About the course

About the course

The CCNA Cybersecurity Operations curriculum provides an introduction to the knowledge and skills needed for a Security Analyst working with a Security Operations Centre team.

It teaches core security skills needed for monitoring, detecting, investigating, analysing and responding to security events, thus protecting systems and organisations from cybersecurity risks, threats and vulnerabilities.

Course Details

Back

Fees & Schedule


Course Content


Chapter/Section Goals/Objectives
Chapter 1. Cybersecurity and the Security Operations Centre Explain the role of the Cybersecurity Operations Analyst in the enterprise.
1.1 The Danger Explain why networks and data are attacked.
1.2 Fighters in the War Against Cybercrime Explain how to prepare for a career in Cybersecurity operations.
Chapter 2. Windows Operating System Explain the Windows Operating System features and characteristics needed to support cybersecurity analysis.
2.1 Windows Overview Explain the operation of the Windows Operating System.
2.2 Windows Administration Explain how to secure Windows endpoints.
Chapter 3. Linux Operating System Explain the features and characteristics of the Linux Operating System
3.1 Using Linux Perform basic operations in the Linux shell.
3.2 Linux Administration Perform basic Linux administration tasks.
  Perform basic security-related tasks on a Linux host.
Chapter 4. Network Protocols and Services Analyse the operation of network protocols and services.
4.1 Network Protocols Explain how protocols enable network operations.
4.2 Ethernet and Internet Protocol (IP) Explain how the Ethernet and IP protocols support network communication.
4.3 Connectivity Verification Use common testing utilities to verify and test network connectivity.
4.4 Address Resolution Protocol Explain how the address resolution protocol enables communication on a network.
4.5 The Transport Layer and Network Services Explain how transport layer protocols and network services support network functionality.
4.6 Network Services Explain how network services enable network functionality.
Chapter 5. Network Infrastructure Explain the operation  of the network  infrastructure.
5.1 Network Communication Devices Explain how network devices enable wired and wireless network communication.
5.2 Network Security Infrastructure Explain how devices and services are used to enhance network security.
5.3 Network Representations Explain how networks and network topologies are represented.
Chapter 6. Principles of Network Security Classify  the various  types of network  attacks.
6.1 Attackers and Their Tools Explain how networks are attacked.
6.2 Common Threats and Attacks Explain the various types of threats and attacks.
Chapter 7. Network Attacks: A Deeper Look Use network  monitoring tools to identify attacks that against  network  protocols and services.
7.1 Observing Network Operation Explain network traffic monitoring.
7.2 Attacking the Foundation Explain how TCP/IP vulnerabilities enable network attacks.
7.3 Attacking What We Do Explain how common network applications and services are vulnerable to attack.
Chapter 8. Protecting the Network Use various  methods to prevent malicious access to computer  networks,  hosts, and data.
8.1 Understanding defence Explain approaches to network security defence.
8.2 Access Control Explain access control as a method of protecting a network.
8.3 Network Firewalls and Intrusion Prevention Explain how firewalls and other devices prevent network intrusions.
8.4 Content Filtering Explain how content filtering prevents unwanted data from entering the network.
8.5 Threat Intelligence Use various intelligence sources to locate current security threats.
Chapter 9. Cryptography and the Public Key Infrastructure Explain the impacts  of cryptography on network  security monitoring.
9.1 Cryptography Use tools to encrypt and decrypt data.
9.2 Public Key Cryptography Explain how the public key infrastructure (PKI) supports network security.
Chapter 10. Endpoint Security and Analysis  Explain how to investigate endpoint vulnerabilities and attacks.
10.1 Endpoint Protection Use a tool to generate a malware analysis report.
10.2 Endpoint Vulnerability Assessment Classify endpoint vulnerability assessment information.
Chapter 11. Security Monitoring  Evaluate network security alerts.
11.1 Technologies and Protocols Explain how security technologies affect security monitoring.
11.2 Log Files Explain the types of log files used in security monitoring
Chapter 12. Intrusion Data Analysis Analyze network  intrusion data to identify compromised hosts and vulnerabilities
12.1 Data Collection Explain how security-related data is collected.
12.2 Data Preparation Arrange a variety of log files in preparation for intrusion data analysis.
12.3 Data Analysis Analyse intrusion data to determine the source of an attack.
Chapter 13. Incident Response and Handling  Explain how network security incidents are handled by CSIRTs.
13.1 Incident Response Models Apply incident response models to an intrusion event.
13.2 CSIRTs and NIST 800-61r2 Apply standards specified in NIST 800-61r2 to a computer security incident.
13.3 Case-Based Practice Given a set of logs, isolate a threat actor and recommend an incident response plan.




Prerequisites


Students should have a good grasp of Basic Operating System (Windows, Linux) and networking concepts.

Units


Is this the course for you?
Enrol now or enquire about this course.

Courses

Interested in IT & Cyber Security?
Discover more

Discover IT & Cyber Security