Cisco CCNA Cyber Ops (210-250 and 210-255)

80 Hours / Access Length: 12 Months / Delivery: Online, Self-Paced

Course Overview:

Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats. The CCNA Cyber Ops certification prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.

This course preprares a student to take the Cisco CCNA Cyber Ops - Understanding Cisco Cybersecurity Fundamentals (SECFND) 210-250 and Cisco CCNA Cyber Ops - Implementing Cisco Cybersecurity Operations (SECOPS) 210-255 certification exams.

Course Outline:

Cisco CCNA Cyber Ops - Understanding Cisco Cybersecurity Fundamentals (SECFND) 210-250 Curriculum:
Chapter 1: Introduction
  • About the 210-250 CCNA Cyber Ops SECFND Exam
Chapter 2: Fundamentals of Networking Protocols and Networking Devices
  • TCP/IP and OSI Model
  • Layer 2 Fundamentals and Technologies
  • Internet Protocol and Layer 3 Technologies
  • Internet Control Message Protocol (ICMP)
  • Domain Name System (DNS)
  • IPv6 Fundamentals
  • Transport Layer Technologies and Protocols
  • Review All Key Topics
  • References and Further Reading
Chapter 3: Network Security Devices and Cloud Services
  • Network Security Systems
  • Security Cloud-based Solutions
  • Cisco NetFlow
  • Data Loss Prevention
  • Review All Key Topics
Chapter 4: Security Principles
  • The Principles of the Defense-in-Depth Strategy
  • What Are Threats, Vulnerabilities, and Exploits?
  • Confidentiality, Integrity, and Availability: The CIA Triad
  • Risk and Risk Analysis
  • Personally Identifiable Information and Protected Health Information
  • Principle of Least Privilege and Separation of Duties
  • Security Operation Centers
  • Forensics
  • Review All Key Topics
Chapter 5: Introduction to Access Controls
  • Information Security Principles
  • Subject and Object Definition
  • Access Control Fundamentals
  • Access Control Process
  • Information Security Roles and Responsibilities
  • Access Control Types
  • Access Control Models
  • Access Control Mechanisms
  • Identity and Access Control Implementation
  • Review All Key Topics
  • References and Additional Reading
Chapter 6: Introduction to Security Operations Management
  • Introduction to Identity and Access Management
  • Security Events and Logs Management
  • Assets Management
  • Introduction to Enterprise Mobility Management
  • Configuration and Change Management
  • Vulnerability Management
  • Patch Management
  • References and Additional Readings
  • Review All Key Topics
Chapter 7: Fundamentals of Cryptography and Public Key Infrastructure (PKI)
  • Cryptography
  • Fundamentals of PKI
  • Review All Key Topics
Chapter 8: Introduction to Virtual Private Networks (VPNs)
  • What Are VPNs?
  • Site-to-site vs. Remote-Access VPNs
  • An Overview of IPsec
  • SSL VPNs
  • Review All Key Topics
Chapter 9: Windows-Based Analysis
  • Process and Threads
  • Memory Allocation
  • Windows Registration
  • Windows Management Instrumentation
  • Handles
  • Services
  • Windows Event Logs
  • Review All Key Topics
  • References and Further Reading
Chapter 10: Linux- and Mac OS X—Based Analysis
  • Processes
  • Forks
  • Permissions
  • Symlinks
  • Daemons
  • UNIX-Based Syslog
  • Apache Access Logs
  • Review All Key Topics
  • References and Further Reading
Chapter 11: Endpoint Security Technologies
  • Antimalware and Antivirus Software
  • Host-Based Firewalls and Host-Based Intrusion Prevention
  • Application-Level Whitelisting and Blacklisting
  • System-Based Sandboxing
  • Review All Key Topics
Chapter 12: Network and Host Telemetry
  • Network Telemetry
  • Host Telemetry
  • Review All Key Topics
Chapter 13: Security Monitoring Operational Challenges
  • Security Monitoring and Encryption
  • Security Monitoring and Network Address Translation
  • Security Monitoring and Event Correlation Time Synchronization
  • DNS Tunneling and Other Exfiltration Methods
  • Security Monitoring and Tor
  • Security Monitoring and Peer-to-Peer Communication
  • Review All Key Topics
Chapter 14: Types of Attacks and Vulnerabilities
  • Types of Attacks
  • Types of Vulnerabilities
  • Review All Key Topics
Chapter 15: Security Evasion Techniques
  • Encryption and Tunneling
  • Resource Exhaustion
  • Traffic Fragmentation
  • Protocol-Level Misinterpretation
  • Traffic Timing, Substitution, and Insertion
  • Pivoting
  • Review All Key Topics
  • References and Further Reading
Cisco CCNA Cyber Ops - Implementing Cisco Cybersecurity Operations (SECOPS) 210-255 Curriculum:
 
