Cisco Firepower Learning Track
Cisco's Firepower Threat Defense (FTD) is a next-generation firewall solution that is a critical technology for IT pros developing their networking, cybersecurity, and/or sysadmin skills. This Learning Track is designed to help you navigate through CBT Nuggets Cisco Firepower learning content in a way that sets you up for optimal success, whether you're building your skills, pursuing Cisco certification, or both.
Cisco Firepower Learning Track
Skill 1: Firepower Threat Defense (FTD) Overview
CBT Nuggets trainer Keith Barker introduces you to Cisco Firepower Threat Defense (FTD). Learn about the history of firewall technologies and the benefits of today's next-generation firewalls (NGFWs). Gain an understanding of the Firepower Management Center (FMC), the Firepower Threat Defense (FTD) managed device, as well as the zones and deployment options on an FTD.
Total Viewing Time: 22 minutes
WATCH: Key Concepts of Firewall Tech
WATCH: FTD Features and Components
WATCH: Zones and Deployment Options
Supplemental Learning Opportunities
Get Hands-on Practice: Develop a lab environment where you can practice all that you learn throughout your Cisco Firepower training experience.
Cisco Practice Labs
GNS3 – Cisco emulator
Purchase a book (or two) to supplement your CBT Nuggets video training.
Essential Firepower: Your best practice guide to configuring Cisco's Next Generation Firewalls
CCNP Guide – Cisco Certified Network Professional – Security (SITCS)
Cisco Firepower Threat Defense (FTD): Configuration and Troubleshooting Best Practices for NGFW
Cisco Next-Generation Security Solutions: All-in-one Cisco ASA Firepower Services, NGIPS, and AMP
"Patience, persistence and perspiration make an unbeatable combination for success." – Napoleon Hill
Skill 2: Firepower Initial Configuration
Sign into CBT Nuggets to continue this Learning Track and develop the skills you need to configure Cisco Firepower.
Explore the initial setup of a Firepower Management Center (FMC) appliance and a Firepower Threat Defense (FTD) appliance. Learn how to register an FTD to be used for centralized management and how to configure, save, and deploy changes to an FTD from an FMC. Gain an understanding of the licensing requirements of an FMC and the IP addresses and zones used for FTDs.
Total Viewing Time: 31 minutes
WATCH: FMC Initial Plan and Setup
WATCH: FTD Initial Plan and Setup
WATCH: Adding the FTD to the FMC for Mgmt
WATCH: Planning for FTD Interfaces and Routing
WATCH: Configuring FTD Interfaces and Routing
"The price of success is hard work, dedication to the job at hand, and the determination that whether we win or lose, we have applied the best of ourselves to the task at hand." – Vince Lombardi
Skill 3: Firepower Routing and NAT
Your Cisco Firepower Learning Track continues at CBT Nuggets!
Sign in to continue your learning! Learn how to configure and verify routing and network address translation (NAT) on a Firepower appliance. And discover Firepower layer 3 packet forwarding, interface statuses, static routes, DHCP server options, Auto NAT, and manual NAT.
Total Viewing Time: 36 minutes
WATCH: Forwarding IP Packets
WATCH: Confirming Interfaces and Routing
WATCH: NAT Basics and Terminology
WATCH: Planning for Auto NAT
WATCH: Implementing Auto NAT
WATCH: Implementing Manual NAT
"Ambition is the path to success, persistence is the vehicle you arrive in." – William Eardley IV
Skill 4: Firepower Discovery
Keep learning Cisco Firepower when you log into CBT Nuggets!
Learn how to implement discovery policies in Firepower, view data in the dynamically created discovery host profiles, and use NMAP scans to enhance the host profile information that Firepower collects.
Total Viewing Time: 17 minutes
WATCH: Firepower Discovery Overview
WATCH: Implementing a Discovery Policy
WATCH: Viewing Discovery Host Profiles
WATCH: Using NMAP Scans with Host Profiles
"Tell me and I forget. Teach me and I remember. Involve me and I learn." – Benjamin Franklin
Skill 5: Firepower Access Control Policies
Log in to CBT Nuggets to continue learning Cisco Firepower!
Learn how to implement access control rules, use URL filtering and categories to filter websites, and create an IPS policy that integrates into an access control policy. Develop your understanding of malware policy, file policy, SSL/TLS decryption, and more.
Total Viewing Time: 45 minutes
WATCH: Access Control Policy Overview
WATCH: Access Control Policy Rule Actions Concepts
WATCH: Access Control Policy Rule Actions Demonstration
WATCH: URL Filtering
WATCH: Malware and File Inspections
WATCH: SSL/TLS Decryption
WATCH: IPS Inspection
"Continuous, unflagging effort, persistence and determination will win. Let not the man be discouraged who has these." – James Whitcomb Riley
Skill 6: Firepower Security Intelligence
Your Cisco Firepower journey continues when you sign into CBT Nuggets!
Explore the Security Intelligence (SI) feature in Firepower. Learn how to use lists and feeds, blacklist IP addresses and URLs, and implement Security Intelligence (SI) as part of an access control policy in Firepower.
