Cisco Certified Cybersecurity Associate CBROPS 200-201 v1.2

Part One: A Beginner's Course to Security Concepts

What you'll learn
Describe the CIA triad
Compare security deployments
Describe security terms
Compare security concepts
Describe the principles of the defense-in-depth strategy
Compare access control models
Describe terms as defined in CVSS
Identify the challenges of data visibility (network, host, and cloud) in detection
Identify potential data loss from traffic profiles
Interpret the 5-tuple approach to isolate a compromised host in a grouped set of logs
Compare rule-based detection vs. behavioral and statistical detection
Compare attack surface and vulnerability
Identify the types of data provided by these technologies
Describe the impact of these technologies on data visibility
Describe the uses of these data types in security monitoring
Describe network attacks, such as protocol-based, denial of service, distributed denial of service, and man-in-the-middle
Describe web application attacks, such as SQL injection, command injections, and cross-site scripting
Describe social engineering attacks
Describe endpoint-based attacks, such as buffer overflows, command and control (C2), malware, and ransomware
Describe evasion and obfuscation techniques, such as tunneling, encryption, and proxies
Describe the impact of certificates on security (includes PKI, public/private crossing the network, asymmetric/symmetric)
Identify the certificate components in a given scenario
Describe the functionality of these endpoint technologies in regard to security monitoring utilizing rules, signatures and predictive AI
Identify components of an operating system (such as Windows and Linux) in a given scenario
Describe the role of attribution in an investigation
Identify type of evidence used based on provided logs
Compare tampered and untampered disk image
Interpret operating system, application, or command line logs to identify an event
Interpret the output report of a malware analysis tool such as a detonation chamber or sandbox
Map the provided events to source technologies
Compare impact and no impact for these items
Compare deep packet inspection with packet filtering and stateful firewall operation
Compare inline traffic interrogation and taps or traffic monitoring
Compare the characteristics of data obtained from taps or traffic monitoring and transactional data (NetFlow) in the analysis of network traffic
Extract files from a TCP stream when given a PCAP file and Wireshark
Identify key elements in an intrusion from a given PCAP file
Interpret the fields in protocol headers as related to intrusion analysis
Interpret common artifact elements from an event to identify an alert
Interpret basic regular expressions
Describe management concepts
Describe the elements in an incident response plan as stated in NIST.SP800-61
Apply the incident handling process such as NIST.SP800-61 to an event
Map elements to these steps of analysis based on the NIST.SP800-61
Map the organization stakeholders against the NIST IR categories (CMMC, NIST.SP800-61)
Describe concepts as documented in NIST.SP800-86
Identify these elements used for network profiling
Identify these elements used for server profiling
Identify protected data in a network
Classify intrusion events into categories as defined by security models, such as Cyber Kill Chain Model and Diamond Model of Intrusion
Describe the relationship of SOC metrics to scope analysis (time to detect, time to contain, time to respond, time to control)

Requirements
Although Cisco doesn't list any formal prerequisites on their website, you'll gain a better understanding of the topics discussed if you have foundational knowledge in computer networks. You don't necessarily need to be certified in CompTIA Network+, Cisco CCST Networking, Cisco CCST Cybersecurity nor CCNA, but it does help to have that knowledge.

Description
The Cisco Certified Cybersecurity Associate CBROPS 200-201 v1.2 online video course is a beginner friendly, mini-series style course that will guide you in gaining the knowledge and skills needed for cybersecurity roles and for the exam. It contains a total of five parts with each part covering essential topics for the exam and in the real world. We'll explore Security Concepts, Security Monitoring, Host-Based Analysis, Network Intrusion Analysis, and Security Policies & Procedures. Throughout the course you'll find quizzes to test your knowledge and additional resources for deeper exploration. By the end of the five-part series, you'll be equipped with practical skills to excel in cybersecurity roles. You'll be able to monitor network traffic, perform host-based analysis to identify threats, and analyze security incidents. You'll also gain the expertise to implement security policies and respond to real-world security challenges. With hands-on experience and quizzes, you'll be ready to tackle the Cisco exam and start applying your skills immediately. This course is for those who are curious, driven, and ready to explore the high-stakes world of cybersecurity. Whether you're a beginner or looking to level up, you'll gain the skills to secure the future - and even earn your Cisco Certified Cybersecurity Associate certification.

Who this course is for
Anyone who wants to dig deeper into the world of cybersecurity.