CCNP Security

CCNP Security Overview

Octa Networks is Mumbai most trusted training Centre for CCNP Security Course. We offer high-end training to candidates in our 24×7 on Cisco real devices. Our Training Centre is situated in Mumbai. Octa Networks is considered as one of the innovative, reliable and prestigious CCNP Security Training Institute in Mumbai. We also provide Corporate and Summer Training in Mumbai.

Our CCNP Security Racks are fully equipped with latest physical devices with most updated topology as per Cisco blueprints. Our CCNP Security course training primarily focuses on topics like ASA, IPS, Next-Gen Firewall, WSA, ISE, VPNs, FirePOWER and more. Octa Networks provides the best CCNP Security training in Mumbai.

Cisco Certified Network Professional Security (CCNP Security) certification program is aligned particularly to the job role of the Cisco Network Security Engineer responsible for Security in Routers, Switches, Networking devices and appliances, as well as choosing, deploying, supporting and troubleshooting Firewalls, VPNS, and IDS/IPS solutions for their networking environments.

CCNP Security in divided in 4 different topics:

Implementing Cisco Secure Access Solutions: It is to prepare security engineers with the knowledge and hands-on experience so that they can deploy Cisco’s Identity Services Engine and 802.1X secure network access. This course aims to provide students with foundational knowledge and the capabilities to implement and managed network access security by utilizing Cisco ISE appliance product solution.

Implementing Cisco Edge Network Security Solutions: It is to prepare security engineers with the knowledge and hands-on experience to prepare them to configure Cisco perimeter edge security solutions utilizing Cisco Switches, Cisco Routers, and Cisco Adaptive Security Appliance (ASA) Firewalls. This course aims to provide students with foundational knowledge and the capabilities to implement and managed security on Cisco ASA firewalls, Cisco Routers with the firewall feature set, and Cisco Switches.

Implementing Cisco Secure Mobility Solutions: This course is to prepare network security engineers with the knowledge and skills they need to protect data traversing a public or shared infrastructure such as the Internet by implementing and maintaining Cisco VPN solutions. Students of this course will gain hands-on experience with configuring and troubleshooting remote access and site-to-site VPN solutions, using Cisco ASA adaptive security appliances and Cisco IOS routers.

Implementing Cisco Threat Control Solutions: In this course, you will learn how to deploy Cisco’s Email Security (ESA); Web Security (CWS, WSA); Advanced Malware Protection (AMP); and Next Generation Intrusion Prevention Systems (NGIPS).You will learn how to implement and manage security threat controls by leveraging the capabilities of Cisco’s FirePOWER NGIPS, AMP, WSA, CWS, and ESA products and solutions. The hands-on labs enable to configure advanced Cisco security solutions for mitigating outside threats, and to secure traffic traversing the network and security systems.

Key Features of CCNP Security Training:

  • Candidates are provided guaranteed training on Cisco Physical Devices.
  • CCNP Security Concepts are explained theoretically and practically on the Cisco Physical Devices.
  • Students have 24*7 access to the Lab.
  • 160+ hours of training in classroom with interactive whiteboard and projector.
  • Candidates can appear for the repeat classes unlimited times.
  • Classrooms are equipped with projectors, Wi-Fi connectivity, and Digital Pads.
  • Batches are available from early morning to late night.
  • Trainers/Mentors 24×7 availability.
  • Our Trainers are Cisco certified and highly experienced.

Devices to be used during the CCNP Security Training Program:

  • Routers: Cisco 1841 (Version 15.x), 2610, 2611, 2611xm, 2811
  • Switches: Cisco 2950, 3560 POE, 3750 (Version 12.x)
  • Firewall: Cisco 5510 (Version 8.x & 9.x)
  • Cisco IPS: 4255 (Version 7.x)
  • Cisco WSA: Virtual (Version 8.x & 9.x)
  • Cisco ESA: Virtual (Version 9.x)
  • Cisco ISE: Virtual (Version 1.x & 2.x)
  • Cisco WLC: Virtual (Version 8.x)
  • Cisco AP: 1242

