5.1. Cisco CCNP - Implementing Cisco Secure Mobility Solutions (300-209 SIMOS)¶
1.0 Secure Communications (32%)
1.1 Site-to-site VPNs on routers and firewalls
1.1.a Describe GETVPN
1.1.b Implement IPsec (with IKEv1 and IKEv2 for both IPV4 & IPV6) using IOS and ASA
1.1.c Implement DMVPN (hub-Spoke and spoke-spoke on both IPV4 & IPV6)
1.1.d Implement FlexVPN (hub-Spoke on both IPV4 & IPV6) using local AAA
1.2 Implement remote access VPNs
1.2.a Implement AnyConnect IKEv2 VPNs on ASA and routers
1.2.b Implement AnyConnect SSLVPN on ASA and routers
1.2.c Implement clientless SSLVPN on ASA and routers
1.2.d Implement FLEX VPN on routers
2.0 Troubleshooting, Monitoring, and Reporting Tools (38%)
2.1 Troubleshoot VPN using ASDM & CLI
2.1.a Troubleshoot IPsec
2.1.b Troubleshoot DMVPN
2.1.c Troubleshoot FlexVPN
2.1.d Troubleshoot AnyConnect IKEv2 and SSL VPNs on ASA and routers
2.1.e Troubleshoot clientless SSLVPN on ASA and routers
3.0 Secure Communications Architectures (30%)
3.1 Design site-to-site VPN solutions
3.2 Design remote access VPN solutions
3.2.a Identify functional components of FlexVPN, IPsec and Clientless SSL
3.2.b VPN technology considerations based on functional requirements
3.2.c High availability considerations
3.2.d Identify VPN technology based on configuration output
3.2.e Identify AnyConnect client requirements
3.2.f Clientless SSL browser and client considerations/requirements
3.2.g Identify split tunneling requirements
3.3 Describe encryption, hashing, and Next Generation Encryption
3.3.a Compare and contrast Symmetric and Asymmetric key algorithms
3.3.b Identify and describe the cryptographic process in VPNs:
3.3.c Describe PKI components and protection methods