CyberOps Associate v1.

0
Special IPD Session

Echo Rantanen, Technical Manager, US/Canada

Ananth Rao, Technical Manager, APJ

August 5, 2020
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 • Overview
• Course Demo
• Lab Equipment
Agenda • Vouchers, Resources, EoL
• Changes from CCNA CyberOps
• Instructor Training
• Demo of New Lab

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Response to Digital Disruption

The IT Team of the Future

World of World of World of

Network Security Software
Engineers Professionals Developers

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
CyberOps Associate 1.0
Course

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Certified CyberOps Associate Certification

Knowledge Domains

 Security concepts
 Security monitoring
 Host-based analysis
 Network intrusion analysis
 Security policies and procedures

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 CyberOps Associate prepares students for Jobs

Typical Associate
Positions
• SOC Analyst
• Incident Responder
• Digital Forensics
• Auditor

CyberOps Associate
• Detecting Intrusions
• Monitoring, analyzing
• First response
Alignment with National Institute of Standards
and Technology (NIST) Cybersecurity Framework

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
CyberOps Associate Cybersecurity

Course Details
Course Overview
This course introduces the core security concepts and
Target Audience: Students enrolled in technology
skills needed to monitor, detect, analyze, and respond degree programs at higher education institutions; IT
to cybercrime, cyberespionage, insider threats, professionals who wants to pursue a career in Security
advanced persistent threats, regulatory requirements, Operations
and other cybersecurity issues facing organizations.
Estimated Time to Completion: 70 hours
Benefits
Gain practical, hands-on skills needed to maintain and Recommended Preparation: Introduction to
ensure security operational readiness of secure Cybersecurity, Cybersecurity Essentials
networked systems.
Course Delivery: Instructor-led

Prepare for Careers Learning Component Highlights:

 Develop skills for entry-level security operations  28 Modules and 46+ hands-on labs Requirements & Resources
 113 interactive activities, videos, & quizzes
center (SOC) jobs • ASC Alignment Required: Yes
 6 Cisco Packet Tracer activities
 Prepare for CyberOps Associate certification  1 practice certification exam • Instructor Training Required: Yes
 Pursue a career in cybersecurity operations, a
• Physical Equipment Required: No (Uses Virtual
Machines on the student’s computer)
rapidly-growing, exciting new area that spans all Course Recognitions: Certificate of Completion, Letter • Voucher Availability: Yes
industries of Merit, Digital Badge

Recommended Next Course:

CCNA Security, IoT Security
Certification Aligned
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Certified CyberOps Associate
 Aligned to Industry-Recognized Certification

Certification • NetAcad curriculum aligns to the latest Cisco

Alignment certifications, for students to prepare for the Cisco
Certified CyberOps Associate certification exam.
Associate Level

• In CyberOps Associate, students gain critical security

operations center (SOC) skills.
One Exam
• The CyberOps Associate course includes practice
exams, labs, and activities to prepare learners for the
new exam.

200-201 CBROPS: Understanding Cisco Cybersecurity Operations Fundamentals -

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public

https://learningnetwork.cisco.com/s/cyberops-associate
CyberOps Associate: Upgrading to a better experience

Enhanced Course Aligned to Industry- Improved Outcomes

Design Recognized
Certification

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Enhanced Course Design

Module

Ex
an
p

p
Module

Ex

os
e
Module

Module Ap ti ce
p ly ac
Pr
Module

Modular Design Learning Effectiveness User Experience

 Self-contained units  Better student engagement  Improved student view and
 Targeted learning of skills  Designed for skills progression navigation
 Easier instructor content
management
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Enhanced Course Design
Accessibility Enhancements

“Small wireless router with three

visible antenna and ports.”

Redesigned Enhancements for Better Keyboard

User Interface Screen Readers Accessibility
 Developed for Web Content Accessibility  Media descriptions and transcripts  ‘Skip to Content’ sidebar navigation
Guidelines 2.1 throughout  All activities are now keyboard
 New sidebar navigation  Descriptions & transcripts tied directly to accessible
 user interface 
Mobile-friendly New, accessible header with all user
 Conversion to HTML- screen reader can functions
 Performance enhancements
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
read tables, command windows, Syntax
 Improved color contrast Checkers
 Enhanced Course Design

Introducing modules for better organization

 Topics are grouped together

 Find content more easily

A module is an integrated unit of

learning that targets a common set of
competencies or skills.

Module size depends on the

competency and number of topics.

