Explore the principles of defense in depth as you prepare for the Host-Based Analysis portion of the Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.
Cisco Certified CyberOps Associate (200-201) Cert Prep: 3 Host-Based Analysis
Overview
Syllabus
Introduction
- Securing the endpoints
- Prepare for Cisco CBROPS exam v1.0
- Set up your test environment
- Visualize the Windows architecture
- Dissect the Windows file system
- Working with Windows Registry
- Running a Windows OS
- Manage network settings
- Use netstat
- Monitor the Windows OS
- Recognize the value of a Linux OS
- Interact with a Linux OS
- Use the Linux file system
- Monitor log files
- Avoid malware on a Linux host
- Harden the OS
- Outline the network architecture
- Provide defense in depth
- Simple Network Management Protocol
- Understand NTP
- Challenge: Configure NTP
- Solution: Configure NTP
- Understand data types used in security monitoring
- Challenge: Configure SNMP
- Solution: Configure SNMP
- Generate a malware analysis report
- Compare HIDS with NIDS
- Use a sandbox to evaluate malicious activity
- Cyber attribution
- Outline the digital forensic investigation
- Compare different types of evidence
- Preserve the chain of custody
- Next steps
Taught by
Lisa Bock
