Cisco Certified CyberOps Associate (200-201) Cert Prep: 2 Security Monitoring

Brought by: LinkedIn Learning

Overview

Explore the principles of defense in depth as you prepare for the Security Monitoring portion of the Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.

Syllabus

Introduction
  • Active security monitoring
  • Prepare for Cisco CBROPS exam
  • Setting up your test environment
1. Understanding Attacks
  • Recognizing attack surfaces
  • Identifying vulnerability testing
  • Attacking the network
  • Describing web application attacks
  • Hacking the human
  • Investigating endpoint-based attacks
  • Challenge: Research and identify social engineering attacks
  • Solution: Research and identify social engineering attacks
2. Examining System Data
  • Exploring CLI tools
  • Analyzing data with NetFlow
  • Monitoring traffic with a stateful firewall
  • Deploying a next-generation firewall
  • Having application visibility and control
  • Filtering web and email content
  • Challenge: Using NetFlow in Packet Tracer
  • Solution: Using NetFlow in Packet Tracer
3. Comparing Data Types Used in Security Monitoring
  • Obtaining a packet capture with Wireshark
  • Understanding conversations and endpoints
  • Visualizing session and transactional data
  • Analyzing statistical data
  • Sending alert data
  • Investigating an IDS alert
  • Challenge: Using Wireshark to examine DNS traffic
  • Solution: Using Wireshark to examine DNS traffic
4. Limiting Data Visibility
  • Using an access control list
  • Concealing the network using NAT/PAT
  • Evading and hiding techniques
  • Tunneling and encapsulation
  • Using encryption to hide
5. Using Certificates
  • Protecting data and networks
  • Ensuring trust on the Internet
  • Examining an X.509 certificate
  • Describing certificate classes
  • Grasping the public key cryptography standards (PKCS)
  • Managing keys using IKE
  • Outlining the different protocol versions
  • Configuring the cipher suite
  • Challenge: Certificate Authority Stores
  • Solution: Certificate Authority Stores
Conclusion
  • Next steps

Taught by

Lisa Bock

Cisco Certified CyberOps Associate (200-201) Cert Prep: 2 Security Monitoring
Go to course

