Book Image

Cisco Certified CyberOps Associate 200-201 Certification Guide

By : Glen D. Singh
Book Image

Cisco Certified CyberOps Associate 200-201 Certification Guide

By: Glen D. Singh

Overview of this book

Achieving the Cisco Certified CyberOps Associate 200-201 certification helps you to kickstart your career in cybersecurity operations. This book offers up-to-date coverage of 200-201 exam resources to fully equip you to pass on your first attempt. The book covers the essentials of network security concepts and shows you how to perform security threat monitoring. You'll begin by gaining an in-depth understanding of cryptography and exploring the methodology for performing both host and network-based intrusion analysis. Next, you'll learn about the importance of implementing security management and incident response strategies in an enterprise organization. As you advance, you'll see why implementing defenses is necessary by taking an in-depth approach, and then perform security monitoring and packet analysis on a network. You'll also discover the need for computer forensics and get to grips with the components used to identify network intrusions. Finally, the book will not only help you to learn the theory but also enable you to gain much-needed practical experience for the cybersecurity industry. By the end of this Cisco cybersecurity book, you'll have covered everything you need to pass the Cisco Certified CyberOps Associate 200-201 certification exam, and have a handy, on-the-job desktop reference guide.
Table of Contents (25 chapters)
1
Section 1: Network and Security Concepts
5
Section 2: Principles of Security Monitoring
9
Section 3: Host and Network-Based Analysis
14
Section 4: Security Policies and Procedures
21
Chapter 17: Mock Exam 1
22
Chapter 18: Mock Exam 2

Interpreting evasion and obfuscation techniques

In this section, we are going to cover the fundamentals of evasion and obfuscation techniques, both of which threat actors such as a hacker will use to go undetected by a security appliance or gain control of a network. Hackers will use various evasion techniques that allow them to bypass security detection on a system or network. If the actions of a threat actor are not detected or reported, the organization will never be aware of a cyberattack within their network. This is one of the driving forces for cybersecurity solution vendors and professionals within the industry: to always ensure their security appliances and solutions are always able to detect a threat and attack as it happens in real time. Without detection, the threat actor can do anything on the victim's network without being caught.

The following are some evasion techniques:

  • Flooding: With flooding, the attacker floods a network or security device with...