Training Plan

Training Schedule
Weekdays (Mon-Fri)Weekend (Sat-Sun)
Duration2 Months4 Months
Hours4 Hours / day6 Hours / day
Fees40,000 + Taxes40,000 + Taxes
Training ModeOnline/OnsiteOnline/Onsite

Group Discount
In a Group of 2 discount will be 10% per head
In a Group of 3 discount will be 15% per head
In a Group of 4 discount will be 20% per head

Trainer's Profile




Munawar Khan,is a highly experienced and extremely driven Master Technical Instructor. He has been training networking courses for more than 15 years, teaching on a wide range of topics including Routing and Switching, Security, Collaboration and Checkpoint. Munawar Khan has delivered instructor led training’s in India as well as international countries like UAE, Qatar and East African Countries. In addition, he has been developing and updating the content for these courses. He has assisted many engineers in passing CCNA and CCNP examinations and securing their certifications.

Lab Facility

CCNP Security Course Details

Target Audience:

  • Network security engineer with at least one year of professional experience and CCNA Security Certification who want to enhance their skills and acquire in-depth know-how to secure complex Enterprise Network.


  • Valid CCNA Security certification or any CCIE certification can act as a prerequisite.
    • The knowledge and skills that a learner must have before attending this Curriculum are as follows:
    • Common network security concepts
    • Deploy basic authentication, authorization, and accounting services
    • Advanced security services such as intrusion protection, content security and identity management
    • Secure routing and switching infrastructure
    • Deploy basic site-to-site and remote access VPN services
    • Deploy basic firewalling services
    • Bootstrap the Cisco ASA Firewall for use in a production network
    • Configure site-to-site VPNs using Cisco IOS features
    • Configure security features on IOS switches to mitigate various Layer 2 and Layer 3 attacks
    • Implement line passwords, and enable passwords and secrets
    • Examine authentication, authorization, and accounting (AAA) concepts and features using the local database as well as Cisco Secure ACS 5.2
    • Configure packet filtering on the perimeter router


300-208 SISAS

1.0 Threat Defense

1.1 Implement firewall (ASA or IOS depending on which supports the implementation)


  • 1.1.a Implement ACLs
  • 1.1.b Implement static/dynamic NAT/PAT
  • 1.1.c Implement object groups
  • 1.1.d Describe threat detection features
  • 1.1.e Implement botnet traffic filtering
  • 1.1.f Configure application filtering and protocol inspection
  • 1.1.g Describe ASA security contexts

1.2 Implement Layer 2 Security


  • 1.2.a Configure DHCP snooping
  • 1.2.b Describe dynamic ARP inspection
  • 1.2.c Describe storm control
  • 1.2.d Configure port security
  • 1.2.e Describe common Layer 2 threats and attacks and mitigation
  • 1.2.f Describe MACSec
  • 1.2.g Configure IP source verification

1.3 Configure device hardening per best practices


  • 1.3.a Routers
  • 1.3.b Switches
  • 1.3.c Firewalls

2.0 Cisco Security Devices GUIs and Secured CLI Management

2.1 Implement SSHv2, HTTPS, and SNMPv3 access on the network devices

2.2 Implement RBAC on the ASA/IOS using CLI and ASDM

2.3 Describe Cisco Prime Infrastructure


  • 2.3.a Functions and use cases of Cisco Prime
  • 2.3.b Device Management

2.4 Describe Cisco Security Manager (CSM)


  • 2.4.a Functions and use cases of CSM
  • 2.4.b Device Management

2.5 Implement Device Managers


  • 2.5.a Implement ASA firewall features using ASDM

3.0 Management Services on Cisco Devices

3.1 Configure NetFlow exporter on Cisco Routers, Switches, and ASA

3.2 Implement SNMPv3


  • 3.2.a Create views, groups, users, authentication, and encryption

3.3 Implement logging on Cisco Routers, Switches, and ASA using Cisco best practices

3.4 Implement NTP with authentication on Cisco Routers, Switches, and ASA

3.5 Describe CDP, DNS, SCP, SFTP, and DHCP


  • 3.5.a Describe security implications of using CDP on routers and switches
  • 3.5.b Need for dnssec

