CCNA Security



The Implementing Cisco Network Security (IINS) exam (210-260) is a 90-minute assessment with 60-70 questions. This exam tests the candidate's knowledge of secure network infrastructure, understanding core security concepts, managing secure access, VPN encryption, firewalls, intrusion prevention, web and email content security, and endpoint security. This exam validates skills for installation, troubleshooting, and monitoring of a secure network to maintain integrity, confidentiality, and availability of data and devices. This exam also shows competency in the technologies that Cisco uses in its security infrastructure. Candidates can prepare for this exam by taking the Implementing Cisco Network Security (IINS) course.


The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1.0 Security Concepts

1.1  Common security principles

1.2 Common security threats

1.3 Cryptography concepts

1.4 Describe network topologies

2.0 Secure Access

2.1   Secure management

2.2 AAA concepts

2.3 802.1X authentication

2.4 BYOD

3.0 VPN

3.1  VPN concepts

3.2 Remote access VPN

3.3 Site-to-site VPN

4.0 Secure Routing and Switching

4.1 Security on Cisco routers

4.2 Securing routing protocols

4.3 Securing the control plane

4.4 Common Layer 2 attacks

4.5 Mitigation procedures

4.6 VLAN security

5.0 Cisco Firewall Technologies

5.1  Describe operational strengths and weaknesses of the different firewall technologies

5.2 Compare stateful vs. stateless firewalls

5.3 Implement NAT on Cisco ASA 9.x

5.4 Implement zone-based firewall

5.5 Firewall features on the Cisco Adaptive Security Appliance (ASA) 9.x

6.0 IPS

6.1 Describe IPS deployment considerations

6.2 Describe IPS technologies

7.0 Content and Endpoint Security

7.1  Describe mitigation technology for email-based threats

7.2 Describe mitigation technology for web-based threats

7.3  Describe mitigation technology for endpoint threats