subject: 642-618 Firewall Exam Topics For Cisco Firewall Security Specialists [print this page] The Cisco Firewall Security Specialists are mostly involved in the development of secured business solutions. These experts also design and deliver different levels of security access to networks.
Before one is considered as a Cisco Firewall Security Specialist he or she must pass the 642-618 Deploying Cisco ASA Firewall Solutions (FIREWALL v2.0) exam. This certification examination is affiliated to the CCNP Security and Cisco Firewall Specialist certification. The exam aims to assess the skills and knowledge of the candidate who are needed for the implementation and maintenance of the Cisco ASA-based perimeter solutions. Those who will pass the certification will be able to use the Cisco ASA features in reducing the risks to infrastructures and applications in the Information Technology. In preparation for the exam, the candidate must take-up the Deploying Cisco ASA Firewall Solution Course.
Deploying Cisco ASA Firewall Solution Course is led by an instructor who is offered by the Cisco training to their applicants. It has time duration of five days and aims to provide skills and knowledge to network security engineers for them to maintain and implement Cisco ASA solutions. The course aims to evaluate the basic features of the CISCO ASA and to implement and maintain the Cisco ASA security.
The 642-618 Deploying Cisco ASA Firewall Solutions (FIREWALL v2.0) exam has eight main parts. The first and second part of the exam is the implementation of a secure network with the use of Cisco ASA firewalls. Few of the sub-topics included in this part are the configuration of the device management, IP routing, object groups, VLANs, filtering, and fail over. It also includes the configuration of the security contexts, Modular Policy Framework, Application-Aware Inspections, QoS policies.
The third part of the certification is the implementation of a secure network with the use of Cisco VPN solutions. Some of the sub-topics are the configuration of the Dynamic Multipoint VPN, configuration of the Group Encrypted Transport, configuration of the Remote Access VPN, and the configuration of the High Availability. The fourth part includes the configuration of the Cisco IPS to mitigate the threats in the network. Few of the configuration topics included in this part are the security policies, the configuration of blocking on the Sensor Appliances, and the configuration and tuning of the Cisco IOS IPS.
The fifth part of the examination is the Implement Identity Management. Other parts of the exam are the Implement Control Plane and Management Plane Security, Configure Advanced Security, and Identify and Mitigate Network Attacks.