4.0 Troubleshooting, Monitoring and Reporting Tools

4.1 Monitor firewall using analysis of packet tracer, packet capture, and syslog


  • 4.1.a Analyze packet tracer on the firewall using CLI/ASDM
  • 4.1.b Configure and analyze packet capture using CLI/ASDM
  • 4.1.c Analyze syslog events generated from ASA

5.0 Threat Defense Architectures

5.1 Design a Firewall Solution


  • 5.1.a High-availability
  • 5.1.b Basic concepts of security zoning
  • 5.1.c Transparent & Routed Modes
  • 5.1.d Security Contexts

5.2 Layer 2 Security Solutions


  • 5.2.a Implement defenses against MAC, ARP, VLAN hopping, STP, and DHCP rogue attacks
  • 5.2.b Describe best practices for implementation
  • 5.2.c Describe how PVLANs can be used to segregate network traffic at Layer 2

6.0 Security Components and Considerations

6.1 Describe security operations management architectures


  • 6.1.a Single device manager vs. multi-device manager

6.2 Describe Data Center security components and considerations


  • 6.2.a Virtualization and Cloud security

6.3 Describe Collaboration security components and considerations


  • 6.3.a Basic ASA UC Inspection features

6.4 Describe common IPv6 security considerations


  • 6.4.a Unified IPv6/IPv4 ACL on the ASA
300-206 SENSS

1.0 Identity Management/Secure Access

1.1 Implement device administration

  • 1.1.a Compare and select AAA options
  • 1.1.b TACACS+
  • 1.1.c RADIUS
  • 1.1.d Describe Native AD and LDAP

1.2 Describe identity management

  • 1.2.a Describe features and functionality of authentication and authorization
  • 1.2.b Describe identity store options (i.e., LDAP, AD, PKI, OTP, Smart Card, local)
  • 1.2.c Implement accounting

1.3 Implement wired/wireless 802.1X

  • 1.3.a Describe RADIUS flows
  • 1.3.b AV pairs
  • 1.3.c EAP types
  • 1.3.d Describe supplicant, authenticator, and server
  • 1.3.e Supplicant options
  • 1.3.f 802.1X phasing (monitor mode, low impact, closed mode)
  • 1.3.g AAA server
  • 1.3.h Network access devices

1.4 Implement MAB

  • 1.4.a Describe the MAB process within an 802.1X framework
  • 1.4.b Flexible authentication configuration
  • 1.4.c ISE authentication/authorization policies
  • 1.4.d ISE endpoint identity configuration
  • 1.4.e Verify MAB Operation

1.5 Implement network authorization enforcement

  • 1.5.a dACL
  • 1.5.b Dynamic VLAN assignment
  • 1.5.c Describe SGA
  • 1.5.d Named ACL
  • 1.5.e CoA

1.6 Implement Central Web Authentication (CWA)

  • 1.6.a Describe the function of CoA to support web authentication
  • 1.6.b Configure authentication policy to facilitate CWA
  • 1.6.c URL redirect policy
  • 1.6.d Redirect ACL
  • 1.6.e Customize web portal
  • 1.6.f Verify central web authentication operation

1.7 Implement profiling

  • 1.7.a Enable the profiling services
  • 1.7.b Network probes
  • 1.7.c IOS Device Sensor
  • 1.7.d Feed service
  • 1.7.e Profiling policy rules
  • 1.7.f Utilize profile assignment in authorization policies
  • 1.7.g Verify profiling operation

1.8 Implement guest services

  • 1.8.a Managing sponsor accounts
  • 1.8.b Sponsor portals
  • 1.8.c Guest portals
  • 1.8.d Guest Policies
  • 1.8.e Self registration
  • 1.8.f Guest activation
  • 1.8.g Differentiated secure access
  • 1.8.h Verify guest services operation

1.9 Implement posture services

  • 1.9.a Describe the function of CoA to support posture services
  • 1.9.b Agent options
  • 1.9.c Client provisioning policy and redirect ACL
  • 1.9.d Posture policy
  • 1.9.e Quarantine/remediation
  • 1.9.f Verify posture service operation

1.10 Implement BYOD access

  • 1.10.a Describe elements of a BYOD policy
  • 1.10.b Device registration
  • 1.10.c My devices portal
  • 1.10.d Describe supplicant provisioning

