IT Certification and Career Paths

642-515 SNAA

Hierarchical Navigation

Securing Networks with ASA Advanced
Retired April 8, 2011
    Exam Number:     642-515
Associated Certifications: Cisco Certified Security Professional (CCSP)
Duration: 90 minutes (55-65 questions)
Available Languages: English and Japanese
Click Here to Register: Pearson VUE
Exam Policies: Read current policies and requirements
Exam Tutorial: Review type of exam questions

Exam Description    Exam Topics    Recommended Training    Additional Resources
Exam Description

The Securing Networks with ASA Advanced exam is one of the exams associated with the Cisco Certified Security Professional certification. Candidates can prepare for this exam by taking the SNAA course. This exam includes simulations and tests a candidate's knowledge and ability to describe, configure, verify and manage the Cisco ASA Security Appliance product.

Exam Topics

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

Configure and verify NAT, dynamic routing, and switching on Security Appliances

  • Configure and verify VLANS using ASDM
  • Configure and verify dynamic routing protocols and route redistribution using ASDM
  • Configure and verify policy NAT using ASDM

Configure and verify application layer protocol inspection and Modular Policy Framework for Security Appliances

  • Describe the Layer 7 advanced protocol handling capabilities of the Security Appliance
  • Configure and verify Layer 7 application layer protocol inspection using ASDM
  • Configure and verify Modular Policy Framework using ASDM

Configure and verify secure connectivity using IPsec VPNs

  • Describe the features and capabilities of digital certificates
  • Describe how to use digital certificate enrollment with the Security Appliance and Cisco VPN client
  • Configure and verify remote access VPNs with digital certificates using ASDM
  • Configure and verify IPsec VPN clients with digital certificates using ASDM
  • Configure and verify site-to-site VPNs with digital certificates using ASDM
  • Configure and verify advanced remote access features using ASDM
  • Configure and verify the ASA 5505 as a remote access client using ASDM
  • Configure and verify QoS for tunnel traffic using ASDM

Configure and verify secure connectivity using SSL VPNs

  • Describe the features and capabilities of SSL VPNs
  • Configure and verify the local certificate authority using ASDM
  • Configure and verify clientless access including smart tunnels, plug-ins and bookmarks using ASDM
  • Configure and verify port forwarding using ASDM
  • Configure the Security Appliance for SSL VPN client access using ASDM
  • Configure and verify the AnyConnect VPN client
  • Configure and verify CSD using ASDM
  • Configure and verify DAP using ASDM

Configure and verify AIP-SSM and CSC-SSM modules

  • Explain the function that AIP-SSM and CSC-SSM perform within a network
  • Configure and verify AIP-SSM
  • Configure and verify CSC-SSM
Recommended Training

Securing Networks with ASA Advanced (SNAA) is the recommended training for this course.

Courses listed are offered by Cisco Learning Partners—the only authorized source for Cisco IT training delivered exclusively by Certified Cisco Instructors. Check the Global Learning Partner Locator for a Cisco Learning Partner near you.

Additional Resources

A variety of Cisco Press Self-Study titles are available for this exam. These titles can be purchased at the Cisco Marketplace, directly from Cisco Press, or wherever you purchase technical books.


Return to Top

Related Tools

Related Links

Learning & Events

About Cisco

Partners & Resellers