and for clarity purposes, the guidelines below may change at any time without notice.

Common Security Threats

Describe common security threats

Security and Cisco Routers

Implement security on Cisco routers Describe securing the control, data, and management plane Describe Cisco Security Manager

7/30/2019 Ccna Security Exam Topisc

2/3

640-554 Exam Topics

1992-2013 Cisco Systems Inc. All Rights Reserved. Generated on 2013-06-23-07:00

2

Describe IPv4 to IPv6 transition

AAA on Cisco Devices Implement AAA (authentication, authorization, and accounting) Describe TACACS+ Describe RADIUS Describe AAA Verify AAA functionality

IOS ACLs Describe standard, extended, and named IP IOS access control lists (ACLs) to filter

packets Describe considerations when building ACLs Implement IP ACLs to mitigate threats in a network

Secure Network Management and Reporting

Describe secure network management Implement secure network management

Common Layer 2 Attacks

Describe Layer 2 security using Cisco switches Describe VLAN security Implement VLANs and trunking

Implement spanning tree

Cisco Firewall Technologies

Describe operational strengths and weaknesses of the different firewall technologies

7/30/2019 Ccna Security Exam Topisc

3/3

640-554 Exam Topics

1992-2013 Cisco Systems Inc. All Rights Reserved. Generated on 2013-06-23-07:00

3

Describe stateful firewalls Describe the types of NAT used in firewall technologies Implement zone-based policy firewall using CCP Implement the Cisco Adaptive Security Appliance (ASA) Implement Network Address Translation (NAT) and Port Address Translation (PAT)

Cisco IPS

Describe Cisco Intrusion Prevention System (IPS) deployment considerations Describe IPS technologies Configure Cisco IOS IPS using CCP

VPN Technologies

Describe the different methods used in cryptography Describe VPN technologies Describe the building blocks of IPSec Implement an IOS IPSec site-to-site VPN with pre-shared key authentication Verify VPN operations Implement Secure Sockets Layer (SSL) VPN using ASA device manager

We would like to get your feedback; please comment and/or rate this document.