CCNA Cybersecurity Operations 1.1 Scope and Sequence

Similar documents
CCNA Cybersecurity Operations. Program Overview

Cisco Networking Academy CCNA Cybersecurity Operations 1.1 Curriculum Overview Updated July 2018

CCNA Routing and Switching Courses. Scope and Sequence. Target Audience. Curriculum Overview. Last updated November 2, 2016

CCNA Routing and Switching Courses. Scope and Sequence. Target Audience. Curriculum Overview. Last updated August 22, 2018

CCNA (Routing & Switching) Program Overview

Cybersecurity Essentials

Scope and Sequence: CCNA Discovery

CCNA Routing and Switching Courses. Scope and Sequence. Target Audience. Curriculum Overview. Last updated August 22, 2018

Cisco Certified Entry Networking Technician (CCENT)

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

CCNA Routing and Switching Scope and Sequence

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

IT Essentials 5.0 Scope and Sequence

IT Essentials 6.0 Overview. Jorge Leiton Product Manager January 2016

Course Outline. CCNA Cyber Ops SECOPS Official Cert Guide (Course & Labs)

Scope and Sequence: CCNA Discovery

Certified Ethical Hacker (CEH)

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Networking Fundamentals Training

Instructor: Eric Rettke Phone: (every few days)

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

Hands-On CompTIA A+ Essentials / Practical Application Certification

Introduction. Goal of This Book. Audience for This Book

CompTIA Cybersecurity Analyst+

CompTIA Security+ SY Course Outline. CompTIA Security+ SY May 2018

Administering System Center 2012 Configuration Manager

CCNA Routing. & Switching (1-4) PT. CCNP Routing. & Switching (1-3) Networking Essentials

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

Scope and Sequence: CCNA Discovery v4.0

CompTIA Network+ (Exam N10-006)

The fast track to top skills and top jobs in cyber. Guaranteed.

Strengthening Capacity in Cyber Talent sans.org/cybertalent

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

CCNA CCNA Security Official Cert Guide. Course Outline. CCNA Security Official Cert Guide.

IE156: ICS410: ICS/SCADA Security Essentials

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Scope and Sequence: CCNA Exploration v4.0

Cisco CCNA Cyber Ops

CompTIA Cybersecurity Analyst+ (CySA+) Course Outline. CompTIA Cybersecurity Analyst+ (CySA+) 17 Sep 2018

Designing and Building a Cybersecurity Program

NISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions

EC-Council C EH. Certified Ethical Hacker. Program Brochure

The fast track to top skills and top jobs in cyber. FREE TO TRANSITIONING VETERANS

Certified Ethical Hacker V9

EC-Council C EH. Certified Ethical Hacker. Program Brochure

DIABLO VALLEY COLLEGE CATALOG

COMPUTER INFORMATION SYSTEMS

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

NISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions

Course Outline. Course Outline :: 20744A::

CCNA-A Scope and Sequence (March 2007-Draft)

Cyber Security CYBER SECURITY

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Cybersecurity Auditing in an Unsecure World

Managing Microsoft 365 Identity and Access

The GenCyber Program. By Chris Ralph

Certified Cyber Security Analyst VS-1160

Course overview. CompTIA Security+ Certification (Exam SY0-501) Study Guide (G635eng v107)

A guide to CompTIA training and certification DDLS Australia Pty Ltd

IT Essentials: PC Hardware and Software

Computer Information Systems

Implementing Cisco Cybersecurity Operations

OHLONE COLLEGE Ohlone Community College District OFFICIAL COURSE OUTLINE

LO N LO CompTIA Network (Course & Labs) Course Outline. LO CompTIA Network (Course & Labs) 04 Apr 2018

LO CompTIA Network (Course & Labs) Course Outline. LO CompTIA Network (Course & Labs) ( Add-On ) 15 Jul 2018

Matt Walker s All in One Course for the CEH Exam. Course Outline. Matt Walker s All in One Course for the CEH Exam.

Keeping Your SOCs Full. May 26, Strengthening Capacity in Cyber Talent sans.org/cybertalent

A+ Certification. Course Description. Course Objectives. 9300; 5 Days, Instructor-led

External Supplier Control Obligations. Cyber Security

Course Description. Audience. Prerequisites. Skills Taught. Module Title. Duration. Course Outline :: CompTIA A+ Certification ::

STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

CompTIA A+ Accelerated course for & exams

Microsoft Securing Windows Server 2016

EC-Council Certified Incident Handler v2. Prepare to Handle and Respond to Security Incidents EC-COUNCIL CERTIFIED INCIDENT HANDLER 1

Standard Course Outline IS 656 Information Systems Security and Assurance

CEH: CERTIFIED ETHICAL HACKER v9

Learn about the Fundamental building blocks that go into building a Windows Server infrastructure with Windows Server 2012.

