CCNA Cyber Security Operations OPS Training
Today’s organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cyber security threats.
The CCNA Cyber Ops certification prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.
Exams & Recommended Training
Required Exam(s) Recommended Training
210-250 SECFND Understanding Cisco CyberSecurity Fundamentals (SECFND)
210-255 SECOPS Implementing Cisco CyberSecurity Operations (SECOPS)
Course Objectives
Understanding Cisco Cybersecurity Fundamentals (SECFND)
Prerequisites
No prerequisites
Upon completion of this course, you will have knowledge and skills to:
- Describe, compare, and identify various network concepts
- Fundamentals of TCP/IP
- Describe and compare fundamental security concepts
- Describe network applications and the security challenges
- Understand basic cryptography principles
- Understand endpoint attacks, including interpreting log data to identify events in Windows and Linux
- Develop knowledge in security monitoring, including identifying sources and types of data and events
The following topics are general guidelines for the content likely to be included on the exam.
| 1.0 Network Concepts | 12% |
| 2.0 Security Concepts | 17% |
| 3.0 Cryptography | 12% |
| 4.0 Host-Based Analysis | 19% |
| 5.0 Security Monitoring | 19% |
| 6.0 Attack Methods | 21% |
Implementing Cisco Cybersecurity Operations (SECOPS)
Course Prerequisites
It is recommended, but not required, that students have the following knowledge and skills:
- Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices, Part 1 (ICND1)
- Skills and knowledge equivalent to those learned in Understanding Cisco Cybersecurity Fundamentals (SECFND)
- Working knowledge of the Windows operating system
- Working knowledge of Cisco IOS networking and concepts
Course Objectives
Upon completion of this course, you will have the skills and knowledge to:
- Define an SOC and the various job roles in an SOC
- Understand SOC infrastructure tools and systems
- Learn basic incident analysis for a threat-centric SOC
- Explore resources available to assist with an investigation
- Explain basic event correlation and normalization
- Describe common attack vectors
- Learn how to identify malicious activity
- Understand the concept of a playbook
- Describe and explain an incident respond handbook
- Define types of SOC metrics
- Understand SOC Workflow Management system and automation
The following topics are general guidelines for the content likely to be included on the exam.
| 1.0 Endpoint Threat Analysis and Computer Forensics | 15% |
| 2.0 Network Intrusion Analysis | 22% |
| 3.0 Incident Response | 18% |
| 4.0 Data and Event Analysis | 23% |
| 5.0 Incident Handling | 22% |
Target Audience
- Security Operations Center — Security Analyst
- Computer Network Defense — Analyst
- Computer Network Defense — Infrastructure Support Personnel
- Future Incident Responders and Security Operations Center (SOC) personnel
- Students beginning a career entering the cybersecurity field
- IT personnel looking to learn more about the area of cybersecurity operations
- Cisco Channel Partners