✆ (855)77/87-616102
delicious
facebook
email
  • Home
  • Courses
    • Upcoming Courses
  • Partners
  • Contact Us
    • Why with us?
    • About Us

CyberOps Associate

February 17, 2022
by admin
Cybersecurity, Security
Comments are off
Introduction

Today’s organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to
security incidents. Teams of people in Security Operations Centers (SOCs) keep a vigilant eye on security systems,
protecting their organizations by detecting and responding to cybersecurity exploits and threats. CyberOps Associate
prepares candidates to begin a career working as associate-level cybersecurity analysts within security operations
centers.

Target Audience

The CyberOps Associate course is designed for Cisco Networking Academy® students who are seeking careeroriented,
entry-level security analyst skills. Target students include individuals enrolled in technology degree
programs at institutions of higher education and IT professionals who want to pursue a career in the Security
Operation Center (SOC). Learners in this course are exposed to all of the foundational knowledge required to detect,
analyze, and escalate basic cybersecurity threats using common open-source tools.

Prerequisites

CyberOps Associate students should have the following skills and knowledge:

  • PC and internet navigation skills
  • Basic Windows and Linux system concepts
  • Basic understanding of computer networks
  • Binary and Hexadecimal understanding
  • Familiarity with Cisco Packet Tracer

Target Certification

This course aligns with the Cisco Certified CyberOps Associate (CBROPS) certification. Candidates need to pass the
200-201 CBROPS exam to achieve the Cisco Certified CyberOps Associate certification. The CBROPS exam tests a
candidate’s knowledge and skills related to security concepts, security monitoring, host-based analysis, network
intrusion analysis, and security policies and procedures.

Course Description

The course has many features to help students understand these concepts:

  • The course is comprised of twenty-eight (28) modules. Each module is comprised of topics.
  • Modules emphasize critical thinking, problem solving, collaboration, and the practical application of skills.
  • Each module contains some way to practice and assess understanding, such as a lab or a Packet Tracer activity. These module-level activities provide feedback and are designed to indicate learner’s mastery of the skills needed for the course. Learners can ensure their level of understanding well before taking a graded quiz or exam.
  • Some topics may contain a Check Your Understanding interactive quiz, or some other way to assess understanding, such as a lab or a Packet Tracer. These topic-level assessments are designed to tell learners if they have a good grasp of the topic content, or if they need to review before continuing. Learners can ensure their level of understanding well before taking a graded quiz or exam. Check Your Understanding quizzes do not affect the learner’s overall grade.
  • Rich multimedia content, including interactive activities, videos, and quizzes, addresses a variety of learning styles and helps stimulate learning and increase knowledge retention.
  • Virtual environments simulate real-world cybersecurity threat scenarios and create opportunities for security monitoring, analysis, and resolution.
  • Hands-on labs help students develop critical thinking and complex problem solving skills.
  • Innovative assessments provide immediate feedback to support the evaluation of knowledge and acquired skills.
  • Technical concepts are explained using language that works well for learners at all levels and embedded interactive activities break up reading of the content and help reinforce understanding.
  • The curriculum encourages students to consider additional IT education, but also emphasizes applied skills and hands-on experience.
  • Cisco Packet Tracer activities are designed for use with Packet Tracer 7.3.0 or later.

Course Objectives

CyberOps Associate v1.0 covers knowledge and skills needed to successfully handle the tasks, duties, and
responsibilities of an associate-level Cybersecurity Analyst working in a Security Operations Center (SOC).

Upon completion of the CyberOps Associate v1.0 course, students will be able to perform the following tasks:

  • Install virtual machines to create a safe environment for implementing and analyzing cybersecurity threat events.
  • Explain the role of the Cybersecurity Operations Analyst in the enterprise.
  • Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses.
  • Explain the features and characteristics of the Linux Operating System.
  • Analyze the operation of network protocols and services.
  • Explain the operation of the network infrastructure.
  • Classify the various types of network attacks.
  • Use network monitoring tools to identify attacks against network protocols and services.
  • Explain how to prevent malicious access to computer networks, hosts, and data.
  • Explain the impacts of cryptography on network security monitoring.
  • Explain how to investigate endpoint vulnerabilities and attacks.
  • Evaluate network security alerts.
  • Analyze network intrusion data to identify compromised hosts.
  • Apply incident response models to manage network security incidents.

CyberOps Associate Outline

Listed below are the current set of modules and their associated competencies outlined for this course. Each module
is an integrated unit of learning that consists of content, activities and assessments that target a specific set of
competencies. The size of the module will depend on the depth of knowledge and skill needed to master the
competency. Some modules are considered foundational, in that the artifacts presented, while not assessed, enable
learning of concepts that are covered on the CBROPS certification exam.

