Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide

Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide is Cisco's official, comprehensive self-study resource for this exam. Designed for all exam candidates, it covers every exam objective concisely and logically, with extensive teaching features that promote retention and understanding. You'll find:

• Pre-chapter quizzes to assess knowledge upfront and focus your study more efficiently
• Foundation topics sections that explain concepts and configurations, and link theory to practice
• Key topics sections calling attention to every figure, table, and list you must know
• Exam Preparation sections with additional chapter review features
• Final preparation chapter providing tools and a complete final study plan

• A customizable practice test library This guide offers comprehensive, up-to-date coverage of all CBROPS #200-201 topics related to:

• Security concepts
• Security monitoring
• Host-based analysis
• Network intrusion analysis

• Security policies and procedures

  Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide presents you with an organised test-preparation routine using proven series elements and techniques. Do I Know This Already? quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.

• Master Cisco CyberOps Associate CBROPS 200-201 exam topics
• Assess your knowledge with chapter-opening quizzes
• Review key concepts with exam preparation tasks

• Practice with realistic exam questions in the practice test software
  Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide from Cisco Press enables you to succeed on the exam the first time and is the only self-study resource approved by Cisco. Leading Cisco technology expert Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills.
  This complete study package includes

• A test-preparation routine proven to help you pass the exam
• Do I Know This Already? quizzes, which enable you to decide how much time you need to spend on each section
• Chapter-ending exercises, which help you drill on key concepts you must know thoroughly
• The powerful Pearson Test Prep Practice Test software, with two full exams comprised of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
• A video mentoring lesson from the authors Complete Video Course
• A final preparation chapter, which guides you through tools and resources to help you craft your review and test-taking strategies
• Study plan suggestions and templates to help you organise and optimise your study time

Auteur

Omar Santos is an active member of the security community, where he leads several industrywide initiatives. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of the critical infrastructure. Omar is the chair of the OASIS Common Security Advisory Framework (CSAF) technical committee, the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group, and the co-lead of the DEF CON Red Team Village.

Omar is the author of more than 20 books and video courses as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities.

Omar has been quoted by numerous media outlets, such as TheRegister, Wired, ZDNet, ThreatPost, CyberScoop, TechCrunch, Fortune Magazine, Ars Technica, and more. You can follow Omar on Twitter @santosomar.

Texte du rabat

Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide is Cisco's official, comprehensive self-study resource for this exam. Designed for all exam candidates, it covers every exam objective concisely and logically, with extensive teaching features that promote retention and understanding. You'll find:

• Pre-chapter quizzes to assess knowledge upfront and focus your study more efficiently
• Foundation topics sections that explain concepts and configurations, and link theory to practice
• Key topics sections calling attention to every figure, table, and list you must know
• Exam Preparation sections with additional chapter review features
• Final preparation chapter providing tools and a complete final study plan

• A customizable practice test libraryThis guide offers comprehensive, up-to-date coverage of all CBROPS #200-201 topics related to:

• Security concepts
• Security monitoring
• Host-based analysis
• Network intrusion analysis
• Security policies and procedures

Contenu

Introduction xxvi
Chapter 1 Cybersecurity Fundamentals 2
Do I Know This Already? Quiz 3
Foundation Topics 8
Introduction to Cybersecurity 8
Cybersecurity vs. Information Security (Infosec) 8
The NIST Cybersecurity Framework 9
Additional NIST Guidance and Documents 9
The International Organization for Standardization 10
Threats, Vulnerabilities, and Exploits 10
What Is a Threat? 10
What Is a Vulnerability? 11
What Is an Exploit? 13
Risk, Assets, Threats, and Vulnerabilities 15
Threat Actors 17
Threat Intelligence 17
Threat Intelligence Platform 19
Vulnerabilities, Exploits, and Exploit Kits 20
SQL Injection 21
HTML Injection 22
Command Injection 22
Authentication-Based Vulnerabilities 22
Cross-Site Scripting 25
Cross-Site Request Forgery 27
Cookie Manipulation Attacks 27
Race Conditions 27
Unprotected APIs 27
Return-to-LibC Attacks and Buffer Overflows 28
OWASP Top 10 29
Security Vulnerabilities in Open-Source Software 29
Network Security Systems 30
Traditional Firewalls 30
Firewalls in the Data Center 42
Virtual Firewalls 44
Deep Packet Inspection 44
Next-Generation Firewalls 45
Intrusion Detection Systems and Intrusion Prevention Systems 46
Pattern Matching and Stateful Pattern-Matching Recognition 47
Protocol Analysis 48
Heuristic-Based Analysis 49
Anomaly-Based Analysis 49
Global Threat Correlation Capabilities 50
Next-Generation Intrusion Prevention Systems 50
Firepower Management Center 50
Advanced Malware Protection 50
AMP for Endpoints 50
AMP for Networks 53
Web Security Appliance 54
Email Security Appliance 58
Cisco Security Management Appliance 60
Cisco Identity Services Engine 60
Security Cloud-Based Solutions 62
Cisco Cloud Email Security 62
Cisco AMP Threat Grid 62
Umbrella (OpenDNS) 63
Stealthwatch Cloud 63
CloudLock 64
Cisco NetFlow 64
Data Loss Prevention 65
The Principles of the Defense-in-Depth Strategy 66
Confidentiality, Integrity, and Availability: The CIA Triad 69
Confidentiality 69
Integrity 70
Availability 70
Risk and Risk Analysis 70
Personally Identifiable Information and Protected Health Information 72
PII 72
PHI 72
Principle of Least Privilege and Separation of Duties 73
Principle of Least Privilege 73
Separation of Duties 73
Security Operations Centers 74
Playbooks, Runbooks, and Runbook Automation 75
Digital Forensics 76
Exam Preparation Tasks 78
Chapter 2 Introduction to Cloud Computing and Cloud Security 82
Do I Know This Already? Quiz 82
Foun…