Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide

Book description

Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.

Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide presents you with an organized test-preparation routine using proven series elements and techniques. Do I Know This Already?quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

  • Master Cisco CyberOps Associate CBROPS 200-201 exam topics

  • Assess your knowledge with chapter-opening quizzes

  • Review key concepts with exam preparation tasks

  • Practice with realistic exam questions in the practice test software

Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Leading Cisco technology expert Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.

This complete study package includes

  • A test-preparation routine proven to help you pass the exam

  • Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section

  • Chapter-ending exercises, which help you drill on key concepts you must know thoroughly

  • The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports

  • A video mentoring lesson from the authors Complete Video Course

  • A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies

  • Study plan suggestions and templates to help you organize and optimize your study time

Well regarded for its level of detail, study plans, assessment features, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that ensure your exam success.

This official study guide helps you master all the topics on the Cisco CyberOps Associate CBROPS 200-201 exam, including

  • Security concepts

  • Security monitoring

  • Host-based analysis

  • Network intrusion analysis

  • Security policies and procedures

Table of contents

  1. Cover Page
  2. About This eBook
  3. Title Page
  4. Copyright Page
  5. About the Author
  6. About the Technical Reviewer
  7. Dedication
  8. Acknowledgments
  9. Contents at a Glance
  10. Reader Services
  11. Contents
  12. Command Syntax Conventions
  13. Introduction
    1. The Cisco CyberOps Associate Certification
    2. The Exam Objectives (Domains)
    3. Steps to Pass the 200-201 CBROPS Exam
    4. Signing Up for the Exam
    5. Facts About the Exam
    6. About the Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
    7. The Companion Website for Online Content Review
    8. How to Access the Pearson Test Prep (PTP) App
    9. Credits List
  14. Chapter 1. Cybersecurity Fundamentals
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Introduction to Cybersecurity
    4. Threats, Vulnerabilities, and Exploits
    5. Network Security Systems
    6. Intrusion Detection Systems and Intrusion Prevention Systems
    7. Advanced Malware Protection
    8. Web Security Appliance
    9. Email Security Appliance
    10. Cisco Security Management Appliance
    11. Cisco Identity Services Engine
    12. Security Cloud-Based Solutions
    13. Cisco NetFlow
    14. Data Loss Prevention
    15. The Principles of the Defense-in-Depth Strategy
    16. Confidentiality, Integrity, and Availability: The CIA Triad
    17. Risk and Risk Analysis
    18. Personally Identifiable Information and Protected Health Information
    19. Principle of Least Privilege and Separation of Duties
    20. Security Operations Centers
    21. Playbooks, Runbooks, and Runbook Automation
    22. Digital Forensics
    23. Exam Preparation Tasks
    24. Review All Key Topics
    25. Define Key Terms
    26. Review Questions
  15. Chapter 2. Introduction to Cloud Computing and Cloud Security
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Cloud Computing and the Cloud Service Models
    4. Cloud Security Responsibility Models
    5. DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps
    6. Understanding the Different Cloud Security Threats
    7. Exam Preparation Tasks
    8. Review All Key Topics
    9. Define Key Terms
    10. Review Questions
  16. Chapter 3. Access Control Models
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Information Security Principles
    4. Subject and Object Definition
    5. Access Control Fundamentals
    6. Access Control Process
    7. Information Security Roles and Responsibilities
    8. Access Control Types
    9. Access Control Models
    10. Access Control Mechanisms
    11. Identity and Access Control Implementation
    12. Exam Preparation Tasks
    13. Review All Key Topics
    14. Define Key Terms
    15. Review Questions
  17. Chapter 4. Types of Attacks and Vulnerabilities
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Types of Attacks
    4. Types of Vulnerabilities
    5. Exam Preparation Tasks
    6. Review All Key Topics
    7. Define Key Terms
    8. Review Questions
  18. Chapter 5. Fundamentals of Cryptography and Public Key Infrastructure (PKI)
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Cryptography
    4. Block and Stream Ciphers
    5. Symmetric and Asymmetric Algorithms
    6. Hashes
    7. Digital Signatures
    8. Next-Generation Encryption Protocols
    9. IPsec and SSL/TLS
    10. Fundamentals of PKI
