CCNA Cyber Ops SECOPS 210-255

CCNA Cyber Ops SECOPS 210-255

by Omar Santos
Released May 2017
Publisher(s): Pearson
ISBN: 0134661087

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Video description

Overview

More than nine hours of video instruction on configuration and troubleshooting tasks to prepare you for the Cisco CCNA Cyber Ops SECOPS 210-255 certification exam.

Description

CCNA Cyber Ops SECOPS 210-255LiveLessons is a unique video product that provides a solid understanding of the key areas of knowledge required to pass the 210-255 SECOPS exam. This product walks through each topic of the Implementing Cisco Cybersecurity Operations exam blueprint, so you can gain the knowledge you need to pass the exam and start your career as a Security Operations Center (SOC) Security Analyst.

CCNA Cyber Ops SECOPS 210-255 contains more than nine hours of instruction with 11 lessons. The videos consist of live video training, video screencasts, and demos. Video instruction throughout offers detailed explanations, tips, and design recommendations. The Complete Video Couse Premium Edition also comes with:

  • Lesson quizzes to help you test yourself on concepts and commands
  • Interactive exercises so you can put your knowledge to the test
  • A full practice exam delivered in the Pearson Test Prep Engine

Major topics include:

  • Endpoint Threat Analysis and Computer Forensics

  • Network Intrusion Analysis

  • Incident Response

  • Data and Event Analysis

  • Incident Handling

Skill Level

  • Beginning to intermediate

What You Will Learn

  • Presents real-world solutions for understand Cisco's threat analysis and incident response solution
  • Covers all of the objectives in the CCNA Cyber Ops exam
  • Easy to follow demonstrations of cybersecurity tools, products, and solutions
  • Scenarios offered to help learners understand real-world applications

Who Should Take This Course

Anyone who wants to obtain their CCNA Cyber Ops certification. This includes security professionals interested in learning how to develop, manage, or improve a security operations center, a CSIRT, PSIRT, or to become a cyber security incident response expert. Anyone wishing to take the CCNA CyberOps exam would also benefit from viewing this course.

Course Requirements

The video course assumes that the learner has the skills to navigate the user interface of a PC running Windows, Mac or Linux and who has completed typical high school-level math courses (mainly that the reader has been exposed to binary math). The course also assumes that the reader has used PCs connected to either a home network or a network inside a school or company, but that the reader might not understand anything about the network to which the PC was connected. It is also assumes that the reader knows how to use typical Internet applications, primarily web browsers and email clients.

Table of contents

  1. Introduction
    1. CCNA Cyber Ops SECOPS 210-255: Introduction
  2. Lesson 1: Threat Analysis
    1. Learning objectives
    2. 1.1 Understanding Risk Analysis
    3. 1.2 Understanding the Common Vulnerability Scoring System (CVSS)
    4. 1.3 Interpreting Malware Analysis Tool Output
  3. Lesson 2: Forensics
    1. Learning objectives
    2. 2.1 Examining Types of Evidence
    3. 2.2 Surveying Windows Forensics: Application Processes, Threads, and Vulnerabilities
    4. 2.3 Surveying Windows Forensics: Memory
    5. 2.4 Surveying Windows Forensics: The Windows Registry
    6. 2.5 Surveying Windows Forensics: Hard Drives, FAT, and NTFS
    7. 2.6 Surveying Linux Forensics
    8. 2.7 Understanding Evidence Collection
    9. 2.8 Handling Evidence
    10. 2.9 Examining Asset and Threat Actor Attribution
  4. Lesson 3: Intrusion Analysis
    1. Learning objectives
    2. 3.1 Introducing Intrusion Analysis Fundamentals
    3. 3.2 Examining Packet Captures
    4. 3.3 Examining Protocol Headers
    5. 3.4 Analyzing Security Device Data
    6. 3.5 Differentiating False Positives, False Negatives, True Positives, and True Negatives
  5. Lesson 4: NetFlow for Cyber Security
    1. Learning objectives
    2. 4.1 Introducing NetFlow
    3. 4.2 Comparing NetFlow Versions
    4. 4.3 Understanding NetFlow for Cyber Security and Incident Response
    5. 4.4 Examining NetFlow Analysis Tools
    6. 4.5 Introducing IPFIX
  6. Lesson 5: Introduction to Incident Response
    1. Learning objectives
    2. 5.1 Scoping the Incident Response Plan and Process
    3. 5.2 Understanding Information Sharing and Coordination
    4. 5.3 Identifying the Incident Response Team Structure
  7. Lesson 6: Incident Response Teams
    1. Learning objectives
    2. 6.1 Analyzing Computer Incident Response Teams (CSIRTs)
    3. 6.2 Analyzing Product Security Incident Response Teams (PSIRTs)
    4. 6.3 Surveying Coordination Centers
    5. 6.4 Analyzing Managed Security Service Providers Incident Response Teams
  8. Lesson 7: Compliance Frameworks
    1. Learning objectives
    2. 7.1 Considering PCI-DSS
    3. 7.2 Considering HIPAA
    4. 7.3 Considering SOX
  9. Lesson 8: Network and Host Profiling
    1. Learning objectives
    2. 8.1 Understanding Network Profiling
    3. 8.2 Understanding Host Profiling
  10. Lesson 9: Data and Event Analysis
    1. Learning objectives
    2. 9.1 Understanding Data Normalization
    3. 9.2 Deconstructing Universal Data Formats
    4. 9.3 Understanding the 5-tuple Correlation
    5. 9.4 Performing DNS Analysis
    6. 9.5 Performing Web Log Analysis
    7. 9.6 Performing Deterministic and Probabilistic Analysis
  11. Lesson 10: Intrusion Event Categories
    1. Learning objectives
    2. 10.1 Identifying and Mitigating Reconnaissance
    3. 10.2 Identifying and Mitigating Weaponization
    4. 10.3 Identifying and Mitigating Delivery
    5. 10.4 Identifying and Mitigating Exploitation
    6. 10.5 Identifying and Mitigating Installation
    7. 10.6 Identifying and Mitigating Command and Control
    8. 10.7 Understanding Action on Objectives
  12. Lesson 11: The Incident Handling Process
    1. Learning objectives
    2. 11.1 Introducing the Vocabulary for Event Recording and Incident Sharing (VERIS)
    3. 11.2 Applying the VERIS Schema to Incident Handling
    4. 11.3 Surveying the VERIS Incident Recording Tool and Other VERIS Resources
  13. Summary
    1. CCNA Cyber Ops SECOPS 210-255: Summary

Product information

  • Title: CCNA Cyber Ops SECOPS 210-255
  • Author(s): Omar Santos
  • Release date: May 2017
  • Publisher(s): Pearson
  • ISBN: 0134661087