Digipower
printer viewCisco CyberOps Associate CBROPS (200-201)
| Code | Duur | Trainingsvorm |
|---|---|---|
| CBROPS | 5 dagen | klassikaal |
| Lesmethoden: Individueel, Virtueel en/of Klassikaal | ||
| Prijs:€ 2.625,00 vrij van BTW. | ||
Overview
Het bijgewerkte certificeringsprogramma Cisco Certified CyberOps Associate valideert de dagelijkse tactische kennis en vaardigheden die Security Operations Center (SOC)-teams nodig hebben om cyberbeveiligingsbedreigingen te detecteren en erop te reageren.Doelstelling
After completing this course you should be able to:
• Explain how a SOC operates and describe the different types of services that are performed from a Tier 1 SOC analyst’s perspective.
• Explain Network Security Monitoring (NSM) tools that are available to the network security analyst.
• Explain the data that is available to the network security analyst.
• Describe the basic concepts and uses of cryptography.
• Describe security flaws in the TCP/IP protocol and how they can be used to attack networks and hosts.
• Understand common endpoint security technologies.
• Understand the kill chain and the diamond models for incident investigations, and the use of exploit kits by threat actors.
• Identify resources for hunting cyber threats.
• Explain the need for event data normalization and event correlation.
• Identify the common attack vectors.
• Identify malicious activities.
• Identify patterns of suspicious behaviors.
• Conduct security incident investigations.
• Explain the use of a typical playbook in the SOC.
• Explain the use of SOC metrics to measure the effectiveness of the SOC.
• Explain the use of a workflow management system and automation to improve the effectiveness of the SOC.
• Describe a typical incident response plan and the functions of a typical CSIRT.
• Explain the use of VERIS to document security incidents in a standard format.
• Describe the Windows operating system features and functionality.
• Describe the Linux operating system features and functionality
Doelgroep
This course is designed for an associate-level cybersecurity analyst who is working in security operation centers. Inhoud (klik op de inhoud voor meer/minder details)
Les 1: Inleiding
Les 2: Basisprincipes van cyberbeveiliging
Les 3: Inleiding tot cloud computing en cloudbeveiliging
Les 4: Toegangscontrolemodellen
Les 5: Soorten aanvallen en kwetsbaarheden
Les 6: Basisprincipes van cryptografie en Public Key Infrastructure (PKI)
Les 7: Inleiding tot virtuele privénetwerken (VPN's)
Les 8: Inleiding tot Security Operations Management
Les 9: Basisprincipes van inbraakanalyse
Les 10: Inleiding tot digitale forensica
Les 11: Telemetrie en analyse van netwerkinfrastructuurapparaten
Les 12: Eindpunttelemetrie en analyse
Les 13: Uitdagingen in het Security Operations Center (SOC)
Les 14: De kunst van data- en gebeurtenisanalyse
Les 15: Intrusiegebeurtenissen in categorieën classificeren
Les 16: Inleiding tot het jagen op bedreigingen
Certificering
Recommended as preparation for the following exams:
200-201 - CBROPS Understanding Cisco Cybersecurity Operations Fundamentals
Dit examen is optioneel en is niet inbegrepen in de cursusprijsMateriaal
Eigen cursusmateriaal, Engelstalig.Kennis niveau
mbo+Voorkennis
Attendees should meet the following prerequisites:
Familiarity with Ethernet and TCP/IP networking
Working knowledge of the Windows and Linux operating systems
Familiarity with basics of networking security concepts
