Cisco CyberOps Associate CBROPS 200-201 Complete Video Course

Cisco CyberOps Associate CBROPS 200-201 Complete Video Course

English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 9h 44m | 4.42 GB

Cisco CyberOps Associate CBROPS 200-201 Complete Video Course prepares learners to take the CBROPS 200-201 exam. The course starts with the basics of security, including the CIA Triad, various security deployments, threat intelligence, malware, and analysis tools. It then details the various types of attacks and vulnerabilities, and the fundamentals of cryptography and PKI. After a foundation of cybersecurity fundamentals is laid, the course explores security monitoring and data normalization, including the 5-tuple correlation, as well as DNS, web log, deterministic, and probabilistic analysis. It then introduces NetFlow as it specifically applies to cybersecurity and incident response, as well as its various analysis tools. You will learn how to identify the different intrusion event categories and understand the MITRE ATT&CK Framework. The course then gets into the details of digital forensics, including types of evidence and the chain of custody. There are lessons explaining host-based forensics of Windows, Linux, and Mac OSX, as well as a discussion of endpoint security technologies. The course then moves into network intrusion analysis and the various ways to determine whether your system has been attacked before finishing up with “Security Policies and Procedures,” and the fundamentals of incident response.

Through detailed exploration, configuration demos, and troubleshooting implementations, this course methodically guides you through the key topics in the exam. Taught by best-selling authors Omar Santos and Ron Taylor, the Cisco CyberOps Associate CBROPS 200-201 Complete Video Course provides full coverage of the certification, so you have the knowledge you need to study for an pass the exam.

Major topics include:

  • Security Concepts
  • Security Monitoring
  • Host-based Analysis
  • Network Intrusion Analysis
  • Security Policies and Procedures

Learn How To

  • Presentation on key Cyber Security solutions
  • Covers all of the objectives in the CCNA Cyber Ops exam
  • Easy to follow demonstrations of cybersecurity tools, products, and solutions
  • Scenarios offered to help learners understand real-world applications

Module 1, “Security Concepts,” covers the cybersecurity fundamentals, including the CIA Triad, comparing the various security deployments, understanding threat intelligence, malware analysis tools, RBA, and reverse engineering. It then moves into more in-depth concepts such as risk assessment, threats, vulnerabilities, and exploits. The module gets into the details of the access control process and the various types of attacks and vulnerabilities. The last lesson in Module 1 digs into the fundamentals of cryptography and the Public Key Infrastructure, or PKI. The encryption and hashing algorithms are explained, as well as the secure socket layer and digital certificates.

Module 2, “Security Monitoring,” starts with the fundamentals: data normalization and the 5-tuple correlation, as well as DNS, weblog, deterministic, and probabilistic analysis. NetFlow as it specifically applies to cybersecurity and incident response is introduced in this module, as well as its various analysis tools. You will learn how to identify the different intrusion event categories, and gain an understanding of the MITRE ATT&CK Framework.

Module 3, “Host-based Analysis,” gets into the details of digital forensics, including types of evidence and the chain of custody. It then details more of the host-based forensics of Windows, Linux, and Mac OSX. This module finishes with a discussion of endpoint security technologies, including firewalls, antimalware, antivirus, and systems-based sandboxing.

Module 4, “Network Intrusion Analysis,” digs into the various ways to determine whether your system has been attacked, from examining packet captures and protocol headers, to monitoring traffic, and differentiating between true and false negatives. Module 4 will walk you through all the details.

Module 5, “Security Policies and Procedures,” covers the security management side of security, including the management of assets, configuration, mobile devices, patches, and vulnerabilities, as well as explaining PII and PHI. The next lesson covers the fundamentals of incident response, including the scope of the plan and processes, how to share information and coordinate with partners, whether your company aligns with the NIST IR categories, and the structures of the incident response teams. Lastly, this module introduces the VERIS Schema and how it applies to incident response.