Module/TopicsGoals/Objectives
Module 1. The DangerExplain why networks and data are attacked.
1.0 IntroductionA brief introduction to the course and the first module.
1.1 War StoriesOutline features of cybersecurity incidents.
1.2 Threat ActorsExplain the motivations of the threat actors behind specific security
incidents.
1.3 Threat ImpactExplain the potential impact of network security attacks.
1.4 The Danger SummaryA brief summary and the module quiz.
Module 2. Fighters in the War Against CybercrimeExplain how to prepare for a career in cybersecurity operations.
2.0 IntroductionAn introduction to the module.
2.1 The Modern Security Operations CenterExplain the mission of the security operations center.
2.2 Becoming a DefenderDescribe resources available to prepare for a career in cybersecurity operations.
2.3 Fighters in the War Against Cybercrime SummaryA brief summary and the module quiz.
Module 3. The Windows Operating SystemExplain the security features of the Windows operating system.
3.0 IntroductionAn introduction to the module.
3.1 Windows HistoryDescribe the history of the Windows Operating System.
3.2 Windows Architecture and OperationsExplain the architecture of Windows and its operation.
3.3 Windows Configuration and MonitoringExplain how to configure and monitor Windows.
3.4 Windows SecurityExplain how Windows can be kept secure.
3.5 The Windows Operating System SummaryA brief summary and the module quiz.
Module 4. Linux OverviewImplement basic Linux security.
4.0 IntroductionAn introduction to the module.
4.1 Linux BasicsExplain why Linux skills are essential for network security monitoring
and investigation.
4.2 Working in the Linux ShellUse the Linux shell to manipulate text files.
4.3 Linux Servers and ClientsExplain how client-server networks function.
4.4 Basic Server AdministrationExplain how a Linux administrator locates and manipulates security log files.
4.5 The Linux File SystemManage the Linux file system and permissions.
4.6 Working with the Linux GUIExplain the basic components of the Linux GUI.
4.7 Working on a Linux HostUse tools to detect malware on a Linux host.
4.8 Linux Basics SummaryA brief summary and the module quiz.
Module 5. Network ProtocolsExplain how protocols enable network operations.
5.0 IntroductionAn introduction to the module.
5.1 Network Communication ProcessExplain the basic operations of data networked communications.
5.2 Communication ProtocolsExplain how protocols enable network operations.
5.3 Data EncapsulationExplain how data encapsulation allows data to be transported across the network.
5.4 Network Protocols SummaryA brief summary and the module quiz.
Module 6. Ethernet and Internet Protocol (IP)Explain how the ethernet and IP protocols support network communications.
6.0 IntroductionAn introduction to the module.
6.1 EthernetExplain how Ethernet supports network communication.
6.2 IPv4Explain how the IPv4 protocol supports network communications.
6.3 IP Addressing BasicsExplain how IP addresses enable network communication.
6.4 Types of IPv4 AddressesExplain the types of IPv4 addresses that enable network
communication.
6.5 The Default GatewayExplain how the default gateway enables network communication.
6.6 IPv6 Prefix LengthExplain how the IPv6 protocol supports network communications.
6.7 Ethernet and IP Protocol SummaryA brief summary and the module quiz.
Module 7. Principles of Network SecurityConnectivity Verification
7.0 IntroductionAn introduction to the module.
7.1 ICMPExplain how ICMP is used to test network connectivity.
7.2 Ping and Traceroute UtilitiesUse Windows tools, ping, and traceroute to verify network connectivity
7.3 Connectivity Verification SummaryA brief summary and the module quiz.
Module 8. Address Resolution ProtocolAnalyze address resolution protocol PDUs on a network.
8.0 IntroductionAn introduction to the module.
8.1 MAC and IPCompare the roles of the MAC address and the IP address.
8.2 ARPAnalyze ARP by examining Ethernet frames.
8.3 ARP IssuesExplain how ARP requests impact network and host performance.
8.4 Address Resolution Protocol SummaryA brief summary and the module quiz.
Module 9. The Transport LayerExplain how transport layer protocols support network functionality.
9.0 IntroductionAn introduction to the module.
9.1 Transport Layer CharacteristicsExplain how transport layer protocols support network communication.
9.2 Transport Layer Session EstablishmentExplain how the transport layer establishes communication sessions.
9.3 Transport Layer ReliabilityExplain how the transport layer establishes reliable communications.
9.4 The Transport Layer SummaryA brief summary and the module quiz.
Module 10. Network ServicesExplain how network services enable network functionality.
10.0 IntroductionAn introduction to the module.
10.1 DHCPExplain how DHCP services enable network functionality.
