Who should take the 300-740 SCAZT?

Network engineers, cloud security analysts, and security architects managing Cisco environments should be thinking about taking the 300-740 SCAZT and earning their CCNP Security. If you secure user access to cloud apps and hybrid networks, with this course you’ll know how to design, implement, and enforce secure cloud access strategies across Cisco platforms.

How much does the CCNP Security cost?

The CCNP Security costs at least $700, but it can cost more depending on how you go about earning it. The CCNP Security core exam (350-701 SCOR) costs $400, and you must pass it. This course prepares you for 300-730 SCAZT one of the eight concentration exams you can choose from, each of which cost $300. Consider factoring training materials and lab access into your total cost, which may bring the total investment to around $1,500.

Does the CCNP Security pay well?

Yes, professionals with a CCNP Security certification often earn between $100,000 and $140,000 in roles like security engineer, cloud security architect, or network operations lead. It's a widely recognized credential that proves hands-on expertise, which is valued in mid-to-senior IT security roles.

Is the 300-740 SCAZT exam hard?

Yes, as a CCNP Security concentration exam, the 300-740 SCAZT is tough – especially if you don’t have hands-on experience with Cisco tools and cloud security frameworks. The exam will expect you to configure and troubleshoot identity management, endpoint controls, SASE integrations, and secure access policies. In other words, practical and hands-on lab practice is key to success.

Is the CCNP Security worth it?

Yes, if you're pursuing a serious career in network security, the CCNP Security validates your ability to secure hybrid cloud environments, enforce identity-based access, and manage Cisco security platforms. For many professionals, it’s a necessary step toward architect or lead engineer roles.

Designing and Implementing Secure Cloud Access for Users and Endpoints (300-740 SCAZT)

This Cisco Security Essentials course prepares IT professionals to defend modern enterprise infrastructure using Zero Trust principles and consistent policy enforcement. Dive deep into the Cisco Secure Reference Architecture (SRA) to explore PKI foundations, identity-based access control with Cisco ISE and Duo, and integrated cloud security. This course covers advanced network protection, including SD-WAN integration with Umbrella and workload security across multi-cloud environments. You’ll also get comfortable with XDR orchestration by leveraging Talos threat intelligence and using ThousandEyes for end-to-end visibility. Once you’re done with this course, you’ll have the expertise to design and deploy a resilient security fabric across any enterprise landscape.

David SmithService Provider & Network Architecture

Updated March 2026

Request a Demo

31Skills

170Videos

26h 44mTotal

170 videos26h 44m

Who This Course Is For

This course is for security engineers, network engineers, and cloud specialists who design or support secure access to cloud and SaaS applications. If you work with Cisco networks and make security decisions in cloud or hybrid environments, this course will give you practical insight into the tools and frameworks you need to do your job

Skills Your Team Will Gain

Design secure cloud access architectures
Implement identity and access management policies
Enforce endpoint and application security controls
Configure and manage secure network edges
Analyze cloud threats using logging and telemetry
Respond to security incidents across hybrid environments

