Course
Digicomp Code CBROPS
Understanding Cisco Cybersecurity Operations Fundamentals («CBROPS»)
CBROPS
Course facts
- Understanding the network infrastructure components, operation and vulnerabilities of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite
- Understanding security concepts, common network applications and attacks
- Understanding Windows and Linux operating systems
- Optimizing the network protocol
- Increasing operational efficiency
This course will provide you with the best possible preparation for the «200-201 Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)» exam, through which the «Cisco Certified CyberOps Associate» certification can be achieved.
Topics:
- Defining the Security Operations Center
- Understanding Network Infrastructure and Network Security Monitoring Tools
- Exploring Data Type Categories
- Understanding Basic Cryptography Concepts
- Understanding Common TCP/IP Attacks
- Understanding Endpoint Security Technologies
- Understanding Incident Analysis in a Threat-Centric SOC
- Identifying Resources for Hunting Cyber Threats
- Understanding Event Correlation and Normalization
- Identifying Common Attack Vectors
- Identifying Malicious Activity
- Identifying Patterns of Suspicious Behavior
- Conducting Security Incident Investigations
- Using a Playbook Model to Organize Security Monitoring
- Understanding SOC Metrics
- Understanding SOC Workflow and Automation
- Describing Incident Response
- Understanding the Use of VERIS
- Understanding Windows Operating System Basics
- Understanding Linux Operating System Basics
Exercises:
- Use NSM Tools to Analyze Data Categories
- Explore Cryptographic Technologies
- Explore TCP/IP Attacks
- Explore Endpoint Security
- Investigate Hacker Methodology
- Hunt Malicious Traffic
- Correlate Event Logs, Packet Captures (PCAPs), and Alerts of an Attack
- Investigate Browser-Based Attacks
- Analyze Suspicious Domain Name System (DNS) Activity
- Explore Security Data for Analysis
- Investigate Suspicious Activity Using Security Onion
- Investigate Advanced Persistent Threats
- Explore SOC Playbooks
- Explore the Windows Operating System
- Explore the Linux Operating System
This course is designed for associate-level cybersecurity analysts working in security operations centers.
For course participation, we recommend the following aspects for consideration: Familiarity with the fundamentals of network security concepts as well as Ethernet and TCP/IP networks, basic knowledge of Windows and Linux operating systems. Prior attendance of the following course or equivalent knowledge:
Certification
The exam «Understanding Cisco Cybersecurity Operations Fundamentals (200-201 CBROPS)» is a 120-minute exam associated with the «Cisco Certified CyberOps Associate» certification. The CBROPS exam tests a candidate's knowledge and skills in security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures.
Recertification
After three years, via CEP - Continuing Education Program points or passing the appropriate exam. Complete attendance of a CBROPS course earns 30 CEP points.