10.2 DNSExplain how DNS services enable network functionality.
10.3 NATExplain how NAT services enable network functionality.
10.4 File Transfer and Sharing ServicesExplain how file transfer services enable network functionality.
10.5 EmailExplain how email services enable network functionality.
10.6 HTTPExplain how HTTP services enable network functionality.
10.7 Network Services SummaryA brief summary and the module quiz.
Module 11. Network Communication DevicesExplain how network devices enable wired and wireless network communication.
11.0 IntroductionAn introduction to the module.
11.1 Network DevicesExplain how network devices enable network communication.
11.2 Wireless CommunicationsExplain how wireless devices enable network communication.
11.3 Network Communication Devices SummaryA brief summary and the module quiz.
Module 12. Network Security InfrastructureExplain how network devices and services are used to enhance network security.
12.0 IntroductionAn introduction to the module.
12.1 Network TopologiesExplain how network designs influence the flow of traffic through the
network.
12.2 Security DevicesExplain how specialized devices are used to enhance network
security.
12.3 Security ServicesExplain how network services enhance network security.
12.4 Network Security Infrastructure SummaryA brief summary of this module.
Module 13. Attackers and Their ToolsExplain how networks are attacked.
13.0 IntroductionAn introduction to the module.
13.1 Who is Attacking Our Network?Explain how network threats have evolved.
13.2 Threat Actor ToolsDescribe the various types of attack tools used by Threat Actors.
13.3 Attackers and Their Tools SummaryA brief summary and the module quiz.
Module 14. Common Threats and AttacksExplain the various types of threats and attacks.
14.0 IntroductionAn introduction to the module.
14.1 MalwareDescribe types of malware.
14.2 Common Network Attacks – Reconnaissance, Access, and Social EngineeringExplain reconnaissance, access, and social engineering attacks.
14.3 Network Attacks – Denial of Service, Buffer
Overflows, and Evasion
Explain denial of service, buffer overflow, and evasion attacks.
14.4 Common Threats and Attacks SummaryA brief summary and the module quiz.
Module 15. Observing Network OperationExplain network traffic monitoring.
15.0 IntroductionAn introduction to the module.
15.1 Introduction to Network MonitoringExplain the importance of network monitoring
15.2 Introduction to Network Monitoring ToolsExplain how network monitoring is conducted.
15.3 Network Monitoring and Tools SummaryA brief summary and the module quiz.
Module 16. Attacking the FoundationExplain how TCP/IP vulnerabilities enable network attacks.
16.0 IntroductionAn introduction to the module.
16.1 IP PDU DetailsExplain the IPv4 and IPv6 header structure.
16.2 IP VulnerabilitiesExplain how IP vulnerabilities enable network attacks.
16.3 TCP and UDP VulnerabilitiesExplain how TCP and UDP vulnerabilities enable network attacks.
16.4 Attacking the Foundation SummaryA brief summary and the module quiz.
Module 17. Attacking What We DoExplain how common network applications and services are vulnerable to attack.
17.0 IntroductionAn introduction to the module.
17.1 IP ServicesExplain IP service vulnerabilities.
17.2 Enterprise ServicesExplain how network application vulnerabilities enable network attacks
17.3 Attacking What We Do SummaryA brief summary and the module quiz.
Module 18. Understanding DefenseExplain approaches to network security defense.
18.0 IntroductionAn introduction to the module.
18.1 Defense-in-DepthExplain how the defense-in-depth strategy is used to protect networks.
18.2 Security Policies, Regulations, and StandardsExplain security policies, regulations, and standards.
18.3 Understanding Defense SummaryA brief summary and the module quiz.
Module 19. Access ControlExplain access control as a method of protecting a network.
19.0 IntroductionAn introduction to the module.
19.1 Access Control ConceptsExplain how access control protects network data.
19.2 AAA usage and operationExplain how AAA is used to control network access.
19.3 Access Control SummaryA brief summary and the module quiz.
Module 20. Threat IntelligenceUse various intelligence sources to locate current security threats.
20.0 IntroductionAn introduction to the module.
20.1 Information SourcesDescribe information sources used to communicate emerging network security threats.
20.2 Threat Intelligence ServicesDescribe various threat intelligence services.
20.3 Threat Intelligence SummaryA brief summary and the module quiz.
Module 21. CryptographyExplain how the public key infrastructure supports network security.
21.0 IntroductionAn introduction to the module.
21.1 Integrity and AuthenticityExplain the role of cryptography in ensuring the integrity and