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Build Critical Skills for Today - and Tomorrow

Module Objectives
Module Module

Module 1 The Danger Module 15 Observing Network Operation

Module 2 Fighters in the War Against Cybercrime Module 16 Attacking the Foundation
Module 3 The Windows Operating System Module 17 Attacking What We Do
Module 4 Linux Overview Module 18 Understanding Defense
Module 5 Network Protocols Module 19 Access Control
Module 6 Ethernet and Internet Protocol (IP) Module 20 Threat Intelligence
Module 7 Principles of Network Security Module 21 Public Key Cryptography
Module 8 Address Resolution Protocol Module 22 Endpoint Protection
Module 9 The Transport Layer Module 23 Endpoint Vulnerability Assessment
Module 10 Network Services Module 24 Technologies and Protocols
Module 11 Network Communication Devices Module 25 Network Security Data
Module 12 Network Security Infrastructure Module 26 Evaluating Alerts
Module 13 Attackers and Their Tools Module 27 Working with Network Security Data
Module 14 Common Threats and Attacks Module 28 Digital Forensics and Incident Analysis and Response

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Improved Outcomes

Check Your
Understanding
• Complete a topic with
self-assessment
• Gives students the opportunity
validate and retain critical
knowledge
• Use feedback as review

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Improved Outcomes – Dynamic Forms

• Click on Module Group exam you

with to view in Module list
• Select Assessment Viewer

• Number of items is the full number of

question in question bank
• Click on Form Name to get actual
number of questions delivered and
detail on question banks
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public

• Final Exam is a Secure Final

 Improved Outcomes

Secured Activation increases final exam security and provides useful insights on class
performance

New Assessment Launcher Domain Level Reporting

• Final exams remain secure until administered by • New Class Performance Summary report for
instructor instructors
• Replaces the Assessment Viewer • Replaces the Student Performance Summary
• For security & integrity, questions are not visible
• See how your students are performing in each
domain based on objectives of the modules and
course

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Improved Outcomes

Formative and Summative Assessments guide learning at strategic points

Self-Assessments Launched by Instructor

Check Your Understanding Module Group Exams Certification Practice Exams

 Multiple per module
 Multiple per course  1 per course
 Correct/incorrect scoring and ‘show me’ option

Final Exams
Module Quizzes
 1 per course
 1 per module
 Correct/incorrect scoring and ‘show me’ option

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Course Demo

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Lab Equipment

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 CyberOps Labs - Designed for Remote Instruction

• No Hardware needed - Perfect for remote instruction

• Emulate career skills on 100% virtual labs

Options
• Run Virtual Machines (VM) locally

• NETLAB+ as a Service

Each module contains some way to practice and

assess with a lab or Packet Tracer
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
CyberOps Associate
Equipment Requirements
Equipment Requirements

CCNA CyberOps - 4 VM’s CyberOps Associate - 2 VM’s

Simplified Lab Setup

• Streamlined VMs - removed Kali and Metasploitable VMs to

simplify and conserve resource use
• More closely aligns with a company
 Equipment Requirements

Disk Space RAM

Virtual Machine
OS OS OS

VM VM VM
CyberOps Workstation VM 7 GB 1 GB
Virtual Machine Monitor

4 GB Min Hardware

Security Onion VM /8GB

20 GB Recommended
(ELK tool)

Lab Setup
Where to Find the VMs and Skills Challenge
Vouchers, Resources, EoL

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Exam Pricing with NetAcad Discount
CCNA, CyberOps Associate & DevNet Associate
Pricing for US/Canada – USD $300 70% Final Exam
eligibility for
• Price with qualifying NetAcad discounts: CCNAv7,
CyberOps Assoc
Students - ~$125 in all Country Groups & DevNet Assoc

Instructors - ~$90 in all Country Groups

Instructor Trainers - ~$65 in all Country Groups
• To learn more about Certification Pricing and Costs per Country
please visit:
http://www.vue.com/vouchers/pricelist/cisco.asp#prices
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 CyberOps Associate Vouchers
If an individual becomes eligible for a discount
during this time, they will be able to request their
discount starting on Aug 1st

DISCOUNTS ELIGIBLE BUT NOT USED NO NEW DISCOUNTS PROCESSED RE-ISSUED

Feb 1 July 10 July 31 Aug 1

Aug 18
210-250 SECFND; 210-255 SECOPS 200-201 CBROPS

Networking Academy Course discounts

issued prior to July 10, 2020 will not work
with the new CyberOps Associate Exam. Reminder the request and registration process takes up to 14 days
DO NOT wait to use your discount as the process can NOT be
Individuals who qualified for a discount expedited. Also you must register ONLINE to use your discount.
between Feb 1, 2020 and July 9th, 2020 that You will NOT be able to use the discount if you register in person.
do NOT USE (redeem) at least one of their A “How to Use Your Discount” guide can be found on
discounts by July 9, 2020 will be reissued netacad.com in the FAQs
ONE discount by Aug 18, 2020 to align to
the new CyberOps Associate exam.
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 CyberOps Associate Course Resources
•Scope and Sequence
•FAQ
•VM FAQ
•CBROPS Certification Mapping
•Release Notes
•Instructor Planning Guides
•Instructor Lab Source Files
•Instructor Packet Tracer Source Files
•Exam Design Documents
•Student/Instructor OVA for CyberSkill Challenge
•Student /Instructor Packet Tracer Activity Source Files
•Student Lab Source File
Access Course Resource Pages through NetAcad.com
•And more… https://www.netacad.com/portal/resources/course-resources/cyberops
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
-associate
CCNA CyberOps End of Life

