This exam tests your knowledge of implementing security automated solutions, including:
Programming concepts
RESTful APIs
Data models
Protocols
Firewalls
Web
DNS
Cloud and email security
ISE
Exam Description
The Automating and Programming Cisco Security Solutions v1.0 (SAUTO 300-735) exam is a 90-minute exam associated with the CCNP Security, Cisco Certified DevNet Professional, and Cisco Certified DevNet Specialist – Security Automation and Programmability certifications. This exam tests a candidate’s knowledge of implementing Security automated solutions, including programming concepts, RESTful APIs, data models, protocols, firewalls, web, DNS, cloud and email security, and ISE. The course, Implementing Cisco Security Automation Solutions, helps candidates to prepare for this exam.
The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.
1.1 Utilize common version control operations with git (add, clone, push, commit, diff, branching, and merging conflict)
1.2 Describe characteristics of API styles (REST and RPC)
1.3 Describe the challenges encountered and patterns used when consuming APIs synchronously and asynchronously
1.4 Interpret Python scripts containing data types, functions, classes, conditions, and looping
1.5 Describe the benefits of Python virtual environments
1.6 Explain the benefits of using network configuration tools such as Ansible and Puppet for automating security platforms
2.1 Describe the event streaming capabilities of Firepower Management Center eStreamer API
2.2 Describe the capabilities and components of these APIs
2.2.a Firepower (Firepower Management Center and Firepower Device Management)
2.2.b ISE
2.2.c pxGRID
2.2.d Stealthwatch Enterprise
2.3 Implement firewall objects, rules, intrusion policies, and access policies using Firepower Management Center API
2.4 Implement firewall objects, rules, intrusion policies, and access policies using Firepower Threat Defense API (also known as Firepower Device Manager API)
2.5 Construct a Python script for pxGrid to retrieve information such as endpoint device type, network policy and security telemetry
2.6 Construct API requests using Stealthwatch API
2.6.a perform configuration modifications
2.6.b generate rich reports
3.1 Describe the capabilities and components of these APIs
3.1.a Umbrella Investigate APIs
3.1.b AMP for endpoints APIs
3.1.c ThreatGRID API
3.2 Construct an Umbrella Investigate API request
3.3 Construct AMP for endpoints API requests for event, computer, and policies
3.4 Construct ThreatGRID APIs request for search, sample feeds, IoC feeds, and threat disposition
4.1 Describe the capabilities and components of these APIs
4.1.a Umbrella reporting and enforcement APIs
4.1.b Stealthwatch cloud APIs
4.1.c Cisco Security Management Appliance APIs
4.2 Construct Stealthwatch cloud API request for reporting
4.3 Construct an Umbrella Reporting and Enforcement API request
4.4 Construct a report using Cisco Security Management Appliance API request (email and web)
QUESTION 1
Which of the following is typically used to manage a Cisco router in-band? (Select the best answer.)
A. a VTY port
B. a serial port
C. a console port
D. an auxiliary port
Correct Answer: A
QUESTION 2
Which of the following enables the validation of both user and device credentials in a single EAP transaction? (Select the best answer.)
A. PEAP
B. EAP-FAST
C. EAP-FAST with EAP chaining
D. EAP-MD5
Correct Answer: C
QUESTION 3
Which of the following features protects the control plane by classifying traffic into three separate control plane subinterfaces? (Select the best answer.)
A. CoPP
B. CPPr
C. RBAC
D. uRPF
Correct Answer: B
QUESTION 4
Which of the following is an outputspreading technique that spammers use to manipulate reputation scores and defeat filters? (Select the best answer.)
A. phishing
B. snowshoe spam
C. waterfalling
D. listwashing
Correct Answer: B
Certkingdom Review, Certkingdom Cisco CCNP Security 300-735 PDF
Best Cisco CCNP Security 300-735 Certification, Cisco CCNP Security 300-735 Training at certkingdom.com