Understanding Cisco Cybersecurity Operations Fundamentals

Understanding Cisco Cybersecurity Operations FundamentalsCBROPSCICiscoCI-CBROPS1.2After taking this training, you should be able to: <ul> <li>Explain how a SOC operates and describe the different types of services that are performed from a Tier 1 SOC analyst’s perspective</li><li>Explain the use of SOC metrics to measure the effectiveness of the SOC</li><li>Explain the use of a workflow management system and automation to improve the effectiveness of the SOC</li><li>Describe the Windows operating system features and functionality</li><li>Provide an overview of the Linux operating system</li><li>Understand common endpoint security technologies</li><li>Explain the network security monitoring (NSM) tools that are available to the network security analyst</li><li>Describe security flaws in the TCP/IP protocol and how they can be used to attack networks and hosts</li><li>Explain the data that is available to the network security analyst</li><li>Describe the basic concepts and uses of cryptography</li><li>Understand the foundational cloud security practices, including deployment and service models, shared responsibilities, compliance frameworks, and identity and access management, to effectively secure cloud environments against cyberthreats</li><li>Understand and implement advanced network security, data protection, secure application deployment, continuous monitoring, and effective disaster recovery strategies to secure cloud deployments</li><li>Understand the kill chain and the diamond models for incident investigations, and the use of exploit kits by threat actors</li><li>Identify the common attack vectors</li><li>Identify malicious activities</li><li>Identify patterns of suspicious behaviors</li><li>Identify resources for hunting cyber threats</li><li>Explain the need for event data normalization and event correlation</li><li>Conduct security incident investigations</li><li>Explain the use of a typical playbook in the SOC</li><li>Describe a typical incident response plan and the functions of a typical computer security incident response team (CSIRT)</li></ul>Before taking this training, you should have the following knowledge and skills: <ul> <li>Familiarity with Ethernet and TCP/IP networking</li><li>Working knowledge of the Windows and Linux operating systems</li><li>Familiarity with basics of networking security concepts</li></ul>The following Cisco course can help you gain the knowledge you need to prepare for this course: <a class="fl-href-prod" href="/swisscom/en/course/cisco-ccna"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Implementing and Administering Cisco Solutions (CCNA)</a>This training is designed for individuals seeking a role as an associate-level cybersecurity analyst and IT professionals desiring knowledge in Cybersecurity operations or those in pursuit of the Cisco Certified CyberOps Associate certification including: <ul> <li>Students pursuing a technical degree</li><li>Current IT professionals</li><li>Recent college graduates with a technical degree</li></ul><ul> <li>Defining the Security Operations Center</li><li>Understanding SOC Metrics</li><li>Understanding SOC Workflow and Automation</li><li>Understanding Windows Operating System Basics</li><li>Understanding Linux Operating System Basics</li><li>Understanding Endpoint Security Technologies</li><li>Understanding Network Infrastructure and Network Security Monitoring Tools</li><li>Understanding Common TCP/IP Attacks</li><li>Exploring Data Type Categories</li><li>Understanding Basic Cryptography Concepts</li><li>Cloud Security Fundamentals</li><li>Securing Cloud Deployments</li><li>Understanding Incident Analysis in a Threat-Centric SOC</li><li>Identifying Common Attack Vectors</li><li>Identifying Malicious Activity</li><li>Identifying Patterns of Suspicious Behavior</li><li>Identifying Resources for Hunting Cyber Threats</li><li>Understanding Event Correlation and Normalization</li><li>Conducting Security Incident Investigations</li><li>Using a Playbook Model to Organize Security Monitoring</li><li>Describing Incident Respons</li></ul> eAfter taking this training, you should be able to: - Explain how a SOC operates and describe the different types of services that are performed from a Tier 1 SOC analyst’s perspective - Explain the use of SOC metrics to measure the effectiveness of the SOC - Explain the use of a workflow management system and automation to improve the effectiveness of the SOC - Describe the Windows operating system features and functionality - Provide an overview of the Linux operating system - Understand common endpoint security technologies - Explain the network security monitoring (NSM) tools that are available to the network security analyst - Describe security flaws in the TCP/IP protocol and how they can be used to attack networks and hosts - Explain the data that is available to the network security analyst - Describe the basic concepts and uses of cryptography - Understand the foundational cloud security practices, including deployment and service models, shared responsibilities, compliance frameworks, and identity and access management, to effectively secure cloud environments against cyberthreats - Understand and implement advanced network security, data protection, secure application deployment, continuous monitoring, and effective disaster recovery strategies to secure cloud deployments - Understand the kill chain and the diamond models for incident investigations, and the use of exploit kits by threat actors - Identify the common attack vectors - Identify malicious activities - Identify patterns of suspicious behaviors - Identify resources for hunting cyber threats - Explain the need for event data normalization and event correlation - Conduct security incident investigations - Explain the use of a typical playbook in the SOC - Describe a typical incident response plan and the functions of a typical computer security incident response team (CSIRT)Before taking this training, you should have the following knowledge and skills: - Familiarity with Ethernet and TCP/IP networking - Working knowledge of the Windows and Linux operating systems - Familiarity with basics of networking security concepts The following Cisco course can help you gain the knowledge you need to prepare for this course: Implementing and Administering Cisco Solutions (CCNA)This training is designed for individuals seeking a role as an associate-level cybersecurity analyst and IT professionals desiring knowledge in Cybersecurity operations or those in pursuit of the Cisco Certified CyberOps Associate certification including: - Students pursuing a technical degree - Current IT professionals - Recent college graduates with a technical degree- Defining the Security Operations Center - Understanding SOC Metrics - Understanding SOC Workflow and Automation - Understanding Windows Operating System Basics - Understanding Linux Operating System Basics - Understanding Endpoint Security Technologies - Understanding Network Infrastructure and Network Security Monitoring Tools - Understanding Common TCP/IP Attacks - Exploring Data Type Categories - Understanding Basic Cryptography Concepts - Cloud Security Fundamentals - Securing Cloud Deployments - Understanding Incident Analysis in a Threat-Centric SOC - Identifying Common Attack Vectors - Identifying Malicious Activity - Identifying Patterns of Suspicious Behavior - Identifying Resources for Hunting Cyber Threats - Understanding Event Correlation and Normalization - Conducting Security Incident Investigations - Using a Playbook Model to Organize Security Monitoring - Describing Incident Respons e5 days2950.003495.003495.003495.003495.003495.003495.003495.003495.003495.003290.004670.004195.004300.002625.003305.0012450.003495.003495.002625.002625.002625.004060.004300.003440.002580.003950.003950.00410100.005935.003250.003950.0035.0035.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.0043.00