Cisco CyberOps Associate CBROPS (200-201)

This Course Includes:

Lessons 1: Introduction

  • The Cisco CyberOps Associate Certification
  • The Exam Objectives (Domains)
  • Steps to Pass the 200-201 CBROPS Exam
  • Signing Up for the Exam
  • Facts About the Exam
  • About the Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide

Lessons 2: Cybersecurity Fundamentals

  • Introduction to Cybersecurity
  • Threats, Vulnerabilities, and Exploits
  • Network Security Systems
  • Intrusion Detection Systems and Intrusion Prevention Systems
  • Advanced Malware Protection
  • Web Security Appliance
  • Email Security Appliance
  • Cisco Security Management Appliance
  • Cisco Identity Services Engine
  • Security Cloud-Based Solutions
  • Cisco NetFlow
  • Data Loss Prevention
  • The Principles of the Defense-in-Depth Strategy
  • Confidentiality, Integrity, and Availability: The CIA Triad
  • Risk and Risk Analysis
  • Personally Identifiable Information and Protected Health Information
  • Principle of Least Privilege and Separation of Duties
  • Security Operations Centers
  • Playbooks, Runbooks, and Runbook Automation
  • Digital Forensics

Lessons 3: Introduction to Cloud Computing and Cloud Security

  • Cloud Computing and the Cloud Service Models
  • Cloud Security Responsibility Models
  • DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps
  • Understanding the Different Cloud Security Threats

Lessons 4: Access Control Models

  • Information Security Principles
  • Subject and Object Definition
  • Access Control Fundamentals
  • Access Control Process
  • Information Security Roles and Responsibilities
  • Access Control Types
  • Access Control Models
  • Access Control Mechanisms
  • Identity and Access Control Implementation

Lessons 5: Types of Attacks and Vulnerabilities

  • Types of Attacks
  • Types of Vulnerabilities

Lessons 6: Fundamentals of Cryptography and Public Key Infrastructure (PKI)

  • Cryptography
  • Block and Stream Ciphers
  • Symmetric and Asymmetric Algorithms
  • Hashes
  • Digital Signatures
  • Next-Generation Encryption Protocols
  • IPsec and SSL/TLS
  • Fundamentals of PKI
  • Root and Identity Certificates
  • Revoking Digital Certificates
  • Using Digital Certificates

Lessons 7: Introduction to Virtual Private Networks (VPNs)

  • What Are VPNs?
  • Site-to-Site vs. Remote-Access VPNs
  • An Overview of IPsec
  • SSL VPNs

Lessons 8: Introduction to Security Operations Management

  • Introduction to Identity and Access Management
  • Security Events and Log Management
  • Asset Management
  • Introduction to Enterprise Mobility Management
  • Configuration and Change Management
  • Vulnerability Management
  • Patch Management

Lessons 9: Fundamentals of Intrusion Analysis

  • Introduction to Incident Response
  • The Incident Response Plan
  • The Incident Response Process
  • Information Sharing and Coordination
  • Incident Response Team Structure
  • Common Artifact Elements and Sources of Security Events
  • Understanding Regular Expressions
  • Protocols, Protocol Headers, and Intrusion Analysis
  • How to Map Security Event Types to Source Technologies

Lessons 10: Introduction to Digital Forensics

  • Introduction to Digital Forensics
  • The Role of Attribution in a Cybersecurity Investigation
  • The Use of Digital Evidence
  • Evidentiary Chain of Custody
  • Reverse Engineering
  • Fundamentals of Microsoft Windows Forensics
  • Fundamentals of Linux Forensics

Lessons 11: Network Infrastructure Device Telemetry and Analysis

  • Network Infrastructure Logs
  • Traditional Firewall Logs
  • NetFlow Analysis
  • Network Packet Capture
  • Network Profiling

Lessons 12: Endpoint Telemetry and Analysis

  • Understanding Host Telemetry
  • Host Profiling
  • Analysing Windows Endpoints
  • Linux and macOS Analysis
  • Endpoint Security Technologies

