• Online, Self-Paced
Course Description

In this course, you'll learn to categorize intrusion events according to the cyber kill chain and diamond intrusion models. Next, with so many tools available, you'll examine which ones should be used to identify different security events. You'll learn the differences between deep packet inspection, packet filtering, and stateful firewall operations. Finally, you'll review the differences between inline traffic interrogation, taps, and traffic monitoring. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.

Learning Objectives

{"determine infrastructure elements that are used during the Diamon Model of Intrusion","identify the phases of the Cyber Kill Chain model","recognize the phase of the Cyber Kill Chain that may involve a phishing attack"}

Framework Connections

Specialty Areas

  • Cyber Operational Planning
  • Cyber Operations
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Network Services
  • Threat Analysis