CCNA Cyber Ops – Cisco

CCNA Cyber Security Operations OPS Training

Today’s organizations are challenged with rapidly detecting cybersecurity breaches and effectively responding to security incidents. Teams of people in Security Operations Centers (SOC’s) keep a vigilant eye on security systems, protecting their organizations by detecting and responding to cyber security threats.

The CCNA Cyber Ops certification prepares candidates to begin a career working with associate-level cybersecurity analysts within security operations centers.

Exams & Recommended Training

Required Exam(s)              Recommended Training

210-250 SECFND              Understanding Cisco CyberSecurity Fundamentals (SECFND)

210-255 SECOPS               Implementing Cisco CyberSecurity Operations (SECOPS)

Course Objectives

Understanding Cisco Cybersecurity Fundamentals (SECFND)


No prerequisites

Upon completion of this course, you will have knowledge and skills to:

  • Describe, compare, and identify various network concepts
  • Fundamentals of TCP/IP
  • Describe and compare fundamental security concepts
  • Describe network applications and the security challenges
  • Understand basic cryptography principles
  • Understand endpoint attacks, including interpreting log data to identify events in Windows and Linux
  • Develop knowledge in security monitoring, including identifying sources and types of data and events

The following topics are general guidelines for the content likely to be included on the exam.


1.0 Network Concepts 12%
2.0 Security Concepts 17%
3.0 Cryptography 12%
4.0 Host-Based Analysis 19%
5.0 Security Monitoring 19%
6.0 Attack Methods 21%

Implementing Cisco Cybersecurity Operations (SECOPS)

Course Prerequisites

It is recommended, but not required, that students have the following knowledge and skills:

  • Skills and knowledge equivalent to those learned in Interconnecting Cisco Networking Devices, Part 1 (ICND1)
  • Skills and knowledge equivalent to those learned in Understanding Cisco Cybersecurity Fundamentals (SECFND)
  • Working knowledge of the Windows operating system
  • Working knowledge of Cisco IOS networking and concepts

Course Objectives

Upon completion of this course, you will have the skills and knowledge to:

  • Define an SOC and the various job roles in an SOC
  • Understand SOC infrastructure tools and systems
  • Learn basic incident analysis for a threat-centric SOC
  • Explore resources available to assist with an investigation
  • Explain basic event correlation and normalization
  • Describe common attack vectors
  • Learn how to identify malicious activity
  • Understand the concept of a playbook
  • Describe and explain an incident respond handbook
  • Define types of SOC metrics
  • Understand SOC Workflow Management system and automation

The following topics are general guidelines for the content likely to be included on the exam.


1.0 Endpoint Threat Analysis and Computer Forensics 15%
2.0 Network Intrusion Analysis 22%
3.0 Incident Response 18%
4.0 Data and Event Analysis 23%
5.0 Incident Handling 22%


Target Audience

  • Security Operations Center — Security Analyst
  • Computer Network Defense — Analyst
  • Computer Network Defense — Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career entering the cybersecurity field
  • IT personnel looking to learn more about the area of cybersecurity operations
  • Cisco Channel Partners