SCAZT

The training provides you with the skills to design and implement cloud security architecture, user and device security, network and cloud security, cloud application and data security, cloud visibility and security, and cloud threat response. You will gain knowledge of protocols, solutions and designs to take a professional and expert role in the development and implementation of cloud solutions.

Course Contents

• Compare and contrast the National Institute of Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA), and Defense Information Systems Agency (DISA) security frameworks, and understand the importance of adopting standardized frameworks for cybersecurity in enhancing an organization's security posture
• Describe the Cisco Security Reference Architecture and its five main components 
• Describe commonly deployed use cases and recommend the necessary capabilities within an integrated security architecture to address them effectively
• Describe the Cisco Secure Architecture for Everyone (SAFE) architecture 
• Review the benefits, components, and process of certificate-based authentication for both users and devices
• Enable Duo multi-factor authentication (MFA) to protect an application from the Duo Administration Portal, and then configure the application to use Duo MFA for user login authentication 
• Install Cisco Duo and implement its multifactor authentication on remote access virtual private network (VPN)
• Configure endpoint compliance 
• Review and demonstrate the ability to understand Stateful Switchover (SSO) using security assertion markup language (SAML) or OpenID Connect together with Cisco Duo
• Describe Cisco software-defined wide-area network (SD-WAN) on-box and integrated threat prevention security services 
• Describe SD-WAN on-box and integrated content filtering security services
• Describe the features and capabilities of Cisco Umbrella Secure Internet Gateway (SIG), such as DNS Security, Cloud-Delivered Firewall (CDFW), intrusion prevention systems (IPS), and interaction with Cisco SD-WAN 
• Introduce the reverse proxy for internet-facing applications protections
• Explore the Cisco Umbrella SIG use case to secure cloud application access, the limitations and benefits of the solution, and the features available to discover and control access to cloud delivered applications 
• Explore the Cisco ThousandEyes capabilities for monitoring the Cisco SD-WAN deployment
• Describe the challenges of accessing SaaS applications in modern business environments and explore the Cisco SD-WAN Cloud OnRamp for SaaS solution with direct or centralized internet access 
• Introduce the Cisco Secure Firewall platforms, use cases, and security capabilities
• Demonstrate a comprehesive understanding of web application firewalls 
• Demonstrate a comprehensive understanding of Cisco Secure Workload capabilities, deployment options, agents, and connectors
• Demonstrate a comprehensive understanding of Cisco Secure Workload application dependency mapping and policy discovery 
• Demonstrate a comprehensive understanding of common cloud attack tactics and mitigation strategies
• Demonstrate a comprehensive understanding of multicloud security requirements and policy capabilities 
• Introduce the security issues with the adoption of public clouds and common capabilities of cloud visibility and assurance tools to mitigate these issues
• Introduce Cisco Secure Network Analytics and Cisco Security Analytics and Logging 
• Describe Cisco Attack Surface Management
• Describe how Application Program Interfaces (APIs) and automation can help in troubleshooting cloud policy, especially in the context of misconfigurations 
• Demonstrate a comprehensive knowledge of the appropriate responses to cloud threats in specific scenarios
• Demonstrate the comprehensive knowledge required to use automation for cloud threat detection and response

You will receive the original course documentation from Cisco in English language as a Cisco E-Book. In the Cisco Digital Learning Version, the content of the courseware is integrated into the learning interface instead.

Target Group

• Network Engineers
• Network Security Engineers
• Network Architects
• Sales/Presales Engineers

Knowledge Prerequisites

You should have the following knowledge and skills before attending this training course:

• Basic understanding of enterprise routing
• Basic understanding of WAN networks
• Basic understanding of Cisco SD-WAN
• Basic understanding of public cloud services

This knowledge can be found in the following Cisco learning offerings:

• CCNA - Implementing and Administering Cisco Solutions
• ENSDWI - Implementing Cisco SD-WAN Solutions
• SDWFND - Cisco SD-WAN Operation and Deployment

Complementary and Continuative Courses

SCOR – Implementing and Operating Cisco Security Core Technologies
SFWIPF – Fundamentals of Cisco Firewall Threat Defense and Intrusion Prevention
SISE – Implementing and Configuring Cisco Identity Services Engine
SESA – Securing Email with Cisco Email Security Appliance
SWSA – Securing the Web with Cisco Web Security Appliance
SVPN – Implementing Secure Solutions with Virtual Private Networks
SAUI – Implementing Automation for Cisco Security Solutions
SFWIPA – Advanced Techniques for Cisco Firewall Threat Defense and Intrusion Prevention

Course Objective

The course prepares you for the SCAZT exam. Validate your knowledge in the areas of cloud security architecture design and implementation, user and device security, network and cloud security, application and data security, visibility and security, and threat response. If you pass, you will receive the Cisco Certified Specialist - Secure Cloud Access certification. If you combine this Multicloud Specialist exam with the Cisco Core Professional exam SCOR, you will also fulfill the CCNP Security certification requirements.

You are interested in a certification? The course at hand is part of the following certification(s):

Certification as CCNP Security Certification

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Hybrid training

Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Cisco Digital Learning

This course is available in the Cisco Digital Learning Library. These recently developed, multi-modal training events include HD videos moderated by lecturers with stored searchable text and subtitles, as well as a exercises, labs, and explanatory text and graphics. We provide this offer to you via our myExperTeach learning portal. Effective of the activation of the account, access to the courses will be granted for a duration of 6 months. In the case of packet solutions (Cisco Digital Learning Subscriptions), this time period will amount to 12 months.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.