Apprenticeships CYBER SECURITY HIGHER APPRENTICESHIP FROM IT TECHNICIAN TO SKILLED INFORMATION SECURITY PROFESSIONAL

Descriptions for CIS Classes (Fall 2017)

Prerequisites Using Microsoft Windows 10

[MS20744]: Securing Windows Server 2016

Un SOC avanzato per una efficace risposta al cybercrime

CompTIA Mobility+ Certification

Microsoft Certified System Engineer

Bachelor of Information Technology (Network Security)

Securing Windows Server 2016

Get Connected. IT Essentials. NDG Linux Essentials. NDG Introduction to Linux I. NDG Introduction to Linux II

Computer Science & IT

CPTE: Certified Penetration Testing Engineer

Computer Network Engineering

CIW: Web Security Associate. Course Outline. CIW: Web Security Associate. 12 Oct ( Add-On )

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

Understanding Cisco Cybersecurity Fundamentals

10747D: Administering System Center 2012 Configuration Manager

Building the Cybersecurity Workforce. November 2017

ITSY 2330 Intrusion Detection Course Syllabus

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Transcription:

CCNA Cybersecurity Operations 1.1 Scope and Sequence Last updated June 18, 2018 Introduction Today's organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOCs) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cybersecurity threats. CCNA Cybersecurity Operations prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers. Target Audience The Cisco CCNA Cybersecurity Operations 1.0 (CyberOps) course is designed for Cisco Networking Academy students seeking career-oriented, entry-level security analyst skills. Target students include individuals enrolled in technology degree programs at institutions of higher education and IT professionals who want to pursue a career in the Security Operation Center (SOC). Prerequisites CCNA Cybersecurity Operations students should have the following skills and knowledge: PC and Internet navigation skills Basic Windows and Linux system concepts Basic Networking concepts Binary and Hexadecimal understanding Awareness of basic programming concepts Awareness of basic SQL queries Target Certifications This course aligns with the CCNA Cyber Ops certification. Candidates need to pass the 210-250 SECFND exam and the 210-255 SECOPS exam to achieve the CCNA Cyber Ops certification. Curriculum Description The course has many features to help students understand these concepts: Rich multimedia content, including interactive activities, videos, games, and quizzes, addresses a variety of learning styles and help stimulate learning and increase knowledge retention Virtual environments simulate real-world cybersecurity threat scenarios and create opportunities for ethical hacking, security monitoring, analysis and resolution Hands-on labs help students develop critical thinking and complex problem solving skills Innovative assessments provide immediate feedback to support the evaluation of knowledge and acquired skills Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 5

Technical concepts are explained using language that works well for learners at all levels and embedded interactive activities break up reading of the content and help reinforce understanding The curriculum encourages students to consider additional IT education, but also emphasizes applied skills and hands-on experience Cisco Packet Tracer activities are designed for use with Packet Tracer 7.0 or later. Curriculum Objectives CCNA Cybersecurity Operations 1.0 covers knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a Security Operations Center (SOC). Upon completion of the CCNA Cybersecurity Operations 1.0 course, students will be able to perform the following tasks: Install virtual machines to create a safe environment for implementing and analyzing cybersecurity threat events. Explain the role of the Cybersecurity Operations Analyst in the enterprise. Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses. Explain the features and characteristics of the Linux Operating System. Analyze the operation of network protocols and services. Explain the operation of the network infrastructure. Classify the various types of network attacks. Use network monitoring tools to identify attacks against network protocols and services. Use various methods to prevent malicious access to computer networks, hosts, and data. Explain the impacts of cryptography on network security monitoring. Explain how to investigate endpoint vulnerabilities and attacks. Evaluate network security alerts. Analyze network intrusion data to identify compromised hosts and vulnerabilities. Apply incident response models to manage network security incidents. Virtual Machine Lab Requirements This course uses a single virtual machine (VM) for many of the labs through Chapter 10. Three additional VMs are added in Chapter 11. There is also a single VM option available for lab or student PCs that do not meet the following requirements: Host computer with at least 8 GB of RAM and 45 GB of free disk space Latest version of Oracle VirtualBox: http://www.oracle.com/technetwork/serverstorage/virtualbox/downloads/index.html Internet connection Five virtual machines listed in the table below: Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 5

