CCNA Cybersecurity Operations
Cybersecurity and the Security Operation Center
- Explain the role of the Cybersecurity Operations Analyst in the enterprise.
- Explain why networks and data are attacked.
- Explain how to prepare for a career in Cybersecurity operations.
Windows Operating System
- Explore the Windows Operating System features and characteristics needed to support cybersecurity analyses.
- Explain the operation of the Windows Operating System.
- Explain how to secure Windows endpoints.
Linux Operating System
- Explore the features and characteristics of the Linux Operating System.
- Perform basic operations in the Linux shell.
- Perform basic Linux administration tasks.
- Perform basic security-related tasks on a Linux host.
Network Protocols and Services
- Explain how protocols enable network operations.
- Explain how the Ethernet and IP protocols support network communication.
- Use common testing utilities to verify and test network connectivity.
- Explain how the address resolution protocol enables communication on a network.
- Explain how transport layer protocols and network services support network functionality.
- Explain how network services enable network functionality.
- Explain how network devices enable wired and wireless network communication.
- Explain how devices and services are used to enhance network security.
- Explain how networks and network topologies are represented.
Principles of Network Security
- Classify the various types of network attacks.
- Explain how networks are attacked.
- Explain the various types of threats and attacks.
Network Attacks: A Deeper Look
- Use network monitoring tools to identify attacks that against network protocols and services.
- Explain network traffic monitoring.
- Explain how TCP/IP vulnerabilities enable network attacks.
- Explain how common network applications and services are vulnerable to attack.
Protecting the Network
- Use various methods to prevent malicious access to computer networks, hosts, and data.
- Explain approaches to network security defense.
- Explain access control as a method of protecting a network.
- Explain how firewalls and other devices prevent network intrusions.
- Explain how content filtering prevents unwanted data from entering the network.
- Use various intelligence sources to locate current security threats.
Cryptography and the Public Key Infrastructure
- Explain the impacts of cryptography on network security monitoring.
- Use tools to encrypt and decrypt data.
- Explain how the public key infrastructure (PKI) supports network security.
Endpoint Security and Analysis
- Explain how to investigate endpoint vulnerabilities and attacks.
- Use a tool to generate a malware analysis report.
- Classify endpoint vulnerability assessment information.
- Evaluate network security alerts.
- Explain how security technologies affect security monitoring.
- Explain the types of log files used in security monitoring
Intrusion Data Analysis
- Analyze network intrusion data to identify compromised hosts and vulnerabilities
- Explain how security-related data is collected.
- Arrange a variety of log files in preparation for intrusion data analysis.
- Analyze intrusion data to determine the source of an attack.
Incident Response and Handling
- Explain how network security incidents are handled by CSIRTs.
- Apply incident response models to an intrusion event.
- Apply standards specified in NIST 800-61r2 to a computer security incident.
- Given a set of logs, isolate a threat actor and recommend an incident response plan.