Course Overview

Learn how to implement, use, and maintain a Cisco® Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you’ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution’s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.

This course is worth 16 Credits in the Continuing Education Program.

Course Content

The following topics are general guidelines for the content likely to be included on the exam. However, other related topics may also appear on any specific delivery of the exam. To better reflect the contents of the exam and for clarity purposes, the guidelines below may change at any time without notice.

30% 1.0 Deployment

1.1 Implement NGFW modes
1.1.a Routed mode
1.1.b Transparent mode

1.2 Implement NGIPS modes
1.2.a Passive
1.2.b Inline

1.3 Implement high availability options
1.3.a Link redundancy
1.3.b Active/standby failover
1.3.c Multi-instance

1.4 Describe IRB configurations

30% 2.0 Configuration

2.1 Configure system settings in Cisco Firepower Management Center

2.2 Configure these policies in Cisco Firepower Management Center
2.2.a Access control
2.2.b Intrusion
2.2.c Malware and file
2.2.d DNS
2.2.e Identity
2.2.f SSL
2.2.g Prefilter

2.3 Configure these features using Cisco Firepower Management Center
2.3.a Network discovery
2.3.b Application detectors (Open AppID)
2.3.c Correlation
2.3.d Actions

2.4 Configure objects using Firepower Management Center
2.4.a Object Management
2.4.b Intrusion Rules

2.5 Configure devices using Firepower Management Center
2.5.a Device Management
2.5.b NAT
2.5.c VPN
2.5.d QoS
2.5.e Platform Settings
2.5.f Certificates

25% 3.0 Management and Troubleshooting

3.1 Troubleshoot with FMC CLI and GUI
3.2 Configure dashboards and reporting in FMC
3.3 Troubleshoot using packet capture procedures
3.4 Analyze risk and standard reports

15% 4.0 Integration

4.1 Configure Cisco AMP for Networks in Firepower Management Center
4.2 Configure Cisco AMP for Endpoints in Firepower Management Center
4.3 Implement Threat Intelligence Director for third-party security intelligence feeds
4.4 Describe using Cisco Threat Response for security investigations
4.5 Describe Cisco FMC PxGrid Integration with Cisco Identify Services Engine (ISE)
4.6 Describe Rapid Threat Containment (RTC) functionality within Firepower Management Center

Target Audience

Individuals involved in the deployment, installation and administration of a Cisco Web Security Appliance.


Attendees should meet the following prerequisites :

  • TCP/IP services, including Domain Name System (DNS), Secure Shell (SSH), FTP, Simple Network Management Protocol (SNMP), HTTP, and HTTPS
  • IP routing


You are expected to have one or more of the following basic technical competencies or equivalent knowledge:

  • Cisco certification (CCENT or higher) – ICND1 Recommended
  • Relevant industry certification  (ISC)2, (CompTIA) Security+,  EC-Council, GIAC, ISACA
  • Cisco Net Academy letter of completion (CCNA 1 and CCNA 2)
  • Windows expertise: Microsoft [Microsoft Specialist, Microsoft Certified Solutions Associate (MCSA), Microsoft Certified Solutions Expert (MCSE)], CompTIA (A+, Network+, Server+)


Recommended prerequisites:

  • G013 – CompTIA Security+
  • SCOR – Implementing and Operating Cisco Security Core Technologies
23 - 24 Jan 20232 DaysPublic classroom (Dubai-Knowledge Village) or virtual trainings
10 - 11 April 20232 DaysPublic classroom (Dubai-Knowledge Village) or virtual trainings
24 - 15 July 20232 DaysPublic classroom (Dubai-Knowledge Village) or virtual trainings
30 - 31 Oct 20232 DaysPublic classroom (Dubai-Knowledge Village) or virtual trainings