SENSS 1.0: Secure Design Principles

This course is included in our On-demand training solution.


This course is intended to assist network architects and security practitioners with the appropriate placement of services into Network Security Zones. The Cisco modular network architecture best practices, designs, and configurations are introduced, and the necessary information to help network and security engineers succeed in designing, implementing, and operating secure network infrastructures based on Cisco products and technologies are covered. The course also describes the Cisco SecureX architecture and Cisco TrustSec, which are context-aware security solutions. Since the network infrastructure is one of the foundation elements of enterprise IT infrastructures and is a critical business asset of telecommunications service providers, this course concludes by providing an overview of network infrastructure protection controls on Cisco IOS routers, and switches, and describes some of its features.

Target Audience

Anyone wishing to obtain the Implementing Cisco Edge Network Security Solutions (SENSS) v1.0 certification; one of four designed for the CCNP Security track from Cisco. Knowledge of Cisco Certified Network Associate (CCNA) certification is required and knowledge of Cisco Certified Network Associate (CCNA) Security certification and Knowledge of Microsoft Windows Operating System are helpful.



Expected Duration

60 min.

Course Objectives

Course Introduction

Network Security Zones Implementation Model

  • describe the concepts of Network Security Zones
  • Zoning

  • describe Zoning
  • Zone Interface Points

  • describe Zone Interface Point
  • Service Placement

  • identify placement of services within the network zone architecture
  • Cisco Modular Network Architecture Designs

  • describe Cisco modular network architecture principles and designs
  • Cisco SecureX Architecture and Components

  • match the Cisco SecureX security solution to its function
  • Cisco Security Intelligence Operations

  • identify features of Cisco Security Intelligence Operations (SIO)
  • Distributed Threat Intelligence

  • identify how Cisco Security Intelligence Operations (SIO) devices operate
  • Cisco TrustSec Solution

  • describe the Cisco TrustSec solution architecture
  • Overview of Cisco Network Infrastructure Protection

  • recognize the need for network infrastructure protection
  • Modular Architecture and Infrastructure Protection

  • identify where to place network infrastructure protection into the Cisco modular network architecture design architectures
  • Identify Network Device Planes

  • match the network device plane operation to its identified objective
  • Management Plane Security Controls

  • describe plane security controls available
  • Layer 2 and 3 Data Plane Security Controls

  • classify Layer 2 and Layer 3 data plane security controls
  • Exercise: Describing Secure Design Principles