GithubHelp home page GithubHelp logo

00mjk / cisco-cyberops-professional-350-201-cbrcor Goto Github PK

View Code? Open in Web Editor NEW

This project forked from julio1925/cisco-cyberops-professional-350-201-cbrcor

0.0 0.0 0.0 80 KB

Cisco Cyber Ops Study Group global collaboration effort for the CBRCOR Exam

cisco-cyberops-professional-350-201-cbrcor's Introduction

Cisco-CyberOps-Professional-350-201-CBRCOR

-First date to test: November 17, 2020

-No Books, No Exams , No Reference, Only Exam Blue Prints For Now, Just How We Like It

-Cisco Cyber Ops Study Group global collaboration effort for the CBRCOR Exam

-Feel free to contribute by providing resources which you feel best match the exam objectives

-NEW PULL REQUEST -> REVIEW PULL REQUEST -> APPROVE -> MERGE INTO MASTER

Twitter Follow

Table of Contents

* 1.0 Fundamentals 20%

* 2.0 Techniques 30%

* 3.0 Processes 30%

* 4.0 Automation 20%

1.0 Fundamentals 20%

1.1 Interpret the components within a playbook
SANS - Incident Response Playbook Creation
Integrated Adaptive Cyber Defense
Microsoft - Top 5 best practices to automate security operations
Rapid 7 - Security Automation Best Practices
Cisco - Using a playbook model to organize your information security monitoring strategy
1.2 Determine the tools needed based on a playbook scenario
Microsoft - CISO Series: Lessons learned from the Microsoft SOC-Part 1: Organization
Microsoft - Become an Azure Sentinel Ninja: The complete level 400 training
1.3 Apply the playbook for a common scenario (for example, unauthorized elevation of privilege, DoS and DDoS, website defacement)
Incidentresponse.com Playbooks
1.4 Infer the industry for various compliance standards (for example, PCI, FISMA, FedRAMP, SOC, SOX, PCI, GDPR, Data Privacy, and ISO 27101)
1.5 Describe the concepts and limitations of cyber risk insurance
1.6 Analyze elements of a risk analysis (combination asset, vulnerability, and threat)
1.7 Apply the incident response workflow
1.8 Describe characteristics and areas of improvement using common incident response metrics
1.9 Describe types of cloud environments (for example, IaaS platform)
Microsoft - Type of cloud services
1.10 Compare security operations considerations of cloud platforms (for example, IaaS, PaaS)

2.0 Techniques 30%

2.1 Recommend data analytic techniques to meet specific needs or answer specific questions
2.2 Describe the use of hardening machine images for deployment
CIS - CIS Hardend Images
2.3 Describe the process of evaluating the security posture of an asset
2.4 Evaluate the security controls of an environment, diagnose gaps, and recommend improvement
2.5 Determine resources for industry standards and recommendations for hardening of systems
2.6 Determine patching recommendations, given a scenario
2.7 Recommend services to disable, given a scenario
2.8 Apply segmentation to a network
2.9 Utilize network controls for network hardening
2.10 Determine SecDevOps recommendations (implications)
2.11 Describe use and concepts related to using a Threat Intelligence Platform (TIP) to automate intelligence
2.12 Apply threat intelligence using tools
2.13 Apply the concepts of data loss, data leakage, data in motion, data in use, and data at rest based on common standards
2.14 Describe the different mechanisms to detect and enforce data loss prevention techniques
2.14.a host-based
2.14.b network-based
2.14.c application-based
2.14.d cloud-based
2.15 Recommend tuning or adapting devices and software across rules, filters, and policies
2.16 Describe the concepts of security data management
2.17 Describe use and concepts of tools for security data analytics
2.18 Recommend workflow from the described issue through escalation and the automation needed for resolution
2.19 Apply dashboard data to communicate with technical, leadership, or executive stakeholders
2.20 Analyze anomalous user and entity behavior (UEBA)
Splunk - What is user behavior analytics (UBA/UEBA)
Splunk App - Splunk User Behavior Analytics (Splunk UBA)
2.21 Determine the next action based on user behavior alerts
2.22 Describe tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools)
2.23 Evaluate artifacts and streams in a packet capture file
Malware-Traffic-Analysis.net
2.24 Troubleshoot existing detection rules
2.25 Determine the tactics, techniques, and procedures (TTPs) from an attack
MITRE ATT&CK
UNIT 42 PLAYBOOK VIEWER

3.0 Processes 30%

3.1 Prioritize components in a threat model
3.2 Determine the steps to investigate the common types of cases
3.3 Apply the concepts and sequence of steps in the malware analysis process:
3.3.a Extract and identify samples for analysis (for example, from packet capture or packet analysis tools)
3.3.b Perform reverse engineering
3.3.c Perform dynamic malware analysis using a sandbox environment
3.3.d Identify the need for additional static malware analysis
3.3.e Perform static malware analysis
3.3.f Summarize and share results
3.4 Interpret the sequence of events during an attack based on analysis of traffic patterns
3.5 Determine the steps to investigate potential endpoint intrusion across a variety of platform types (for example, desktop, laptop, IoT, mobile devices)
3.6 Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs), given a scenario
3.7 Determine IOCs in a sandbox environment (includes generating complex indicators)
3.8 Determine the steps to investigate potential data loss from a variety of vectors of modality (for example, cloud, endpoint, server, databases, application), given a scenario
3.9 Recommend the general mitigation steps to address vulnerability issues
3.10 Recommend the next steps for vulnerability triage and risk analysis using industry scoring systems (for example, CVSS) and other techniques

4.0 Automation 20%

4.1 Compare concepts, platforms, and mechanisms of orchestration and automation
4.2 Interpret basic scripts (for example, Python)
Realpython.com - Run Python Scripts
4.3 Modify a provided script to automate a security operations task
4.4 Recognize common data formats (for example, JSON, HTML, CSV, XML)
Guru99.com - JSON
W3.org - XML VS HTML
CSV
4.5 Determine opportunities for automation and orchestration
4.6 Determine the constraints when consuming APIs (for example, rate limited, timeouts, and payload)
4.7 Explain the common HTTP response codes associated with REST APIs
COMMVAULT
4.8 Evaluate the parts of an HTTP response (response code, headers, body)
Tutorialspoint - HTTP - Quick Guide
4.9 Interpret API authentication mechanisms: basic, custom token, and API keys
4.10 Utilize Bash commands (file management, directory navigation, and environmental variables)
Linux Professional Institue - Learning
4.11 Describe components of a CI/CD pipeline
Semaphore - CI/CD Pipeline: A Gentle Introduction
4.12 Apply the principles of DevOps practices
Devops Agile Skills Association - DASA DEVOPS PRINCIPLES
4.13 Describe the principles of Infrastructure as Code
O'Reilly - Test-Driven Infrastructure with Chef by Stephen Nelson-Smith

cisco-cyberops-professional-350-201-cbrcor's People

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.