Course Description
Course Overview
The Performing CyberOps Using Cisco Security Technologies (CBRCOR) 350-201 course is designed to equip learners with the necessary knowledge and skills to perform cybersecurity operations using Cisco security technologies. The course covers a wide range of topics, including network security monitoring, incident response, threat intelligence, and security automation. Participants will gain practical hands-on experience through various labs and exercises to reinforce their understanding of the concepts taught.
Prerequisites
Before taking this course, learners should have a solid understanding of networking concepts, TCP/IP protocols, and general security principles. Familiarity with Cisco security technologies, such as Cisco Firepower, Cisco Identity Services Engine (ISE), and Cisco Stealthwatch, is also beneficial but not mandatory.
Methodology
The course employs a blended learning approach, combining instructor-led lectures, hands-on lab exercises, and interactive discussions. Participants will have access to virtual lab environments where they can practice configuring and troubleshooting various security technologies. Real-world scenarios and case studies will be utilized to provide practical insights into cybersecurity operations.
Course Outline
- Introduction to CyberOps and Cisco Security Technologies
- Overview of cybersecurity operations
- Introduction to Cisco security technologies
- Network Security Monitoring
- Network visibility and traffic analysis
- Monitoring tools and techniques
- Packet capture and analysis
- Intrusion detection and prevention systems (IDS/IPS)
- Network flow analysis
- Incident Response and Forensics
- Incident response lifecycle
- Threat hunting and detection
- Incident analysis and containment
- Digital forensics fundamentals
- Evidence collection and preservation
- Threat Intelligence
- Introduction to threat intelligence
- Threat intelligence sources and feeds
- Threat intelligence platforms
- Threat hunting using intelligence
- Security Automation and Orchestration
- Introduction to security automation
- Orchestration and automation tools
- Scripting and programming for automation
- Use cases for security automation
Outcome
Upon completion of the course, learners will be able to:
- Understand the fundamentals of cybersecurity operations.
- Effectively monitor and analyze network traffic for security threats.
- Respond to and mitigate security incidents using best practices.
- Apply digital forensics techniques for incident investigations.
- Leverage threat intelligence to proactively identify and respond to threats.
- Implement security automation and orchestration to improve operational efficiency.
Labs
- Set up packet capture and analysis tools
- Configure network flow monitoring
- Utilize intrusion detection and prevention systems
- Develop an incident response plan
- Conduct incident analysis and containment
- Perform incident forensics using appropriate tools
- Access and analyze threat intelligence feeds
- Implement threat intelligence platforms
- Use threat intelligence for proactive defense
- Configure security automation tools
- Develop scripts for automated security tasks
- Implement use cases for automation