Lessons 1: Introduction
- The Cisco CyberOps Associate Certification
- The Exam Objectives (Domains)
- Steps to Pass the 200-201 CBROPS Exam
- Signing Up for the Exam
- Facts About the Exam
- About the Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
Lessons 2: Cybersecurity Fundamentals
- Introduction to Cybersecurity
- Threats, Vulnerabilities, and Exploits
- Network Security Systems
- Intrusion Detection Systems and Intrusion Prevention Systems
- Advanced Malware Protection
- Web Security Appliance
- Email Security Appliance
- Cisco Security Management Appliance
- Cisco Identity Services Engine
- Security Cloud-Based Solutions
- Cisco NetFlow
- Data Loss Prevention
- The Principles of the Defense-in-Depth Strategy
- Confidentiality, Integrity, and Availability: The CIA Triad
- Risk and Risk Analysis
- Personally Identifiable Information and Protected Health Information
- Principle of Least Privilege and Separation of Duties
- Security Operations Centers
- Playbooks, Runbooks, and Runbook Automation
- Digital Forensics
Lessons 3: Introduction to Cloud Computing and Cloud Security
- Cloud Computing and the Cloud Service Models
- Cloud Security Responsibility Models
- DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps
- Understanding the Different Cloud Security Threats
Lessons 4: Access Control Models
- Information Security Principles
- Subject and Object Definition
- Access Control Fundamentals
- Access Control Process
- Information Security Roles and Responsibilities
- Access Control Types
- Access Control Models
- Access Control Mechanisms
- Identity and Access Control Implementation
Lessons 5: Types of Attacks and Vulnerabilities
- Types of Attacks
- Types of Vulnerabilities
Lessons 6: Fundamentals of Cryptography and Public Key Infrastructure (PKI)
- Cryptography
- Block and Stream Ciphers
- Symmetric and Asymmetric Algorithms
- Hashes
- Digital Signatures
- Next-Generation Encryption Protocols
- IPsec and SSL/TLS
- Fundamentals of PKI
- Root and Identity Certificates
- Revoking Digital Certificates
- Using Digital Certificates
Lessons 7: Introduction to Virtual Private Networks (VPNs)
- What Are VPNs?
- Site-to-Site vs. Remote-Access VPNs
- An Overview of IPsec
- SSL VPNs
Lessons 8: Introduction to Security Operations Management
- Introduction to Identity and Access Management
- Security Events and Log Management
- Asset Management
- Introduction to Enterprise Mobility Management
- Configuration and Change Management
- Vulnerability Management
- Patch Management
Lessons 9: Fundamentals of Intrusion Analysis
- Introduction to Incident Response
- The Incident Response Plan
- The Incident Response Process
- Information Sharing and Coordination
- Incident Response Team Structure
- Common Artifact Elements and Sources of Security Events
- Understanding Regular Expressions
- Protocols, Protocol Headers, and Intrusion Analysis
- How to Map Security Event Types to Source Technologies
Lessons 10: Introduction to Digital Forensics
- Introduction to Digital Forensics
- The Role of Attribution in a Cybersecurity Investigation
- The Use of Digital Evidence
- Evidentiary Chain of Custody
- Reverse Engineering
- Fundamentals of Microsoft Windows Forensics
- Fundamentals of Linux Forensics
Lessons 11: Network Infrastructure Device Telemetry and Analysis
- Network Infrastructure Logs
- Traditional Firewall Logs
- NetFlow Analysis
- Network Packet Capture
- Network Profiling
Lessons 12: Endpoint Telemetry and Analysis
- Understanding Host Telemetry
- Host Profiling
- Analysing Windows Endpoints
- Linux and macOS Analysis
- Endpoint Security Technologies
Lessons 13: Challenges in the Security Operations Center (SOC)
- Security Monitoring Challenges in the SOC
- Additional Evasion and Obfuscation Techniques
Lessons 14: The Art of Data and Event Analysis
- Normalising Data
- Using the 5-Tuple Correlation to Respond to Security Incidents
- Using Retrospective Analysis and Identifying Malicious Files
- Mapping Threat Intelligence with DNS and Other Artifacts
- Using Deterministic Versus Probabilistic Analysis
Lessons 15: Classifying Intrusion Events into Categories
- Diamond Model of Intrusion
- Cyber Kill Chain Model
- The Kill Chain vs. MITRE’s ATT&CK
Lessons 16: Introduction to Threat Hunting
- What Is Threat Hunting?
- The Threat-Hunting Process
- Threat Hunting and MITRE’s ATT&CK
- Threat-Hunting Case Study
- Threat Hunting, Honeypots, Honeynets, and Active Defense
Hands-on LAB Activities
Cybersecurity Fundamentals
- Exploiting Command Injection Vulnerabilities
- Using Rainbow Tables
- Consulting a Vulnerability Database
- Configuring Dynamic NAT
- Creating and Applying a Numbered Standard ACL
- Creating and Applying a Numbered Extended ACL
Introduction to Cloud Computing and Cloud Security
- Simulating a DoS Attack
Access Control Models
- Installing Antivirus Software
- Enabling AAA Services and Working with Method Lists
- Implementing Port Security
Types of Attacks and Vulnerabilities
- Understanding Local Privilege Escalation
- Applying a DNS Capture Filter
- Configuring a BPDU Guard on a Switch Port
- Using Maltego
- Using Shodan to Find Webcams
- Using Nikto
- Using Social Engineering Techniques to Plan an Attac
- Simulating the DDoS Attack
- Performing ARP Spoofing
- Cracking a Linux Password Using John the Ripper
- Performing Active Reconnaissance
- Performing a Memory-Based Attack
- Performing a MITM Attack
- Defending Against a Buffer Overflow Attack
- Attacking a Website Using XSS Injection
- Conducting Cross-Site Request Forgery Attacks
Fundamentals of Cryptography and Public Key Infrastructure (PKI)
- Using PGP
- Generating a Symmetric Key
- Generating an Asymmetric Key
- Applying Symmetric Key Encryption
- Observing an MD5-Generated Hash Value
- Observing an SHA-Generated Hash Value
- Examining PKI Certificates
Introduction to Virtual Private Networks (VPNs)
- Implementing IPsec VPNs through CLI
- Configuring an SSL Cisco AnyConnect Secure Mobility Client VP
- Configuring Clientless SSL VPNs on ASA
Introduction to Security Operations Management
- Viewing Event Logs
Fundamentals of Intrusion Analysis
- Using the Armitage Tool for Intrusion Detection
- Performing Intrusion Detection Using Zeek
- Capturing a Packet Using Tshark
- Capturing Network Packets Using tcpdump
Introduction to Digital Forensics
- Using Reverse Engineering
- Changing the Startup Type of Service
- Viewing the Windows File Registry
- Managing NTFS Permissions
- Using Linux Commands
Network Infrastructure Device Telemetry and Analysis
- Configuring the Router to Use NTP Services
- Simulating an Eavesdropping Attack Using Wireshark
- Configuring NetFlow and NetFlow Data Export
Endpoint Telemetry and Analysis
- Showing Logging in to a System
- Identifying Listening Ports on the Network
- Using Windows Event Viewer
- Changing File Permissions
- Using a Symlink
Introduction to Threat Hunting
- Examining MITRE ATT&CK
- Setting Up a Honeypot
Exam FAQs
FAQ's are not Available for this course.Summary
Standard:
Cisco CyberOps
Lessons:
16+ Lessons
Delivery Method:
Online
Language:
English