You're reading from Cisco Certified CyberOps Associate 200-201 Certification Guide Learn blue teaming strategies and incident response techniques to mitigate cybersecurity incidents

Product type Paperback

Published in Jun 2021

Publisher Packt

ISBN-13 9781800560871

Length 660 pages

Edition 1st Edition

Tools

Cisco

Concepts

Cybersecurity

Author (1):

Glen D. Singh

View More author details

Table of Contents (25) Chapters

Preface

1. Section 1: Network and Security Concepts

2. Chapter 1: Exploring Networking Concepts FREE CHAPTER

3. Chapter 2: Exploring Network Components and Security Systems

4. Chapter 3: Discovering Security Concepts

5. Section 2: Principles of Security Monitoring

6. Chapter 4: Understanding Security Principles

7. Chapter 5: Identifying Attack Methods

8. Chapter 6: Working with Cryptography and PKI

9. Section 3: Host and Network-Based Analysis

10. Chapter 7: Delving into Endpoint Threat Analysis

11. Chapter 8: Interpreting Endpoint Security

12. Chapter 9: Exploring Computer Forensics

13. Chapter 10: Performing Intrusion Analysis

14. Section 4: Security Policies and Procedures

15. Chapter 11: Security Management Techniques

16. Chapter 12: Dealing with Incident Response

17. Chapter 13: Implementing Incident Handling

18. Chapter 14: Implementing Cisco Security Solutions

19. Chapter 15: Working with Cisco Security Solutions

20. Chapter 16: Real-World Implementation and Best Practices

21. Chapter 17: Mock Exam 1

22. Chapter 18: Mock Exam 2

23. Assessment

24. Other Books You May Enjoy

Chapter 16: Real-World Implementation and Best Practices

In this chapter, you will take a deep dive into learning how to implement various real-world threat detection platforms on a network. Firstly, you will learn how to implement an open source Security Information and Event Management (SIEM) tool on a network to gather, correlate, and monitor security alerts. Then, you will learn how to automate the process of discovering and exploiting vulnerabilities using both a vulnerability scanner and a breach and attack automation tool. This will teach you how attackers compromise your network and system and establish communication channels between compromised systems and a centralized server. Lastly, you will learn how to implement an open source honeypot platform on a network to detect and analyze threats.

In this chapter, we will cover the following topics: