Table of Contents
The Cisco CyberOps Associate Certification
Steps to Pass the 200-201 CBROPS Exam
About the Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
The Companion Website for Online Content Review
How to Access the Pearson Test Prep (PTP) App
Chapter 1. Cybersecurity Fundamentals
“Do I Know This Already?” Quiz
Threats, Vulnerabilities, and Exploits
Intrusion Detection Systems and Intrusion Prevention Systems
Cisco Security Management Appliance
Cisco Identity Services Engine
Security Cloud-Based Solutions
The Principles of the Defense-in-Depth Strategy
Confidentiality, Integrity, and Availability: The CIA Triad
Personally Identifiable Information and Protected Health Information
Principle of Least Privilege and Separation of Duties
Playbooks, Runbooks, and Runbook Automation
Chapter 2. Introduction to Cloud Computing and Cloud Security
“Do I Know This Already?” Quiz
Cloud Computing and the Cloud Service Models
Cloud Security Responsibility Models
DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps
Understanding the Different Cloud Security Threats
Chapter 3. Access Control Models
“Do I Know This Already?” Quiz
Information Security Principles
Information Security Roles and Responsibilities
Identity and Access Control Implementation
Chapter 4. Types of Attacks and Vulnerabilities
“Do I Know This Already?” Quiz
Chapter 5. Fundamentals of Cryptography and Public Key Infrastructure (PKI)
“Do I Know This Already?” Quiz
Symmetric and Asymmetric Algorithms
Next-Generation Encryption Protocols
Root and Identity Certificates
Chapter 6. Introduction to Virtual Private Networks (VPNs)
“Do I Know This Already?” Quiz
Site-to-Site vs. Remote-Access VPNs
Chapter 7. Introduction to Security Operations Management
“Do I Know This Already?” Quiz
Introduction to Identity and Access Management
Security Events and Log Management
Introduction to Enterprise Mobility Management
Configuration and Change Management
Chapter 8. Fundamentals of Intrusion Analysis
“Do I Know This Already?” Quiz
Introduction to Incident Response
Information Sharing and Coordination
Incident Response Team Structure
Common Artifact Elements and Sources of Security Events
Understanding Regular Expressions
Protocols, Protocol Headers, and Intrusion Analysis
How to Map Security Event Types to Source Technologies
Chapter 9. Introduction to Digital Forensics
“Do I Know This Already?” Quiz
Introduction to Digital Forensics
The Role of Attribution in a Cybersecurity Investigation
Fundamentals of Microsoft Windows Forensics
Fundamentals of Linux Forensics
Chapter 10. Network Infrastructure Device Telemetry and Analysis
“Do I Know This Already?” Quiz
Syslog in Large-Scale Environments
Next-Generation Firewall and Next-Generation IPS Logs
Chapter 11. Endpoint Telemetry and Analysis
“Do I Know This Already?” Quiz
Endpoint Security Technologies
Chapter 12. Challenges in the Security Operations Center (SOC)
“Do I Know This Already?” Quiz
Security Monitoring Challenges in the SOC
Additional Evasion and Obfuscation Techniques
Chapter 13. The Art of Data and Event Analysis
“Do I Know This Already?” Quiz
Using the 5-Tuple Correlation to Respond to Security Incidents
Using Retrospective Analysis and Identifying Malicious Files
Mapping Threat Intelligence with DNS and Other Artifacts
Using Deterministic Versus Probabilistic Analysis
Chapter 14. Classifying Intrusion Events into Categories
“Do I Know This Already?” Quiz
The Kill Chain vs. MITRE’s ATT&CK
Chapter 15. Introduction to Threat Hunting
“Do I Know This Already?” Quiz
Threat Hunting and MITRE’s ATT&CK
Threat Hunting, Honeypots, Honeynets, and Active Defense
Suggested Plan for Final Review and Study
Appendix A. Answers to the “Do I Know This Already?” Quizzes and Review Questions
Appendix B. Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS 200-201) Exam Updates