Cisco CCNP Security 300-206 SENSS

Implementing Cisco Edge Network Security Solutions

by Keith Barker

Total Videos : 27 Course Duration: 10:22:38
1. Welcome (00:07:05)
2. Port Security (00:25:15)
3. DHCP Snooping (00:29:58)
4. Dynamic ARP Inspection (DAI) (00:32:42)
5. Source Guard (00:15:12)
6. Storm Control (00:28:05)
7. Private VLANs (00:21:04)
8. Protected Ports (00:10:48)
9. VACLs, pACLs, and MACsec (00:15:50)
10. Remote Management (00:23:46)
11. RSA SSH Authentication (00:17:07)
12. SNMPv3 - CPPr (00:32:06)
13. iACLs (00:20:16)
14. uRPF (00:21:34)
15. NetFlow (00:27:07)
16. NAT and PAT (00:22:35)
17. Zone-Based Firewalls (00:42:12)
18. AAA (00:34:04)
19. Best Practices (00:26:09)
20. ASA CLI L3-4 (00:45:16)
21. ASA CLI L5-7 (00:25:00)
22. ASA Packet Capture (00:21:20)
23. Botnet Filtering (00:20:27)
24. Context Directory Agent (00:18:59)
25. Security Virtualization and IPS (00:15:20)
26. Management Tools (00:10:57)
27. IPv6 Security (00:12:24)
This Implementing Cisco Edge Network Security Solutions (SENSS) course provides training on how to configure and implement security on Cisco network perimeter edge devices such as a switch, router, and ASA firewall.

Recommended Skills:
  • CCNA Route/Switch and CCNA Security certification (or equivalent knowledge and skills)
  • Knowledge of Microsoft Windows
  • CCNA Security is a pre-requisite for the CCNP Security certification

Recommended Equipment:
  • Switch, IOS and ASA. Emulated IOS and ASA may be used.

Related Certifications:
  • CCNP Security. This course (SENSS exam # 300-206) is part of the curriculum in the Cisco Certified Network Professional Security (CCNP© Security) certification

Related Job Functions:
  • Network Analyst
  • Network Engineer
  • Network Technician
  • Network Designer
  • Security Analyst
  • Security Auditor
  • Penetration Tester
  • Security Architect
  • Technical Manager

In this course, you will learn how to implement and manage security on Cisco ASA firewalls, routers, and switches, as well as how to configure perimeter security solutions for mitigating threats against your network. As part of your studies regarding the ASA, it's also recommended that you watch the CBT Nuggets "CCNP Security Firewall" course for advanced ASA features including failover, transparent firewall, and multiple contexts.