Cisco Certified CyberOps Associate (200-201) Cert Prep: 2 Security Monitoring

Brought by: LinkedIn Learning

  • LinkedIn Learning
  • Paid
  • English
  • Certificate Available
  • Available at any time
  • All
  • N/A
8.1.2PHP Version212msRequest Duration2MBMemory UsageGET en/courses/{slug}Route
    • Booting (122ms)
    • Application (89.13ms)
    • 1 x Booting (57.62%)
      121.89ms
      1 x Application (42.14%)
      89.13ms
      14 templates were rendered
      • public.courses.show (resources/views/public/courses/show.blade.php)3bladefile
        Params
        0
        course
        1
        links
        2
        config
      • public.courses.partials.breadcrumbs (resources/views/public/courses/partials/breadcrumbs.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.courses.partials.heading (resources/views/public/courses/partials/heading.blade.php)7bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        classes
      • public.courses.partials.details (resources/views/public/courses/partials/details.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.courses.partials.breadcrumbs (resources/views/public/courses/partials/breadcrumbs.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.courses.partials.heading (resources/views/public/courses/partials/heading.blade.php)7bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        classes
      • public.layouts.main (resources/views/public/layouts/main.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.layouts.partials.meta (resources/views/public/layouts/partials/meta.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.layouts.partials.navbar (resources/views/public/layouts/partials/navbar.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.auth.profile.partials.links (resources/views/public/auth/profile/partials/links.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      • public.auth.profile.partials.link (resources/views/public/auth/profile/partials/link.blade.php)8bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        route
        7
        title
      • public.auth.profile.partials.link (resources/views/public/auth/profile/partials/link.blade.php)8bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        route
        7
        title
      • public.auth.profile.partials.link (resources/views/public/auth/profile/partials/link.blade.php)8bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
        6
        route
        7
        title
      • public.layouts.partials.flash-session (resources/views/public/layouts/partials/flash-session.blade.php)6bladefile
        Params
        0
        __env
        1
        app
        2
        errors
        3
        course
        4
        links
        5
        config
      uri
      GET en/courses/{slug}
      middleware
      web, localize:en
      controller
      App\Http\Controllers\CourseController@show
      as
      en.courses.show
      namespace
      prefix
      /en
      where
      file
      app/Http/Controllers/CourseController.php:17-35
      6 statements were executed11.81ms
      • select * from `courses` where `slug_en` = 'cisco-certified-cyberops-associate-(200-201)-cert-prep:-2-security-monitoring' limit 1
        10.46ms/app/Http/Controllers/CourseController.php:20corspedia
        Metadata
        Bindings
        • 0. cisco-certified-cyberops-associate-(200-201)-cert-prep:-2-security-monitoring
        Backtrace
        • 17. /app/Http/Controllers/CourseController.php:20
        • 18. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 19. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 20. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • update `courses` set `visitors` = `visitors` + 1, `courses`.`updated_at` = '2025-02-03 18:38:04' where `id` = 5643
        360μs/app/Http/Controllers/CourseController.php:21corspedia
        Metadata
        Bindings
        • 0. 2025-02-03 18:38:04
        • 1. 5643
        Backtrace
        • 17. /app/Http/Controllers/CourseController.php:21
        • 18. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 19. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 20. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select `id`, `name_en`, `name_ar`, `topic_id`, `slug_en`, `slug_ar` from `subjects` where `subjects`.`id` in (72)
        190μs/app/Http/Controllers/CourseController.php:23corspedia
        Metadata
        Backtrace
        • 20. /app/Http/Controllers/CourseController.php:23
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 22. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 23. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 24. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select `id`, `name_en`, `name_ar`, `slug_en`, `slug_ar` from `topics` where `topics`.`id` in (1)
        140μs/app/Http/Controllers/CourseController.php:23corspedia
        Metadata
        Backtrace
        • 25. /app/Http/Controllers/CourseController.php:23
        • 26. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 27. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 28. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 29. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select * from `providers` where `providers`.`id` in (56) and `providers`.`deleted_at` is null
        190μs/app/Http/Controllers/CourseController.php:23corspedia
        Metadata
        Backtrace
        • 20. /app/Http/Controllers/CourseController.php:23
        • 21. /vendor/laravel/framework/src/Illuminate/Routing/Controller.php:54
        • 22. /vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php:43
        • 23. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:260
        • 24. /vendor/laravel/framework/src/Illuminate/Routing/Route.php:205
      • select * from `html_files` where `html_files`.`id` = 5634 limit 1
        470μs/app/Models/Course.php:84corspedia
        Metadata
        Bindings
        • 0. 5634
        Backtrace
        • 21. /app/Models/Course.php:84
        • 28. view::public.courses.show:29
        • 30. /vendor/laravel/framework/src/Illuminate/Filesystem/Filesystem.php:125
        • 31. /vendor/laravel/framework/src/Illuminate/View/Engines/PhpEngine.php:58
        • 32. /vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php:72
      App\Models\HtmlFile
      1
      App\Models\Provider
      1
      App\Models\Topic
      1
      App\Models\Subject
      1
      App\Models\Course
      1
        _token
        BPsp8eAvXVT9sONFWRd62EKgfHWn7WASFxGy9ZuF
        locale
        en
        _previous
        array:1 [ "url" => "https://www.corspedia.com/en/courses/cisco-certified-cyberops-associate-%28200...
        _flash
        array:2 [ "old" => [] "new" => [] ]
        PHPDEBUGBAR_STACK_DATA
        []
        path_info
        /en/courses/cisco-certified-cyberops-associate-%28200-201%29-cert-prep:-2-security-monitoring
        status_code
        200
        
        status_text
        OK
        format
        html
        content_type
        text/html; charset=UTF-8
        request_query
        []
        
        request_request
        []
        
