Home Page Icon
Home Page
Table of Contents for
Cover Page
Close
Cover Page
by Omar Santos
Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
Cover Page
Title Page
Copyright
About the Author(s)
Dedication
Acknowledgments
Contents at a Glance
Table of Contents
Introduction
The Cisco CyberOps Associate Certification
The Exam Objectives (Domains)
Steps to Pass the 200-201 CBROPS Exam
Facts About the Exam
About the Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
The Companion Website for Online Content Review
How to Access the Pearson Test Prep (PTP) App
Customizing Your Exams
Updating Your Exams
Chapter 1. Cybersecurity Fundamentals
“Do I Know This Already?” Quiz
Foundation Topics
Introduction to Cybersecurity
Threats, Vulnerabilities, and Exploits
Network Security Systems
Intrusion Detection Systems and Intrusion Prevention Systems
Advanced Malware Protection
Web Security Appliance
Email Security Appliance
Cisco Security Management Appliance
Cisco Identity Services Engine
Security Cloud-Based Solutions
Cisco NetFlow
Data Loss Prevention
The Principles of the Defense-in-Depth Strategy
Confidentiality, Integrity, and Availability: The CIA Triad
Risk and Risk Analysis
Personally Identifiable Information and Protected Health Information
Principle of Least Privilege and Separation of Duties
Security Operations Centers
Playbooks, Runbooks, and Runbook Automation
Digital Forensics
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 2. Introduction to Cloud Computing and Cloud Security
“Do I Know This Already?” Quiz
Foundation Topics
Cloud Computing and the Cloud Service Models
Cloud Security Responsibility Models
DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps
Understanding the Different Cloud Security Threats
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 3. Access Control Models
“Do I Know This Already?” Quiz
Foundation Topics
Information Security Principles
Subject and Object Definition
Access Control Fundamentals
Access Control Process
Information Security Roles and Responsibilities
Access Control Types
Access Control Models
Access Control Mechanisms
Identity and Access Control Implementation
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 4. Types of Attacks and Vulnerabilities
“Do I Know This Already?” Quiz
Foundation Topics
Types of Attacks
Types of Vulnerabilities
Exam Preparation Tasks
Review All Key Topics
Define Key Term
Review Questions
Chapter 5. Fundamentals of Cryptography and Public Key Infrastructure (PKI)
“Do I Know This Already?” Quiz
Foundation Topics
Cryptography
Block and Stream Ciphers
Symmetric and Asymmetric Algorithms
Hashes
Digital Signatures
Next-Generation Encryption Protocols
IPsec and SSL/TLS
Fundamentals of PKI
Root and Identity Certificates
Revoking Digital Certificates
Using Digital Certificates
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 6. Introduction to Virtual Private Networks (VPNs)
“Do I Know This Already?” Quiz
Foundation Topics
What Are VPNs?
Site-to-Site vs. Remote-Access VPNs
An Overview of IPsec
SSL VPNs
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 7. Introduction to Security Operations Management
“Do I Know This Already?” Quiz
Foundation Topics
Introduction to Identity and Access Management
Security Events and Log Management
Asset Management
Introduction to Enterprise Mobility Management
Configuration and Change Management
Vulnerability Management
Patch Management
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 8. Fundamentals of Intrusion Analysis
“Do I Know This Already?” Quiz
Foundation Topics
Introduction to Incident Response
The Incident Response Plan
The Incident Response Process
Information Sharing and Coordination
Incident Response Team Structure
Common Artifact Elements and Sources of Security Events
Understanding Regular Expressions
Protocols, Protocol Headers, and Intrusion Analysis
How to Map Security Event Types to Source Technologies
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 9. Introduction to Digital Forensics
“Do I Know This Already?” Quiz
Foundation Topics
Introduction to Digital Forensics
The Role of Attribution in a Cybersecurity Investigation
The Use of Digital Evidence
Evidentiary Chain of Custody
Reverse Engineering
Fundamentals of Microsoft Windows Forensics
Fundamentals of Linux Forensics
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 10. Network Infrastructure Device Telemetry and Analysis
“Do I Know This Already?” Quiz
Foundation Topics
Network Infrastructure Logs
Traditional Firewall Logs
Syslog in Large-Scale Environments
Next-Generation Firewall and Next-Generation IPS Logs
NetFlow Analysis
Network Packet Capture
Network Profiling
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 11. Endpoint Telemetry and Analysis
“Do I Know This Already?” Quiz
Foundation Topics
Understanding Host Telemetry
Host Profiling
Analyzing Windows Endpoints
Linux and macOS Analysis
Endpoint Security Technologies
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 12. Challenges in the Security Operations Center (SOC)
“Do I Know This Already?” Quiz
Foundation Topics
Security Monitoring Challenges in the SOC
Additional Evasion and Obfuscation Techniques
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 13. The Art of Data and Event Analysis
“Do I Know This Already?” Quiz
Foundation Topics
Normalizing Data
Using the 5-Tuple Correlation to Respond to Security Incidents
Using Retrospective Analysis and Identifying Malicious Files
Mapping Threat Intelligence with DNS and Other Artifacts
Using Deterministic Versus Probabilistic Analysis
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 14. Classifying Intrusion Events into Categories
“Do I Know This Already?” Quiz
Foundation Topics
Diamond Model of Intrusion
Cyber Kill Chain Model
The Kill Chain vs. MITRE’s ATT&CK
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 15. Introduction to Threat Hunting
“Do I Know This Already?” Quiz
Foundation Topics
What Is Threat Hunting?
The Threat-Hunting Process
Threat Hunting and MITRE’s ATT&CK
Threat-Hunting Case Study
Threat Hunting, Honeypots, Honeynets, and Active Defense
Exam Preparation Tasks
Review All Key Topics
Define Key Terms
Review Questions
Chapter 16. Final Preparation
Hands-on Activities
Suggested Plan for Final Review and Study
Summary
Glossary of Key Terms
Appendix A. Answers to the “Do I Know This Already?” Quizzes and Review Questions
Appendix B. Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS 200-201) Exam Updates
Appendix C: Study Planner
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Next
Next Chapter
Title Page
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset