Skip To Content
NICF - Cisco CCNA Cyber Ops Part 1: Understanding Cisco Cybersecurity Fundamentals (SECFND) is a Program

NICF - Cisco CCNA Cyber Ops Part 1: Understanding Cisco Cybersecurity Fundamentals (SECFND)

Self-paced

Sorry! The enrollment period is currently closed. Please check back soon.

Full program description

NICF - Cisco CCNA Cyber Ops Part 1: Understanding Cisco Cybersecurity Fundamentals (SECFND)

What's In It For Me

  • Begin a career in the rapidly growing area of cybersecurity operations at the Associate level, working in or with a security operations center (SOC).
  • Gain the foundational knowledge and skills to prepare for more advanced job roles in Cybersecurity Operations, working with Security Operations team.
  • Gain a basic understanding of how a SOC team detects and responds to security incidents, and how they protect their organizations information from modern threats.
  • Understand further how modern organizations are dealing with detecting and responding to cybercrime, cyberespionage, insider threats, advanced persistent threats, regulatory requirements, and other cybersecurity issues facing their organizations and their customers.

Course Overview

This course is scheduled for launch in Q2 2018 Q3 2018. To express your interest in this course, please fill up our form at https://www.surveymonkey.com/r/6MBPSFV. We will contact you when we get closer to course launch date.

Cybersecurity operations jobs play a key part of securing information systems through the monitoring, detecting, investigating, analyzing, and responding to security events, thus protecting systems from cybersecurity risks, threats, and vulnerabilities.

Cybersecurity operations jobs are also among the fastest-growing roles in IT, as organizations set up security operations centers (SOCs), and establish teams to monitor and respond to security incidents.

Industry studies show that the average time to detect a cybersecurity breach is measured in months, even as the number and cost of security breaches continue to rise, as do regulatory penalties for organizations suffering a data breach. Facing mounting challenges from cybercrime, cyberespionage, insider threats, and advanced persistent threats, organizations are establishing SOC teams of security professionals who can monitor, detect, and respond rapidly to security incidents before they cause damage.

The CCNA Cyber Ops certification program provides a valuable first step in acquiring the knowledge and skills needed to work with a SOC team, and can be a valuable part of beginning a career in the exciting and growing field of cybersecurity operations.

Because static/fixed security controls cannot catch 100 percent of cybersecurity threats and issues, SOC teams provide a critical part of an organization’s protection—investigating information security threats, and detecting and responding to incidents in real-time. Due to the increased number of cybersecurity related jobs, organizations continue to struggle with finding or developing cybersecurity talent, and are paying a premium for qualified individuals who can fill those roles.

The Cisco CCNA Cyber Ops certification program provides practical, relevant, and job-ready certification curricula aligned closely with the specific tasks expected of these in-demand professionals. Cisco realizes that Security Operations Center (SOC) Analyst increasingly must focus on design, configuration, and support responsibilities as the technical consultant and device specialist or expert on a security team. Therefore, the Cisco Security curriculum is specific to the best practices of network security administrators, engineers, and experts using the latest Cisco equipment, devices, and appliances.

Earn the CCNA Cyber Ops certification to gain the skills and knowledge needed to begin a career in cybersecurity operations, addressing cybersecurity threats that enterprises are faced with on a daily basis. Candidates will learn how to detect and respond to security threats using the latest technology.

How you benefit?

  • Begin a career in the rapidly growing area of cybersecurity operations at the Associate level, working in or with a security operations center (SOC)
  • Gain the foundational knowledge and skills to prepare for more advanced job roles in Cybersecurity Operations, working with Security Operations team
  • Gain a basic understanding of how a SOC team detects and responds to security incidents, and how they protect their organization’s information from modern threats
  • Understand further how modern organizations are dealing with detecting and responding to cybercrime, cyberespionage, insider threats, advanced persistent threats, regulatory requirements, and other cybersecurity issues facing their organizations and their customers

