LiveLessons - Cisco CyberOps Associate CBROPS 200-201

More than nine hours of video instruction that includes explanations and demonstrations to prepare you to take the Cisco CyberOps Associate CBROPS 200-201 certification exam.

Overview

Cisco CyberOps Associate CBROPS 200-201 Complete Video Course prepares learners to take the CBROPS 200-201 exam. The course starts with the basics of security, including the CIA Triad, various security deployments, threat intelligence, malware, and analysis tools. It then details the various types of attacks and vulnerabilities, and the fundamentals of cryptography and PKI. After a foundation of cybersecurity fundamentals is laid, the course explores security monitoring and data normalization, including the 5-tuple correlation, as well as DNS, web log, deterministic, and probabilistic analysis. It then introduces NetFlow as it specifically applies to cybersecurity and incident response, as well as its various analysis tools. You will learn how to identify the different intrusion event categories and understand the MITRE ATT&CK Framework. The course then gets into the details of digital forensics, including types of evidence and the chain of custody. There are lessons explaining host-based forensics of Windows, Linux, and Mac OSX, as well as a discussion of endpoint security technologies. The course then moves into network intrusion analysis and the various ways to determine whether your system has been attacked before finishing up with “Security Policies and Procedures,” and the fundamentals of incident response.

Through detailed exploration, configuration demos, and troubleshooting implementations, this course methodically guides you through the key topics in the exam. Taught by best-selling authors Omar Santos and Ron Taylor, the Cisco CyberOps Associate CBROPS 200-201 Complete Video Course provides full coverage of the certification, so you have the knowledge you need to study for an pass the exam.

Major topics include
Security Concepts
Security Monitoring
Host-based Analysis
Network Intrusion Analysis
Security Policies and Procedures
About the Instructors

Omar Santos is a principal engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco’s Security Research and Operations. He mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products, including cloud services. Omar has been working with information technology and cybersecurity since the mid-1990s. He has designed, implemented, and supported numerous secure networks for Fortune 100 and 500 companies and the U.S. government. Prior to his current role, he was a technical leader within the Worldwide Security Practice and the Cisco Technical Assistance Center (TAC), where he taught, led, and mentored many engineers within both organizations.

Omar is an active member of the security community, where he leads several industrywide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants that are dedicated to increasing the security of the critical infrastructure. Omar often delivers technical presentations at many cybersecurity conferences. He is the author of more than 20 books and video courses. You can follow Omar on any of the following

Personal website: omarsantos.io and theartofhacking.org
Twitter: @santosomar
LinkedIn:https://www.linkedin.com/in/santosomar

Ron Taylor has been in the Information Security field for more than 20 years. Ten of those years were spent in consulting. In 2008, he joined the Cisco Global Certification Team as an SME in Information Assurance. In 2012, he moved into a position with the Security Research & Operations group, where his focus was mostly on penetration testing of Cisco products and services. He was also involved in developing and presenting security training to internal development and test teams globally. Additionally, he provided consulting support to many product teams as an SME on product security testing. He then spent some time as an Incident Manager for the Cisco Product Security Incident Response Team (PSIRT). His current role is a Security Architect specializing in the Cisco security product line. He has held a number of industry certifications including GPEN, GWEB, GCIA, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP, Pentest+, and MCSE. Ron has also authored books and video courses, is an active member of the security community, Cofounder and President of the Raleigh BSides Security Conference, and a founding member of the Red Team Village at Defcon.

Twitter: @Gu5G0rman
LinkedIn: www.linkedin.com/in/-RonTaylor

Skill Level
Beginner to Intermediate
Learn How To
Presentation on key Cyber Security solutions
Covers all of the objectives in the CCNA Cyber Ops exam
Easy to follow demonstrations of cybersecurity tools, products, and solutions
Scenarios offered to help learners understand real-world applications
Who Should Take This Course

Anyone who wants to obtain their CCNA Cyber Ops certification. This includes security professionals interested in learning how to develop, manage, or improve a security operations center, a CSIRT, PSIRT, or to become a cyber security incident response expert. Anyone wishing to take the CCNA CyberOps exam would also benefit from viewing this course.

Course Requirements

The video course assumes that the learner has the skills to navigate the user interface of a PC running on Microsoft Window, Mac, or Linux and who has completed typical high school-level math courses (mainly that the reader has been exposed to binary math). The course also assumes that the reader has used PCs connected to either a home network or a network inside a school or company, but that the reader might not understand anything about the network to which the PC was connected. It is also assumed that the reader knows how to use typical Internet applications, primarily web browsers, and email clients.

Lesson Descriptions

Module 1, “Security Concepts,” covers the cybersecurity fundamentals, including the CIA Triad, comparing the various security deployments, understanding threat intelligence, malware analysis tools, RBA, and reverse engineering. It then moves into more in-depth concepts such as risk assessment, threats, vulnerabilities, and exploits. The module gets into the details of the access control process and the various types of attacks and vulnerabilities. The last lesson in Module 1 digs into the fundamentals of cryptography and the Public Key Infrastructure, or PKI. The encryption and hashing algorithms are explained, as well as the secure socket layer and digital certificates.

Module 2, “Security Monitoring,” starts with the fundamentals: data normalization and the 5-tuple correlation, as well as DNS, weblog, deterministic, and probabilistic analysis. NetFlow as it specifically applies to cybersecurity and incident response is introduced in this module, as well as its various analysis tools. You will learn how to identify the different intrusion event categories, and gain an understanding of the MITRE ATT&CK Framework.

Module 3, “Host-based Analysis,” gets into the details of digital forensics, including types of evidence and the chain of custody. It then details more of the host-based forensics of Windows, Linux, and Mac OSX. This module finishes with a discussion of endpoint security technologies, including firewalls, antimalware, antivirus, and systems-based sandboxing.

Module 4, “Network Intrusion Analysis,” digs into the various ways to determine whether your system has been attacked, from examining packet captures and protocol headers, to monitoring traffic, and differentiating between true and false negatives. Module 4 will walk you through all the details.

Module 5, “Security Policies and Procedures,” covers the security management side of security, including the management of assets, configuration, mobile devices, patches, and vulnerabilities, as well as explaining PII and PHI. The next lesson covers the fundamentals of incident response, including the scope of the plan and processes, how to share information and coordinate with partners, whether your company aligns with the NIST IR categories, and the structures of the incident response teams. Lastly, this module introduces the VERIS Schema and how it applies to incident response.