Explore the principles of defense in depth as you prepare for the Security Monitoring portion of the Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
Cisco Certified CyberOps Associate (200-201) Cert Prep: 2 Security Monitoring
Overview
Syllabus
Introduction
- Active security monitoring
- Prepare for Cisco CBROPS exam
- Setting up your test environment
- Recognizing attack surfaces
- Identifying vulnerability testing
- Attacking the network
- Describing web application attacks
- Hacking the human
- Investigating endpoint-based attacks
- Challenge: Research and identify social engineering attacks
- Solution: Research and identify social engineering attacks
- Exploring CLI tools
- Analyzing data with NetFlow
- Monitoring traffic with a stateful firewall
- Deploying a next-generation firewall
- Having application visibility and control
- Filtering web and email content
- Challenge: Using NetFlow in Packet Tracer
- Solution: Using NetFlow in Packet Tracer
- Obtaining a packet capture with Wireshark
- Understanding conversations and endpoints
- Visualizing session and transactional data
- Analyzing statistical data
- Sending alert data
- Investigating an IDS alert
- Challenge: Using Wireshark to examine DNS traffic
- Solution: Using Wireshark to examine DNS traffic
- Using an access control list
- Concealing the network using NAT/PAT
- Evading and hiding techniques
- Tunneling and encapsulation
- Using encryption to hide
- Protecting data and networks
- Ensuring trust on the Internet
- Examining an X.509 certificate
- Describing certificate classes
- Grasping the public key cryptography standards (PKCS)
- Managing keys using IKE
- Outlining the different protocol versions
- Configuring the cipher suite
- Challenge: Certificate Authority Stores
- Solution: Certificate Authority Stores
- Next steps
Taught by
Lisa Bock