Course Duration

5 Days

Course Outline

Network Concepts

Fundamentals of Networking Protocols and Networking Devices

  • TCP/IP and OSI Model
    • TCP/IP Model
    • Open System Interconnection Model
  • Layer 2 Fundamentals and Technologies
    • Ethernet LAN Fundamentals and Technologies
    • Ethernet Devices and Frame-Forwarding Behavior
    • Wireless LAN Fundamentals and Technologies
  • Internet Protocol and Layer 3 Technologies
    • IPv4 Header
    • IPv4 Fragmentation
    • IPv4 Addresses and Addressing Architecture
    • IP Addresses Assignment and DHCP
    • IP Communication Within a Subnet and Address Resolution Protocol (ARP)
    • Intersubnet IP Packet Routing
    • Routing Tables and IP Routing Protocols
  • Internet Control Message Protocol (ICMP)
  • Domain Name System (DNS)
  • IPv6 Fundamentals
    • IPv6 Header
    • IPv6 Addressing and Subnets
    • Special and Reserved IPv6 Addresses
    • IPv6 Addresses Assignment, Neighbor Discovery Protocol, and DHCPv6
  • Transport Layer Technologies and Protocols
    • Transmission Control Protocol (TCP)
    • User Datagram Protocol (UDP)

Network Security Devices and Cloud Services

  • Network Security Systems
    • Traditional Firewalls
    • Application Proxies
    • Network Address Translation
    • Stateful Inspection Firewalls
    • Next-Generation Firewalls
    • Personal Firewalls
    • Intrusion Detection Systems and Intrusion Prevention Systems
    • Next-Generation Intrusion Prevention Systems
    • Advance Malware Protection
    • Web Security Appliance
    • Email Security Appliance
    • Cisco Security Management Appliance
    • Cisco Identity Services Engine
  • Security Cloud-based Solutions
    • Cisco Cloud Web Security
    • Cisco Cloud Email Security
    • Cisco AMP Threat Grid
    • Cisco Threat Awareness Service
    • OpenDNS
    • CloudLock
  • Cisco NetFlow
    • What Is the Flow in NetFlow?
    • NetFlow vs. Full Packet Capture
    • The NetFlow Cache
  • Data Loss Prevention

Security Concepts

Security Principles

  • The Principles of the Defense-in-Depth Strategy
  • What Are Threats, Vulnerabilities, and Exploits?
    • Vulnerabilities
    • Threats
    • Exploits
  • Confidentiality, Integrity, and Availability: The CIA Triad
    • Confidentiality
    • Integrity
    • Availability
  • Risk and Risk Analysis
  • Personally Identifiable Information and Protected Health Information
    • PII
    • PHI
  • Principle of Least Privilege and Separation of Duties
    • Principle of Least Privilege
    • Separation of Duties
  • Security Operation Centers
    • Runbook Automation
  • Forensics
    • Evidentiary Chain of Custody
    • Reverse Engineering

Introduction to Access Controls

  • Information Security Principles
  • Subject and Object Definition
  • Access Control Fundamentals
    • Identification
    • Authentication
    • Authorization
    • Accounting
    • Access Control Fundamentals: Summary
  • Access Control Process
    • Asset Classification
    • Asset Marking
    • Access Control Policy
    • Data Disposal
  • Information Security Roles and Responsibilities
    • Access Control Types
    • Access Control Models
    • Discretionary Access Control
    • Mandatory Access Control
    • Role-Based Access Control
    • Attribute-Based Access Control
  • Access Control Mechanisms
  • Identity and Access Control Implementation
    • Authentication, Authorization, and Accounting Protocols
    • Port-Based Access Control
    • Network Access Control List and Firewalling
    • Identity Management and Profiling
  • Network Segmentation
    • Intrusion Detection and Prevention
    • Antivirus and Antimalware

Introduction to Security Operations Management

  • Introduction to Identity and Access Management
    • Phases of the Identity and Access Lifecycle
    • Password Management
    • Directory Management
    • Single Sign-On
    • Federated SSO
  • Security Events and Logs Management
    • Logs Collection, Analysis, and Disposal
    • Security Information and Event Manager
  • Assets Management
    • Assets Inventory
    • Assets Ownership
    • Assets Acceptable Use and Return Policies
    • Assets Classification
    • Assets Labeling
    • Assets and Information Handling
    • Media Management
  • Introduction to Enterprise Mobility Management
    • Mobile Device Management
  • Configuration and Change Management
    • Configuration Management
    • Change Management
  • Vulnerability Management
    • Vulnerability Identification
    • Vulnerability Analysis and Prioritization
    • Vulnerability Remediation
  • Patch Management

