Cisco’s security certification track covers two main paths: CCNP Security (anchored by the SCOR 350-701 core exam) for senior security engineers, and CyberOps Associate (200-201) for SOC analysts and security operations roles. Omar Santos, a Cisco Principal Engineer and prolific security author, wrote the official cert guides for both. For networking-focused Cisco certs, see our CCNP Enterprise books and CCNA 200-301 books posts.
Current as of March 2026. Titles verified against exam blueprints.
CCNP and CCIE Security Core SCOR 350-701 Official Cert Guide, 2nd Edition
Omar Santos’ 832-page guide is the only Cisco-approved study resource for the SCOR 350-701 exam. The 2nd edition (November 2023) covers network security (firewalls, IPS, ISE), cloud security, content security (email, web), endpoint protection and detection, secure network access (ZTNA, MACsec), and security visibility and enforcement. Each chapter maps directly to an exam domain with review questions, key topic tables, and diagnostic quizzes.
SCOR is the core exam that all CCNP Security candidates must pass. The breadth of topics is significant because it spans firewall management, VPN technologies, ISE deployment, endpoint detection, and cloud security controls. Budget 4-6 months of study for candidates who are not already working in Cisco security daily.
- Author: Omar Santos
- Published: November 2023 (Cisco Press, 2nd Edition)
- Pages: 832
- Exam: SCOR 350-701
- Best for: CCNP Security core exam preparation
- Amazon: Buy on Amazon
Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
Also by Omar Santos, this 688-page guide targets the CyberOps Associate exam for SOC analysts and security operations professionals. It covers security concepts, security monitoring (SIEM, log analysis, NetFlow), host-based analysis (malware analysis, endpoint forensics), network intrusion analysis (packet captures, IDS/IPS), and security policies. The “Do I Know This Already?” quizzes at the beginning of each chapter help you focus study time on your weak areas.
CyberOps Associate is a strong entry-level security certification for people who want to work in a SOC. The exam is less networking-focused than CCNP Security and more about threat analysis, incident response, and log interpretation.
- Author: Omar Santos
- Published: December 2020 (Cisco Press)
- Pages: 688
- Exam: 200-201 CyberOps Associate
- Best for: SOC analysts and security operations roles
- Amazon: Buy on Amazon
Which certification path?
| Career goal | Certification | Book |
|---|---|---|
| Senior security engineer (firewall, VPN, ISE) | CCNP Security (SCOR 350-701) | Santos SCOR Cert Guide, 2nd Ed |
| SOC analyst, threat hunter | CyberOps Associate (200-201) | Santos CyberOps Cert Guide |
If you configure Cisco firewalls, VPNs, and ISE in your current role, go straight to CCNP Security. If you work in (or want to work in) a Security Operations Center analyzing threats and responding to incidents, CyberOps Associate is the relevant certification.