2.0 Threat Defense

2.1 Describe TrustSec Architecture

  • 2.1.a SGT Classification – dynamic/static
  • 2.1.b SGT Transport – inline tagging and SXP
  • 2.1.c SGT Enforcement – SGACL and SGFW
  • 2.1.d MACsec

3.0 Troubleshooting, Monitoring and Reporting Tools

3.1 Troubleshoot identity management solutions

  • 3.1.a Identify issues using authentication event details in Cisco ISE
  • 3.1.b Troubleshoot using Cisco ISE diagnostic tools
  • 3.1.c Troubleshoot endpoint issues
  • 3.1.d Use debug commands to troubleshoot RADIUS and 802.1X on IOS switches and wireless controllers
  • 3.1.e Troubleshoot backup operations

4.0 Threat Defense Architectures

4.1 Design highly secure wireless solution with ISE

  • 4.1.a Identity Management
  • 4.1.b 802.1X
  • 4.1.c MAB
  • 4.1.d Network authorization enforcement
  • 4.1.e CWA
  • 4.1.f Profiling
  • 4.1.g Guest Services
  • 4.1.h Posture Services
  • 4.1.i BYOD Access

5.0 Identity Management Architectures

5.1 Device administration

5.2 Identity Management

5.3 Profiling

5.4 Guest Services

5.5 Posturing Services

5.6 BYOD Access

300-209 SIMOS

1.0 Secure Communications

1.1 Site-to-site VPNs on routers and firewalls


  • 1.1.a Describe GETVPN
  • 1.1.b Implement IPsec (with IKEv1 and IKEv2 for both IPV4 & IPV6)
  • 1.1.c Implement DMVPN (hub-Spoke and spoke-spoke on both IPV4 & IPV6)
  • 1.1.d Implement FlexVPN (hub-Spoke on both IPV4 & IPV6) using local AAA

1.2 Implement remote access VPNs


  • 1.2.a Implement AnyConnect IKEv2 VPNs on ASA and routers
  • 1.2.b Implement AnyConnect SSLVPN on ASA and routers
  • 1.2.c Implement clientless SSLVPN on ASA and routers
  • 1.2.d Implement FLEX VPN on routers

2.0 Troubleshooting, Monitoring and Reporting Tools

2.1 Troubleshoot VPN using ASDM & CLI


  • 2.1.a Troubleshoot IPsec
  • 2.1.b Troubleshoot DMVPN
  • 2.1.c Troubleshoot FlexVPN
  • 2.1.d Troubleshoot AnyConnect IKEv2 and SSL VPNs on ASA and routers
  • 2.1.e Troubleshoot clientless SSLVPN on ASA and routers

3.0 Secure Communications Architectures

3.1 Design site-to-site VPN solutions


  • 3.1.a Identify functional components of GETVPN, FlexVPN, DMVPN, and IPsec
  • 3.1.b VPN technology considerations based on functional requirements
  • 3.1.c High availability considerations
  • 3.1.d Identify VPN technology based on configuration output

3.2 Design remote access VPN solutions


  • 3.2.a Identify functional components of FlexVPN, IPsec, and Clientless SSL
  • 3.2.b VPN technology considerations based on functional requirements
  • 3.2.c High availability considerations
  • 3.2.d Identify VPN technology based on configuration output
  • 3.2.e Identify AnyConnect client requirements
  • 3.2.f Clientless SSL browser and client considerations/requirements
  • 3.2.g Identify split tunneling requirements

3.3 Describe encryption, hashing, and Next Generation Encryption (NGE)


  • 3.3.a Compare and contrast Symmetric and asymmetric key algorithms
  • 3.3.b Identify and describe the cryptographic process in VPNs – Diffie-Hellman, IPsec – ESP, AH, IKEv1, IKEv2, hashing algorithms MD5 and SHA, and authentication methods
  • 3.3.c Describe PKI components and protection methods
  • 3.3.d Describe Elliptic Curve Cryptography (ECC)
  • 3.3.e Compare and contrast SSL, DTLS, and TLS
300-210 SITCS