Course Curriculum

Premium skill.Exploring Security Frameworks: Part 152m
Premium skill.Exploring Security Frameworks: Part 250m
Premium skill.Cisco SRA: User and Device Security Intro50m
Premium skill.Cisco SRA: User and Device Security Measures47m
Premium skill.Certificate-Based Authentication Foundations48m
Premium skill.Certificate-Based Access Control Using Cisco ISE48m
Premium skill.Cisco DUO Application Protection45m
Premium skill.802.1X Certificate-Based Network Access47m
Premium skill.SRA Use Cases: Common Identity53m
Premium skill.Identity-Aware Application Access58m
Premium skill.Using DUO with AnyConnect VPN50m
Premium skill.Secure Remote Access VPN Policies1h 5m
Premium skill.SRA Use Cases: Zero Trust Network Access48m
Premium skill.Cisco SRA: Network Security48m
Premium skill.Cisco SRA: Advanced Network Security50m
Premium skill.Cisco SRA: Workload Application and Data Security49m
Premium skill.Cisco SRA: Cisco Secure Workload49m
Premium skill.SD-WAN Content Filtering48m
Premium skill.Integrate SD-WAN with Cisco Umbrella1h 3m
Premium skill.Implement Umbrella DNS with SD-WAN54m
Premium skill.Implement Umbrella SIG with SD-WAN50m
Premium skill.Understand Umbrella Access Security Broker1h 1m
Premium skill.Cisco ThousandEyes Fundamentals49m
Premium skill.Integrate Cisco SD-WAN with ThousandEyes47m
Premium skill.Cisco SRA: XDR Toolset57m
Premium skill.SRA Use Cases: XDR Telemetry and Orchestration1h 3m
Premium skill.SRA Use Cases: Converged Multicloud Policy49m
Premium skill.SRA Use Cases: SASE Integration49m
Premium skill.Cisco SRA: Talos53m
Premium skill.Explore the Cisco SAFE Architecture49m
Premium skill.SD-WAN Direct Internet Access53m

Part of the Network Modernization training initiative

Platform Features

For IT leaders

What IT leaders need to know before assigning this course

Distributed work, direct internet access, and multicloud operations make security inconsistent when identity, network, remote access, and detection tools are managed in silos. IT teams complete this intermediate Cisco training to build a shared operating model around Cisco Secure Reference Architecture concepts, certificate-based access, Duo-protected applications and VPN, SD-WAN security integrations, Umbrella, ThousandEyes, XDR telemetry, Talos, and Cisco SAFE.

For an IT Director or Training Manager, the time commitment is realistic but meaningful: about 27 hours per learner, best assigned to network security engineers, security operations staff, and senior network practitioners supporting Cisco environments. Team Leads should plan this as a cross-functional upskilling path because the topics span access control, remote access policy, DNS/SIG security, visibility, and incident-response tooling.

CBT Nuggets Playlists can sequence the course by role or project phase, while Team Reporting helps managers track completion and adoption across the team.

Team Impact

How this training helps your team succeed

This training helps Cisco-focused teams reduce security gaps that appear when access, network, and detection controls are implemented independently. The course maps practical scenarios across user/device security, application access, VPN policy, SD-WAN security, cloud-delivered protection, visibility, and XDR.

Standardize access decisions with certificate-based authentication, Cisco ISE concepts, 802.1X network access, and common identity use cases.
Improve remote workforce protection by connecting Duo application protection, AnyConnect VPN, secure remote access policies, and zero trust network access scenarios.
Strengthen branch and internet-edge security by integrating Cisco SD-WAN with Umbrella DNS, Umbrella SIG, content filtering, and direct internet access designs.
Increase operational visibility by applying ThousandEyes fundamentals, SD-WAN integration, XDR telemetry/orchestration, Talos context, and Cisco SAFE architecture concepts.

After completion

Knowledge & ability your team will gain

Knowledge

Cisco security framework concepts, including Secure Reference Architecture and Cisco SAFE.
User and device security measures for Cisco environments.
Certificate-based authentication foundations and how they relate to Cisco ISE and 802.1X.
Duo use cases for application protection and AnyConnect VPN access.
SD-WAN security patterns using content filtering, Umbrella DNS, Umbrella SIG, and direct internet access.
XDR, Talos, ThousandEyes, and multicloud/SASE policy concepts.

Ability

Evaluate where identity, device, network, workload, and data protections fit in a Cisco security architecture.
Plan certificate-based access control and network access approaches using Cisco ISE and 802.1X concepts.
Align remote access VPN policies with Duo and zero trust network access use cases.
Identify SD-WAN integration points for Umbrella and ThousandEyes.
Connect telemetry, orchestration, Talos intelligence, and XDR use cases to security operations workflows.
Discuss converged multicloud policy and SASE integration with network and security stakeholders.