Introduction
Let’s start by saying that I have taken this exam twice and failed. I am currently CCNA Certified.
The exam is pretty hard so I have created this information dump. If you are studying for the SCOR, this is for you. Not only is helpful to anyone currently studying for this exam, but also for myself since I too am studying for this exam.
I have completely studied “CCNP and CCIE Security Core SCOR 350-701” by Omar Santos. A great book indeed! The only thing is that this exam just has too much content. The book does great in giving you links to resources to research. Though even the book tells you it might not be enough. A heads up, this exam is extremely heavy on Cisco Solutions.
Table of Contents
Cisco Security Solutions
Let’s start with the security solutions. Below are the solutions that you must study to pass this exam. You will not only need to know how they work (API, NETCONF, etc.). You will also need to know about Licensing, Integration, Deployment, and Key Features.
- Secure Email Gateway (ESA)
- Secure Endpoint (AMP)
- ISE
- DUO
- Umbrella
- Cloudlock
- Secure Analytics (Stealthwatch)
- Secure Cloud Analytics (Stealthwatch cloud)
- Catalyst Center (DNA Center)
- and more
Not only that but you must also be comfortable with GUI configurations of these solutions. An example would be:
“How to add a URL to the block list in Cisco Umbrella?”
You must know from what menu and settings you must click on the dashboard to configure this command. Additionally you must also know about TACACS+, and RADIUS. From their purpose, and integration with solutions like Cisco ISE (Identity Service Engine), and DUO for MFA. This is something that we will discuss later in this post.
Cisco Secure Email Gateway
This is a security solution for your email server. It provides malware protection, phishing protection, and even virus protection! but this all depends on which licensing you use. This also depends on what integrations you are running as well.
This solution can be run both on-prem, or a virtual appliance. If you setup a virtual appliance, you will need to setup Cisco Smart Licensing. You will also need to integrate this solution to your mail flow.
Cisco Catalyst Center (DNA Center)
This solution is for automating, and faster deployment of switches, routers, and network equipment. This solution is also great for configuration editing, like VLAN changes. Also Catalyst Center shows telemetry data using Netflow.
This solution is great for detecting errors, and for mass deployments of network equipment or changes.
Cisco Identity Service Engine (ISE)
This security solution is Cisco’s automated service that performs AAA (Authentication, Authorization, Accounting). This service uses both; RADIUS, and TACACS+ (we will discuss these two in great depth later).
The simplest way to put how ISE works is: You try to sign into the WIFI at your job. First it asks for your username/email, this gets pushed to ISE. ISE verifies this against RADIUS, or TACACS+. Here it can decide whether to allow the device, have the device try again, or block the device.
This solution can go pretty deep as well, from using RADIUS to integrate with DUO, to performing security postures on device, to even profiling.
Cisco Licensing
Cisco Solution requires licensing purchased from Cisco. The following link at the bottom is for a Cisco Website Documentation. Here Licensing is explained in diagrams, and links to each solution is provided.
Heads up, since you might not need to know specific licensing names with credentials. You only need to know the general types of licensing for the solution/integration you want. For example, Cisco FMC (Firepower Management Center) can be set up with AMP, Threat Defense, and Umbrella. Each of these solutions have their own license to add on.
Link to Cisco Licensing be redirected to Cisco’s website showing every security solution license topology!
Its important to know which license you will need, for example:
- What license do you need to integrate Cisco ESA with Threat Defense?
Also know the key differences between solution packages. For example:
Dropdowns
For Cisco Umbrella Integration Information, Click on the link below
What this link covers:
- SD-WAN Integration
- Secure X Integration
- AMP and Threat Defense Integration
If you want to learn more about Umbrella, I would skim through this entire PDF link, as this information is extremely valuable.
If you click on the link, it will take you to a general Secure Email Gateway Lincensing documentation, It does a general comparison between the Essentials, and Advantage packages.
Exam Blueprint
This is the General Blueprint of the SCOR. If you click on the link below this. This will take you to a cisco page with a complete breakdown of all the topics. Thus this makes this a great study guide as it gets extremely granular on the subjects.
- 25% 1.0 Security Concepts
- 20% 2.0 Network Security
- 15% 3.0 Securing the Cloud
- 10% 4.0 Content Security
- 15% 5.0 Endpoint Protection and Detection
- 15% 6.0 Secure Network Access, Visibility, and Enforcement
Disclaimer:
This post is intended for educational purposes only and provides discussion, guidance, and resources related to the Cisco SCOR 350-701 exam blueprint.
It is not affiliated with, endorsed by, or sponsored by Cisco Systems, Inc., and does not contain actual exam questions or answers.
All content in this post is based on publicly available information and the SCOR exam blueprint, with links provided to the official Cisco resources for further reference:
Use this post to learn, understand, and reinforce SCOR concepts. It is not a substitute for official Cisco training or the exam itself.
What is a Subnet???
If you want to learn about subnetting, check out some pointers on subnetting on this page!