1.0 Content Security

1.1 Cisco Cloud Web Security (CWS)

  • 1.1.a Describe the features and functionality
  • 1.1.b Implement the IOS and ASA connectors
  • 1.1.c Implement the Cisco AnyConnect web security module
  • 1.1.d Implement web usage control
  • 1.1.e Implement AVC
  • 1.1.f Implement antimalware
  • 1.1.g Implement decryption policies

1.2 Cisco Web Security Appliance (WSA)

  • 1.2.a Describe the features and functionality
  • 1.2.b Implement data security
  • 1.2.c Implement WSA identity and authentication, including transparent user identification
  • 1.2.d Implement web usage control
  • 1.2.e Implement AVC
  • 1.2.f Implement antimalware and AMP
  • 1.2.g Implement decryption policies
  • 1.2.h Implement traffic redirection and capture methods (explicit proxy vs. transparent proxy)

1.3 Cisco Email Security Appliance

  • 1.3.a Describe the features and functionality
  • 1.3.b Implement email encryption
  • 1.3.c Implement antispam policies
  • 1.3.d Implement virus outbreak filter
  • 1.3.e Implement DLP policies
  • 1.3.f Implement antimalware and AMP
  • 1.3.g Implement inbound and outbound mail policies and authentication
  • 1.3.h Implement traffic redirection and capture methods
  • 1.3.i Implement ESA GUI for message tracking

2.0 Network Threat Defense

2.1 Cisco Next-Generation Firewall (NGFW) Security Services

  • 2.1.a Implement application awareness
  • 2.1.b Implement access control policies (URL-filtering, reputation based, file filtering)
  • 2.1.c Configure and verify traffic redirection
  • 2.1.d Implement Cisco AMP for Networks

2.2 Cisco Advanced Malware Protection (AMP)

  • 2.2.a Describe cloud detection technologies
  • 2.2.b Compare and contrast AMP architectures (public cloud, private cloud)
  • 2.2.c Configure AMP endpoint deployments
  • 2.2.d Describe analysis tools
  • 2.2.e Describe incident response functionality
  • 2.2.f Describe sandbox analysis
  • 2.2.g Describe AMP integration

3.0 Cisco FirePOWER Next-Generation IPS (NGIPS)

3.1 Configurations

3.2 Describe traffic redirection and capture methods

  • 3.2.a Describe preprocessors and detection engines
  • 3.2.b Implement event actions and suppression thresholds
  • 3.2.c Implement correlation policies
  • 3.2.d Describe SNORT rules
  • 3.2.e Implement SSL decryption policies

3.3 Deployments

  • 3.3.a Deploy inline or passive modes
  • 3.3.b Deploy NGIPS as appliance, virtual appliance, or module within an ASA
  • 3.3.c Describe the need for traffic symmetry
  • 3.3.d Compare inline modes: inline interface pair and inline tap mode

4.0 Security Architectures

4.1 Design a web security solution

  • 4.1.a Compare and contrast Cisco FirePOWER NGFW, WSA, and CWS
  • 4.1.b Compare and contrast physical WSA and virtual WSA
  • 4.1.c Describe the available CWS connectors

4.2 Design an email security solution

  • 4.2.a Compare and contrast physical ESA and virtual ESA
  • 4.2.b Describe hybrid mode

4.3 Design Cisco FirePOWER solutions

  • 4.3.a Configure the virtual routed, switched, and hybrid interfaces
  • 4.3.b Configure the physical routed interfaces

5.0 Troubleshooting, Monitoring, and Reporting Tools

5.1 Design a web security solution

  • 5.1.a Compare and contrast FirePOWER NGFW, WSA, and CWS
  • 5.1.b Compare and contrast physical WSA and virtual WSA
  • 5.1.c Describe the available CWS connectors

5.2 Cisco Web Security Appliance (WSA)

  • 5.2.a Implement the WSA Policy Trace tool
  • 5.2.b Describe WSA reporting functionality
  • 5.2.c Troubleshoot using CLI tools

5.3 Cisco Email Security Appliance (ESA)

  • 5.3.a Implement the ESA Policy Trace tool
  • 5.3.b Describe ESA reporting functionality
  • 5.3.c Troubleshoot using CLI tools

5.4 Cisco FirePOWER

  • 5.4.a Describe the Cisco FirePOWER Management Center dashboards and reports
  • 5.4.b Implement health policy
  • 5.4.c Configure email, SNMP, and syslog alerts
  • 5.4.d Troubleshoot NGIPS using CLI tools