Lessons 13: Challenges in the Security Operations Center (SOC)

  • Security Monitoring Challenges in the SOC
  • Additional Evasion and Obfuscation Techniques

Lessons 14: The Art of Data and Event Analysis

  • Normalising Data
  • Using the 5-Tuple Correlation to Respond to Security Incidents
  • Using Retrospective Analysis and Identifying Malicious Files
  • Mapping Threat Intelligence with DNS and Other Artifacts
  • Using Deterministic Versus Probabilistic Analysis

Lessons 15: Classifying Intrusion Events into Categories

  • Diamond Model of Intrusion
  • Cyber Kill Chain Model
  • The Kill Chain vs. MITRE’s ATT&CK

Lessons 16: Introduction to Threat Hunting

  • What Is Threat Hunting?
  • The Threat-Hunting Process
  • Threat Hunting and MITRE’s ATT&CK
  • Threat-Hunting Case Study
  • Threat Hunting, Honeypots, Honeynets, and Active Defense

Hands-on LAB Activities

Cybersecurity Fundamentals

  • Exploiting Command Injection Vulnerabilities
  • Using Rainbow Tables
  • Consulting a Vulnerability Database
  • Configuring Dynamic NAT
  • Creating and Applying a Numbered Standard ACL
  • Creating and Applying a Numbered Extended ACL

Introduction to Cloud Computing and Cloud Security

  • Simulating a DoS Attack

Access Control Models

  • Installing Antivirus Software
  • Enabling AAA Services and Working with Method Lists
  • Implementing Port Security

Types of Attacks and Vulnerabilities

  • Understanding Local Privilege Escalation
  • Applying a DNS Capture Filter
  • Configuring a BPDU Guard on a Switch Port
  • Using Maltego
  • Using Shodan to Find Webcams
  • Using Nikto
  • Using Social Engineering Techniques to Plan an Attac
  • Simulating the DDoS Attack
  • Performing ARP Spoofing
  • Cracking a Linux Password Using John the Ripper
  • Performing Active Reconnaissance
  • Performing a Memory-Based Attack
  • Performing a MITM Attack
  • Defending Against a Buffer Overflow Attack
  • Attacking a Website Using XSS Injection
  • Conducting Cross-Site Request Forgery Attacks

Fundamentals of Cryptography and Public Key Infrastructure (PKI)

  • Using PGP
  • Generating a Symmetric Key
  • Generating an Asymmetric Key
  • Applying Symmetric Key Encryption
  • Observing an MD5-Generated Hash Value
  • Observing an SHA-Generated Hash Value
  • Examining PKI Certificates

Introduction to Virtual Private Networks (VPNs)

  • Implementing IPsec VPNs through CLI
  • Configuring an SSL Cisco AnyConnect Secure Mobility Client VP
  • Configuring Clientless SSL VPNs on ASA

Introduction to Security Operations Management

  • Viewing Event Logs

Fundamentals of Intrusion Analysis

  • Using the Armitage Tool for Intrusion Detection
  • Performing Intrusion Detection Using Zeek
  • Capturing a Packet Using Tshark
  • Capturing Network Packets Using tcpdump

Introduction to Digital Forensics

  • Using Reverse Engineering
  • Changing the Startup Type of Service
  • Viewing the Windows File Registry
  • Managing NTFS Permissions
  • Using Linux Commands

Network Infrastructure Device Telemetry and Analysis

  • Configuring the Router to Use NTP Services
  • Simulating an Eavesdropping Attack Using Wireshark
  • Configuring NetFlow and NetFlow Data Export

Endpoint Telemetry and Analysis

  • Showing Logging in to a System
  • Identifying Listening Ports on the Network
  • Using Windows Event Viewer
  • Changing File Permissions
  • Using a Symlink

Introduction to Threat Hunting

  • Examining MITRE ATT&CK
  • Setting Up a Honeypot

Exam FAQs

FAQ's are not Available for this course.



Cisco CyberOps


16+ Lessons

Delivery Method:




Scroll to Top