Cisco 350-201 and 300-215 Exam Certification Practice Test

Course details

Are you ready to prepare for the Cisco Certified CyberOps Professional certification exam ?

350-201 CBRCOR Performing CyberOps Using Cisco Security Technologies

Performing CyberOps Using Cisco Security Technologies (CBRCOR 350-201) is a 120-minute exam that is associated with the Cisco CyberOps Professional Certification. This exam tests a candidate's knowledge of core cybersecurity operations including cybersecurity fundamentals, techniques, processes, and automation. The course Performing CyberOps Using Cisco Core Security Technologies helps candidates to prepare for this exam

350-201 CBRCOR Exam Topics :-

1.0 Fundamentals

• Interpret the components within a playbook

• Determine the tools needed based on a playbook scenario

• Apply the playbook for a common scenario (for example, unauthorized elevation of privilege, DoS and DDoS, website defacement)

• Infer the industry for various compliance standards (for example, PCI, FISMA, FedRAMP, SOC, SOX, PCI, GDPR, Data Privacy, and ISO 27101)

• Describe the concepts and limitations of cyber risk insurance

• Analyze elements of a risk analysis (combination asset, vulnerability, and threat)

• Apply the incident response workflow

• Describe characteristics and areas of improvement using common incident response metrics

• Describe types of cloud environments (for example, IaaS platform)

• Compare security operations considerations of cloud platforms (for example, IaaS, PaaS)

2.0 Techniques

• Recommend data analytic techniques to meet specific needs or answer specific questions

• Describe the use of hardening machine images for deployment

• Describe the process of evaluating the security posture of an asset

• Evaluate the security controls of an environment, diagnose gaps, and recommend improvement

• Determine resources for industry standards and recommendations for hardening of systems

• Determine patching recommendations, given a scenario

• Recommend services to disable, given a scenario

• Apply segmentation to a network

• Utilize network controls for network hardening

• Determine SecDevOps recommendations (implications)

• Describe use and concepts related to using a Threat Intelligence Platform (TIP) to automate intelligence

• Apply threat intelligence using tools

• Apply the concepts of data loss, data leakage, data in motion, data in use, and data at rest based on common standards

• Describe the different mechanisms to detect and enforce data loss prevention techniques

• Recommend tuning or adapting devices and software across rules, filters, and policies

• Describe the concepts of security data management

• Describe use and concepts of tools for security data analytics

• Recommend workflow from the described issue through escalation and the automation needed for resolution

• Apply dashboard data to communicate with technical, leadership, or executive stakeholders

• Analyze anomalous user and entity behavior (UEBA)

• Determine the next action based on user behavior alerts

• Describe tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools)

• Evaluate artifacts and streams in a packet capture file

• Troubleshoot existing detection rules

• Determine the tactics, techniques, and procedures (TTPs) from an attack

3.0 Processes

• Prioritize components in a threat model

• Determine the steps to investigate the common types of cases

• Apply the concepts and sequence of steps in the malware analysis process:

• Interpret the sequence of events during an attack based on analysis of traffic patterns

• Determine the steps to investigate potential endpoint intrusion across a variety of platform types (for example, desktop, laptop, IoT, mobile devices)

• Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs), given a scenario

• Determine IOCs in a sandbox environment (includes generating complex indicators)

• Determine the steps to investigate potential data loss from a variety of vectors of modality (for example, cloud, endpoint, server, databases, application), given a scenario

• Recommend the general mitigation steps to address vulnerability issues

4.0 Automation

• Compare concepts, platforms, and mechanisms of orchestration and automation

• Interpret basic scripts (for example, Python)

• Modify a provided script to automate a security operations task

• Recognize common data formats (for example, JSON, HTML, CSV, XML)

• Determine opportunities for automation and orchestration

• Determine the constraints when consuming APIs (for example, rate limited, timeouts, and payload)

• Explain the common HTTP response codes associated with REST APIs

• Evaluate the parts of an HTTP response (response code, headers, body)

• Interpret API authentication mechanisms: basic, custom token, and API keys

• Utilize Bash commands (file management, directory navigation, and environmental variables)

• Describe components of a CI/CD pipeline

• Apply the principles of DevOps practices

• Describe the principles of Infrastructure as Code

300-215 CBRFIR Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps :-

This exam tests your knowledge and skills related to cybersecurity forensic analysis and incident response, including:

• Incident response process and playbooks

• Advanced incident response

• Threat intelligence

• Digital forensics concepts

• Evidence collection and analysis

• Principles of reverse engineering

Wish you all the best for your exam