Candidates need to undertake below exam

Exam Name:Exam Code :FeesDuration:Registration:
Implementing Cisco Secure Access Solutions (SISAS)300-208 SISAS
(55 - 65 questions)
$30090 minutesPearson VUE
Implementing Cisco Edge Network Security Solutions (SENSS)300-206 SENSS
(65-75 questions)
$30090 minutesPearson VUE
Implementing Cisco Secure Mobility Solutions (SIMOS)300-209 SIMOS
(65-75 questions)
$30090 minutesPearson VUE
Implementing Cisco Threat Control Solutions (SITCS)300-210 SITCS
(65-75 questions)
$30090 minutesPearson VUE

Upon completion of this course candidates will have the skills and knowledge to:

300-206: Implementing Cisco Edge Network Security Solutions – SENSS
  • Secure design principles
  • Deploying Cisco IOS control and management plane security controls
  • Deploying Cisco traffic telemetry methods
  • Deploying Cisco IOS layer two and layer three data plane security controls
  • NAT deployment on Cisco IOS software and Cisco ASA
  • Firewall threat controls and basic Cisco ASA policy configuration
  • Deploying advanced Cisco ASA access policies
  • Deploying reputation and identity-based Cisco ASA access policies
  • Threat controls deployment on Cisco IOS software
300-208: Implementing Cisco Secure Access Solutions – SISAS
  • Identity services overview and 802.1X
  • EAP and logging into Cisco identity services engine – ISE
  • Certificate based authentication and authorisation
  • Cisco TrustSec, MACsec and WebAuth access
  • Endpoint access control enhancements and troubleshooting
300-209: Cisco SIMOS
  • Fundamentals of VPN technologies and cryptography
  • Deploying secure site to site connectivity solutions
  • Deploying Cisco IOS site to site FlexVPN solutions
  • Deploying clientless SSL VPN – deploying AnyConnect VPN for remote access
  • Deploying endpoint security and dynamic access policies
300-210: Implementing Cisco Threat Control Solutions – SITCS
  • Cisco Web Security Appliance
  • Cisco Cloud Web Security
  • Cisco Email Security Appliance
  • Advanced Malware Protection for Endpoints
  • Cisco FirePOWER Next-Generation IPS
  • Cisco ASA FirePOWER Services

Candidates will have Employment Opportunities with following Job Title:

  • Level 2 Network Security Engineer
  • Level 2 Network Security Administrator
  • Level 2 Network Support
  • Level 2 Network Security Consultant
  • Level 2 Technical Consultant


Upcoming Batches
Weekday Batch :Weekend Batch:
On RequestOn Request

Frequently Asked Question

What is CCNP Security Certification?

Cisco Certified Network Professional Security (CCNP Security) certification focuses on the daily job tasks of experienced network security professionals and engineers.
Achieving CCNP Security certification confirms that you have the knowledge and skills needed to test, deploy, configure, maintain, and troubleshoot the Cisco network security appliances and the Cisco IOS Software devices that comprise your network’s security.

What is the duration of CCNP Security course?

The duration of course depends on the batch you select. Regular (mon – fri) classroom training takes 8 weeks or 160 hours, or Weekend (sat – sun) classroom training takes 2 Months or 160 hours. You can choose and check out the schedule and fees accordingly.

When do I get my CCNP Security certificate after passing an exam?

As per the procedures, printed CCNP Security Certification takes 6-8 weeks to reach you by mail. Check the status of your certificate in your Certification Tracking System. Date with a “Mailed” status implies the dispatch of your certificate on that date. No status found or 8 weeks are over, register a case with Certification & Communities Online Support team at www.cisco.com/go/certsupport.

What is the exam code of current version of CCNP Security Certification?

There are 4 exams in CCNP Security:

  • 300-208 SISAS
  • 300-206 SENSS
  • 300-209 SIMOS
  • 300-210 SITCS

What study material are referred for CCNP Security training?

Cisco press books, latest workbooks prepared & revised regularly by experts.

How much am I expected to earn once I get CCNP Security Certified?

