Book Image

Cisco Certified CyberOps Associate 200-201 Certification Guide

By : Glen D. Singh
Book Image

Cisco Certified CyberOps Associate 200-201 Certification Guide

By: Glen D. Singh

Overview of this book

Achieving the Cisco Certified CyberOps Associate 200-201 certification helps you to kickstart your career in cybersecurity operations. This book offers up-to-date coverage of 200-201 exam resources to fully equip you to pass on your first attempt. The book covers the essentials of network security concepts and shows you how to perform security threat monitoring. You'll begin by gaining an in-depth understanding of cryptography and exploring the methodology for performing both host and network-based intrusion analysis. Next, you'll learn about the importance of implementing security management and incident response strategies in an enterprise organization. As you advance, you'll see why implementing defenses is necessary by taking an in-depth approach, and then perform security monitoring and packet analysis on a network. You'll also discover the need for computer forensics and get to grips with the components used to identify network intrusions. Finally, the book will not only help you to learn the theory but also enable you to gain much-needed practical experience for the cybersecurity industry. By the end of this Cisco cybersecurity book, you'll have covered everything you need to pass the Cisco Certified CyberOps Associate 200-201 certification exam, and have a handy, on-the-job desktop reference guide.

Related Content you might be interested in

Current Title:

Small book image
Cisco Certified CyberOps Associate 200-201 Certification Guide
Glen D. Singh
Jun, 2021 | 660 pages
Small book image
Implementing and Administering Cisco Solutions: 200-301 CCNA Exam Guide
Glen D Singh
Nov, 2020 | 764 pages
Small book image
CompTIA Network+ N10-008 Certification Guide
Glen D Singh
Nov, 2022 | 692 pages
Small book image
CCNA Security 210-260 Certification Guide
Glen D Singh | Vijay Anandh | Michael Vinod
Jun, 2018 | 518 pages
Table of Contents (25 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Code in Action
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Network and Security Concepts
Section 1: Network and Security Concepts
Free Chapter
2
Chapter 1: Exploring Networking Concepts
Chapter 1: Exploring Networking Concepts
Technical requirements
The functions of the network layers
Understanding the purpose of various network protocols
Summary
Questions
Further reading
3
Chapter 2: Exploring Network Components and Security Systems
Chapter 2: Exploring Network Components and Security Systems
Technical requirements
Exploring various network services
Discovering the role and operations of network devices
Describing the functions of Cisco network security systems
Summary
Questions
Further reading
4
Chapter 3: Discovering Security Concepts
Chapter 3: Discovering Security Concepts
Introducing the principles of defense in depth
Exploring security terminologies
Exploring access control models
Understanding security deployment
Summary
Questions
5
Section 2: Principles of Security Monitoring
Section 2: Principles of Security Monitoring
6
Chapter 4: Understanding Security Principles
Chapter 4: Understanding Security Principles
Technical requirements
Understanding a security operation center
Understanding the security tools used to inspect data types on a network
Understanding the impact of data visibility through networking technologies
Understanding how threat actors transport malicious code
Delving into data types used during security monitoring
Summary
Questions
Further reading
7
Chapter 5: Identifying Attack Methods
Chapter 5: Identifying Attack Methods
Understanding network-based attacks
Exploring web application attacks
Delving into social engineering attacks
Understanding endpoint-based attacks
Interpreting evasion and obfuscation techniques
Summary
Questions
Further reading
8
Chapter 6: Working with Cryptography and PKI
Chapter 6: Working with Cryptography and PKI
Technical requirements
Understanding the need for cryptography
Types of ciphers
Understanding cryptanalysis
Understanding the hashing process
Exploring symmetric encryption algorithms
Delving into asymmetric encryption algorithms
Understanding PKI
Using cryptography in wireless security
Summary
Questions
Further reading
9
Section 3: Host and Network-Based Analysis
Section 3: Host and Network-Based Analysis
10
Chapter 7: Delving into Endpoint Threat Analysis
Chapter 7: Delving into Endpoint Threat Analysis
Technical requirements
Understanding endpoint security technologies
Understanding Microsoft Windows components
Exploring Linux components
Summary
Questions
Further reading
11
Chapter 8: Interpreting Endpoint Security
Chapter 8: Interpreting Endpoint Security
Technical requirements
Exploring the Microsoft Windows filesystem
Delving into the Linux filesystem
Understanding the CVSS
Working with malware analysis tools
Summary
Questions
12
Chapter 9: Exploring Computer Forensics
Chapter 9: Exploring Computer Forensics
Technical requirements
Understanding the need for computer forensics
Understanding types of evidence
Contrasting tampered and untampered disk images
Tools commonly used during a forensics investigation
Understanding the role of attribution in an investigation
Summary
Questions
Further reading
13
Chapter 10: Performing Intrusion Analysis
Chapter 10: Performing Intrusion Analysis
Technical requirements
Identifying intrusion events based on source technologies
Stateful and deep packet firewall operations
Comparing inline traffic interrogation techniques
Understanding impact and no impact on intrusion
Protocol headers in intrusion analysis
Packet analysis using a PCAP file and Wireshark
Summary
Questions
Further reading
14
Section 4: Security Policies and Procedures
Section 4: Security Policies and Procedures
15
Chapter 11: Security Management Techniques
Chapter 11: Security Management Techniques
Technical requirements
Identifying common artifact elements
Interpreting basic regular expressions
Understanding asset management
Delving into configuration and mobile device management
Exploring patch and vulnerability management
Summary
Questions
Further reading
16
Chapter 12: Dealing with Incident Response
Chapter 12: Dealing with Incident Response
Understanding the incident handling process
Exploring CSIRT teams and their responsibilities
Delving into network and server profiling
Comparing compliance frameworks
Summary
Questions
Further reading
17
Chapter 13: Implementing Incident Handling
Chapter 13: Implementing Incident Handling
Understanding the NIST SP 800-86 components
Sharing information using VERIS
Exploring the Cyber Kill Chain
Delving into the Diamond Model of Intrusion Analysis
Identifying protected data in a network
Summary
Questions
Further reading
18
Chapter 14: Implementing Cisco Security Solutions
Chapter 14: Implementing Cisco Security Solutions
Technical requirements
Implementing AAA in a Cisco environment
Deploying a zone-based firewall
Configuring an IPS
Summary
Further reading
19
Chapter 15: Working with Cisco Security Solutions
Chapter 15: Working with Cisco Security Solutions
Technical requirements
Implementing secure protocols on Cisco devices
Deploying Layer 2 security controls
Configuring a Cisco ASA firewall
Summary
20
Chapter 16: Real-World Implementation and Best Practices
Chapter 16: Real-World Implementation and Best Practices
Technical requirements
Implementing an open source SIEM tool
Implementing tools to perform the active scanning of assets
Using open source breach and attack simulation tools
Implementing an open source honeypot platform
Summary
21
Chapter 17: Mock Exam 1
Chapter 17: Mock Exam 1
22
Chapter 18: Mock Exam 2
Questions
23
Assessment
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Chapter 12
Chapter 13
Chapter 17
Chapter 18
Why subscribe?
24
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Leave a review - let other readers know what you think

