The 640-554 Implementing Cisco IOS Network Security (IINS) is aimed at assessing the competence of a professional to secure the Cisco routers and switches and related networks. The security aspect of the networking is about constantly upholding the availability, authenticity and privacy of the data and services. CCNA Security certified professionals who have passed the 640-554 IINS exam have established their knowledge and skills to install, troubleshoot and maintenance of security of the network devices and be proficient with the Cisco technologies for securing network infrastructure.
Why is this exam required?
The objective 640-554 IINS exam is to certify the skills and knowledge of an associate - level professional in securing networks using Cisco technologies. The exam enables the candidates to acquire the knowledge on fundamentals of securing networks, protection of network infrastructure and control and containment of network security threats. Passing this certification exam prepares an individual to take up the following specialized jobs roles:
- Network security support engineer
- Network security specialist
- Security administrator
The associated certification for the 640-554 IINS exam is the Cisco Certified Network Associate Security (CCNA Security) certification. A CCNA Security certified professional will be capable of developing a secure network infrastructure, identifying risks and susceptibilities of a network, and alleviate the risks.
The prerequisite for pursuing CCNA Security certification for a professional is to be certified as Cisco Certified Entry Networking Technician (CCENT), Cisco Certified Network Associate (CCNA) Routing and Switching, or Cisco Certified Internetwork Expert (CCIE).
The 640-554 exam is divided into 9 domains that are equally important and critical to be understood. Each domain has different weight age in the exam however it is important to fully cover each subject of every domain. Following are the nine domains with their percentage in the exam:
- Common Security Threats (6%)
The candidate must know the common security threats to provide comprehensive information on the principles of network security which includes the fundamentals of network security about which every candidate must have thorough knowledge to grasp the details of the combating these threats and securing a network.
- Security and Cisco Routers (8%)
The candidates must also have the knowledge the securing of Cisco routers with Cisco Security Manager (CSM), control, data and management plane security, and IPv4 to IPv6 transition and security deployment on Cisco routers.
- AAA on Cisco Devices (8%)
Knowledge on the Authentication, Authorization, and Accounting (AAA) framework configured on Cisco Devices that enables access control on the router and servers and information on Cisco Related Products Terminal Access Controller Access Control System (TACACS+) and Remote Authentication Dial-In User Service (RADIUS) which are the most prominently used security protocols for access control, is also an important aspect to be known by the Pass4sure 640-554 candidates to take up the exam.
- IOS ACLs (8%)
The candidates also need to gain insights on various aspects of IOS Access control lists (ACLs) including explanation of extended, standard, and named IP IOS ACLs in filtering packets, considerations for building ACLs and employing IP ACLs for reducing threats in a network. , ACLs help in identifying the traffic in and out of a network and managing predictable events that can affect the network.
- Secure Network Management and Reporting (8%)
The candidates also required to know about the management and reporting of secure networks with detailed information on description and implementation of secure network management.
- Common Layer 2 Attacks
Common Layer 2 Attacks are one of the important topics a candidate must be competent. It includes description of Layer 2 security with Cisco switches, explanation of Virtual Local Area Network (VLAN) security, implementation of VLAN and trunking and functioning of Spanning Tree (STP).
- Cisco Firewall Technologies (15%)
Covering a significant part of the exam content, this topic requires the knowledge of the Cisco Firewall Technologies with description on descriptions of operational effectiveness and vulnerability of various firewall technologies, stateful firewalls, Network Address Translation (NAT) types used in firewall technologies, and implementation of NAT and Port Address Translation (PAT), application of Cisco Adaptive Security Appliance (ASA), and operation of Zone Based Firewall using Cisco Configuration Professional (CCP).
- Cisco IPS (16%)
Anothertopic of great importance in the exam is the IPS technology of Cisco that inspects the online traffic to identifies any malware in packets coming through the network are also covered under the exam description of IPS technologies, considerations for deployment of IPS and configuration of Cisco IOS IPS with the use of Cisco Configuration Professional (CCP).
- VPN Technologies (18%)
The most popular way of securing network through internet commonly used for corporate purposes is the Virtual Private Networks (VPN) Technologies and thus, is of prime importance in the exam. The candidates need to enhance their knowledge to use Cisco IOS (Internetwork Operating System) routers for connecting two corporate locations virtually through VPN platform and various other related aspects.
Successful completion of the CCNA Security certification makes a professional competent to have comprehensive understanding of the various kinds of challenges faced in the implementation, monitoring and troubleshooting Cisco security infrastructure solutions in a small branch office network, and skills to resolve them. The certification offers the new professionals in the IT industry an opportunity to specialize in security skills which are in high demand in the job market and also offer the experienced professionals in the networking field to enhance their knowledge and skills on network security for further career growth. Security skills are one of the highest-demand areas in the networking job market.