The 642-564 SSSE exam tests a candidate's knowledge of Cisco security products and product positioning and where each technology fits in the Cisco Self-Defending Network strategy. Topics covered include Cisco Security Appliance (ASA), PIX Firewall, IDS/IPS, VPN, Security Management, CS-MARS and NAC Appliance.
Exam Topics
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
Describe the technical functionality of Cisco security products
Identify and describe the functionality of key features included with the Cisco firewall products
Identify and describe the functionality of key features included with the Cisco Secure Connectivity Products
Identify and describe the functionality of key features included with the Integrated Security Router
Identify and describe the functionality of key features included with the Cisco IPS/IDS Products
Identify and describe the functionality of key features included with the Cisco Security Management Products (VMS & MARS)
Identify and describe the functionality of key features included with the Cisco Guard Products
Identify and describe the functionality of key features included with the Cisco End Point Security Products
Identify and describe the functionality of key features included with the Cisco AAA Security Products
Identify and describe the functionality of key features included with the Cisco Security Modules
Identify and describe the functionality of key features included with the Cisco NAC
Describe the technical benefits of Cisco security products to meet business requirements
Describe the benefits of key features included with the Cisco firewall products
Describe the benefits of key features included with the Cisco Secure Connectivity Products
Describe the benefits of key features included with the Integrated Security Router
Describe the benefits of key features included with the Cisco IPS/IDS Products
Describe the benefits of key features included with the Cisco Security Management Products
Describe the benefits of key features included with the Cisco Guard Products
Describe the benefits of key features included with the Cisco End Point Security Products
Describe the benefits of key features included with the Cisco AAA Security Products
Describe the benefits of key features included with the Cisco Security Modules
Describe the security benefits of the Cisco Self Defending Network
Describe how Cisco security products collaborate to provide application security
Describe how Cisco security products collaborate to provide anti-x
Describe how Cisco security products collaborate to provide containment & control
Describe how Cisco security products collaborate to provide secure connectivity
Describe how Cisco security products collaborate to provide trust and identity
Describe how Cisco security products collaborate to provide security management
Assess customer's technical and business requirements
Assess customer security needs at different BDM & TDM levels
Describe the importance for completing a security posture assessment
Develop and present an integrated systems solution
Describe the required lifecycle services and benefits for proposed security solution
Prepare a detail design document
Establish a systems acceptance plan
Describe router hardening
Describe how USB eToken provides for storage of secure configurations and certificate credentials
Describe how the AIM module can be utilized to meet customer security requirements
Describe how Embedded Encryption can be utilized to meet customer security requirements
Identify how Cisco ISR routers provide enhanced software hardening features and Control Plane Policing to deter DOS attacks
Describe when additional router processing power is required to support NAC, IPS, Firewall, and SDNI capabilities
Describe the CSA product
Describe CSA product features and functionality
Describe how the CSA product is used to secure various customer environments
Describe the CS MARS product
Describe the CS MARS solution, features, and functions in context to the issues of security incidents and security information in an enterprise network
Describe the CS MARS software and hardware appliance physical installation process
Describe how to add Cisco reporting devices into the CS MARS appliance
Describe how to add non-Cisco reporting devices into the CS MARS appliance
Describe how to use configured security devices to generate interesting events that constitute an attack scenario and have CS MARS collect the interesting events for incident investigation
Describe how to configure the CS MARS appliance to send alerts
Describe how to create and view a long-duration query on the CS MARS appliance
Describe how to configure a rule (or rules) that detect interesting patterns of network activity and other anomalous network behavior
Describe how to use the management features in the CS MARS to assign event, addressing, service, and user information
Describe how to configure the CS MARS appliance hardware maintenance chores
Describe Global Controller architecture, features and functions
Recommended Training
Security Solutions for Systems Engineers (SSSE) is the recommended training for this exam.
Courses listed are offered by Cisco Learning Partners, the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the Global Learning Partner Locator for a Cisco Learning Partner near you.
Additional Resources
A variety of Cisco Press titles may be available for this exam. These titles can be purchased through the Cisco Marketplace Bookstore, directly from Cisco Press.