authenticity data.
21.2 ConfidentialityExplain how cryptographic approaches enhance data confidentiality.
21.3 Public Key CryptographyExplain public key cryptography.
21.4 Authorities and the PKI Trust SystemExplain how the public key infrastructure functions.
21.5 Applications and Impacts of CryptographyExplain how the use of cryptography affects cybersecurity operations.
21.6 Cryptography SummaryA brief summary of this module.
Module 22. Endpoint ProtectionExplain how a malware analysis website generates a malware analysis report.
22.0 IntroductionAn introduction to the module.
22.1 Antimalware ProtectionExplain methods of mitigating malware.
22.2 Host-based Intrusion PreventionExplain host-based IPS/IDS log entries.
22.3 Application SecurityExplain how sandbox is used to analyze malware.
22.4 Endpoint Protection SummaryA brief summary and the module quiz.
Module 23. Endpoint Vulnerability AssessmentExplain how endpoint vulnerabilities are assessed and managed.
23.0 IntroductionAn introduction to the module.
23.1 Network and Server ProfilingExplain the value of network and server profiling.
23.2 Common Vulnerability Scoring System (CVSS)Explain how CVSS reports are used to describe security
vulnerabilities.
23.3 Secure Device ManagementExplain how secure device management techniques are used to protect data and assets.
23.4 Information Security Management SystemsExplain how information security management systems are used to
protect assets.
23.5 Endpoint Vulnerability Assessment SummaryA brief summary and the module quiz.
Module 24. Technologies and ProtocolsExplain how security technologies affect security monitoring.
24.0 IntroductionAn introduction to the module.
24.1 Monitoring Common ProtocolsExplain the behavior of common network protocols in the context of security monitoring.
24.2 Security TechnologiesExplain how security technologies affect the ability to monitor common network protocols.
24.3 Technologies and Protocols SummaryA brief summary and the module quiz.
Module 25. Network Security DataExplain the types of network security data used in security monitoring.
25.0 IntroductionAn introduction to the module.
25.1 Types of Security DataDescribe the types of data used in security monitoring.
25.2 End Device LogsDescribe the elements of an end device log file.
25.3 Network LogsDescribe the elements of a network device log file.
25.4 Network Security Data SummaryA brief summary and the module quiz.
Module 26. Evaluating AlertsExplain the process of evaluating alerts.
26.0 IntroductionAn introduction to the module.
26.1 Source of AlertsIdentify the structure of alerts.
26.2 Overview of Alert EvaluationExplain how alerts are classified.
26.3 Evaluating Alerts SummaryA brief summary and the module quiz.
Module 27. Working with Network Security DataInterpret data to determine the source of an alert.
27.0 IntroductionAn introduction to the module.
27.1 A Common Data PlatformExplain how data is prepared for use in Network Security Monitoring (NSM) system.
27.2 Investigating Network DataUse Security Onion tools to investigate network security events.
27.3 Enhancing the Work of the Cybersecurity AnalystDescribe network monitoring tools that enhance workflow
management.
27.4 Working with Network Security Data SummaryA brief summary and the module quiz.
Module 28. Digital Forensics and Incident Analysis and ResponseExplain how the CyberOps Associate responds to cybersecurity incidents.
28.0 IntroductionAn introduction to the module.
28.1 Evidence Handling and Attack AttributionExplain the role of digital forensic processes.
28.2 The Cyber Kill ChainIdentify the steps in the Cyber Kill Chain.
28.3 The Diamond Model of Intrusion AnalysisClassify an intrusion event using the Diamond Model.
28.4 Incident ResponseApply the NIST 800-61r2 incident handling procedures to a given incident scenario.
28.5 Digital Forensics and Incident Analysis and Response SummaryA brief summary of this module.
28.6 Prepare for Your Exam and Launch Your Career!Certification preparation, discount vouchers, and other career resources.

Social Share
Other Courses
  • Upcoming Courses
  • IT Essentials
  • Cisco CCNAv7
  • Cisco CCNA1v7
  • Cisco CCNA2v7
  • Cisco CCNA3v7
  • Introduction to Cybersecurity
  • Cybersecurity Essentials
  • CyberOps Associate
  • Network Security
  • Cloud Security
  • MikroTik MTCNA
  • INE
  • VoIP and PABX
  • CCNA Exam Preparation

PPIC is qualified IT Training Center that authorized to teach Cisco and MikroTik courses in Phnom Penh, Cambodia.

Address: #194D, Russian Federation Blvd, CPC, Toeuk Thlar, Sen Sok, Phnom Penh, Cambodia.

  • Why with us?
  • Upcoming Courses
  • Contact Us
Facebook Pagelike Widget
https://t.me/ppictraining Our Telegram Channel
✆ (855)77-616102 ✆ (855)87-616102 ✉ info@ppic-training.com
© Copyright 2022, PPIC