CCNA Cyber Ops SECOPS #210-255 Official Cert Guide

CCNA Cyber Ops SECOPS

Last edition Elsevier Learn, prepare, and practice for CCNA Cyber Ops SECOPS #210-255 exam success with this Official Cert Guide from Pearson IT Certification, a leader in IT Certification learning. Master CCNA Cyber Ops SECOPS #210-255 exam topics. Assess your knowledge with chapter-ending quizzes. Review key concepts with exam preparation tasks. Practice with realistic exam questions

Last Edition

ISBN 13: 9781587147036

Imprint: Pearson Education Limited

Language: English

Authors: Joseph Muniz< /span>

Pub Date: 2017

Pages: 352

Illus: Illustrated

Weight: 768.00 grams

Size: h 196 x 234 mm

Product Type: Softcover

List Price
grn 1504
$ 50,99
to order
  • • CCNA Cyber Ops SECOPS 210-255 Official Cert Guide is a best-of-breed exam study guide. Best-selling authors and internationally respected cybersecurity experts Omar Santos and Joseph Muniz share preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills. Material is presented in a concise manner, focusing on increasing your understanding and retention of exam topics.
  • • The book presents you with an organized test preparation routine through the use of proven series elements and techniques. Exam topic lists make referencing easy. Chapter-ending Exam Preparation Tasks help you drill on key concepts you must know thoroughly. Review questions help you assess your knowledge and a final preparation chapter guides you through tools and resources to help you craft your final study plan.
  • • The companion website contains the powerful Pearson Test Prep practice test software, complete with hundreds of exam-realistic questions. The assessment engine offers you a wealth of customization options and reporting features, laying out a complete assessment of your knowledge to help you focus your study where it is needed most.
  • • Well-regarded for its level of detail, assessment features, and challenging review questions and exercises, this study guide helps you master the concepts and techniques that will allow you to succeed on the exam the first time
  • • The study guide helps you master all the topics on the SECOPS #210-255 exam, including:
  • • Threat analysis
  • • Forensics
  • • Intrusion analysis
  • • NetFlow for cybersecurity
  • • Incident response and the incident handling process
  • • Incident response teams
  • • Compliance frameworks
  • • Network and host profiling
  • • Data and event analysis
  • • Intrusion event categories
  • Joseph Muniz and Omar Santos. Omar Santos is an active member of the cybersecurity community, where he leads several industry-wide initiatives and standards bodies. His active role helps businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to increasing the security of their critical infrastructures.by Step and Microsoft Office Excel 2003 Step by Step, along with numerous online training courses.
  • Joseph Muniz is an architect at Cisco Systems and a security researcher. He has extensive experience in designing security solutions and architectures for the top Fortune 500 corporations and the U.S. government. Joseph’s current role gives him visibility into the latest trends in cybersecurity, from both leading vendors and customers. Examples of Joseph’s research include his RSA talk titled “Social Media Deception,” which has been quoted by many sources (search for “Emily Williams Social Engineering”), as well as his articles in PenTest Magazine regarding various security topics.
  • Introduction xvii
  • Part I Threat Analysis and Computer Forensics
  • Chapter 1 Threat Analysis 3
  • "Do I Know This Already?" Quiz 3 Foundation Topics 6 What Is the CIA Triad: Confidentiality, Integrity, and Availability? 6 Confidentiality 6 Integrity 7 Availability 7 Threat Modeling 8 Defining and Analyzing the Attack Vector 10 Understanding the Attack Complexity 12 Privileges and User Interaction 12 The Attack Scope 13 Exam Preparation Tasks 14 Review All Key Topics 14 Complete Tables and Lists from Memory 14 Define Key Terms 14 Q&A 15
  • Chapter 2 Forensics 17
  • "Do I Know This Already?" Quiz 17 Foundation Topics 20 Introduction to Cybersecurity Forensics 20 The Role of Attribution in a Cybersecurity Investigation 21 The Use of Digital Evidence 21 Defining Digital Forensic Evidence 22 Understanding Best, Corroborating, and Indirect or Circumstantial Evidence 22 Collecting Evidence from Endpoints and Servers 22 Collecting Evidence from Mobile Devices 24 Collecting Evidence from Network Infrastructure Devices 24 Chain of Custody 26 Fundamentals of Microsoft Windows Forensics 28 Processes, Threads, and Services 28 Memory Management 30 Windows Registry 32 The Windows File System 34 FAT 35 NTFS 36 Fundamentals of Linux Forensics 37 Linux Processes 37 Ext4 40 Journaling 41 Linux MBR and Swap File System 41 Exam Preparation Tasks 43 Review All Key Topics 43 Define Key Terms 44 Q&A 44
  • Part II Network Intrusion Analysis
  • Chapter 3 Fundamentals of Intrusion Analysis 49
  • "Do I Know This Already?" Quiz 49 Foundation Topics 52 Common Artifact Elements and Sources of Security Events 52 False Positives, False Negatives, True Positives, and True Negatives 58 Understanding Regular Expressions 58 Protocols, Protocol Headers, and Intrusion Analysis 61 Using Packet Captures for Intrusion Analysis 61 Mapping Security Event Types to Source Technologies 66 Exam Preparation Tasks 71 Review All Key Topics 71 Complete Tables and Lists from Memory 71 Define Key Terms 71 Q&A 72
  • Chapter 4 NetFlow for Cybersecurity 75
  • "Do I Know This Already?" Quiz 75 Foundation Topics 78 Introduction to NetFlow 78 What Is a Flow in NetFlow? 78 The NetFlow Cache 80 NetFlow Versions 81 Cisco Flexible NetFlow 96 Flexible NetFlow Records 97 Flow Monitors 102 Flow Exporters 102 Flow Samplers 102 Flexible NetFlow Configuration 102 Configure a Flow Record 103 Configuring a Flow Monitor for IPv4 or IPv6 105 Configuring a Flow Exporter for the Flow Monitor 107 Applying a Flow Monitor to an Interface 109 IPFIX 110 IPFIX Architecture 111 IPFIX Mediators 111 IPFIX Templates 111 Option Templates 112 Introduction to the Stream Control Transmission Protocol (SCTP) 112 NetFlow and IPFIX Comparison 113 NetFlow for Cybersecurity and Incident Response 113 NetFlow as an Anomaly Detection Tool 113 Incident Response and Network Security Forensics 114 Using NetFlow for Data Leak Detection and Prevention 119 NetFlow Analysis Tools 125 Commercial NetFlow Analysis Tools 125 Cisco's Lancope StealthWatch Solution 126 Plixer's Scrutinizer 129 Open Source NetFlow Monitoring and Analysis Software Packages 129 Exam Preparation Tasks 136 Review All Key Topics 136 Define Key Terms 136 Q&A 136
  • Part III Incident Response
  • Chapter 5 Introduction to Incident Response and the Incident Handling
  • Process 141 "Do I Know This Already?" Quiz 141 Foundation Topics 144 Introduction to Incident Response 144 What Are Events and Incidents? 144 The Incident Response Plan 145 The Incident Response Process 146 The Preparation Phase 146 The Detection and Analysis Phase 146 Containment, Eradication, and Recovery 147 Post-Incident Activity (Postmortem) 148 Information Sharing and Coordination 148 Incident Response Team Structure 148 The Vocabulary for Event Recording and Incident Sharing (VERIS) 149 Exam Preparation Tasks 153 Review All Key Topics 153 Complete Tables and Lists from Memory 153 Define Key Terms 153 Q&A 153
  • Chapter 6 Incident Response Teams 157
  • "Do I Know This Already?" Quiz 157 Foundation Topics 159 Computer Security Incident Response Teams (CSIRTs) 159 Product Security Incident Response Teams (PSIRTs) 161 Security Vulnerabilities and Their Severity 161 Vulnerability Chaining Role in Fixing Prioritization 164 Fixing Theoretical Vulnerabilities 164 Internally Versus Externally Found Vulnerabilities 165 National CSIRTs and Computer Emergency Response Teams (CERTs) 166 Coordination Centers 166 Incident Response Providers and Managed Security Service Providers (MSSPs) 167 Exam Preparation Tasks 168 Review All Key Topics 168 Define Key Terms 168 Q&A 168
  • Chapter 7 Compliance Frameworks 171
  • "Do I Know This Already?" Quiz 172 Foundation Topics 175 Payment Card Industry Data Security Standard (PCI DSS) 175 PCI DSS Data 175 Health Insurance Portability and Accountability Act (HIPAA) 185 HIPAA Security Rule 186 HIPAA Safeguards 187 Sarbanes-Oxley (SOX) 189 Section 302 190 Section 404 190 Section 409 190 Summary 192 References 192 Exam Preparation Tasks 193 Review All Key Topics 193 Complete Tables and Lists from Memory 193 Define Key Terms 193 Review Questions 194
  • Chapter 8 Network and Host Profiling 197
  • "Do I Know This Already?" Quiz 197 Foundation Topics 200 Network Profiling 200 Throughput 200 Used Ports 206 Session Duration 211 Critical Asset Address Space 212 Host Profiling 215 Listening Ports 216 Logged-in Users/Service Accounts 220 Running Processes 223 Applications 226 Summary 229 References 230 Exam Preparation Tasks 231 Review All Key Topics 231 Define Key Terms 231 Q&A 231
  • Part IV Data and Event Analysis
  • Chapter 9 The Art of Data and Event Analysis 235
  • "Do I Know This Already?" Quiz 235 Foundation Topics 238 Normalizing Data 238 Interpreting Common Data Values into a Universal Format 238 Using the 5-Tuple Correlation to Respond to Security Incidents 239 Retrospective Analysis and Identifying Malicious Files 241 Identifying a Malicious File 241 Mapping Threat Intelligence with DNS and Other Artifacts 242 Deterministic Versus Probabilistic Analysis 242 Exam Preparation Tasks 244 Review All Key Topics 244 Complete Tables and Lists from Memory 244 Define Key Terms 244 Q&A 245
  • Part V Incident Handling
  • Chapter 10 Intrusion Event Categories 247
  • "Do I Know This Already?" Quiz 247 Foundation Topics 250 Diamond Model of Intrusion 250 Cyber Kill Chain Model 254 Reconnaissance 256 Weaponization 259 Delivery 260 Exploitation 261 Installation 263 Command and Control 264 Action and Objectives 265 Summary 269 References 269 Exam Preparation Tasks 271 Review All Key Topics 271 Define Key Terms 271 Q&A 271
  • Part VI Final Preparation
  • Chapter 11 Final Preparation 275
  • Tools for Final Preparation 275 Pearson Cert Practice Test Engine and Questions on the Website 275 Customizing Your Exams 277 Updating Your Exams 277 The Cisco Learning Network 278 Memory Tables and Lists 278 Chapter-Ending Review Tools 279 Suggested Plan for Final Review/Study 279 Summary 279
  • Part VII Appendix
  • Appendix A Answers to the "Do I Know This Already?" Quizzes and Q&A 281
  • Glossary 295
  • Elements Available on the Book Website
  • Appendix B Memory Tables and Lists
  • Appendix C Memory Tables and Lists Answers
  • Appendix D Study Planner
  • To order a book, you need to send a phone number for a callback. Then specify:
  • 1. Correct spelling of the first name, last name, as indicated in the passport or other document proving the identity. (Data is required upon receipt of the order)
  • 2. City of delivery
  • 3. Nova Poshta office number or desired delivery address.
  • The prices on the site do not include the cost of Nova Poshta services.
  • When prepaying for the Master Card, the supplier pays the order forwarding.
  • Delivery is carried out anywhere in Ukraine.
  • Delivery time 1-2 days, if the book is available and 3-4 weeks, if it is necessary to order from the publisher.