Cybersecurity specialists are in high demand. This course prepares you to fill these roles as it covers the Network Intrusion Analysis portion of the Cisco CBROPS exam.
Cisco Certified CyberOps Associate (200-201) Cert Prep: 4 Network Intrusion Analysis
Overview
Syllabus
Introduction
- Evaluating intrusion alerts
- Prepare for Cisco CBROPS exam v1.0
- Setting up your test environment
- Comparing methods to examine traffic
- Comparing IPS and IDS
- Recognizing alerts and events
- Monitoring traffic
- Interpreting IDS/IPS alerts
- Challenge: Install the CyberOps workstation
- Solution: Install the CyberOps workstation
- Being application aware
- Evaluating antivirus alerts
- Viewing web proxy logs
- Challenge: Regular expressions
- Solution: Regular expressions
- Understanding the OSI model
- Tapping into the network
- Creating an Ethernet frame
- Identifying key elements from a pcap
- Extracting objects from a pcap
- Challenge: Log file analysis
- Solution: Log file analysis
- Understanding TCP
- Moving through the TCP handshake and teardown
- Recognizing User Datagram Protocol
- Viewing IPv4
- Investigating IPv6
- Grasping ICMP
- Discovering ICMPv6
- Analyzing HTTP
- Dissecting DNS
- Using ARP
- Outlining email threats
- Detecting malware by examining artifacts
- Confirming malware by examining artifacts
- Next steps
Taught by
Lisa Bock