00:00:00 - Hello.
00:00:01 - My name is Keith Barker.
00:00:02 - And on behalf of the entire CBT Nuggets family,
00:00:05 - welcome to Implementing Cisco Edge Network Security
00:00:08 - Solutions.
00:00:09 - Let's begin.
00:00:10 - Whenever I hear about a really great tip or idea,
00:00:13 - I like to do two things with that.
00:00:15 - Number one, I like to go ahead and incorporate
00:00:17 - that if I can use it.
00:00:18 - And then secondly, I like to share it with others.
00:00:20 - And what I'd like to do is share with you some ideas and tips
00:00:22 - that we can use together as you and I go through this course,
00:00:25 - to get the absolute most from this course.
00:00:28 - Now as the starting point, let's make
00:00:29 - sure we're on the same page of where we are.
00:00:31 - This is the Implementing Edge Network Security Solutions
00:00:34 - course.
00:00:35 - And Cisco has the acronym of SENSS for that.
00:00:38 - The S is for Secure.
00:00:40 - And then there's the Edge Network Security Solutions.
00:00:43 - And that's the acronym they came up with.
00:00:45 - That acronym and this title also corresponds
00:00:47 - to 300-206 which is the exam number for those
00:00:51 - who want to pursue certification regarding this content.
00:00:54 - And I remember my father sharing with me the age old
00:00:57 - saying that, if you give a man a fish, he eats for a day.
00:01:00 - If you teach him how to fish, he eats for a lifetime.
00:01:03 - And it's my clear intention for you
00:01:05 - that, as we go through this course together,
00:01:07 - your skills will improve.
00:01:08 - So that you will be able to improve the security
00:01:10 - posture on networks that you're either designing
00:01:12 - and implementing or networks that you're currently
00:01:14 - supporting.
00:01:15 - Now regarding any type of certification
00:01:17 - from Cisco-- if we ever need to find out,
00:01:20 - what's the latest information regarding
00:01:21 - a certain certification, the best source to go to for that,
00:01:25 - as far as the numbers involved and what
00:01:27 - it takes to get a Cisco certification,
00:01:29 - the best resource is Cisco's website.
00:01:31 - So this is the homepage for Cisco's website.
00:01:33 - And I'm going to put my cursor right here in the search field.
00:01:36 - And I'm going to press Enter.
00:01:38 - You can also put some characters into a search.
00:01:40 - But what we're after is this link right here--
00:01:42 - Training and Events.
00:01:43 - If we click on Training and Events,
00:01:45 - and then on the right-hand side, go to Cisco's Certifications,
00:01:48 - from here we have a bird's eye view of the certifications
00:01:51 - available from Cisco.
00:01:52 - So we scroll down just a little bit.
00:01:54 - Here we have our entry level certifications, the CCENT.
00:01:58 - The associate certification, which are mostly the CCNAs.
00:02:01 - And if we scroll down a little further,
00:02:03 - we have the professional, including the CCNP Security.
00:02:06 - And then the expert level where most of the certifications
00:02:09 - are CCIE.
00:02:10 - So in our case, if we take a look at CCNP Security
00:02:13 - and scroll down just a little bit,
00:02:15 - here it has the prerequisites which
00:02:17 - says you need to be a CCNA Security before Cisco
00:02:20 - will award you a CCNP Security.
00:02:23 - And to achieve a CCNP Security, these
00:02:25 - are the four exams that you must take
00:02:28 - and pass to become a CCNP Security.
00:02:31 - And out of the four exams required for CCNP Security,
00:02:34 - our focus in this course is the Edge Network Security
00:02:37 - Solutions.
00:02:38 - And so from here, if we click on that link for SENNS,
00:02:41 - and we go to Exam Topics and scroll down
00:02:43 - just a little bit, and here we have an overview
00:02:46 - of the blueprint for that certification exam.
00:02:49 - So we can click on Details here and expand any one of those.
00:02:51 - Or we can download or look at the entire PDF.
00:02:54 - So going forward, in the future, if you ever
00:02:56 - need to find out the details regarding what
00:02:58 - does Cisco require for this certifications
00:03:00 - or that certification, the best way to find out
00:03:03 - is go to the website yourself and see what the latest
00:03:05 - information is directly from Cisco
00:03:07 - regarding their blueprints for their certifications.
00:03:10 - So regarding this course that we're going to enjoy together,
00:03:12 - going through it video by video, one
00:03:14 - of the first tips I'd like to share with you
00:03:16 - is make sure that you watch all the videos.
00:03:18 - That's this guy right here.
00:03:20 - Plus I'm going to ask you to watch any specific videos
00:03:22 - that I call out in these videos.
00:03:25 - Now because it's fresh on my mind,
00:03:26 - let's take an example of IPv6.
00:03:28 - Now in this course, we're going to take a look at specifically
00:03:30 - some technologies that we can use to increase IPv6 security.
00:03:34 - But I also, in that video, recommend that if you don't yet
00:03:37 - know IPv6, maybe you go pop over to the IPv6 course.
00:03:41 - And I have a few videos in that course that I strongly
00:03:44 - recommend that you watch, if you're not yet
00:03:47 - familiar with IPv6.
00:03:49 - And because our focus in this course
00:03:50 - is implementing security, I also may refer you
00:03:53 - to another video at CBT Nuggets where,
00:03:57 - if you want to learn how to do, for example,
00:03:59 - penetration testing or taking advantage
00:04:01 - of a naked vulnerability in a protocol like IPv6,
00:04:05 - how you could do that, as well.
00:04:06 - So again in the video on IPv6 security,
00:04:08 - there's a recommendation for people
00:04:10 - who want to to go ahead and take a look at the pen testing
00:04:13 - video, which is called penetration testing with Linux
00:04:16 - tools that uses some of the tools in BackTrack and Kali
00:04:19 - Linux to actually implement an attack
00:04:21 - against IPv6 vulnerabilities.
00:04:23 - So my tip is as we're going through these videos,
00:04:25 - if I do an audible, and I call out saying,
00:04:28 - hey, this specific video in this specific course I think
00:04:31 - would be a great idea if you watched
00:04:32 - it to help reinforce the concepts,
00:04:34 - I'd like you take those recommendations
00:04:36 - as a literal request.
00:04:38 - Especially if your intent is, at some point,
00:04:41 - to go ahead and take a Cisco certification regarding
00:04:43 - this content.
00:04:43 - You'll want to watch every single video
00:04:45 - in this course plus the videos that I recommend.
00:04:48 - Another recommendation that will be really helpful in learning
00:04:50 - the content is to take notes as we go through it together
00:04:53 - either with a pad of paper and a pen or pencil
00:04:56 - or electronically.
00:04:57 - Just go ahead and jot down notes as we go through the content
00:04:59 - together.
00:05:00 - That will assist you in remembering and internalizing
00:05:03 - that content.
00:05:04 - And where possible, I would strongly encourage you,
00:05:06 - in a safe practice environment, not on your production
00:05:10 - network for your first go, but in a safe environment,
00:05:13 - I'd like you to practice and verify the techniques
00:05:15 - that we're learning together.
00:05:17 - The environments that we're going to be working on
00:05:19 - are switch environments and Cisco iOS router environments
00:05:23 - and the adaptive security appliance.
00:05:25 - So if you have, in a test environment,
00:05:26 - either virtualized or physical gear, again
00:05:29 - I would strongly recommend that you practice and verify
00:05:32 - everything that we go through in these videos together.
00:05:35 - And as you practice these techniques,
00:05:37 - that will serve you very well.
00:05:39 - Because again, it's another method
00:05:40 - for internalizing the information
00:05:42 - and getting some hands-on practice in implementing
00:05:45 - these security techniques.
00:05:46 - Another powerful method that can help us really learn content
00:05:49 - is to teach others.
00:05:51 - So if you have a loved one, family member, coworker,
00:05:53 - someone who will listen to you, I
00:05:55 - would strongly recommend you teach them the content.
00:05:57 - My wife, bless her heart, she has indulged me
00:06:00 - by allowing me to teach her lots and lots of content.
00:06:02 - And she'll just sit there and nod and listen.
00:06:06 - And really the benefit is for me because, as I teach a concept
00:06:10 - to someone, I can hear the words coming out my mouth.
00:06:12 - It also gives me an opportunity to identify areas
00:06:15 - where maybe I'm a little weak in that area.
00:06:17 - I can improve on that.
00:06:18 - And if you're teaching it to somebody else, who's
00:06:20 - another technical person, it's a win-win.
00:06:22 - Because as the tide rises, all boats rise as well.
00:06:26 - And one of the huge factors for me, as well, is to have fun.
00:06:30 - And I absolutely did have a lot of fun creating these videos
00:06:33 - with the knowledge that you and I would
00:06:35 - be going through them together.
00:06:36 - I would also encourage you to have fun.
00:06:39 - Every step of the way, enjoy the journey.
00:06:41 - Because at the end of the day, that's what life is all about.
00:06:44 - It's about our experiences, our memories, and the actions
00:06:47 - we take.
00:06:48 - So in keeping this intro fairly short so
00:06:50 - that you and I can get right into the content
00:06:52 - of implementing edge network security solutions.
00:06:55 - And the next video is only one click away.
00:06:58 - So again, thanks for joining me for the intro.
00:07:00 - I look forward to our journey together.
00:07:02 - I hope this has been informative for you.
00:07:04 - And I'd like to thank you for viewing.

