Security and risk management skills are among the most highly sought after skills in networking, and global demand continues to grow. Organizations around the world are experiencing a shortage of qualified information and communication technology (ICT) candidates with the specialized knowledge and skills needed to administer devices and applications in a secure infrastructure, recognize network vulnerabilities, and mitigate security threats.

CCNA Security provides a next step for individuals who want to enhance their CCNA-level skill set and help meet the growing demand for network security professionals such as Security Specialists, Security Administrators, and Network Security Support Engineers . The curriculum provides an introduction to the core security concepts and skills needed for the installation, troubleshooting and monitoring of network devices to maintain the integrity, confidentiality and availability of data and devices. This course validates skills including installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices and develops competency in the technologies that Cisco uses in its security structure.

CCNA Security includes the following features: • Students develop an in-depth, theoretical understanding of network security principles as well as the tools and configurations available. • The courses emphasize the practical application of skills needed to design, implement, and support network security. • Hands-on labs help students develop critical thinking and complex problem-solving skills. • Packet Tracer or GNS simulation-based learning activities promote the exploration of networking security concepts and allow students to experiment with network behavior and ask “what if” questions. • Innovative assessments provide immediate feedback to support the evaluation of knowledge and acquired skills. The curriculum helps prepare students for entry-level security career opportunities and for Implementing Cisco IOS® Network Security (IINS) certification exam (640-554) leading to the Cisco® CCNA Security certification.


See below the course fees and learning timelines.

Description Duration Learning Days Class Time Course Fees
1 CCNA Security 3 months Twice a week TBA TBA


The material covered in CCNA Security is outlined below:

CCNA Security course outline

Chapter Outline Goals
1 Common Security Threats
  • Describe common security threats
2 Security and Cisco Routers
  • Implement security on Cisco routers
  • Describe securing the control, data, and management plane
  • Describe Cisco Security Manager
  • Describe IPv4 to IPv6 transition
3 AAA on Cisco Devices
  • Implement AAA (authentication, authorization, and accounting)
  • Describe TACACS+
  • Describe RADIUS
  • Describe AAA
  • Verify AAA functionality
  • Describe standard, extended, and named IP IOS access control lists (ACLs) to filter packets
  • Describe considerations when building ACLs
  • Implement IP ACLs to mitigate threats in a network
5 Secure Network Management and Reporting
  • Describe secure network management
  • Implement secure network management
6 Common Layer 2 Attacks
  • Describe Layer 2 security using Cisco switches
  • Describe VLAN security
  • Implement VLANs and trunking
  • Implement spanning tree
7 Cisco Firewall Technologies
  • Describe operational strengths and weaknesses of the different firewall technologies
  • Describe stateful firewalls
  • Describe the types of NAT used in firewall technologies
  • Implement zone-based policy firewall using CCP
  • Implement the Cisco Adaptive Security Appliance (ASA)
  • Implement Network Address Translation (NAT) and Port Address Translation (PAT)
8 Cisco IPS
  • Describe Cisco Intrusion Prevention System (IPS) deployment considerations
  • Describe IPS technologies
  • Configure Cisco IOS IPS using CCP
9 VPN Technologies
  • Describe the different methods used in cryptography
  • Describe VPN technologies
  • Describe the building blocks of IPSec
  • Implement an IOS IPSec site-to-site VPN with pre-shared key authentication
  • Verify VPN operations
  • Implement Secure Sockets Layer (SSL) VPN using ASA device manager