Cryptography

Fundamentals of Cryptography and Public Key Infrastructure (PKI)

  • Cryptography
    • Ciphers and Keys
    • Symmetric and Asymmetric Algorithms
    • Hashes
    • Hashed Message Authentication Code
    • Digital Signatures
    • Key Management
    • Next-Generation Encryption Protocols
    • IPsec and SSL
  • Fundamentals of PKI
    • Public and Private Key Pairs
    • RSA Algorithm, the Keys, and Digital Certificates
    • Certificate Authorities
    • Root and Identity Certificates
    • Authenticating and Enrolling with the CA
    • Public Key Cryptography Standards
    • Simple Certificate Enrollment Protocol
    • Revoking Digital Certificates
    • Using Digital Certificates
    • PKI Topologies

Introduction to Virtual Private Networks (VPNs)

  • What Are VPNs?
  • Site-to-site vs. Remote-Access VPNs
  • An Overview of IPsec
    • IKEv1 Phase 1
    • IKEv1 Phase 2
    • IKEv2
  • SSL VPNs
    • SSL VPN Design Considerations

Host-Based Analysis

Windows-Based Analysis

  • Process and Threads
  • Memory Allocation
  • Windows Registration
  • Windows Management Instrumentation
  • Handles
  • Services
  • Windows Event Logs

Linux- and Mac OS X—Based Analysis

  • Processes
  • Forks
  • Permissions
  • Symlinks
  • Daemons
  • UNIX-Based Syslog
  • Apache Access Logs

Endpoint Security Technologies

  • Antimalware and Antivirus Software
  • Host-Based Firewalls and Host-Based Intrusion Prevention
  • Application-Level Whitelisting and Blacklisting
  • System-Based Sandboxing

Security Monitoring and Attack Methods

Network and Host Telemetry

  • Network Telemetry
    • Network Infrastructure Logs
    • Traditional Firewall Logs
    • Syslog in Large Scale Environments
    • Next-Generation Firewall and Next-Generation IPS Logs
    • NetFlow Analysis
    • Cisco Application Visibility and Control (AVC)
    • Network Packet Capture
    • Wireshark
    • Cisco Prime Infrastructure
  • Host Telemetry
    • Logs from User Endpoints
    • Logs from Servers

Security Monitoring Operational Challenges

  • Security Monitoring and Encryption
  • Security Monitoring and Network Address Translation
  • Security Monitoring and Event Correlation Time Synchronization
  • DNS Tunneling and Other Exfiltration Methods
  • Security Monitoring and Tor
  • Security Monitoring and Peer-to-Peer Communication

Types of Attacks and Vulnerabilities

  • Types of Attacks
    • Reconnaissance Attacks
    • Social Engineering
    • Privilege Escalation Attacks
    • Backdoors
    • Code Execution
    • Man-in-the Middle Attacks
    • Denial-of-Service Attacks
    • Attack Methods for Data Exfiltration
    • ARP Cache Poisoning
    • Spoofing Attacks
    • Route Manipulation Attacks
    • Password Attacks
    • Wireless Attacks
  • Types of Vulnerabilities

Security Evasion Techniques

  • Encryption and Tunneling
    • Key Encryption and Tunneling Concepts
  • Resource Exhaustion
  • Traffic Fragmentation
  • Protocol-Level Misinterpretation
  • Traffic Timing, Substitution, and Insertion
  • Pivoting

Pre-requisites

Candidate must have completed the following courses or possess equivalent knowledge and skills before attending this course.

  • NICF – MTA: Networking Fundamentals
  • NICF – MTA: Security Fundamentals
  • NICF – MTA: Windows Server Administration Fundamentals
  • NICF – Cisco CCNA Routing & Switching Part 1 (CCENT, ICND1)
  • NICF – Linux Command Line and Shell Scripting

Additional Note

Job Roles:

  • Security Operations Center (SOC) Analyst (Associate/Beginning Level)
  • Job roles requiring knowledge of basic cybersecurity technologies and principles

Price

NICF105