CCNA Security

CCNA Security

The Cisco Certified Network Associate Security certification (abbreviated as CCNA Security) from Cisco Systems is the basis of validating the knowledge and expertise of a network professional according to the Cisco defined associate level.

This certification focuses on the knowledge and skills required to secure a network deploying Cisco products and running the Cisco IOS operating system. Developing a robust and secure infrastructure, identifying threats and the present weakness of a network and mitigating threats to a network’s security, are the primary aspects of this certification.

The CCNA Security certification focuses on Cisco’s security technologies and all related procedures regarding Cisco devices such as their installation, troubleshooting and monitoring in order to have the devices and data available consistently on the network and to maintain the safety and reliability of the data. Also to create proficiency in using the various technologies which are implemented using the security structure recommended by Cisco?

Professionals having the CCNA Security Certification to their credit have the certified skills needed for job roles such as Security Specialists, Security Administrators, and Support Engineers for networks which are based on Cisco devices.


A valid and active CCNA certification and/or any CCIE certification are required beforehand for the certification. The exam 640-554 about implementing the Cisco IOS Network Security (IINS) is required to be cleared to get the CCNA Security certification.

The exam fee is $250 and consists of 55-65 questions. The duration of the exam is ninety minutes. Although training is available through various resources, it is not necessarily required. The CCNA Security exams are conducted by Pearson VUE testing centers all around the world. These exams are available in eight different languages.

Exam Topics

The Implementing Cisco IOS Network Security (IINS) exam 640-554 contains the following topics, which should be studied as part of the preparation for the certification:

  • Introduction of Network Security Principles: Network Security essentials; Methods of Attacking; Operations Security; Cisco Self-Defending Networks
  • Workspace Security: Administration of Access to Cisco Routers; Cisco SDM; implementing AAA on a Cisco Router with the help of the Local Database and on Secure ACS; Secure Management and Reporting; Lock Down of the Routers
  •  Network Security by use of Cisco IOS Firewalls: Firewall Technologies; ACLs and Static Packet Filters; Zone-Based Policy
  • Firewall of the Cisco IOS
  •  Site-to-Site VPNs, Cryptography, Encryption, Hashes and Digital Signatures, IPsec Fundamentals, and the Cisco SDM
  •  Network Security with Cisco IOS IPS: IPS Technologies, Cisco IOS IPS using the Cisco SDM
  •  Security related to LAN, SAN, Voice, and Endpoints


The CCNA Security certifications have a validity of three years. To recertify for the CCNA Security one must pass a CCNA Concentration exam in either wireless, security or voice certification tracks. Or one can attempt and pass a professional level exam i.e. the CCNP Security exam. Additionally candidates can opt to pass a current Cisco Certified Internetworking Expert (CCIE) or Cisco Certified Design Expert (CCDE) written exam.

CCNA Security Practice Exams

CCNA Security 640-554 Implementing Cisco IOS Network Security (IINS) Study Guide

CCNA Security Jobs

CCNA Security Books