English | 2019 | ISBN: 1838559868 | 352 pages | True Retail (EPUB) | 19.91 MB
CCNA Cyber Ops SECOPS – Certification Guide 210-255: Learn the skills to pass the 210-255 certification exam and become a competent SECOPS associate
Develop your cybersecurity knowledge to obtain CCNA Cyber Ops certification and gain professional skills to identify and remove potential threats
Explore different security analysis tools and develop your knowledge to confidently pass the 210-255 SECOPS exam
Grasp real-world cybersecurity skills such as threat analysis, event correlation, and identifying malicious activity
Learn through mock tests, useful tips, and up-to-date exam questions
Cybersecurity roles have grown exponentially in the IT industry and an increasing number of organizations have set up security operations centers (SOCs) to monitor and respond to security threats. The 210-255 SECOPS exam is the second of two exams required for the Cisco CCNA Cyber Ops certification. By providing you with fundamental knowledge of SOC events, this certification validates your skills in managing cybersecurity processes such as analyzing threats and malicious activities, conducting security investigations, and using incident playbooks.
You’ll start by understanding threat analysis and computer forensics, which will help you build the foundation for learning intrusion analysis and incident response principles. The book will then guide you through vocabulary and techniques for analyzing data from the network and previous events. In later chapters, you’ll discover how to identify, analyze, correlate, and respond to incidents, including how to communicate technical and inaccessible (non-technical) examples. You’ll be able to build on your knowledge as you learn through examples and practice questions, and finally test your knowledge with two mock exams that allow you to put what you’ve learned to the test.
By the end of this book, you’ll have the skills to confidently pass the SECOPS 210-255 exam and achieve CCNA Cyber Ops certification.
What you will learn
Get up to speed with the principles of threat analysis, in a network and on a host device
Understand the impact of computer forensics
Examine typical and atypical network data to identify intrusions
Identify the role of the SOC, and explore other individual roles in incident response
Analyze data and events using common frameworks
Learn the phases of an incident, and how incident response priorities change for each phase
Who this book is for
This book is for anyone who wants to prepare for the Cisco 210-255 SECOPS exam (CCNA Cyber Ops). If you’re interested in cybersecurity, have already completed cybersecurity training as part of your formal education, or you work in Cyber Ops and just need a new certification, this book is for you. The certification guide looks at cyber operations from the ground up, consolidating concepts you may or may not have heard about before, to help you become a better cybersecurity operator.
Table of Contents
Operating System families and key differences in structure
Computer Forensics and Evidence handling
Identifying rogue data from a data set
Warning signs from network data
Network security data analysis
Roles and responsibilities during an incident
Network and Server Profiling
Data Normalization and Exploitation
Drawing Conclusions From the Data
The Cyber Kill Chain Model
Incident Handling Activities
Mock Exam 1
Mock Exam 2