Implementing Cisco Intrusion Prevention System (IPS)
Version 7.0 (642-627)
Exam Description: The 642-627 IPS Implementing Cisco Intrusion Prevention System (IPS) version 7.0
exam is the exam associated with the CCNP® Security certification and the IPS Specialization. This 90minute, 60−70 questions exam tests a candidate's knowledge of the skills needed to deploy, maintain,
and troubleshoot Cisco IPS-based security solutions. Candidates can prepare for this exam by taking the
IPS Implementing Cisco Intrusion Prevention System (IPS) version 7.0 course. The exam is closed book
and no outside reference materials are allowed.
The following topics are general guidelines for the content likely to be included on the exam. However,
other related topics may also appear on any specific delivery of the exam. In order to better reflect the
contents of the exam and for clarity purposes, the guidelines below may change at any time without
notice.
32%
1.0
1.1
1.2
1.3
1.4
1.5
Pre-Production Design
Choose Cisco IPS technologies to implement HLD
Choose Cisco products to implement HLD
Choose Cisco IPS features to implement HLD
Integrate Cisco network security solutions with other security technologies
Create and test initial Cisco IPS configurations for new devices/services
55%
2.0
2.1
2.2
2.3
2.4
2.5
2.6
Complex Support Operations
Optimize Cisco IPS security infrastructure device performance
Create complex network security rules, to meet the security policy requirements
Configure and verify the IPS features to identify threats and dynamically block them
from entering the network
Maintain, update and tune IPS signatures
Use CSM and MARS for IPS management, deployment, and advanced event correlation.
Optimize security functions, rules, and configuration
3.0
3.1
3.2
Advanced Troubleshooting
Advanced Cisco IPS security software configuration fault finding and repairing
Advanced Cisco IPS sensor and module hardware fault finding and repairing
13%
2013 Cisco Systems, Inc. This document is Cisco Public.
Page 1