Cisco CCNA Cyber Ops - Only 7 Days

Seven reasons why you should sit your CCNA Cyber Ops course with Firebrand Training

Find Out How We Help You To Learn New Skills Quickly

  1. You'll be CCNA Cyber Ops certified in just 7 days. With us, you’ll be CCNA Cyber Ops trained in record time
  2. Our CCNA Cyber Ops course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
  3. Pass CCNA Cyber Ops first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  4. You’ll learn more CCNA Cyber Ops. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  5. You’ll learn CCNA Cyber Ops faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  6. You’ll be studying CCNA Cyber Ops with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 65,143 professionals, and we’re partners with all of the big names in the business
  7. You'll do more than study CCNA Cyber Ops courseware. We use practical exercises to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging

Think you are ready for the course? Take a FREE practice test to assess your knowledge!

When do you want to sit your accelerated course?

Start

Finish

Status

Book now

Limited availability

Book now

Open

Book now

Here's the Firebrand Training review section. Since 2001 we've trained exactly 65,143 students and asked them all to review our Accelerated Learning. Currently, 96.55% have said Firebrand exceeded their expectations:



"I liked the efficiency of the training program, which provided training material, classrooms, equipment and facilities to effectively complete training in the most rapid and efficient way. The instructor is very knowledgeable, experienced, aware and helpful."
Akram Seyam. - Cisco CCDP Fast Track (ARCH) (3 days) (2017.9.18 to 2017.9.20)

"Dave has taught me in 8 days more about routing & switching networks than 19 years of running mid sized (500 user, multi site) corporate Cisco networks. The trainers are a priceless asset to firebrand. I wont hesitate to come back and do my CCNP."
Mark Boardman. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.9.4 to 2017.9.10)

"Best training on market. Everything clear explained and friendly trainer with big passion and flexibility. "
A.C., Adler and Allan Ltd. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.9.4 to 2017.9.10)

"Fantastic instructor, teaching methods are second to none."
Anthony Cummings. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.9.4 to 2017.9.10)

"The instructor was excellent and was able to transfer his knowledge in a simple, clear and efficient manner. The infrastructure and logistics setup around the course and the exam is also spot on. We know that when we come for a training, we can focus solely on that without having to worry about the other things."
Anonymous - Cisco ICND2 (CCNA) (3 days) (2017.8.11 to 2017.8.13)

"A lot harder than i thought it would be but the scope of knowledge I gained was incredible. Great instructor, be prepared for long days!"
Ashley Carrigan, AJW Aviation. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.8.7 to 2017.8.13)

"Rapid training, great instructors with plenty of support."
Scott Beal, amatis Networks. - Cisco CCNA Security (IINS) (4 days) (2017.7.31 to 2017.8.3)

"Great instructors with great practical knowledge."
Anonymous - Cisco CCDA (Design) (3 days) (2017.7.17 to 2017.7.19)

"I have attended many courses with Firebrand and always enjoy the quality of teaching!"
Anonymous - Cisco CCNP Security (14 days) (2017.6.26 to 2017.7.9)

"Training here is a very high standard with the tutor going into granular detail on each subject. Not only did we go through course material, we went through how these are applied into the day to day running of a business. New skills here will be taken back and implemented into my working environment."
Richard Smith , Redcare 5G. - Cisco CCNP (Routing & Switching) (8 days) (2017.6.25 to 2017.7.2)

"Great course, Tutor and facilities."
Michael Armstrong , NECS. - Cisco CCNP (Routing & Switching) (8 days) (2017.6.25 to 2017.7.2)

"I had a great learning experience with Firebrand, all staff were very polite and helpful. I'd train again with them, highly recommended."
Stacey Gribble, Expro Group Ltd. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.4.14 to 2017.4.20)

"Firebrand is an amazing company which I would recommend to anyone willing to learn within their fields of interest. The knowledge of my teacher was second to none and the staff around are very helpful, polite and welcoming. 10/10"
S.B, RTF Networks. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.3.6 to 2017.3.11)

"A tough course delivered with seasoned experience by our instructor who knew not only the subject inside out but the best way to present it to relative novices like myself. I will take a lot away from this course and hopefully be able to build on the knowledge gained."
Karl Mardell, Premier Systems IT. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.2.6 to 2017.2.11)

"Great teacher. Really explained things well and went through the whole course in the expected detail. "
Farooq Riaz. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.2.6 to 2017.2.11)

"Completed ICND1 with Firebrand. Liked it so much that I came back for ICND2. Experience was the same for ICND2, fantastic and unmatched by any other training provider. Lecturer gives you all the support, knowledge and time necessary to get you to pass the exam, providing you give the same effort and dedication. Will defiantly be coming back to Firebrand for future courses and certifications. "
J.F. - Cisco ICND2 (CCNA) (3 days) (2017.2.9 to 2017.2.11)

"Great facilities with a very high level of training. Been here roughly 10 times now and have never been let down. My instructor provided a very high level of training as always and has fully prepped me ready for my exam and work life outside of Firebrand."
Richard Smith, Redcare 5G. - Cisco ICND2 (CCNA) (3 days) (2017.2.9 to 2017.2.11)

"Good facilities and learning environment, gives you everything you need to move your qualification forward!"
Chris Bloy, Acentic. - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.2.6 to 2017.2.11)

"I have had a great experience doing the Cisco ICND1 course. Firebrand were great for the whole three days of the course. The instructor who delivered the course was excellent. Nothing was too much trouble for him. The Training centre is excellent and firebrands accelerated learning method is great. Be prepared to work hard."
Myles Davies, Vodafone. - Cisco ICND1 (CCENT) (4 days) (2017.2.6 to 2017.2.8)

