• Network or security engineers and architects working or planning to work in Cisco security environments
• IT professionals responsible for design, implementation, and operation of secure networks
• Candidates targeting CCNP Security or CCIE Security certification, for whom 350-701 SCOR is a required core exam
• Professionals seeking to validate their knowledge of security technologies across network, cloud, endpoint, and content
• Students with intermediate to advanced experience in networking who wish to deepen their security skillset

• Solid foundation in networking: routing, switching, IP addressing, VLANs, etc.
• Working familiarity with security principles (firewalls, VPNs, authentication, etc.)
• Experience using Cisco networking devices (IOS, ASA, NX-OS, firewalls)
• Some exposure to scripting, automation, APIs (helpful for programmability aspects)

• Explain and apply core security concepts, threat models, and cryptography in network and cloud contexts
• Design, implement, operate, and troubleshoot site-to-site and remote access VPNs, including high availability
• Configure and manage firewall/IPS, and apply security policies in network environments
• Harden network infrastructure devices (routers, switches, wireless) across management, control, data planes
• Implement network segmentation, VLAN/VRF designs, and protection against ARP, DHCP, MAC attacks
• Deploy and manage AAA, secure device access, logging, and secure management protocols
• Secure cloud-based applications and data, understand cloud security responsibility models, integrate workload security
• Configure content security (web, email), enforce URL/email filtering, data loss prevention, TLS interception
• Deploy endpoint protection/detection solutions, manage outbreak response, posture assessment
• Establish secure network access controls (802.1X, WebAuth, posture, profiling) and enforce access policies
• Use visibility, telemetry, and threat detection tools (NetFlow, Stealthwatch, ETA, pxGrid) to monitor and analyze traffic
• Detect and mitigate exfiltration, analyze network behavior for security events
• Integrate multiple security technologies in real-world scenarios, troubleshoot across domains
• Gain confidence to attempt and pass the 350-701 SCOR exam

• Common threats and vulnerabilities (on-premises, cloud)
• Cryptographic components: hashing, encryption, PKI, SSL/TLS, IPsec, NAT-T, certificate vs pre-shared key
• VPN types: site-to-site, remote access (sVTI, DMVPN, FlexVPN, AnyConnect)
• Security intelligence, threat sharing
• APIs in SDN environments (northbound/southbound), Cisco DNA Center APIs, scripting basics
• Understanding DevSecOps, CI/CD, workload security in cloud contexts

• Firewall & intrusion prevention (deployment models, architectures)

• NetFlow / Flexible NetFlow, telemetry

• Infrastructure security: securing routers, switches, wireless (VLANs, VRF, port security, ARP/DHCP inspection, PVLAN, storm control)

• Device hardening: management plane, control plane, data plane, logging, NTP

• AAA (TACACS+, RADIUS), dACLs, secure device access

• VPN establishment, secure management, debugging

• Cloud models (public, private, hybrid) and service models (IaaS, PaaS, SaaS)
• Shared responsibility in cloud security
• Cloud security technologies: firewall, proxy, CASB, management, data protection
• Application & data security in cloud
• Logging, monitoring, visibility in cloud environments
• Workload/container security, DevSecOps integration

• Content filtering, web/email security, traffic redirection
• Web proxy identity, authentication, TLS decryption
• Email security: spam filtering, DLP, encryption, malware filtering
• Cloud-based vs on-prem web/email security (Umbrella, WSA, ESA)
• Secure internet gateways, URL filtering, policy enforcement

• Endpoint protection platforms (EPP) and detection & response (EDR)
• Malware, IOC detection, dynamic analysis
• Quarantine, outbreak control, forensic posture
• Endpoint patching, asset management, MFA, posture assessment

• Identity and access controls: 802.1X, MAB, WebAuth, CoA

• BYOD, profiling, posture assessment

• Telemetry, visibility tools (Stealthwatch, Encrypted Traffic Analytics, pxGrid, etc.)

• Exfiltration methods (DNS, HTTPS, ICMP, etc.) and detection

• Network segmentation, enforcement via ISE / access control solutions