Table 1. Virtual Machine Requirements Virtual Machine RAM Disk Space Username Password CyberOps Workstation VM 1 GB 7 GB analyst cyberops Kali 1 GB 10 GB root cyberops Metasploitable 512 KB 8 GB msfadmin msfadmin Security Onion 4 GB 10 GB analyst cyberops Security Onion (Alternative)* 3 GB 10 GB analyst cyberops *Chapter 12 labs 12.4.1.1 and 12.4.1.2 provide an option of using only one Alternative Security Onion VM. For the best learning experience, we recommend a typical class size of 12 to 15 students and a ratio of one Lab PC per student. At most, two students can share one Lab PC for the hands-on labs. Some lab activities require the student Lab PCs to be connected to a local network. Course Outline Table 2. Cybersecurity Operations 1.0 Course Outline Chapter/Section Chapter 1. Cybersecurity and the Security Operations Center Goals/Objectives Explain the role of the Cybersecurity Operations Analyst in the enterprise. 1.1 The Danger Explain why networks and data are attacked. 1.2 Fighters in the War Against Cybercrime Explain how to prepare for a career in Cybersecurity operations. Chapter 2. Windows Operating System Explain the Windows Operating System features and characteristics needed to support cybersecurity analyses. 2.1 Windows Overview Explain the operation of the Windows Operating System. 2.2 Windows Administration Explain how to secure Windows endpoints. Chapter 3. Linux Operating System Explain the features and characteristics of the Linux Operating System. 3.1 Using Linux Perform basic operations in the Linux shell. 3.2 Linux Administration Perform basic Linux administration tasks. 3.3 Linux Clients Perform basic security-related tasks on a Linux host. Chapter 4. Network Protocols and Services Analyze the operation of network protocols and services. 4.1 Network Protocols Explain how protocols enable network operations. 4.2 Ethernet and Internet Protocol (IP) Explain how the Ethernet and IP protocols support network communication. 4.3 Connectivity Verification Use common testing utilities to verify and test network connectivity. Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 5

4.4 Address Resolution Protocol Explain how the address resolution protocol enables communication on a network. 4.5 The Transport Layer and Network Services Explain how transport layer protocols and network services support network functionality. 4.6 Network Services Explain how network services enable network functionality. Chapter 5. Network Infrastructure Explain the operation of the network infrastructure. 5.1 Network Communication Devices Explain how network devices enable wired and wireless network communication. 5.2 Network Security Infrastructure Explain how devices and services are used to enhance network security. 5.3 Network Representations Explain how networks and network topologies are represented. Chapter 6. Principles of Network Security Classify the various types of network attacks. 6.1 Attackers and Their Tools Explain how networks are attacked. 6.2 Common Threats and Attacks Explain the various types of threats and attacks. Chapter 7. Network Attacks: A Deeper Look Use network monitoring tools to identify attacks that against network protocols and services. 7.1 Observing Network Operation Explain network traffic monitoring. 7.2 Attacking the Foundation Explain how TCP/IP vulnerabilities enable network attacks. 7.3 Attacking What We Do Explain how common network applications and services are vulnerable to attack. Chapter 8. Protecting the Network Use various methods to prevent malicious access to computer networks, hosts, and data. 8.1 Understanding Defense Explain approaches to network security defense. 8.2 Access Control Explain access control as a method of protecting a network. 8.3 Network Firewalls and Intrusion Prevention Explain how firewalls and other devices prevent network intrusions. 8.4 Content Filtering Explain how content filtering prevents unwanted data from entering the network. 8.5 Threat Intelligence Use various intelligence sources to locate current security threats. Chapter 9. Cryptography and the Public Key Infrastructure Explain the impacts of cryptography on network security monitoring. 9.1 Cryptography Use tools to encrypt and decrypt data. 9.2 Public Key Cryptography Explain how the public key infrastructure (PKI) supports network security. Chapter 10. Endpoint Security and Analysis Explain how to investigate endpoint vulnerabilities and attacks. Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 5

10.1 Endpoint Protection Use a tool to generate a malware analysis report. 10.2 Endpoint Vulnerability Assessment Classify endpoint vulnerability assessment information. Chapter 11. Security Monitoring Evaluate network security alerts. 11.1 Technologies and Protocols Explain how security technologies affect security monitoring. 11.2 Log Files Explain the types of log files used in security monitoring Chapter 12. Intrusion Data Analysis Analyze network intrusion data to identify compromised hosts and vulnerabilities 12.1 Data Collection Explain how security-related data is collected. 12.2 Data Preparation Arrange a variety of log files in preparation for intrusion data analysis. 12.3 Data Analysis Analyze intrusion data to determine the source of an attack. Chapter 13. Incident Response and Handling Explain how network security incidents are handled by CSIRTs. 13.1 Incident Response Models Apply incident response models to an intrusion event. 13.2 CSIRTs and NIST 800-61r2 Apply standards specified in NIST 800-61r2 to a computer security incident. 13.3 Case-Based Practice Given a set of logs, isolate a threat actor and recommend an incident response plan. Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback