Cisco CyberOps Associate CBROPS (200-201)

(200-201.AP2)/ISBN:978-1-64459-465-0

This course includes
Lessons
TestPrep
Hand-on Lab
AI Tutor (Add-on)

Prepare yourself for a career in cybersecurity and become a certified Cisco CyberOps Associate with the comprehensive Cisco CyberOps Associate CBROPS (200-201) course. Designed to equip you with the necessary skills and knowledge, this course covers cybersecurity principles through interactive lessons, quizzes, test preps, and hands-on labs. With a focus on preventing, detecting, analyzing, and responding to cybersecurity incidents, this course will prepare you for the exam and pave the way for associate-level job roles in security operations centers (SOCs).

Here's what you will get

Step into the world of cybersecurity excellence with the Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam. The exam tests your knowledge and skills related to security concepts, security monitoring, host-based analysis, network intrusion analysis, security policies, and procedures. With the CyberOps Associate certification as your goal, this exam paves the way for a rewarding career, enabling you to master the fundamentals of preventing, detecting, analyzing, and responding to cybersecurity incidents.

Lessons

16+ Lessons | 210+ Quizzes | 172+ Flashcards | 172+ Glossary of terms

TestPrep

90+ Pre Assessment Questions | 2+ Full Length Tests | 90+ Post Assessment Questions | 180+ Practice Test Questions

Hand on lab

55+ LiveLab | 56+ Video tutorials | 02:06+ Hours

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • The Cisco CyberOps Associate Certification
  • The Exam Objectives (Domains)
  • Steps to Pass the 200-201 CBROPS Exam
  • Signing Up for the Exam
  • Facts About the Exam
  • About the Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide

Lessons 2: Cybersecurity Fundamentals

  • Introduction to Cybersecurity
  • Threats, Vulnerabilities, and Exploits
  • Network Security Systems
  • Intrusion Detection Systems and Intrusion Prevention Systems
  • Advanced Malware Protection
  • Web Security Appliance
  • Email Security Appliance
  • Cisco Security Management Appliance
  • Cisco Identity Services Engine
  • Security Cloud-Based Solutions
  • Cisco NetFlow
  • Data Loss Prevention
  • The Principles of the Defense-in-Depth Strategy
  • Confidentiality, Integrity, and Availability: The CIA Triad
  • Risk and Risk Analysis
  • Personally Identifiable Information and Protected Health Information
  • Principle of Least Privilege and Separation of Duties
  • Security Operations Centers
  • Playbooks, Runbooks, and Runbook Automation
  • Digital Forensics
  • Review All Key Topics
  • Review Questions

Lessons 3: Introduction to Cloud Computing and Cloud Security

  • Cloud Computing and the Cloud Service Models
  • Cloud Security Responsibility Models
  • DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps
  • Understanding the Different Cloud Security Threats
  • Review All Key Topics
  • Review Questions

Lessons 4: Access Control Models

  • Information Security Principles
  • Subject and Object Definition
  • Access Control Fundamentals
  • Access Control Process
  • Information Security Roles and Responsibilities
  • Access Control Types
  • Access Control Models
  • Access Control Mechanisms
  • Identity and Access Control Implementation
  • Review All Key Topics
  • Review Questions

Lessons 5: Types of Attacks and Vulnerabilities

  • Types of Attacks
  • Types of Vulnerabilities
  • Review All Key Topics
  • Review Questions

Lessons 6: Fundamentals of Cryptography and Public Key Infrastructure (PKI)

  • Cryptography
  • Block and Stream Ciphers
  • Symmetric and Asymmetric Algorithms
  • Hashes
  • Digital Signatures
  • Next-Generation Encryption Protocols
  • IPsec and SSL/TLS
  • Fundamentals of PKI
  • Root and Identity Certificates
  • Revoking Digital Certificates
  • Using Digital Certificates
  • Review All Key Topics
  • Review Questions

Lessons 7: Introduction to Virtual Private Networks (VPNs)

  • What Are VPNs?
  • Site-to-Site vs. Remote-Access VPNs
  • An Overview of IPsec
  • SSL VPNs
  • Review All Key Topics
  • Review Questions

Lessons 8: Introduction to Security Operations Management

  • Introduction to Identity and Access Management
  • Security Events and Log Management
  • Asset Management
  • Introduction to Enterprise Mobility Management
  • Configuration and Change Management
  • Vulnerability Management
  • Patch Management
  • Review All Key Topics
  • Review Questions

Lessons 9: Fundamentals of Intrusion Analysis

  • Introduction to Incident Response
  • The Incident Response Plan
  • The Incident Response Process
  • Information Sharing and Coordination
  • Incident Response Team Structure
  • Common Artifact Elements and Sources of Security Events
  • Understanding Regular Expressions
  • Protocols, Protocol Headers, and Intrusion Analysis
  • How to Map Security Event Types to Source Technologies
  • Review All Key Topics
  • Review Questions

Lessons 10: Introduction to Digital Forensics

  • Introduction to Digital Forensics
  • The Role of Attribution in a Cybersecurity Investigation
  • The Use of Digital Evidence
  • Evidentiary Chain of Custody
  • Reverse Engineering
  • Fundamentals of Microsoft Windows Forensics
  • Fundamentals of Linux Forensics
  • Review All Key Topics
  • Review Questions

Lessons 11: Network Infrastructure Device Telemetry and Analysis

  • Network Infrastructure Logs
  • Traditional Firewall Logs
  • NetFlow Analysis
  • Network Packet Capture
  • Network Profiling
  • Review All Key Topics
  • Review Questions

Lessons 12: Endpoint Telemetry and Analysis

  • Understanding Host Telemetry
  • Host Profiling
  • Analyzing Windows Endpoints
  • Linux and macOS Analysis
  • Endpoint Security Technologies
  • Review All Key Topics
  • Review Questions

Lessons 13: Challenges in the Security Operations Center (SOC)

  • Security Monitoring Challenges in the SOC
  • Additional Evasion and Obfuscation Techniques
  • Review All Key Topics
  • Review Questions

Lessons 14: The Art of Data and Event Analysis

  • Normalizing Data
  • Using the 5-Tuple Correlation to Respond to Security Incidents
  • Using Retrospective Analysis and Identifying Malicious Files
  • Mapping Threat Intelligence with DNS and Other Artifacts
  • Using Deterministic Versus Probabilistic Analysis
  • Review All Key Topics
  • Review Questions

Lessons 15: Classifying Intrusion Events into Categories

  • Diamond Model of Intrusion
  • Cyber Kill Chain Model
  • The Kill Chain vs. MITRE’s ATT&CK
  • Review All Key Topics
  • Review Questions

Lessons 16: Introduction to Threat Hunting

  • What Is Threat Hunting?
  • The Threat-Hunting Process
  • Threat Hunting and MITRE’s ATT&CK
  • Threat-Hunting Case Study
  • Threat Hunting, Honeypots, Honeynets, and Active Defense
  • Review All Key Topics
  • Review Questions

Hands-on LAB Activities

Cybersecurity Fundamentals

  • Exploiting Command Injection Vulnerabilities
  • Using Rainbow Tables
  • Consulting a Vulnerability Database
  • Configuring Dynamic NAT
  • Creating and Applying a Numbered Standard ACL
  • Creating and Applying a Numbered Extended ACL

Introduction to Cloud Computing and Cloud Security

  • Simulating a DoS Attack

Access Control Models

  • Installing Antivirus Software
  • Enabling AAA Services and Working with Method Lists
  • Implementing Port Security

Types of Attacks and Vulnerabilities

  • Understanding Local Privilege Escalation
  • Applying a DNS Capture Filter
  • Configuring a BPDU Guard on a Switch Port
  • Using Maltego
  • Using Shodan to Find Webcams
  • Using Nikto
  • Using Social Engineering Techniques to Plan an Attack
  • Simulating the DDoS Attack
  • Performing ARP Spoofing
  • Cracking a Linux Password Using John the Ripper
  • Performing Active Reconnaissance
  • Performing a Memory-Based Attack
  • Performing a MITM Attack
  • Defending Against a Buffer Overflow Attack
  • Attacking a Website Using XSS Injection
  • Conducting Cross-Site Request Forgery Attacks

Fundamentals of Cryptography and Public Key Infrastructure (PKI)

  • Using PGP
  • Generating a Symmetric Key
  • Generating an Asymmetric Key
  • Applying Symmetric Key Encryption
  • Observing an MD5-Generated Hash Value
  • Observing an SHA-Generated Hash Value
  • Examining PKI Certificates

Introduction to Virtual Private Networks (VPNs)

  • Implementing IPsec VPNs through CLI
  • Configuring an SSL Cisco AnyConnect Secure Mobility Client VPN
  • Configuring Clientless SSL VPNs on ASA

Introduction to Security Operations Management

  • Viewing Event Logs

Fundamentals of Intrusion Analysis

  • Using the Armitage Tool for Intrusion Detection
  • Performing Intrusion Detection Using Zeek
  • Capturing a Packet Using Tshark
  • Capturing Network Packets Using tcpdump

Introduction to Digital Forensics

  • Using Reverse Engineering
  • Changing the Startup Type of Service
  • Viewing the Windows File Registry
  • Managing NTFS Permissions
  • Using Linux Commands

Network Infrastructure Device Telemetry and Analysis

  • Configuring a Router to Use NTP Services
  • Simulating an Eavesdropping Attack Using Wireshark
  • Configuring NetFlow and NetFlow Data Export

Endpoint Telemetry and Analysis

  • Showing Logging in to a System
  • Identifying Listening Ports on the Network
  • Using Windows Event Viewer
  • Changing File Permissions
  • Using a Symlink

Introduction to Threat Hunting

  • Examining MITRE ATT&CK
  • Setting Up a Honeypot

Exam FAQs

Pearson VUE

Multiple Choice questions

The exam contains 95-105 questions.

120 minutes

70%

  • Candidates who fail an Associate, Professional, Specialist or CCDE Written exam must wait a period of five (5) calendar days, beginning the day after the failed attempt, before they may retest for the same exam.
  • Once passed, a candidate must wait a minimum of 180 days before taking the same exam with an identical exam number.
  • Candidates who fail an Online / Un-Proctored Cisco (700-xxx series) exam must wait a period of forty-eight hours (48hrs) after the failed attempt, before they may retest for the same exam.
  • Candidates who violate these policies are in violation of the agreement. Such conduct is strictly prohibited as described in the Cisco certification and confidentiality agreement.