Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Cisco Certified CyberOps Associate 200-201 Certification Guide
  • Toc
  • feedback
Cisco Certified CyberOps Associate 200-201 Certification Guide

Cisco Certified CyberOps Associate 200-201 Certification Guide

By : Glen D. Singh
4.7 (12)
close
Cisco Certified CyberOps Associate 200-201 Certification Guide

Cisco Certified CyberOps Associate 200-201 Certification Guide

4.7 (12)
By: Glen D. Singh

Overview of this book

Achieving the Cisco Certified CyberOps Associate 200-201 certification helps you to kickstart your career in cybersecurity operations. This book offers up-to-date coverage of 200-201 exam resources to fully equip you to pass on your first attempt. The book covers the essentials of network security concepts and shows you how to perform security threat monitoring. You'll begin by gaining an in-depth understanding of cryptography and exploring the methodology for performing both host and network-based intrusion analysis. Next, you'll learn about the importance of implementing security management and incident response strategies in an enterprise organization. As you advance, you'll see why implementing defenses is necessary by taking an in-depth approach, and then perform security monitoring and packet analysis on a network. You'll also discover the need for computer forensics and get to grips with the components used to identify network intrusions. Finally, the book will not only help you to learn the theory but also enable you to gain much-needed practical experience for the cybersecurity industry. By the end of this Cisco cybersecurity book, you'll have covered everything you need to pass the Cisco Certified CyberOps Associate 200-201 certification exam, and have a handy, on-the-job desktop reference guide.
Table of Contents (25 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Code in Action
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Network and Security Concepts
Section 1: Network and Security Concepts
Free Chapter
2
Chapter 1: Exploring Networking Concepts
Chapter 1: Exploring Networking Concepts
Technical requirements
The functions of the network layers
Understanding the purpose of various network protocols
Summary
Questions
Further reading
3
Chapter 2: Exploring Network Components and Security Systems
Chapter 2: Exploring Network Components and Security Systems
Technical requirements
Exploring various network services
Discovering the role and operations of network devices
Describing the functions of Cisco network security systems
Summary
Questions
Further reading
4
Chapter 3: Discovering Security Concepts
Chapter 3: Discovering Security Concepts
Introducing the principles of defense in depth
Exploring security terminologies
Exploring access control models
Understanding security deployment
Summary
Questions
5
Section 2: Principles of Security Monitoring
Section 2: Principles of Security Monitoring
6
Chapter 4: Understanding Security Principles
Chapter 4: Understanding Security Principles
Technical requirements
Understanding a security operation center
Understanding the security tools used to inspect data types on a network
Understanding the impact of data visibility through networking technologies
Understanding how threat actors transport malicious code
Delving into data types used during security monitoring
Summary
Questions
Further reading
7
Chapter 5: Identifying Attack Methods
Chapter 5: Identifying Attack Methods
Understanding network-based attacks
Exploring web application attacks
Delving into social engineering attacks
Understanding endpoint-based attacks
Interpreting evasion and obfuscation techniques
Summary
Questions
Further reading
8
Chapter 6: Working with Cryptography and PKI
Chapter 6: Working with Cryptography and PKI
Technical requirements
Understanding the need for cryptography
Types of ciphers
Understanding cryptanalysis
Understanding the hashing process
Exploring symmetric encryption algorithms
Delving into asymmetric encryption algorithms
Understanding PKI
Using cryptography in wireless security
Summary
Questions
Further reading
9
Section 3: Host and Network-Based Analysis
Section 3: Host and Network-Based Analysis
10
Chapter 7: Delving into Endpoint Threat Analysis
Chapter 7: Delving into Endpoint Threat Analysis
Technical requirements
Understanding endpoint security technologies
Understanding Microsoft Windows components
Exploring Linux components
Summary
Questions
Further reading
11
Chapter 8: Interpreting Endpoint Security
Chapter 8: Interpreting Endpoint Security
Technical requirements
Exploring the Microsoft Windows filesystem
Delving into the Linux filesystem
Understanding the CVSS
Working with malware analysis tools
Summary
Questions
12
Chapter 9: Exploring Computer Forensics
Chapter 9: Exploring Computer Forensics
Technical requirements
Understanding the need for computer forensics
Understanding types of evidence
Contrasting tampered and untampered disk images
Tools commonly used during a forensics investigation
Understanding the role of attribution in an investigation
Summary
Questions
Further reading
13
Chapter 10: Performing Intrusion Analysis
Chapter 10: Performing Intrusion Analysis
Technical requirements
Identifying intrusion events based on source technologies
Stateful and deep packet firewall operations
Comparing inline traffic interrogation techniques
Understanding impact and no impact on intrusion
Protocol headers in intrusion analysis
Packet analysis using a PCAP file and Wireshark
Summary
Questions
Further reading
14
Section 4: Security Policies and Procedures
Section 4: Security Policies and Procedures
15
Chapter 11: Security Management Techniques
Chapter 11: Security Management Techniques
Technical requirements
Identifying common artifact elements
Interpreting basic regular expressions
Understanding asset management
Delving into configuration and mobile device management
Exploring patch and vulnerability management
Summary
Questions
Further reading
16
Chapter 12: Dealing with Incident Response
Chapter 12: Dealing with Incident Response
Understanding the incident handling process
Exploring CSIRT teams and their responsibilities
Delving into network and server profiling
Comparing compliance frameworks
Summary
Questions
Further reading
17
Chapter 13: Implementing Incident Handling
Chapter 13: Implementing Incident Handling
Understanding the NIST SP 800-86 components
Sharing information using VERIS
Exploring the Cyber Kill Chain
Delving into the Diamond Model of Intrusion Analysis
Identifying protected data in a network
Summary
Questions
Further reading
18
Chapter 14: Implementing Cisco Security Solutions
chevron up
Chapter 14: Implementing Cisco Security Solutions
Technical requirements
Implementing AAA in a Cisco environment
Deploying a zone-based firewall
Configuring an IPS
Summary
Further reading
19
Chapter 15: Working with Cisco Security Solutions
Chapter 15: Working with Cisco Security Solutions
Technical requirements
Implementing secure protocols on Cisco devices
Deploying Layer 2 security controls
Configuring a Cisco ASA firewall
Summary
20
Chapter 16: Real-World Implementation and Best Practices
Chapter 16: Real-World Implementation and Best Practices
Technical requirements
Implementing an open source SIEM tool
Implementing tools to perform the active scanning of assets
Using open source breach and attack simulation tools
Implementing an open source honeypot platform
Summary
21
Chapter 17: Mock Exam 1
Chapter 17: Mock Exam 1
22
Chapter 18: Mock Exam 2
Questions
23
Assessment
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Chapter 10
Chapter 11
Chapter 12
Chapter 13
Chapter 17
Chapter 18
Why subscribe?
24
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Leave a review - let other readers know what you think

Chapter 14: Implementing Cisco Security Solutions

Throughout the course of this book, you have discovered the importance of cybersecurity operations and have gained skills in using various technologies to detect and analyze threats on an enterprise network. Now it's about time to take things to the next level by learning how to implement various security controls and technologies to prevent and mitigate cyber attacks.

Throughout the course of this chapter, you will learn how to implement various Cisco security solutions on a network to mitigate various types of threats and attacks. You will learn how to implement Authentication, Authorization, and Accounting (AAA), a zone-based firewall, and an Intrusion Prevention System (IPS) on an enterprise network.

In this chapter, we will cover the following topics:

  • Implementing AAA in a Cisco environment
  • Deploying a zone-based firewall
  • Configuring an IPS

Let's dive in!

End of Section 1
Next Section
bookmark search playlist download
font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete