What this book covers

Chapter 1, Exploring Networking Concepts, covers the fundamentals of network protocol suites, and the characteristics and functionality of each layer of TCP/IP.

Chapter 2, Exploring Network Components and Security Systems, covers the function of various networking protocols, and the role and functions of networking and security devices.

Chapter 3, Discovering Security Concepts, covers the importance of implementing a Defense in Depth approach, explaining key security terminology and access control models.

Chapter 4, Understanding Security Principles, covers the functionality of a security operations center (SOC), how data visibility is affected by network technologies, and how threat actors are able to exfiltrate data using common network protocols.

Chapter 5, Identifying Attack Methods, covers the characteristics of common network-based attacks, web application attacks, social engineering attacks, and endpoint-based attacks, and explains how threat actors evade threat detection systems.

Chapter 6, Working with Cryptography and PKI, covers the importance of cryptography and the characteristics of confidentiality, interiority, origin authentication, non-repudiation, and Public Key Infrastructure (PKI).

Chapter 7, Delving into Endpoint Threat Analysis, covers the fundamentals of endpoint security and how it protects a system of various security threats, and also covers key components of both Windows and Linux operating systems that can help identify endpoint-based threats.

Chapter 8, Interpreting Endpoint Security, covers the filesystem for Windows and Linux operating systems, how security professionals are able to determine the vulnerability score of a security weakness, and malware analysis.

Chapter 9, Exploring Computer Forensics, covers the fundamentals of computer forensics, types of evidence collected during an investigation, and how to compare disk images.

Chapter 10, Performing Intrusion Analysis, covers the operations of various firewall technologies. It compares inline traffic interrogation techniques and explains the elements of various protocol headers as they relate to an intrusion.

Chapter 11, Security Management Techniques, covers the fundamentals of identifying artifact elements and explains the need for various security management techniques and practices within an enterprise organization.

Chapter 12, Dealing with Incident Response, covers the importance of incident response and handling processes, the characteristics of various security teams, and security compliance.

Chapter 13, Implementing Incident Handling, covers the fundamentals of implementing forensics techniques into IR, explains how the Cyber Kill Chain can be used to stop a cyber-attack, and explains how the Diamond Model of Intrusion is used to better understand how an intrusion occurs.

Chapter 14, Implementing Cisco Security Solutions, covers the fundamentals of implementing security solutions such as AAA, zone-based firewall, and an intrusion prevention system using Cisco solutions on a network.

Chapter 15, Working with Cisco Security Solutions, covers the fundamentals of implementing additional security solutions such as Layer 2 security controls, securing networking devices, and configuring a Cisco ASA firewall appliance.

Chapter 16, Real-World Implementation and Best Practices, covers advanced topics on implementing various real-world security solutions, such as an open source SIEM, performing active scanning of assets, performing breach and attack simulations, and deploying a honeypot.

Chapter 17, Mock Exam 1, includes a simple mock test containing questions that will help you to prepare for the Cisco Certified CyberOps Associate examination and will help you identify any topics you need to spend additional time learning about and practicing.

Chapter 18, Mock Exam 2, includes another mock test containing questions that will help you to prepare for the Cisco Certified CyberOps Associate examination.