Performing CyberOps Using Core Security Technologies (CBRCOR)

Performing CyberOps Using Core Security Technologies (CBRCOR) Certification Training Course Overview

Enroll for the 5-day Performing CyberOps Using Core Security Technologies (CBRCOR) - 350-201 certification training course from Koenig Solutions accredited by Cisco. The Performing CyberOps Using Cisco Security Technologies v1.0 (CBRCOR 350-201) course is associated with the Cisco CyberOps Professional Certification. The Cisco® Certified CyberOps Professional certification gives you knowledge and skills beyond simple firewalls and antivirus software and enables you to become a skilled CyberOps professional. To earn your Cisco Certified CyberOps Professional certification, you must pass the core exam, 350-201 Performing CyberOps Using Cisco Security Technologies (CBRCOR), and the concentration exam 300-215 Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps (CBRFIR).

Through a blend of hands-on labs and interactive lectures, you will learn core cyber security operations including cyber security fundamentals, techniques, processes, and automation. The course Performing CyberOps Using Cisco Core Security Technologies helps candidates to prepare for this exam.

Target Audience:

This course is designed for following job roles such as:

  • Security Operations Center — Security Analyst
  • Computer Network Defense — Analyst
  • Computer Network Defense — Infrastructure Support Personnel
  • Future Incident Responders and Security Operations Center (SOC) personnel
  • Students beginning a career entering the cybersecurity field
  • IT personnel looking to learn more about the area of cybersecurity operations
  • Cisco Channel Partners

Learning Objectives

After completing this course, you will be able to:

  • Cybersecurity fundamentals
  • Cybersecurity techniques
  • Security processes
  • Automation protocols



This course prepares you for Exam 350-201.

Performing CyberOps Using Core Security Technologies (CBRCOR) (Duration : 40 Hours) Download Course Contents

Live Online Training
Group Training 2500
06 - 10 Dec 09:00 AM - 05:00 PM CST
(8 Hours/Day)
03 - 07 Jan 09:00 AM - 05:00 PM CST
(8 Hours/Day)
1-on-1 Training (GTR) 2850
4 Hours
8 Hours
Week Days

Start Time : At any time

12 AM
12 PM

GTR=Guaranteed to Run
Classroom Training (Available: London, Dubai, India, Sydney, Vancouver)
Duration : On Request
Fee : On Request
On Request
Buy Flexi For Only $99 (Online Training Re-imagined)

Course Modules

Module 1: Fundamentals
  • Interpret the components within a playbook
  • Determine the tools needed based on a playbook scenario
  • Apply the playbook for a common scenario (for example, unauthorized elevation of privilege, DoS and DDoS, website defacement)
  • Infer the industry for various compliance standards (for example, PCI, FISMA, FedRAMP, SOC, SOX, PCI, GDPR, Data Privacy, and ISO 27101)
  • Describe the concepts and limitations of cyber risk insurance
  • Analyze elements of a risk analysis (combination asset, vulnerability, and threat)
  • Apply the incident response workflow
  • Describe characteristics and areas of improvement using common incident response metrics
  • Describe types of cloud environments (for example, IaaS platform)
  • Compare security operations considerations of cloud platforms (for example, IaaS, PaaS)
Module 2: Techniques
  • Recommend data analytic techniques to meet specific needs or answer specific questions
  • Describe the use of hardening machine images for deployment
  • Describe the process of evaluating the security posture of an asset
  • Evaluate the security controls of an environment, diagnose gaps, and recommend improvement
  • Determine resources for industry standards and recommendations for hardening of systems
  • Determine patching recommendations, given a scenario
  • Recommend services to disable, given a scenario
  • Apply segmentation to a network
  • Utilize network controls for network hardening
  • Determine SecDevOps recommendations (implications)
  • Describe use and concepts related to using a Threat Intelligence Platform (TIP) to automate intelligence
  • Apply threat intelligence using tools
  • Apply the concepts of data loss, data leakage, data in motion, data in use, and data at rest based on common standards
  • Describe the different mechanisms to detect and enforce data loss prevention techniques
  • Recommend tuning or adapting devices and software across rules, filters, and policies
  • Describe the concepts of security data management
  • Describe use and concepts of tools for security data analytics
  • Recommend workflow from the described issue through escalation and the automation needed for resolution
  • Apply dashboard data to communicate with technical, leadership, or executive stakeholders
  • Analyze anomalous user and entity behavior (UEBA)
  • Determine the next action based on user behavior alerts
  • Describe tools and their limitations for network analysis (for example, packet capture tools, traffic analysis tools, network log analysis tools)
  • Evaluate artifacts and streams in a packet capture file
  • Troubleshoot existing detection rules
  • Determine the tactics, techniques, and procedures (TTPs) from an attack
Module 3: Processes
  • Prioritize components in a threat model
  • Determine the steps to investigate the common types of cases
  • Apply the concepts and sequence of steps in the malware analysis process:
  • Interpret the sequence of events during an attack based on analysis of traffic patterns
  • Determine the steps to investigate potential endpoint intrusion across a variety of platform types (for example, desktop, laptop, IoT, mobile devices)
  • Determine known Indicators of Compromise (IOCs) and Indicators of Attack (IOAs), given a scenario
  • Determine IOCs in a sandbox environment (includes generating complex indicators)
  • Determine the steps to investigate potential data loss from a variety of vectors of modality (for example, cloud, endpoint, server, databases, application), given a scenario
  • Recommend the general mitigation steps to address vulnerability issues
  • Recommend the next steps for vulnerability triage and risk analysis using industry scoring systems (for example, CVSS) and other techniques
Module 4: Automation
  • Compare concepts, platforms, and mechanisms of orchestration and automation
  • Interpret basic scripts (for example, Python)
  • Modify a provided script to automate a security operations task
  • Recognize common data formats (for example, JSON, HTML, CSV, XML)
  • Determine opportunities for automation and orchestration
  • Determine the constraints when consuming APIs (for example, rate limited, timeouts, and payload)
  • Explain the common HTTP response codes associated with REST APIs
  • Evaluate the parts of an HTTP response (response code, headers, body)
  • Interpret API authentication mechanisms: basic, custom token, and API keys
  • Utilize Bash commands (file management, directory navigation, and environmental variables)
  • Describe components of a CI/CD pipeline
  • Apply the principles of DevOps practices
  • Describe the principles of Infrastructure as Code
Download Course Contents

Request More Information

Course Prerequisites

There are no formal prerequisites for Cisco Certified CyberOps Professional, but you should have a good understanding of the exam topics before taking the exam.

Candidates often also have three to five years of experience implementing enterprise networking solutions.