Port Security

DHCP Snooping

Dynamic ARP Inspection (DAI)

Source Guard

Storm Control

Private VLANs

Protected Ports

VACLs, pACLs, and MACsec

Remote Management

RSA SSH Authentication






Zone-Based Firewalls


Best Practices



ASA Packet Capture

Botnet Filtering

Context Directory Agent

Security Virtualization and IPS

Management Tools

IPv6 Security

Please help us improve by sharing your feedback on training courses and videos. For customer service questions, please contact our support team. The views expressed in comments reflect those of the author and not of CBT Nuggets. We reserve the right to remove comments that do not adhere to our community standards.

comments powered by Disqus
Keith Barker

Keith Barker

CBT Nuggets Trainer

Cisco CCIE Routing and Switching, Cisco CCIE Security, Cisco CCDP, HP-MASE, Brocade BCNP, (ISC)2 CISSSP, CompTIA’s Network+ and Security+, VMware VCP5-DCV, Palo Alto CNSE, Check Point CCSA

Area Of Expertise:
Cisco, security, networking, bitcoin. Author or coauthor of: CCNA Security 640-554 Official Cert Guide; CCNP Security IPS 642-627 Official Cert Guide; CCNA Security 640-554 Official Cert Guide, and many more.

Course Features

Speed Control

Play videos at a faster or slower pace.


Pick up where you left off watching a video.


Jot down information to refer back to at a later time.

Closed Captions

Follow what the trainers are saying with ease.


Files/materials that supplement the video training

Offline Training

Our mobile apps offer the ability to download videos and train anytime, anywhere offline.

Accountability Coaching

Develop and maintain a study plan with assistance from coaches.


Stay Connected

Get the latest updates on the subjects you choose.

  © 2015 CBT Nuggets. All rights reserved. Licensing Agreement | Billing Agreement | Privacy Policy | RSS