        request_headers
        0 of 0
        array:24 [ "sec-ch-ua-mobile" => array:1 [ 0 => "?0" ] "sec-ch-ua" => array:1 [ 0 => ""HeadlessChrome";v="129", "Not=A?Brand";v="8", "Chromium";v="129"" ] "cache-control" => array:1 [ 0 => "no-cache" ] "pragma" => array:1 [ 0 => "no-cache" ] "cdn-loop" => array:1 [ 0 => "cloudflare; loops=1" ] "priority" => array:1 [ 0 => "u=0, i" ] "upgrade-insecure-requests" => array:1 [ 0 => "1" ] "user-agent" => array:1 [ 0 => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)" ] "cf-connecting-ip" => array:1 [ 0 => "18.224.214.85" ] "accept" => array:1 [ 0 => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" ] "sec-fetch-site" => array:1 [ 0 => "none" ] "cf-visitor" => array:1 [ 0 => "{"scheme":"https"}" ] "sec-fetch-mode" => array:1 [ 0 => "navigate" ] "sec-fetch-user" => array:1 [ 0 => "?1" ] "x-forwarded-proto" => array:1 [ 0 => "https" ] "cf-ipcountry" => array:1 [ 0 => "US" ] "accept-encoding" => array:1 [ 0 => "gzip, br" ] "sec-fetch-dest" => array:1 [ 0 => "document" ] "sec-ch-ua-platform" => array:1 [ 0 => ""Windows"" ] "x-forwarded-for" => array:1 [ 0 => "18.224.214.85" ] "cf-ray" => array:1 [ 0 => "90c4892a09f3ce9f-ORD" ] "host" => array:1 [ 0 => "www.corspedia.com" ] "content-length" => array:1 [ 0 => "" ] "content-type" => array:1 [ 0 => "" ] ]
        request_server
        0 of 0
        array:50 [ "USER" => "www-data" "HOME" => "/var/www" "HTTP_SEC_CH_UA_MOBILE" => "?0" "HTTP_SEC_CH_UA" => ""HeadlessChrome";v="129", "Not=A?Brand";v="8", "Chromium";v="129"" "HTTP_CACHE_CONTROL" => "no-cache" "HTTP_PRAGMA" => "no-cache" "HTTP_CDN_LOOP" => "cloudflare; loops=1" "HTTP_PRIORITY" => "u=0, i" "HTTP_UPGRADE_INSECURE_REQUESTS" => "1" "HTTP_USER_AGENT" => "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)" "HTTP_CF_CONNECTING_IP" => "18.224.214.85" "HTTP_ACCEPT" => "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7" "HTTP_SEC_FETCH_SITE" => "none" "HTTP_CF_VISITOR" => "{"scheme":"https"}" "HTTP_SEC_FETCH_MODE" => "navigate" "HTTP_SEC_FETCH_USER" => "?1" "HTTP_X_FORWARDED_PROTO" => "https" "HTTP_CF_IPCOUNTRY" => "US" "HTTP_ACCEPT_ENCODING" => "gzip, br" "HTTP_SEC_FETCH_DEST" => "document" "HTTP_SEC_CH_UA_PLATFORM" => ""Windows"" "HTTP_X_FORWARDED_FOR" => "18.224.214.85" "HTTP_CF_RAY" => "90c4892a09f3ce9f-ORD" "HTTP_HOST" => "www.corspedia.com" "REDIRECT_STATUS" => "200" "SERVER_NAME" => "corspedia.com" "SERVER_PORT" => "443" "SERVER_ADDR" => "141.95.147.152" "REMOTE_USER" => "" "REMOTE_PORT" => "23270" "REMOTE_ADDR" => "172.69.17.66" "SERVER_SOFTWARE" => "nginx/1.18.0" "GATEWAY_INTERFACE" => "CGI/1.1" "HTTPS" => "on" "REQUEST_SCHEME" => "https" "SERVER_PROTOCOL" => "HTTP/2.0" "DOCUMENT_ROOT" => "/var/www/corspedia/public" "DOCUMENT_URI" => "/index.php" "REQUEST_URI" => "/en/courses/cisco-certified-cyberops-associate-%28200-201%29-cert-prep:-2-security-monitoring" "SCRIPT_NAME" => "/index.php" "CONTENT_LENGTH" => "" "CONTENT_TYPE" => "" "REQUEST_METHOD" => "GET" "QUERY_STRING" => "" "SCRIPT_FILENAME" => "/var/www/corspedia/public/index.php" "PATH_INFO" => "" "FCGI_ROLE" => "RESPONDER" "PHP_SELF" => "/index.php" "REQUEST_TIME_FLOAT" => 1738607884.0958 "REQUEST_TIME" => 1738607884 ]
        request_cookies
        []
        
