300-735 SAUTO

Automating Cisco Security Solutions v1.1 (300-735)

Exam Description: Automating Cisco Security Solutions v1.1 (SAUTO 300-735) is a 90-minute exam associated with the CCNP Security Certification and DevNet Professional Certification. This exam tests a candidate’s knowledge of implementing Security automated solutions, including programming concepts, RESTful APIs, data models, protocols, firewalls, web, DNS, cloud and email security, and ISE. The course, Implementing Automation for Cisco Security Solutions, helps candidates to prepare for this exam.

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

1. 10% Network Programmability Foundation
   
   1. Use common version control operations with git (add, clone, push, commit, diff, branching, and merging conflict)
   2. Describe characteristics of API styles (REST and RPC)
   3. Describe the challenges encountered and patterns used when consuming APIs synchronously and asynchronously
   4. Interpret Python scripts containing data types, functions, classes, conditions, and looping
   5. Describe the benefits of Python virtual environments
   6. Explain the benefits of using network configuration tools such as Ansible and Terraform for automating security platforms
2. 35% Network Security
   
   1. Describe the event streaming capabilities of Cisco Secure Firewall Management Center (formerly Firepower Management Center) GStreamer API
   2. Describe the capabilities and components of these APIs
      
      1. Cisco Secure Firewall Management Center and Cisco Secure Firewall Device Manager
      2. Cisco Identity Services Engine (ISE)
      3. pxGRID
      4. Cisco Secure Network Analytics (formerly Stealthwatch) Enterprise
   3. Implement firewall objects, rules, intrusion policies, and access policies using Cisco Secure Firewall Management Center API
   4. Implement firewall objects, rules, intrusion policies, and access policies using Cisco Secure Firewall Device Manager API
   5. Construct a Python script for pxGrid to retrieve information such as endpoint device type, network policy, and security telemetry
   6. Construct API requests using Cisco Secure Network Analytics API
      
      1. Perform configuration modifications
      2. Generate rich reports
3. 30% Advanced Threat & Endpoint Security
   
   1. Describe the capabilities and components of these APIs
      
      1. Cisco Cloud Security APIs (such as Umbrella APIs, and Investigate APIs)
      2. Cisco Secure Endpoint (formerly AMP for Endpoints) API
      3. Cisco Secure Malware Analytics (formerly ThreatGRID) API
      4. Cisco XDR solution APIs (such as SecureX API and Threat Response API)
   2. Construct an Umbrella Investigate API request
   3. Construct Cisco Secure Endpoint API requests for event, computer, and policies
   4. Construct Cisco Secure Malware Analytics API requests for search, sample feeds, IoC feeds, and threat disposition
   5. Construct Cisco XDR solution API calls
   6. Describe the orchestration capabilities of the Cisco XDR solution
4. 25% Cloud, Web, and Email Security
   
   1. Describe the capabilities and components of these APIs
      
      1. Umbrella APIs
      2. Cisco Secure Cloud Analytics (formerly Steathwatch Cloud) APIs
      3. Cisco Secure Email and Web Manager (formerly Security Management Appliance) APIs
   2. Construct Secure Cloud Analytics API request for reporting
   3. Construct an Umbrella API request for Reports and Policies
   4. Construct a report using Secure Email and Web Manager API request