642-617 Deploying Cisco ASA Firewall Solutions Exam Topics (Blueprint)

Exam Description

The 642-617 Deploying Cisco ASA Firewall Solutions (FIREWALL v1.0) exam is associated with the CCNP Security and Cisco Firewall Specialist certifications. This exam tests a candidate’s knowledge and skills needed to implement and maintain Cisco ASA-based perimeter solutions. Successful graduates will be able to reduce risk to the IT infrastructure and applications using Cisco ASA features, and provide detailed operations support for the Cisco ASA. Candidates can prepare for this exam by taking the Deploying Cisco ASA Firewall Solutions course.

Exam Topics

The following information provides general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. In order to better reflect the contents of the exam and for clarity purposes the guidelines below may change at any time without notice.

Pre-Production Design
  • Choose ASA Perimeter Security technologies/features to implement HLD based on given security requirements
  • Choose the correct ASA model to implement HLD based on given performance requirements 
  • Create and test initial ASA appliance configurations using CLI    
  • Determine which ASA licenses will be required based on given requirements      
Complex Operations Support
  • Optimize ASA Perimeter Security features performance, functions, and configurations

  • Create complex ASA security perimeter policies  such as ACLs, NAT/PAT, L3/L4/L7 stateful inspections, QoS policies, cut-thru proxy, threat detection, botnet detection/filter using CLI and/or ASDM

  • Perform initial setup on the AIP-SSM and CSC-SSM using CLI and/or ASDM

  • Configure, verify and troubleshoot High Availability ASAs (A/S and A/A FO) operations using CLI and/or ASDM

  • Configure, verify and troubleshoot static routing and dynamic routing protocols on the ASA using CLI and/or ASDM

  • Configure, verify and troubleshoot ASA transparent firewall operations using CLI

  • Configure, verify and troubleshoot management access/protocols on the ASA using CLI and/or ASDM

Describe Advanced Troubleshooting
  • Advanced ASA security perimeter configuraiton/software/hardware troubleshooting using CLI and/or ASD fault finding and repairing

Leave a Reply