logo


your one source for IT & AV

Training Presentation Systems Services & Consulting Cloud Services Purchase Client Center Computer Museum
Arrow Course Schedule | Classroom Rentals | Student Information | Free Seminars | Client Feedback | Partners | Survey | Standby Discounts

Conducting Threat Hunting and Defending using Cisco Technologies for CyberOps v1.0

SS Course: GK860025

Course Overview

TOP

The Conducting Threat Hunting and Defending using Cisco Technologies for CyberOps (CBRTHD) training is a 5-day Cisco threat hunting training that introduces and guides you to a proactive security search through networks, endpoints, and datasets to hunt for malicious, suspicious, and risky activities that may have evaded detection by existing tools. In this training, you will learn the core concepts, methods, and processes used in threat hunting investigations. This training provides an environment for attack simulation and threat hunting skill development using a wide array of security products and platforms from Cisco and third-party vendors.

This training prepares you for the 300-220 CBRTHD v1.0 exam. If passed, you earn the Cisco Certified Specialist Threat Hunting and Defending certification and satisfy the concentration exam requirement for the Cisco Certified CyberOps Professional certification. This training also earns you 40 credits towards recertification.

                                                                  

Scheduled Classes

TOP
10/21/24 - GVT - Virtual Classroom - Virtual Instructor-Led
02/10/25 - GVT - Virtual Classroom - Virtual Instructor-Led
02/24/25 - GVT - Virtual Classroom - Virtual Instructor-Led
04/14/25 - GVT - Virtual Classroom - Virtual Instructor-Led
04/28/25 - GVT - Virtual Classroom - Virtual Instructor-Led

Outline

TOP

Threat Hunting Theory

  • Threat Hunting Concepts
  • Threat Hunting Types
  • Conventional Threat Detection vs Threat Hunting

Threat Hunting Concepts, Frameworks and Threat Models

  • Cybersecurity Concepts
  • Common Threat Hunting Platforms
  • Threat Hunting Frameworks
  • Threat Modeling
  • Case Study: Use the PASTA Threat Model

Threat Hunting Process Fundamentals

  • Threat Hunting Approaches
  • Threat Hunting Tactics and Threat Intelligence
  • Defining Threat Hunt Scope and Boundaries
  • Planning the Threat Hunt Process

Threat Hunting Methodologies and Procedures

  • Investigative Thinking
  • Identify Common Anomalies
  • Analyze Device and System Logs
  • Determine the Best Threat Hunt Methods
  • Automate the Threat Hunting Process

Network-Based Threat Hunting

  • Operational Security Considerations
  • Performing Network Data Analysis and Detection Development
  • Performing Threat Hunting in the Cloud

Endpoint-Based Threat Hunting

  • Threat Hunting for Endpoint-Based Threats
  • Acquiring Data from Endpoint
  • Performing Host-Based Analysis

Endpoint-Based Threat Detection Development

  • Analyze Endpoint Memory
  • Examining Systems Memory Using Forensics
  • Developing Endpoint Detection Methods
  • Uncovering New Threats, Indicators and Building TTPs

Threat Hunting with Cisco Tools

  • Threat Hunting with Cisco Tools
  • Cisco XDR Components

Threat Hunting Investigation Summary: A Practical Approach

  • Conducting a Threat Hunt

Reporting the Aftermath of a Threat Hunt Investigation

  • Measure the Success of a Threat Hunt
  • Report Your Findings
  • Threat Hunting Outcomes

    Prerequisites

    TOP

    The knowledge and skills you are expected to have before attending this training are:

    • General knowledge of networks
    • Cisco CCNP Security certification

    These skills can be found in the following Cisco Learning Offerings:

    • Implementing and Administering Cisco Solutions (CCNA)
    • Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
    • Performing CyberOps Using Cisco Security Technologies (CBRCOR)
    • Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps (CBRFIR)

      Who Should Attend

      TOP
      • Security Operations Center staff
      • Security Operations Center (SOC) Tier 2 Analysts
      • Threat Hunters
      • Cyber Threat Analysts
      • Threat Managers
      • Risk Managements