Total Viewing Time: 19 minutes
WATCH: Security Intelligence Overview
WATCH: Security Intelligence Objects
WATCH: Security Intelligence Dynamic Blocking
WATCH: Implementing Security Intelligence
"It is not knowledge, but the act of learning, not possession but the act of getting there, which grants the greatest enjoyment." – Carl Friedrich Gauss
Skill 7: Cisco Firepower High Availability
Wrap up your Cisco Firepower learning experience by logging into CBT Nuggets! Master how to implement high availability on a Firepower Threat Defense (FTD) appliance. Learn about the requirements of Active/Passive failover pairs such as the number and types of interfaces, the active IP address and standby IP address, and more.
Total Viewing Time: 15 minutes
WATCH: Firepower HA Concepts
WATCH: Components and Requirements of HA
WATCH: Planning for HA
WATCH: Demonstrating Firepower HA
"No one succeeds without effort. Those who succeed owe their success to perseverance." – Ramana Maharshi
Supplemental Training Resources
Prerequisite Skills and/or Certifications
Most learners seeking to learn more about Cisco Firepower have extensive experience in networking and network security. The following skills will equip learners for the greatest success as they engage with the CBT Nuggets Cisco Firepower collection of learning content:
Install, troubleshoot, configure, and operate medium-sized routing and switching networks;
Verify and implement network connections to remote sites within a WAN;
Wireless networking terminology and concepts;
Mitigation of security vulnerabilities and threats;
Thorough understanding of protocols including Serial-Line Interface Protocol Frame Relay, IP, EIGRP, Ethernet, ACLs, RIPv2, and more.
Generally speaking, learners seeking to work with Cisco Firepower should have 2-5 years of experience in networking and/or network security.
Cisco Firepower is addressed in the CCNP Security certification, specifically in the 300-210 SITCS exam, one of four exams required for the certification. In order to be eligible for the CCNP Security certification, learners must first earn the CCNA Security certification.
Who Needs Cisco Firepower Skills
IT pros who have experience in networking and/or network security are best equipped to take on Cisco Firepower. The intermediate-level skills necessary for effectively operating Firepower have most likely been developed by security architects, security engineers, security consultants/specialists, security administrators, systems administrators, or network administrators. Due to the nature of the Cisco Firepower appliance, it is likely that IT pros will encounter this technology in medium-to-large enterprise business environments.
For learners pursuing CCNP Security certification, it is important to be aware that the certification is recognized by DoD 8570 and CNSS 4013, making them eligible for contract and permanent, full-time employment with various US government agencies.
Certification Exam Details
Time allotted for exam: 1.5 hours (90 minutes) (per exam)
Number of questions: 55-75 (per exam)
Passing score: Cisco does not publish the passing score for its exams
Question types: Multiple choice/single answer; Multiple choice/multiple answer; Drag and drop; Fill-in-the-blank; Simulation; Testlet; Simlet (per exam)
Exam registration: Pearson VUE
Exam cost: $300 (USD) (per exam)
Roadmap to Success: CCNP Security
Learn more about the CCNP Security certification from the CBT Nuggets blog. The Roadmap to Success: CCNP Security is part of a series of blog posts designed to help learners better understand certification pathways, career opportunities associated with those certifications, and next steps beyond certification.
Effective Learning Strategies
Proceed through all CBT Nuggets video training on double-speed to develop a strong overview of the material; Then proceed through all the training for a second time, taking good notes and focusing on deeper learning.
Proceed through all CBT Nuggets video training, taking good notes and focusing on deep learning on the first pass; Then proceed back through all training a second time, using double-speed when appropriate.
Supplement all video training with book study and practical application of knowledge.
Develop a test or lab environment where new skills can be practiced.
Once you have mastered Cisco Firepower, what should you work to learn next?SkillsFor those learners working to grow their cybersecurity skillset, a thorough understanding of ethical hacking, penetration testing, and programming skills will be valuable next steps.
For those interested in further expanding their networking skillset, developing a deep understanding of wireless networking and cloud computing, as well as network design will set you up for future success.
And for those seeking to develop their sysadmin skillset, building a strong understanding of server infrastructure, cloud platform, and Linux skills will equip you well for future opportunities.
For learners interested in pursuing next certification steps, consider the following options:
White Hat Hacking
(ISC)2 Certified Information Systems Security Professional (CISSP)
Cisco Certified Networking Professional Routing & Switching (CCNP)
Cisco Certified Design Associate or Professional (CCDA/CCDP)
Cisco Certified Internetwork Expert Routing & Switching (CCIE)
Microsoft MCSE: Core Infrastructure (recommended elective exam: 70-744: Securing Windows Server 2016)
Microsoft Certified: Azure Administrator Associate (AZ-103) or Microsoft Certified: Azure Solutions Architect Expert (AZ-300 and AZ-301)
Linux Professional Institute Certified Linux Engineer (LPIC-2)
CBT Nuggets Resources
delivered to your inbox.