Table of Contents

1 Cisco CyberOps Associate CBROPS 200-201 – Introduction
2 Module introduction
3 Learning objectives
4 Describing the CIA Triad
5 Comparing Security Deployments – Network, Endpoint, and Application Security Systems
6 Comparing Security Deployments – Agentless and Agent-based Protections
7 Comparing Security Deployments – Legacy Antivirus and Antimalware
8 Comparing Security Deployments – SIEM, SOAR, and Log Management
9 Defining Threat Intelligence
10 Defining Threat Hunting
11 Understanding Malware Analysis
12 Interpreting the Output Report of a Malware Analysis Tool
13 Understanding the Different Threat Actor Types
14 Defining Run Book Automation (RBA)
15 Defining Reverse Engineering
16 Understanding the Sliding Window Anomaly Detection
17 Learning objectives
18 Performing Risk Assessment
19 Comparing Threats, Vulnerabilities, and Exploits
20 Understanding Authentication, Authorization, and Accounting
21 Examining the Access Control Process – Terminology and Data Classification
22 Examining the Access Control Process – Data States and Policy Roles
23 Examining the Access Control Process – Security and Access Control Classification
24 Understanding Discretionary Access Control
25 Understanding Mandatory Access Control
26 Understanding Role-based Access Control
27 Understanding Attribute-based Access Control
28 Understanding Rule-based Access Control
29 Understanding Time-based Access Control
30 Learning objectives
31 Surveying Types of Vulnerabilities
32 Understanding Passive Reconnaissance and Social Engineering
33 Understanding Active Reconnaissance Port Scanning and Host Profiling
34 Understanding Privilege Escalation and Code Execution Attacks
35 Understanding Backdoors and Man-in-the-Middle Attacks
36 Understanding Denial of Service Attacks
37 Surveying Attack Methods for Data Exfiltration
38 Understanding ARP Cache Poisoning and Route Manipulation Attacks
39 Understanding Password Attacks
40 Understanding Wireless Attacks
41 Exploring Security Evasion Techniques
42 Identifying the Challenges of Data Visibility in Detection
43 Identifying Potential Data Loss from Provided Traffic Profiles
44 Comparing Rule-based Detection vs. Behavioral and Statistical Detection
45 Learning objectives
46 Understanding the Basic Components of Cryptography
47 Introducing Public Key Infrastructure
48 Deciphering Encryption Algorithms
49 Understanding Hashing Algorithms
50 Examining Secure Socket Layer and Transport Layer Security
51 Examining Digital Certificates
52 Module introduction
53 Learning objectives
54 Describing Endpoint-based Attacks
55 Understanding Data Normalization
56 Deconstructing Universal Data Formats
57 Understanding the 5-tuple Correlation
58 Performing DNS Analysis
59 Performing Web Log Analysis
60 Performing Deterministic and Probabilistic Analysis
61 Understanding Security Monitoring Fundamentals
62 Surveying Security Monitoring Tools
63 Grasping Security Monitoring Operational Challenges
64 Learning objectives
65 Introducing NetFlow
66 Understanding NetFlow for Cyber Security and Incident Response
67 Examining NetFlow Analysis Tools
68 Introducing IPFIX
69 Learning objectives
70 Identifying and Mitigating Reconnaissance
71 Identifying and Mitigating Weaponization
72 Identifying and Mitigating Delivery
73 Identifying and Mitigating Exploitation
74 Identifying and Mitigating Installation
75 Identifying and Mitigating Command and Control
76 Understanding Action on Objectives
77 Understanding the MITRE ATT&CK Framework
78 Module introduction
79 Learning objectives
80 Examining Types of Evidence
81 Understanding Chain of Custody
82 Understanding Evidence Collection
83 Handling Evidence
84 Examining Asset and Threat Actor Attribution
85 Learning objectives
86 Understanding Windows Forensics Basics
87 Surveying Windows Forensics – Application Processes
88 Surveying Windows Forensics – Memory
89 Surveying Windows Forensics – The Windows Registry
90 Surveying Windows Forensics – Hard Drives, FAT, and NTFS
91 Understanding Linux and MAC OS X Forensics Basics
92 Examining Web Server Logs
93 Learning objectives
94 Examining Host-based Intrusion Detection
95 Exploring Antimalware and Antivirus
96 Understanding Host-based Firewalls
97 Exploring Application-level AllowLists BlockLists
98 Exploring Systems-based Sandboxing
99 Module introduction
100 Learning objectives
101 Introducing Intrusion Analysis Fundamentals
102 Examining Packet Captures
103 Examining Protocol Headers
104 Analyzing Security Device Data
105 Differentiating False Positives, False Negatives, True Positives, and True Negatives
106 Comparing Inline Traffic Interrogation and Taps or Traffic Monitoring
107 Extracting Files from a TCP Stream When Given a PCAP File and Wireshark
108 Interpreting Common Artifact Elements from an Event to Identify an Alert
109 Module introduction
110 Learning objectives
111 Understanding Asset Management
112 Understanding Configuration Management
113 Understanding Mobile Device Management
114 Understanding Patch Management
115 Understanding Vulnerability Management
116 Introducing PII and PHI
117 Describing the Relationship of SOC Metrics to Scope Analysis
118 Learning objectives
119 Describing Concepts as Documented in NIST.SP800-86
120 Mapping the Organization Stakeholders Against the NIST IR Categories
121 Scoping the Incident Response Plan and Process
122 Understanding Information Sharing and Coordination
123 Identifying the Incident Response Team Structure
124 Analyzing Computer Incident Response Teams (CSIRTs)
125 Analyzing Product Security Incident Response Teams (PSIRTs)
126 Surveying Coordination Centers
127 Analyzing Managed Security Service Providers Incident Response Teams
128 Introducing the Vocabulary for Event Recording and Incident Sharing (VERIS)
129 Applying the VERIS Schema to Incident Handling
130 Surveying the VERIS Incident Recording Tool and Other Resources
131 Cisco CyberOps Associate CBROPS 200-201 – Summary