Chapter 1: Introduction
  • About the 210-255 CCNA Cyber Ops SECOPS Exam
  • About the CCNA Cyber Ops SECOPS #210-255 Official Cert Guide
Chapter 2: Threat Analysis
  • What Is the CIA Triad: Confidentiality, Integrity, and Availability?
  • Threat Modeling
  • Defining and Analyzing the Attack Vector
  • Understanding the Attack Complexity
  • Privileges and User Interaction
  • The Attack Scope
  • Review All Key Topics
Chapter 3: Forensics
  • Introduction to Cybersecurity Forensics
  • The Role of Attribution in a Cybersecurity Investigation
  • The Use of Digital Evidence
  • Fundamentals of Microsoft Windows Forensics
  • Fundamentals of Linux Forensics
  • Review All Key Topics
Chapter 4: Fundamentals of Intrusion Analysis
  • Common Artifact Elements and Sources of Security Events
  • Understanding Regular Expressions
  • Protocols, Protocol Headers, and Intrusion Analysis
  • Using Packet Captures for Intrusion Analysis
  • Review All Key Topics
Chapter 5: NetFlow for Cybersecurity
  • Introduction to NetFlow
  • NetFlow Versions
  • IPFIX
  • NetFlow for Cybersecurity and Incident Response
  • NetFlow Analysis Tools
  • Review All Key Topics
Chapter 6: Introduction to Incident Response and the Incident Handling Process
  • Introduction to Incident Response
  • The Incident Response Plan
  • The Incident Response Process
  • Information Sharing and Coordination
  • Incident Response Team Structure
  • The Vocabulary for Event Recording and Incident Sharing (VERIS)
  • Review All Key Topics
Chapter 7: Incident Response Teams
  • Computer Security Incident Response Teams (CSIRTs)
  • Product Security Incident Response Teams (PSIRTs)
  • National CSIRTs and Computer Emergency Response Teams (CERTs)
  • Coordination Centers
  • Incident Response Providers and Managed Security Service Providers (MSSPs)
  • Review All Key Topics
Chapter 8: Compliance Frameworks
  • Payment Card Industry Data Security Standard (PCI DSS)
  • Health Insurance Portability and Accountability Act (HIPAA)
  • Sarbanes-Oxley (SOX)
  • Summary
  • References
  • Review All Key Topics
Chapter 9: Network and Host Profiling
  • Network Profiling
  • Host Profiling
  • Summary
  • References
  • Review All Key Topics
Chapter 10: The Art of Data and Event Analysis
  • Normalizing Data
  • Using the 5-Tuple Correlation to Respond to Security Incidents
  • Retrospective Analysis and Identifying Malicious Files
  • Mapping Threat Intelligence with DNS and Other Artifacts
  • Deterministic Versus Probabilistic Analysis
  • Review All Key Topics
Chapter 11: Intrusion Event Categories
  • Diamond Model of Intrusion
  • Cyber Kill Chain Model
  • Summary
  • References
  • Review All Key Topics

All necessary course materials are included.

Certification(s)

This course preprares a student to take the Cisco CCNA Cyber Ops - Understanding Cisco Cybersecurity Fundamentals (SECFND) 210-250 and Cisco CCNA Cyber Ops - Implementing Cisco Cybersecurity Operations (SECOPS) 210-255 certification exams.


System Requirements:

Internet Connectivity Requirements:
  • Cable and DSL internet connections are recommended.
Hardware Requirements:
  • Minimum Pentium 400 Mhz CPU or G3 Macintosh. 1 GHz or greater CPU recommended.
  • 256MB RAM minimum. 1 GB RAM recommended.
  • 800x600 video resolution minimum. 1025x768 recommended.
  • Speakers/Headphones to listen to Dialogue steaming audio sessions.
  • A microphone to speak in Dialogue streaming audio sessions.
Operating System Requirements:
  • Windows Vista, 7, 8, 8.1, 9, 10
  • Mac OSX 10 or higher.
  • OpenSUSE Linux 9.2 or higher.
Web Browser Requirements:
  • Google Chrome is recommended.
  • Firefox 13.x or greater.
  • Internet Explorer 6.x or greater.
  • Safari 3.2.2 or greater.
Software Requirements:
  • Adobe Flash Player 6 or greater.
  • Oracle Java 7 or greater.
  • Adobe Reader 7 or greater.
Web Browser Settings:
  • Accept Cookies
  • Disable Pop-up Blocker.


** Outlines are subject to change, as courses and materials are updated. Software is not included with the purchase of the course, unless otherwise specified. Students are responsible for the purchase and installation of the necessary course software. **