Fresher may earn between 4,00,000 – 5,00,000 INR which may increase significantly with work experience, improved hands-on skills and other related factors.

Is online mode available for the CCNP Security training?

Yes. The batches are available in both weekdays as well as weekends in morning and evening sessions.

What are the facilities that Octa Networks provide for CCNP Security Certification?

We provide lab training facility in Asia with 24×7 Lab access with rack and lab administrator guide.
We offer great value for money to all our candidates through Personality development sessions. Our training is best in Mumbai and our trainers are CCIE Certified.

Is weekend training available for working professionals?


What would be various job roles offered to a CCNP Security candidates?

  • Level 2 Network Security Engineer
  • Level 2 Network Security Administrator
  • Level 2 Network Support
  • Level 2 Network Security Consultant
  • Level 2 Technical Consultant

How to get recertified in CCNP Security? Is it necessary?

CCNP Security certification is valid for three years.
To recertify, pass ONE of the following before the certification expiration date:

  • Pass any current 642-XXX Professional-level or any 300-XXX Professional-level exam, or
  • Pass any current CCIE Written Exam, or
  • Pass the current CCDE Written Exam OR current CCDE Practical Exam, or
  • Pass the Cisco Certified Architect (CCAr) interview AND the CCAr board review to extend lower certifications.

How many questions does the CCNP Security certification exam consist of?

  • 300-208 SISAS – 55 – 65 questions
  • 300-206 SENSS – 65 – 75 questions
  • 300-209 SIMOS – 65 – 75 questions
  • 300-210 SITCS – 65 – 75 questions

Reviews & Comments

Student Reviews

Yesterday we learned the basics of BGP including property, message types, states,role of igp into bgp and Rathod sir explained how messages are involved with states of bgp.
I left the class after half session because of office work 😞 and could not attend the remaining last 45 minuets.
But one thing is best and will be always best that our Trainer Jagdish Sir is always in positive mode and clear our doubt positively.
Thank you Jagdish sir, Arshad Sir and Octa networks for providing such an opportunity to learn the technology.
Jagdish Sir is doing his best in all session with same energy……….

My self Krishnendu form Kolkata i have attended CCNA Service provider and CCNP routing and Switching training from Octa Network. My trainer is Mr jagdish Rathod. He teaches us everything in detail. Today we have competed HSRP, VRRP and GLBP theory as well as Practical sessions. I have cleared all my doubts related to HSRP. Thank you Octa Networks, Rathod Jagdish, Arshad Dhunna, and Joaquim Fernandes sir.

I have attended the CCNA Wireless 8am-10am class.I learnt about RRM and AP group RF. Mr.Vibhor Sir explained these concept in very well manner.He keeps the session very interactive and solves all the queries raised by Students.Thanks Octa networks for providing such a talented mentor.

Thank You Octa Networks arshad Dhunna and Joaquim Fernandes for providing this Great Opportunity.

Yes its true 🤩

First of all I am giving 100/100 and I strongly recommended Octa Networks to all from this entire world that if want to start your carrier in Networking field (it doesn’t matter you are from technical background on not) Octa Networks will makes you champion in Networking (CCNA, CCNP, CCIE in all tracks).

Wish you all the best Octa Networks. Arshad Dhunna. Rathod Jagdish.

Amitesh Arnav, India

Attending CCNA Security class from Manuhar Khan, he is delivering very good security lecture, very polite & answer all the queries. One thing that I must tell you about him, his example are really interesting by relating real environment, That you can’t forget easily.

Recommending OCTA NETWORKS

Shan Vel

Octa network is such great place . To hole world global training Centre . I such a trainer is Jagdish Rathore sir provide training CCNA. / CCNP/ CCIE tramendous.. there his mind set .it’s great mentor , trainer , motivations .he is practically Person. Repeated every dout particular topic Clear..

Gaurav Kabre

Currently, I am taking CCNA Data Center training which is lead by Mr. Ronak Vyas. I appreciate his efforts in guiding and explaining the DC concepts. Also, he answers all the questions or doubts raised by the participants after explaining the topic.

Mr.Ronak very well explained step by step on concepts like UCS, OTV and VPC in Lab rack setup practically.
Thanks Octa Networks

Get In Touch

Request a call back