Cybersecurity specialists are in high demand. This course prepares you to fill these roles as it covers the Network Intrusion Analysis portion of the Cisco CBROPS exam.
Overview
Syllabus
Introduction
- Evaluating intrusion alerts
- Prepare for Cisco CBROPS exam v1.0
- Setting up your test environment
- Comparing methods to examine traffic
- Comparing IPS and IDS
- Recognizing alerts and events
- Monitoring traffic
- Interpreting IDS/IPS alerts
- Challenge: Install the CyberOps workstation
- Solution: Install the CyberOps workstation
- Being application aware
- Evaluating antivirus alerts
- Viewing web proxy logs
- Challenge: Regular expressions
- Solution: Regular expressions
- Understanding the OSI model
- Tapping into the network
- Creating an Ethernet frame
- Identifying key elements from a pcap
- Extracting objects from a pcap
- Challenge: Log file analysis
- Solution: Log file analysis
- Understanding TCP
- Moving through the TCP handshake and teardown
- Recognizing User Datagram Protocol
- Viewing IPv4
- Investigating IPv6
- Grasping ICMP
- Discovering ICMPv6
- Analyzing HTTP
- Dissecting DNS
- Using ARP
- Outlining email threats
- Detecting malware by examining artifacts
- Confirming malware by examining artifacts
- Next steps
Taught by
Lisa Bock