What this book covers

Chapter 1, Exploring Networking Concepts, covers the fundamentals of network protocol suites, and the characteristics and functionality of each layer of TCP/IP.

Chapter 2, Exploring Network Components and Security Systems, covers the function of various networking protocols, and the role and functions of networking and security devices.

Chapter 3, Discovering Security Concepts, covers the importance of implementing a Defense in Depth approach, explaining key security terminology and access control models.

Chapter 4, Understanding Security Principles, covers the functionality of a security operations center (SOC), how data visibility is affected by network technologies, and how threat actors are able to exfiltrate data using common network protocols.

Chapter 5, Identifying Attack Methods, covers the characteristics of common network-based attacks, web application attacks, social engineering attacks, and endpoint-based attacks, and explains how threat actors evade threat detection systems.

Chapter 6, Working with Cryptography and PKI, covers the importance of cryptography and the characteristics of confidentiality, interiority, origin authentication, non-repudiation, and Public Key Infrastructure (PKI).

Chapter 7, Delving into Endpoint Threat Analysis, covers the fundamentals of endpoint security and how it protects a system of various security threats, and also covers key components of both Windows and Linux operating systems that can help identify endpoint-based threats.

Chapter 8, Interpreting Endpoint Security, covers the filesystem for Windows and Linux operating systems, how security professionals are able to determine the vulnerability score of a security weakness, and malware analysis.

Chapter 9, Exploring Computer Forensics, covers the fundamentals of computer forensics, types of evidence collected during an investigation, and how to compare disk images.

Chapter 10, Performing Intrusion Analysis, covers the operations of various firewall technologies. It compares inline traffic interrogation techniques and explains the elements of various protocol headers as they relate to an intrusion.

Chapter 11, Security Management Techniques, covers the fundamentals of identifying artifact elements and explains the need for various security management techniques and practices within an enterprise organization.

Chapter 12, Dealing with Incident Response, covers the importance of incident response and handling processes, the characteristics of various security teams, and security compliance.

Chapter 13, Implementing Incident Handling, covers the fundamentals of implementing forensics techniques into IR, explains how the Cyber Kill Chain can be used to stop a cyber-attack, and explains how the Diamond Model of Intrusion is used to better understand how an intrusion occurs.

Chapter 14, Implementing Cisco Security Solutions, covers the fundamentals of implementing security solutions such as AAA, zone-based firewall, and an intrusion prevention system using Cisco solutions on a network.

Chapter 15, Working with Cisco Security Solutions, covers the fundamentals of implementing additional security solutions such as Layer 2 security controls, securing networking devices, and configuring a Cisco ASA firewall appliance.

Chapter 16, Real-World Implementation and Best Practices, covers advanced topics on implementing various real-world security solutions, such as an open source SIEM, performing active scanning of assets, performing breach and attack simulations, and deploying a honeypot.

Chapter 17, Mock Exam 1, includes a simple mock test containing questions that will help you to prepare for the Cisco Certified CyberOps Associate examination and will help you identify any topics you need to spend additional time learning about and practicing.

Chapter 18, Mock Exam 2, includes another mock test containing questions that will help you to prepare for the Cisco Certified CyberOps Associate examination.

Previous Section
Next Section