CHF27.90
Download est disponible immédiatement
Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and practice for exam success. They are built with the objective of providing assessment, review, and practice to help ensure you are fully prepared for your certification exam.
This is the eBook edition of the CiscoCyberOps Associate CBROPS 200-201 Official Cert Guide. This eBook does not include access to the companion website with practice exam that comes with the print edition.
Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide presents you with an organized test-preparation routine through the use of proven series elements and techniques. "Do I Know This Already?" quizzes open each chapter and enable you to decide how much time you need to spend on each section. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly.
Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide focuses specifically on the Cisco CBROPS exam objectives. Leading Cisco technology expert Omar Santos shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
Well regarded for its level of detail, assessment features, comprehensive design scenarios, and challenging review questions and exercises, this official study guide helps you master the concepts and techniques that will enable you to succeed on the exam the first time.
The official study guide helps you master all the topics on the Cisco CyberOps Associate CBROPS 200-201 exam, including
. Security concepts
. Security monitoring
. Host-based analysis
. Network intrusion analysis
. Security policies and procedures
Auteur
Omar Santos is an active member of the security community, where he leads several industrywide initiatives. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of the critical infrastructure. Omar is the chair of the OASIS Common Security Advisory Framework (CSAF) technical committee, the co-chair of the Forum of Incident Response and Security Teams (FIRST) Open Source Security working group, and the co-lead of the DEF CON Red Team Village.
Omar is the author of more than 20 books and video courses as well as numerous white papers, articles, and security configuration guidelines and best practices. Omar is a principal engineer of the Cisco Product Security Incident Response Team (PSIRT), where he mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities.
Omar has been quoted by numerous media outlets, such asTheRegister, Wired, ZDNet, ThreatPost, CyberScoop, TechCrunch, Fortune Magazine, Ars Technica, and more. You can follow Omar on Twitter @santosomar.
Contenu
Introduction xxvi
Chapter 1 Cybersecurity Fundamentals 2
"Do I Know This Already?" Quiz 3
Foundation Topics 8
Introduction to Cybersecurity 8
Cybersecurity vs. Information Security (Infosec) 8
The NIST Cybersecurity Framework 9
Additional NIST Guidance and Documents 9
The International Organization for Standardization 10
Threats, Vulnerabilities, and Exploits 10
What Is a Threat? 10
What Is a Vulnerability? 11
What Is an Exploit? 13
Risk, Assets, Threats, and Vulnerabilities 15
Threat Actors 17
Threat Intelligence 17
Threat Intelligence Platform 19
Vulnerabilities, Exploits, and Exploit Kits 20
SQL Injection 21
HTML Injection 22
Command Injection 22
Authentication-Based Vulnerabilities 22
Cross-Site Scripting 25
Cross-Site Request Forgery 27
Cookie Manipulation Attacks 27
Race Conditions 27
Unprotected APIs 27
Return-to-LibC Attacks and Buffer Overflows 28
OWASP Top 10 29
Security Vulnerabilities in Open-Source Software 29
Network Security Systems 30
Traditional Firewalls 30
Firewalls in the Data Center 42
Virtual Firewalls 44
Deep Packet Inspection 44
Next-Generation Firewalls 45
Intrusion Detection Systems and Intrusion Prevention Systems 46
Pattern Matching and Stateful Pattern-Matching Recognition 47
Protocol Analysis 48
Heuristic-Based Analysis 49
Anomaly-Based Analysis 49
Global Threat Correlation Capabilities 50
Next-Generation Intrusion Prevention Systems 50
Firepower Management Center 50
Advanced Malware Protection 50
AMP for Endpoints 50
AMP for Networks 53
Web Security Appliance 54
Email Security Appliance 58
Cisco Security Management Appliance 60
Cisco Identity Services Engine 60
Security Cloud-Based Solutions 62
Cisco Cloud Email Security 62
Cisco AMP Threat Grid 62
Umbrella (OpenDNS) 63
Stealthwatch Cloud 63
CloudLock 64
Cisco NetFlow 64
Data Loss Prevention 65
The Principles of the Defense-in-Depth Strategy 66
Confidentiality, Integrity, and Availability: The CIA Triad 69
Confidentiality 69
Integrity 70
Availability 70
Risk and Risk Analysis 70
Personally Identifiable Information and Protected Health Information 72
PII 72
PHI 72
Principle of Least Privilege and Separation of Duties 73
Principle of Least Privilege 73
Separation of Duties 73
Security Operations Centers 74
Playbooks, Runbooks, and Runbook Automation 75
Digital Forensics 76
Exam Preparation Tasks 78
Chapter 2 Introduction to Cloud Computing and Cloud Security 82
"Do I Know This Already?" Quiz 82
Foundation Topics 84
Cloud Computing and the Cloud Service Models 84
Cloud Security Responsibility Models 86
Patch Management in the Cloud 88
Security Assessment in the Cloud 88
DevOps, Continuous Integration (CI), Continuous Delivery (CD), and DevSecOps 88
The Agile Methodology 89
DevOps 90
CI/CD Pipelines 90
The Serverless Buzzword 92
A Quick Introduction to Containers and Docker 92
Container Management and Orchestration 94
Understanding the Different Cloud Security Threats 95
Cloud Computing Attacks 97
Exam Preparation Tasks 99
Chapter 3 Access Control Models 102
"Do I Know This Already?" Quiz 102
Foundation Topics 105
Information Security Principles 105
Subject and Object Definition 106
Access Control Fundamentals 107
Identification 107
Authentication 108
Authorization 110
Accounting 110
Access Control Fundamentals: Summary 110
Access Control Process 111
Asset Classification 112
Asset Marking 113
Access Control Policy 114
Data Disposal 114
Information Security Roles and Responsibilities 115
Access Control Types 117
Access Control Models 119
Discretionary Access Control 121
Mandatory Access Control 122
Role-Based Access Control 123
Attribute-Based Access Control 125
Access Control Mechanisms 127
Identity and Access Control Implementation 129
Authentication, Authorization, and Accounting Protocols 130
Port-Based Access Control 135
Network Access Control List and Firewalling 138
Identity Management and Profiling 140
Network Segmentation 141
Intrusion Detection and Prevention 144
Antivirus and Antimalware 148
Exam Preparation Tasks 149
Chapter 4 Types of Attacks and Vulnerabilities 152
"Do I Know This Already?" Quiz 152
Foundation Topics 154
Types of Attacks 154
Reconnaissance Attacks …