Course Language * Last Class Start Date

English July 31st, 2021
Spanish
End-of-life dates for translated languages
Portuguese
will be announced when each language is
CCNA released.
French Dates will be a minimum of 1 year
CyberOps after respective language course resources
Chinese
are available.
Italian

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Changes from CCNA CyberOps
to CyberOps Associate

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
  Added Content
 Updated Content
 Removed Content
NetAcad New Terms and Concepts
Old LI* NEW Module Module Title Change
1.1 1 The Danger  PSI
 Intellectual Property

 Update content and labs to reflect current threat

landscape, as required.
 Update video to higher quality contextualizing Cisco
video.
1.2 2 Fighters in the War Against Cybercrime  SOC Metrics
 Threat Hunting
 Reverse Engineering
 SOAR
 SIEM

 Update job descriptions

4.4 8 Address Resolution Protocol  Video on ARP Spoofing

4.6 10 Network Services  HTTPS2
6.2 14 Common Threats and Attacks  Proxies
Videos and pages on DoS and DDoS attacks
7.1 15 Observing Network Operation  SOAR
7.2 16 Attacking the Foundation  IPv6 frame
Video Demo of IPv4 analysis in Wireshark
Video Demo of IPv6 analysis in Wireshark
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public

*LI Learning Indicator

  Added Content
 Updated Content
 Removed Content
NetAcad New Terms and Concepts (cont.)
Old LI NEW Module Title Change
Module
8.2 19 Access Control  Zero Trust
 Rule-based access control
 Time-based access control
 Role-based access control
8.3 20 Threat Intelligence  Threat Intelligence Platform (TIP)
9.2 21 Public Key Cryptography  Hashing and Encryption
 Introductory Cryptography (removed). Some content
moved to other modules
10.1 22 Endpoint Protection  Malware Analysis Tools (cuckoo sandbox reports)

10.2 23 Endpoint Vulnerability Assessment  Sliding Window Anomaly Detection

11.2 25 Network Security Data  Command Line Logs
 Next-Gen Firewalls
 IIS and Apache Server Logs
12.1 26 Evaluating Alerts  Benign Evaluation
12.2 27 Working with Network Security Data  ELK in Security Onion VM

12.3 28 Digital Forensics and Incident Analysis and Response  Tampered and Untampered Disk Images
CMMC Model
Indicators of Compromise
Indicators of Attack
13.1.3 - No longer available  VERIS
13.2.1 - No longer available  CSIRT
- affiliates.Final
SACisco and/or its
© 2020 Skills
All rights Assessment
reserved. Cisco Public  Replace ELSA with ELK
Certification Claims Mapping
• Document available in CyberOps Associate Course Resources
• Some course claims do not have a matching certification claim
 Within the course, we may cover concepts in more depth and breadth than
the certification or in cases where some background knowledge is helpful.

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Other Important Information
• New version of Security Onion
• ELSA replaced by ELK
• Two new Security Onion labs
• 27.2.15 Investigate a Malware Exploit
• 27.2.16 Investigating an Attack on a Windows Host

• CyberOps Skills Challenge Game left as-is

• We have provided NDG with materials to set up NETLAB+ offering
• Instructor PPTs will be available in August
• If you skip any content, remember that the materials will still be
represented on the Final Exam.
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Instructor Training

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Instructor Training 2-Prong Approach
Opportunity to obtain:
 Accreditation to Teach
Option 1:  Certificate of Course
Novice ITC-based Value-Added ITC Proctored Final
Completion
Instructors Training Exams  Letter of Merit
 Learning Badge
Training by Cisco Networking Academy Qualified Instructor Trainers  Certification Voucher

Opportunity to obtain:
ITC Proctored  Accreditation to Teach
on  Certificate of Course
it at i a Final Exams Completion
d 2
Online Self-Paced c re n  Letter of Merit
Ac ptio Final Exam and Skills
Training Course O Assessment  Learning Badge
enrollment link on
Option 2: Course Resources Ac
cr
Experienced Flexible solution for Op edita
tio tio
experienced instructors n2 n
Instructors b Opportunity to obtain:
Cisco Certification  Accreditation to Teach

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 27.2.15 Lab -
Investigating a
Malware Exploit
Lab Demo

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
Course Demo Backup Slides

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public
 Student Resources moved from
course template to the
Introduction in GUI
Module Highlights:
• Why Should I Take this
Module?
• What Will I Learn in this
Module?
• What Did I Learn in this
Module
• Quizzes moved from course
template to GUI
Forty-seven (47) Check Your
Understanding activities in the
course currently
Cert Prep, Voucher Info, Career
© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public Resources and Employment
Opportunities in final module
Installing Virtual Machines

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public