The 642-617 Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0) exam is associated with the CCNP Security and Cisco Firewall Specialist certifications. This exam tests a candidate’s knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA Firewall Solutions course.
The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.
- Choose ASA Perimeter Security technologies/features to implement HLD based on given security requirements
- Choose the correct ASA model to implement HLD based on given performance requirements
- Create and test initial ASA appliance configurations using CLI
- Determine which ASA licenses will be required based on given requirements
Complex Operations Support
Optimize ASA Perimeter Security features performance, functions, and configurations
Create complex ASA security perimeter policies such as ACLs, NAT/PAT, L3/L4/L7 stateful inspections, QoS policies, cut-thru proxy, threat detection, botnet detection/filter using CLI and/or ASDM
Perform initial setup on the AIP-SSM and CSC-SSM using CLI and/or ASDM
Configure, verify and troubleshoot High Availability ASAs (A/S and A/A FO) operations using CLI and/or ASDM
Configure, verify and troubleshoot static routing and dynamic routing protocols on the ASA using CLI and/or ASDM
Configure, verify and troubleshoot ASA transparent firewall operations using CLI
Configure, verify and troubleshoot management access/protocols on the ASA using CLI and/or ASDM
Describe Advanced Troubleshooting
Advanced ASA security perimeter configuraiton/software/hardware troubleshooting using CLI and/or ASD fault finding and repairing