Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Cisco Certified CyberOps Associate (200-201) Cert Prep: 4 Network Intrusion Analysis

Cisco Certified CyberOps Associate (200-201) Cert Prep: 4 Network Intrusion Analysis

2hIntermediate2024-12-11

Authors

Lisa Bock

Lisa Bock

Security ambassador with a broad range of IT skills and knowledge

Course details

Cybersecurity specialists and related positions are some of the most in-demand security positions today, and the Cisco CBROPS exam is a big part of proving your skills for any cybersecurity job. In this course, Lisa Bock helps you prepare for the exam, covering the network intrusion analysis topics you need to know. Lisa shows how an intrusion detection/intrusion prevention system can detect and mitigate common attacks, as well as identify potentially malicious traffic that may have slipped by organizational defenses. She explains how to comb through data and interpret IDS/IPS alerts and artifacts from an event and log files for an indication of compromise. And she takes a deep dive into packet analysis to examine how Wireshark helps you evaluate network traffic and application data.

Skills covered

Incident ResponseNetwork AdministrationCybersecurityCert PrepNetwork and System Administration

Concepts

0. Introduction

  • 01 - Evaluating intrusion alerts
  • 02 - Setting up your test environment

1. Working with Network Security Data

  • 03 - Comparing methods to examine traffic
  • 04 - Comparing IPS and IDS
  • 05 - Recognizing alerts and events
  • 06 - Monitoring traffic
  • 07 - Interpreting IDS IPS alerts

2. Evaluating Alerts and Log Files

  • 08 - Being application aware
  • 09 - Evaluating antivirus alerts
  • 10 - Viewing web proxy logs
  • 11 - Challenge - Regular expressions
  • 12 - Solution - Regular expressions

3. Using Wireshark to Evaluate Traffic

  • 13 - Understanding the OSI model
  • 14 - Tapping into the network
  • 15 - Creating an Ethernet frame
  • 16 - Identifying key elements from a pcap
  • 17 - Extracting objects from a pcap
  • 18 - Challenge - Log file analysis
  • 19 - Solution - Log file analysis

4. Diving into TCP IP Headers

  • 20 - Understanding TCP
  • 21 - Moving through the TCP handshake and teardown
  • 22 - Recognizing User Datagram Protocol
  • 23 - Viewing IPv4
  • 24 - Investigating IPv6
  • 25 - Grasping ICMP
  • 26 - Discovering ICMPv6

5. Visualizing Application Data

  • 27 - Analyzing HTTP
  • 28 - Dissecting DNS
  • 29 - Using ARP
  • 30 - Outlining email threats
  • 31 - Detecting malware by examining artifacts
  • 32 - Confirming malware by examining artifacts

Conclusion

  • 33 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal