• Skip to primary navigation
  • Skip to content
  • Skip to footer
 AREA RISERVATA
 800-177596
 CHI SIAMO
 CONTATTACI
 AREA RISERVATA
 CONTATTACI
 800-177596

Vega Training

Vega Training

Formazione Certificata Ovunque

  • Corsi
  • Corsi per Tecnologia
  • Corsi per Vendor
    • Amazon AWS
    • Microsoft Azure
    • Alibaba Cloud
    • Google Cloud
    • VMware
    • CompTIA
    • Cisco
    • Check Point
    • Fortinet
    • Huawei
  • Certificazioni
  • Calendario

Corso Cisco Cybersecurity Operations

28/02/2020 by

Cisco CCNA Security, Cisco CCNA Cyber OPS, Cisco CCNP Security

Corso Cisco Cybersecurity Operations

Panoramica | Obiettivi | Contenuti  |  Tipologia  |  Prerequisiti
Durata e Frequenza  |  Docenti  |  Modalità di Iscrizione  |  Calendario

Panoramica   Obiettivi   Contenuti
Tipologia    Prerequisiti   Durata e Frequenza
Docenti    Modalità di Iscrizione    Calendario

PANORAMICA

Corso Cisco Cybersecurity Operation - Understanding Cisco Cybersecurity Operations Fundamentals

Corso di preparazione al conseguimento della
Certificazione Cisco CyberOps Associate
Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)

Sintesi Statistica:
Corsi realizzati: 40;
Numero Corsisti: 393;
Superamento Esame: 90,10%

Agevolazioni per Disoccupati Inoccupati e lavoratori a Termine

Contattaci ora per ricevere tutti i dettagli e per richiedere, senza alcun impegno, di parlare direttamente con uno dei nostri docenti Cyber Security CLICCA QUI.
Oppure chiamaci subito al nostro numero verde  800-177596.

OBIETTIVI DEL CORSO

Questo corso è progettato per preparare il partecipante alla certificazione Cisco Certified CyberOps Associate ottenibile attraverso il superamento dell’esame CBROPS 200-201. Il Corso Cybersecurity affronta le principali vulnerabilità legate alle infrastrutture di rete. Si analizzeranno gli attacchi e le misure di cyber-sicurezza più diffuse sia in ambienti Windows che Linux. Le organizzazioni moderne, che vogliano competere nel mercato attuale, hanno bisogno di essere dotate o servirsi di un centro definito SOC (Security Operations Center). Questa entità, composta da un Team di professionisti, si occupa di fornire i seguenti principali servizi:
• Servizi di Gestione: tutte le attività di gestione delle funzionalità di sicurezza legate all’infrastruttura IT (rete, sistemi ed applicazioni).
• Servizi di Monitoraggio: l’infrastruttura IT e di Sicurezza vengono monitorate in tempo reale al fine di individuare tempestivamente tentativi di intrusione, di attacco o di compromissione dei sistemi.
• Servizi Proattivi: sono servizi finalizzati a migliorare il livello di protezione dell’organizzazione (Security assessments, vulnerability assessments, early warning, security awareness).
Per supportare adeguatamente questi servizi, i SOC, devono essere composti da risorse qualificate a vari livelli. Personale professionalmente adeguato nell’ambito della Cybersecurity è oggi di difficile reperimento. In tale contesto nasce questo percorso formativo qualificante e certificato. Esso è specificatamente strutturato per ottenere una figura professionale che possa inserirsi rapidamente in un Security Operations Center. Il corso è caratterizzato da una parte teorica e una pratica realizzata su Laboratori forniti direttamente da Cisco. Questa è una prerogativa concessa solo ed esclusivamente ai Cisco Learning Partner.

CONTENUTI IN SINTESI

Understanding Cisco Cybersecurity Operations Fundamentals

  • Defining the Security Operations Center
  • Introduction
  • Types of Security Operations Centers
  • SOC Analyst Tools
  • Data Analytics
  • Hybrid Installations: Automated Reports, Anomaly Alerts
  • Staffing an Effective Incident Response Team
  • Roles in a Security Operations Center
  • Developing Key Relationships with External Resources
  • Understanding Network Infrastructure and Network Security Monitoring Tools
  • Introduction
  • NAT Fundamentals
  • Packet Filtering with ACLs
  • ACLs with the Established Option
  • Access Control Models
  • Authentication, Authorization, and Accounting
  • Load Balancing
  • Network-Based Malware Protection
  • Network Security Monitoring Tools
  • Exploring Data Type Categories
  • Introduction
  • Network Security Monitoring Data
  • Network Security Monitoring Data Types
  • Security Information and Event Management Systems
  • Security Orchestration, Automation, and Response
  • Security Onion Overview
  • Full Packet Capture
  • Packet Captures
  • Packet Capture Using Tcpdump
  • Session Data
  • Transaction Data
  • Alert Data
  • Other Data Types
  • Correlating NSM Data
  • Information Security Confidentiality, Integrity, and Availability
  • Personally Identifiable Information
  • Regulatory Compliance
  • Intellectual Property
  • Use NSM Tools to Analyze Data Categories
  • Understanding Basic Cryptography Concepts
  • Introduction
  • Impact of Cryptography on Security Investigations
  • Cryptography Overview
  • Hash Algorithms
  • Encryption Overview
  • Cryptanalysis
  • Symmetric Encryption Algorithms
  • Asymmetric Encryption Algorithms
  • Diffie-Hellman Key Agreement
  • Use Case: SSH
  • Digital Signatures
  • PKI Overview
  • PKI Operations
  • Use Case: SSL/TLS
  • Cipher Suite
  • Key Management
  • NSA Suite B
  • Explore Cryptographic Technologies
  • Understanding Common TCP/IP Attacks
  • Introduction
  • Address Resolution Protocol
  • Legacy TCP/IP Vulnerabilities
  • IP Vulnerabilities
  • ICMP Vulnerabilities
  • TCP Vulnerabilities
  • UDP Vulnerabilities
  • Attack Surface and Attack Vectors
  • Reconnaissance Attacks
  • Access Attacks
  • Man-in-the-Middle Attacks
  • Denial of Service and Distributed Denial of Service
  • Reflection and Amplification Attacks
  • Spoofing Attacks
  • DHCP Attacks
  • Explore TCP/IP Attacks
  • Understanding Endpoint Security Technologies
  • Introduction
  • Host-Based Personal Firewall
  • Host-Based Antivirus
  • Host Intrusion Prevention System
  • Application Whitelists and Blacklists
  • Host-Based Malware Protection
  • Sandboxing
  • File Integrity Checking
  • Explore Endpoint Security
  • Understanding Incident Analysis in a Threat-Centric SOC
  • Introduction
  • Classic Kill Chain Model Overview
  • Kill Chain Phase : Reconnaissance
  • Kill Chain Phase : Weaponization
  • Kill Chain Phase : Delivery
  • Kill Chain Phase : Exploitation
  • Kill Chain Phase : Installation
  • Kill Chain Phase : Command-and-Control
  • Kill Chain Phase : Actions on Objectives
  • Applying the Kill Chain Model
  • Diamond Model Overview
  • Applying the Diamond Model
  • MITRE ATTACK™ Framework
  • Investigate Hacker Methodology
  • Identifying Resources for Hunting Cyber Threats
  • Introduction
  • Cyber-Threat Hunting Concepts
  • Hunting Maturity Model
  • Cyber Threat Hunting Cycle
  • Common Vulnerability Scoring System
  • CVSS vScoring
  • CVSS vExample
  • Hot Threat Dashboard
  • Publicly Available Threat Awareness Resources
  • Other External Threat Intelligence Sources and Feeds Reference
  • Security Intelligence
  • Threat Analytic Systems
  • Security Tools Reference
  • Hunt Malicious Traffic
  • Understanding Event Correlation and Normalization
  • Introduction
  • Event Sources
  • Evidence
  • Chain of Custody
  • Security Data Normalization
  • Event Correlation
  • Other Security Data Manipulation
  • Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Identifying Common Attack Vectors
  • Introduction
  • DNS Operations
  • Recursive DNS Query
  • Dynamic DNS
  • HTTP Operations
  • HTTPS Operations
  • HTTP/ Operations
  • SQL Operations
  • SMTP Operations
  • Web Scripting
  • Obfuscated JavaScript
  • Shellcode and Exploits
  • Common Metasploit Payloads
  • Directory Traversal
  • SQL Injection
  • Cross-Site Scripting
  • Punycode
  • DNS Tunneling
  • Pivoting
  • HTTP Cushioning
  • Gaining Access Via Web-Based Attacks
  • Exploit Kits
  • Emotet Advanced Persistent Threat
  • Investigate Browser-Based Attacks
  • Identifying Malicious Activity
  • Introduction
  • Understanding the Network Design
  • Zero Trust Model
  • Identifying Possible Threat Actors
  • Log Data Search
  • System Logs
  • Windows Event Viewer
  • Firewall Log
  • DNS Log
  • Web Proxy Log
  • Email Proxy Log
  • AAA Server Log
  • Next Generation Firewall Log
  • Applications Log
  • NetFlow
  • NetFlow as a Security Tool
  • Network Behavior Anomaly Detection
  • Data Loss Detection Using NetFlow Example
  • DNS Risk and Mitigation Tool
  • IPS Evasion Techniques
  • The Onion Router
  • Gaining Access and Control
  • Peer-to-Peer Networks
  • Encapsulation
  • Altered Disk Image
  • Analyze Suspicious DNS Activity
  • Explore Security Data for Analysis
  • Identifying Patterns of Suspicious Behavior
  • Introduction
  • Network Baselining
  • Identifying Anomalies and Suspicious Behaviors
  • PCAP Analysis
  • Delivery
  • Investigate Suspicious Activity Using Security Onion
  • Conducting Security Incident Investigations
  • Introduction
  • Security Incident Investigation Procedures
  • Threat Investigation Example: China Chopper Remote Access Trojan
  • Investigate Advanced Persistent Threats
  • Using a Playbook Model to Organize Security Monitoring
  • Introduction
  • Security Analytics
  • Playbook Definition
  • What Is in a Play?
  • Playbook Management System
  • Explore SOC Playbooks
  • Understanding SOC Metrics
  • Introduction
  • Security Data Aggregation
  • Time to Detection
  • Security Controls Detection Effectiveness
  • SOC Metrics
  • Understanding SOC Workflow and Automation
  • Introduction
  • SOC WMS Concepts
  • Incident Response Workflow
  • SOC WMS Integration
  • SOC Workflow Automation Example
  • Describing Incident Response
  • Introduction
  • Incident Response Planning
  • Incident Response Life Cycle
  • Incident Response Policy Elements
  • Incident Attack Categories
  • Reference: US-CERT Incident Categories
  • Regulatory Compliance Incident Response Requirements
  • CSIRT Categories
  • CSIRT Framework
  • CSIRT Incident Handling Services
  • Understanding the Use of VERIS
  • Introduction
  • VERIS Overview
  • VERIS Incidents Structure
  • VERIS A’s
  • VERIS Records
  • VERIS Community Database
  • Verizon Data Breach Investigations Report and Cisco Annual Security Report
  • Understanding Windows Operating System Basics
  • Introduction
  • Windows Operating System History
  • Windows Operating System Architecture
  • Windows Processes, Threads, and Handles
  • Windows Virtual Memory Address Space
  • Windows Services
  • Windows File System Overview
  • Windows File System Structure
  • Windows Domains and Local User Accounts
  • Windows GUI
  • Run as Administrator
  • Windows CLI
  • Windows PowerShell
  • Windows net Command
  • Controlling Startup Services and Executing System Shutdown
  • Controlling Services and Processes
  • Monitoring System Resources
  • Windows Boot Process
  • Windows Networking
  • Windows netstat Command
  • Accessing Network Resources with Windows
  • Windows Registry
  • Windows Management Instrumentation
  • Common Windows Server Functions
  • Common Third-Party Tools
  • Explore the Windows Operating System
  • Understanding Linux Operating System Basics
  • Introduction
  • History and Benefits of Linux
  • Linux Architecture
  • Linux File System Overview
  • Basic File System Navigation and Management Commands
  • File Properties and Permissions
  • Editing File Properties
  • Root and Sudo
  • Disks and File Systems
  • System Initialization
  • Emergency/Alternate Startup Options
  • Shutting Down the System
  • System Processes
  • Interacting with Linux
  • Linux Command Shell Concepts
  • Piping Command Output
  • Other Useful Command-Line Tools
  • Overview of Secure Shell Protocol
  • Networking
  • Managing Services in SysV Environments
  • Viewing Running Network Services
  • Name Resolution: DNS
  • Testing Name Resolution
  • Viewing Network Traffic
  • Configuring Remote Syslog
  • Running Software on Linux
  • Executables vs. Interpreters
  • Using Package Managers to Install Software in Linux
  • System Applications
  • Lightweight Directory Access Protocol
  • Explore the Linux Operating System

Attività Laboratoriale

  • Configure the Initial Collaboration Lab Environment
  • Use NSM Tools to Analyze Data Categories
  • Explore Cryptographic Technologies
  • Explore TCP/IP Attacks
  • Explore Endpoint Security
  • Investigate Hacker Methodology
  • Hunt Malicious Traffic
  • Correlate Event Logs, PCAPs, and Alerts of an Attack
  • Investigate Browser-Based Attacks
  • Analyze Suspicious DNS Activity
  • Explore Security Data for Analysis
  • Investigate Suspicious Activity Using Security Onion
  • Investigate Advanced Persistent Threats
  • Explore SOC Playbooks
  • Explore the Windows Operating System
  • Explore the Linux Operating System

TIPOLOGIA DEL CORSO

Corso di Formazione con Docente

INFRASTRUTTURA LABORATORIALE

Per tutte le tipologie di erogazione, il Corsista può accedere alle attrezzature e ai sistemi reali Cisco presenti nei Nostri laboratori o direttamente presso i data center Cisco in modalità remota h24. Ogni partecipante dispone di un accesso per implementare le varie configurazioni avendo così un riscontro pratico e immediato della teoria affrontata.
Ecco di seguito alcune topologie di rete dei Laboratori Cisco Disponibili:

Corsi e certificazioni CCNA Cyber OPS SECOPS - Cybersecurity
Laboratorio, Corsi e Certificazione CCNA Security

PREREQUISITI

Non ci sono prerequisiti formali.

DURATA E FREQUENZA

Durata Estensiva 54 Ore;
Durata Intensiva 5gg;
Varie tipologie di Frequenza Estensiva ed Intensiva.

DOCENTI

I docenti sono Istruttori Ufficiali pluri certificati Cisco e in altre tecnologie di IT Security, con anni di esperienza pratica nel settore e nella Formazione.

MODALITÀ DI ISCRIZIONE

Le iscrizioni sono a numero chiuso per garantire ai tutti i partecipanti un servizio eccellente.
L’iscrizione avviene richiedendo di essere contattati dal seguente Link, o contattando la sede al numero verde 800-177596 o inviando una richiesta all’email [email protected].

CALENDARIO

  • Corso Cisco Cybersecurity Operations (Formula Intensiva 5gg) – 06/02/2023 – 9:00 – 17:00
  • Corso Cisco Cybersecurity Operations (Formula Estensiva Serale) – 13/03/2023 – Lun. Mer. 18:30/21:30
  • Corso Cisco Cybersecurity Operations (Formula Intensiva 5gg) – 04/04/2023 – 9:00 – 17:00

LINK UTILI CISCO

Strumenti per orientarsi alla scelta di un corso di Formazione IT

Catalogo Corsi Cisco Elenco Corsi Cisco per Certificazione

Mappa Certificazioni Cisco Mappa Certificazioni Cisco

Orientarsi alla scelta Orientarsi alla scelta

Laboratorio Cisco Laboratorio Cisco

CONTATTACI
UN NOSTRO CONSULENTE
TECNICO

Servizio attivo dal lunedì al giovedì 09.00-13.00 e 15.00-19.00 e Il venerdì dalle 09.00-13.00.

FORMAZIONE A DISTANZA

APPROFONDISCI

FORMAZIONE AZIENDALE

APPROFONDISCI

LABORATORIO LAVORO

APPROFONDISCI

LABORATORIO REMOTO

APPROFONDISCI

RICHIEDI CONSULENZA

APPROFONDISCI
CORSI PIÙ RICHIESTI
Sistemista Informatico
Linux Administrator
Docker Essentials
Kubernetes Administrator
Windows Server 2019
VMware VCP-DCV
Azure Administrator
AWS Solutions Architect
Google Cloud Engineer
Alibaba Cloud Computing
CCNP Data Center
Cisco CCNA
DevNet Associate
CCNP Enterprise
CCNP Service Provider
CCNP Collaboration
Cisco BGP
Huawei HCIA R&S
Cybersecurity
CCNP Security
Cisco ISE
Fortinet NSE4
Fortinet NSE5
Penetration Test
Check Point CCSA
Palo Alto PCNSA
Check Point CCSE
Oracle SQL
Azure Database
Azure Developer
Azure Data Scientist
Power BI
JAVA Developer
C# Developer
Python Developer
Altri Corsi

Filed Under: Senza categoria

Footer

CHI SIAMO


Formazione Aziendale
Formazione a Distanza
Laboratorio Remoto
Casi di successo
Partner e convenzioni
Marketplace
About Vega Training

DIRITTI E PRIVACY


Privacy
Cookie
ISO 9001
Contatti

QUICK LINKS


Corsi Cisco
Corsi Check Point
Corsi Fortinet
Corsi Huawei
Corsi Microsoft
Corsi Google Cloud
Corsi Alibaba Cloud
Corsi VMware
Corsi CompTIA

CONTATTI



Dall’estero: +39 02 87168254
[email protected]

Trustpilot

Vega Training® SRL - Piva: 01985170743 - Copyright 2022