Securing Networks with ASA Foundation

The Securing Networks with ASA Foundation exam is one of the exams associated with the Cisco Certified Security Professional and the Cisco Firewall Specialist certifications. Candidates can prepare for this exam by taking the SNAF course. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco ASA Security Appliance product.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Configure Security Appliances for secured network connectivity

• Configure and verify network and interface settings using ASDM and CLI
• Configure and verify NAT globals, statics, NAT exemption, and Identity NAT using ASDM
• Configure and verify access-lists with or without object groups using ASDM

Configure and verify routing and switching on Security Appliances

• Describe the routing capabilities of the Security Appliance
• Use ASDM to configure VLANs on a Security Appliance interface
• Use ASDM to configure the passive RIP routing functionality of the Security Appliance

Configure and verify Authentication, Authorization, & Accounting services for Security Appliances

• Configure ACS for Security Appliance support
• Use ASDM to configure the Security Appliance AAA features
• Configure and verify Auth-Proxy (cut-through proxy) using ASDM

Configure and verify Layer 3 & 4 protocol inspection, Modular Policy Framework, and threat detection for Security Appliances

• Configure and verify Layer 3 and Layer 4 protocol inspection using ASDM
• Configure and verify Modular Policy Framework using ASDM
• Use ASDM to configure and verify threat detection

Configure and verify secure connectivity using VPNs

• Configure and verify remote access VPNs using ASDM
• Configure and verify IPsec VPN clients with preshared keys using ASDM
• Configure and verify site-to-site VPNs with preshared keys using ASDM
• Verify IKE and IPsec using ASDM and CLI
• Configure and verify clientless SSL VPN using ASDM

Configure and verify active/standby and active/active failover features on Security Appliances

• Configure and verify active/standby failover using ASDM
• Configure and verify active/active failover using ASDM
• Configure and verify redundant Interface using ASDM

Configure transparent firewall and virtual firewall features on a Security Appliance

• Explain the purpose of virtual & transparent firewalls
• Configure and verify the transparent firewall feature of the Security Appliance using CLI
• Configure and verify the virtual firewall feature of the Security Appliance using ASDM

Monitor and manage installed Security Appliances

• Update, backup, and restore configurations and software images using ASDM and CLI
• Install and verify Licensing using ASDM
• Configure and verify Console and SSH/Telnet access
• Configure and utilize Logging using ASDM

Securing Networks with ASA Foundation (SNAF) is the recommended training for this course.

Courses listed are offered by Cisco Learning Partners—the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the Global Learning Partner Locator for a Cisco Learning Partner near you.

A variety of Cisco Press Self-Study titles are available for this exam. These titles can be purchased at the Cisco Marketplace, directly from Cisco Press, or wherever you purchase technical books.

Return to Top