    11. Root and Identity Certificates
    12. Revoking Digital Certificates
    13. Using Digital Certificates
    14. Exam Preparation Tasks
    15. Review All Key Topics
    16. Define Key Terms
    17. Review Questions
  19. Chapter 6. Introduction to Virtual Private Networks (VPNs)
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. What Are VPNs?
    4. Site-to-Site vs. Remote-Access VPNs
    5. An Overview of IPsec
    6. SSL VPNs
    7. Exam Preparation Tasks
    8. Review All Key Topics
    9. Define Key Terms
    10. Review Questions
  20. Chapter 7. Introduction to Security Operations Management
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Introduction to Identity and Access Management
    4. Security Events and Log Management
    5. Asset Management
    6. Introduction to Enterprise Mobility Management
    7. Configuration and Change Management
    8. Vulnerability Management
    9. Patch Management
    10. Exam Preparation Tasks
    11. Review All Key Topics
    12. Define Key Terms
    13. Review Questions
  21. Chapter 8. Fundamentals of Intrusion Analysis
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Introduction to Incident Response
    4. The Incident Response Plan
    5. The Incident Response Process
    6. Information Sharing and Coordination
    7. Incident Response Team Structure
    8. Common Artifact Elements and Sources of Security Events
    9. Understanding Regular Expressions
    10. Protocols, Protocol Headers, and Intrusion Analysis
    11. How to Map Security Event Types to Source Technologies
    12. Exam Preparation Tasks
    13. Review All Key Topics
    14. Define Key Terms
    15. Review Questions
  22. Chapter 9. Introduction to Digital Forensics
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Introduction to Digital Forensics
    4. The Role of Attribution in a Cybersecurity Investigation
    5. The Use of Digital Evidence
    6. Evidentiary Chain of Custody
    7. Reverse Engineering
    8. Fundamentals of Microsoft Windows Forensics
    9. Fundamentals of Linux Forensics
    10. Exam Preparation Tasks
    11. Review All Key Topics
    12. Define Key Terms
    13. Review Questions
  23. Chapter 10. Network Infrastructure Device Telemetry and Analysis
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Network Infrastructure Logs
    4. Traditional Firewall Logs
    5. NetFlow Analysis
    6. Network Packet Capture
    7. Network Profiling
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  24. Chapter 11. Endpoint Telemetry and Analysis
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Understanding Host Telemetry
    4. Host Profiling
    5. Analyzing Windows Endpoints
    6. Linux and macOS Analysis
    7. Endpoint Security Technologies
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  25. Chapter 12. Challenges in the Security Operations Center (SOC)
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Security Monitoring Challenges in the SOC
    4. Additional Evasion and Obfuscation Techniques
    5. Exam Preparation Tasks
    6. Review All Key Topics
    7. Define Key Terms
    8. Review Questions
  26. Chapter 13. The Art of Data and Event Analysis
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Normalizing Data
    4. Using the 5-Tuple Correlation to Respond to Security Incidents
    5. Using Retrospective Analysis and Identifying Malicious Files
    6. Mapping Threat Intelligence with DNS and Other Artifacts
    7. Using Deterministic Versus Probabilistic Analysis
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  27. Chapter 14. Classifying Intrusion Events into Categories
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. Diamond Model of Intrusion
    4. Cyber Kill Chain Model
    5. The Kill Chain vs. MITRE’s ATT&CK
    6. Exam Preparation Tasks
    7. Review All Key Topics
    8. Define Key Terms
    9. Review Questions
  28. Chapter 15. Introduction to Threat Hunting
    1. “Do I Know This Already?” Quiz
    2. Foundation Topics
    3. What Is Threat Hunting?
    4. The Threat-Hunting Process
    5. Threat Hunting and MITRE’s ATT&CK
    6. Threat-Hunting Case Study
    7. Threat Hunting, Honeypots, Honeynets, and Active Defense
    8. Exam Preparation Tasks
    9. Review All Key Topics
    10. Define Key Terms
    11. Review Questions
  29. Chapter 16. Final Preparation
    1. Hands-on Activities
    2. Suggested Plan for Final Review and Study
    3. Summary
  30. Glossary of Key Terms
  31. Appendix A: Answers to the “Do I Know This Already?” Quizzes and Review Questions
  32. Appendix B: Understanding Cisco Cybersecurity Operations Fundamentals CBROPS 200-201 Exam Updates
    1. Always Get the Latest at the Book’s Product Page
    2. Technical Content
  33. Index
  34. Appendix C: Study Planner
  35. Where are the companion content files? - Register
  36. Inside Front Cover
  37. Inside Back Cover
  38. Code Snippets

Product information

  • Title: Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide
  • Author(s): Omar Santos
  • Release date: December 2020
  • Publisher(s): Cisco Press
  • ISBN: 9780136807964