        response_headers
        0 of 0
        array:5 [ "content-type" => array:1 [ 0 => "text/html; charset=UTF-8" ] "cache-control" => array:1 [ 0 => "no-cache, private" ] "date" => array:1 [ 0 => "Mon, 03 Feb 2025 18:38:04 GMT" ] "set-cookie" => array:2 [ 0 => "XSRF-TOKEN=eyJpdiI6IjI1ZE9pNlZaWGJkVkNzYkd3b3VHVFE9PSIsInZhbHVlIjoiVVU0UllHNkFrbnp4QUdIUkJmSzBNOWV6SDhOa1NjeE5IRWxXTmE3UFc1Q1gxcDZGM1BybUNDQnQ5ZlF4ZmhVYkE4cllzd2VHV0NUdzhKRE4rb0J4dkEzYm43OTVPT3YrV2J0NTA5WmxsWkZLdWtoU2llNHVnVEQ4Z0cwZ3oxbzgiLCJtYWMiOiJlOWJjNTMwOWU5MThjNjU5Zjg4NGMyMzNjZmY0OGNmNzExMDNmNWQ5ZjZjYmYwNTJmOWIyNzVlYTVhOGM2MDU4IiwidGFnIjoiIn0%3D; expires=Mon, 03 Feb 2025 20:38:04 GMT; Max-Age=7200; path=/; samesite=laxXSRF-TOKEN=eyJpdiI6IjI1ZE9pNlZaWGJkVkNzYkd3b3VHVFE9PSIsInZhbHVlIjoiVVU0UllHNkFrbnp4QUdIUkJmSzBNOWV6SDhOa1NjeE5IRWxXTmE3UFc1Q1gxcDZGM1BybUNDQnQ5ZlF4ZmhVYkE4cllzd" 1 => "laravel_session=eyJpdiI6IkRnQ1lxelFNYWlBQ1Uvc1o1UDYxVkE9PSIsInZhbHVlIjoiMy9IUlg2eU53MGk1bXdoZUVDa2hGUHlHVWtUQnEwMkFHd1pwU3ZvaDYvbENUekI5eUxRUEprN253OUlrRzRUTGMwNDhlTk5EVy8zUjcrMXZWRm56Qk5HZ3hodDMvSXcvMEl5djR0UnN5dXdFb3BpZjYxazdaZlNIN3JCclZhMHUiLCJtYWMiOiI4ZGYwZjFiZmFiODYyZjEwZDViNmYwMDE1MDQwM2FhMjdmNjlhNzUxNzg5ZmFhNGMwZDg3M2IzNTEzZGU2NjIxIiwidGFnIjoiIn0%3D; expires=Mon, 03 Feb 2025 20:38:04 GMT; Max-Age=7200; path=/; httponly; samesite=laxlaravel_session=eyJpdiI6IkRnQ1lxelFNYWlBQ1Uvc1o1UDYxVkE9PSIsInZhbHVlIjoiMy9IUlg2eU53MGk1bXdoZUVDa2hGUHlHVWtUQnEwMkFHd1pwU3ZvaDYvbENUekI5eUxRUEprN253OUlrRzRUTGMw" ] "Set-Cookie" => array:2 [ 0 => "XSRF-TOKEN=eyJpdiI6IjI1ZE9pNlZaWGJkVkNzYkd3b3VHVFE9PSIsInZhbHVlIjoiVVU0UllHNkFrbnp4QUdIUkJmSzBNOWV6SDhOa1NjeE5IRWxXTmE3UFc1Q1gxcDZGM1BybUNDQnQ5ZlF4ZmhVYkE4cllzd2VHV0NUdzhKRE4rb0J4dkEzYm43OTVPT3YrV2J0NTA5WmxsWkZLdWtoU2llNHVnVEQ4Z0cwZ3oxbzgiLCJtYWMiOiJlOWJjNTMwOWU5MThjNjU5Zjg4NGMyMzNjZmY0OGNmNzExMDNmNWQ5ZjZjYmYwNTJmOWIyNzVlYTVhOGM2MDU4IiwidGFnIjoiIn0%3D; expires=Mon, 03-Feb-2025 20:38:04 GMT; path=/XSRF-TOKEN=eyJpdiI6IjI1ZE9pNlZaWGJkVkNzYkd3b3VHVFE9PSIsInZhbHVlIjoiVVU0UllHNkFrbnp4QUdIUkJmSzBNOWV6SDhOa1NjeE5IRWxXTmE3UFc1Q1gxcDZGM1BybUNDQnQ5ZlF4ZmhVYkE4cllzd" 1 => "laravel_session=eyJpdiI6IkRnQ1lxelFNYWlBQ1Uvc1o1UDYxVkE9PSIsInZhbHVlIjoiMy9IUlg2eU53MGk1bXdoZUVDa2hGUHlHVWtUQnEwMkFHd1pwU3ZvaDYvbENUekI5eUxRUEprN253OUlrRzRUTGMwNDhlTk5EVy8zUjcrMXZWRm56Qk5HZ3hodDMvSXcvMEl5djR0UnN5dXdFb3BpZjYxazdaZlNIN3JCclZhMHUiLCJtYWMiOiI4ZGYwZjFiZmFiODYyZjEwZDViNmYwMDE1MDQwM2FhMjdmNjlhNzUxNzg5ZmFhNGMwZDg3M2IzNTEzZGU2NjIxIiwidGFnIjoiIn0%3D; expires=Mon, 03-Feb-2025 20:38:04 GMT; path=/; httponlylaravel_session=eyJpdiI6IkRnQ1lxelFNYWlBQ1Uvc1o1UDYxVkE9PSIsInZhbHVlIjoiMy9IUlg2eU53MGk1bXdoZUVDa2hGUHlHVWtUQnEwMkFHd1pwU3ZvaDYvbENUekI5eUxRUEprN253OUlrRzRUTGMw" ] ]
        session_attributes
        0 of 0
        array:5 [ "_token" => "BPsp8eAvXVT9sONFWRd62EKgfHWn7WASFxGy9ZuF" "locale" => "en" "_previous" => array:1 [ "url" => "https://www.corspedia.com/en/courses/cisco-certified-cyberops-associate-%28200-201%29-cert-prep:-2-security-monitoring" ] "_flash" => array:2 [ "old" => [] "new" => [] ] "PHPDEBUGBAR_STACK_DATA" => [] ]