"Ive trained at Firebrand before and every time is just as good as the last. The team are very professional and the tutors I have had are super experienced and full of knowledge. I would highly recommend Firebrand courses over months and months of home studying any time!!"
Matthew Rowell. - Cisco ICND1 (CCENT) (4 days) (2017.2.6 to 2017.2.8)

"I genuinely think that the instructors leading the courses at Firebrand are some of the best in the world. Its amazing how much information they manage to condense down to only a few days as well as delivering it in a way that allows you to fully absorb everything."
Anonymous - Cisco CCNA (Routing & Switching) Certification (7 days) (2017.1.9 to 2017.1.14)

"Good start and end time to days, training was thorough throughout and the instructor was extremely knowledgeable."
Callum Catterall. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.12.12 to 2016.12.17)

"Very good training, some of the best Ive ever received. Rapid pace, and made me feel really confident going into the exam, and you cant ask for more than that. Great facilities also. "
Anonymous - Cisco ICND1 (CCENT) (4 days) (2016.12.12 to 2016.12.14)

"A great learning experience! The facilities, instructor knowledge and focussed environment really helps with study and learning. Its also a great place to network with like-minded colleagues from many varied environments and to explore interesting new avenues of learning for a career future."
Gareth Watson, Busy Ant Ltd. - Cisco CCNP (Routing & Switching) (8 days) (2016.12.4 to 2016.12.11)

"Firebrand Training is bar none the best training environment. Ive taken A+, Net+, and CCNP R&S, and I will take more in the future!"
Thomas Ward, GDIT. - Cisco CCNP (Routing & Switching) (8 days) (2016.12.4 to 2016.12.11)

"Great learning environment, everything organised to enable you to simply focus on the course. Excellent instructor with deep knowledge throughout the course."
Chris Norman, Sun Trading. - Cisco CCNP (Routing & Switching) (8 days) (2016.12.4 to 2016.12.11)

"Although it was hard work, it was nice being distraction free from everything else, including work! It was nice being on the course with other people in the same boat as me, chatting and getting to know new people was great."
Michael Eaton, Iforium Ltd. - Cisco ICND1 (CCENT) (4 days) (2016.11.7 to 2016.11.9)

"Really enjoyed everything. Trainer was enthusiastic and we all enjoyed it a lot."
Zak Riddington, Self. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.10.10 to 2016.10.15)

"The instructors and the facilities are first rate, a good place to learn."
Kevin Johnson, Sprint Integration Ltd. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.10.10 to 2016.10.15)

"Firebrand training is of a consistently high standard. All of the trainers I have had have been very knowledgeable, friendly and professional. Although the accelerated learning is quite intense, I find it a very effective method of learning. I look forward to training further with Firebrand in the future."
Thomas Collins. - Cisco ICND1 (CCENT) (4 days) (2016.10.10 to 2016.10.12)

"This was exactly the training experience I was looking for. Very intensive and non-stop, a great location away from the distractions of day to day life - a perfect way to learn. Breakfast, lunch and dinner included to feed the brain - and it needs feeding. The days are long, filled with a lot of writing, listening, practical exercises and study. The whole 6 days is an exercise in learning - and well worth it for those people who want to study hard and learn a lot in such a short period."
M.S, Thompson Development. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.8.27 to 2016.9.1)

"A great place with very friendly staff to help you achieve what you want."
Anonymous - Cisco CCNP (Routing & Switching) (8 days) (2016.9.4 to 2016.9.11)

"Great training and fantastic instructors really set you up with a good opportunity to pass the exams - the rest is obviously up to you! "
M.H. - Cisco CCNP (Routing & Switching) (8 days) (2016.9.4 to 2016.9.11)

"Perfect training environment."
Hasmukh Jani, westmid lands ambulance service. - Cisco CCNP (Routing & Switching) (8 days) (2016.9.4 to 2016.9.11)

"The course is intensive, I never thought I could learn so much in three days. "
A.P. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.8.27 to 2016.9.1)

"Extremely well presented with very knowledgeable instructors."
Craig White, fujitsu. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.8.27 to 2016.9.1)

"Great tutor, very well explained coursework and more than happy to help/ answer anything you are struggling with. "
Chris Bunker, University of Birmingham. - Cisco ICND1 (CCENT) (4 days) (2016.8.15 to 2016.8.17)

"Great training environment."
A.R. - Cisco CCNA Security (IINS) (4 days) (2016.8.1 to 2016.8.4)

"I found the tutors extremely helpful."
Killian Chadhani, University of Birmingham. - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"Firebrand gave a good training experience and let me do what equivalents 3 weeks of training while only missing one week at work"
Anonymous - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"Good course"
Anonymous - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"Thorough training with a highly qualified trainer"
Ronni Kristensen, Axcess. - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"Good location, facilities and friendly staff. "
David Appleby, Verizon. - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"The best way to train. Getting away from work and being able to concentrate on training is the best way to get training done."
Robert Hoksas. - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"Fantastic environment and fantastic staff."
M.P. - Cisco CCNP (Routing & Switching) (8 days) (2016.6.12 to 2016.6.19)

"Firebrand's training schedule is never for the weak minded. It is a grueling schedule at best. The instructor's approach to this type of training schedule has been the best I have seen to date. When you get "your telephone directory" courseware, he has managed to condense this in such as way that you cover every aspect, BUT manage to retain it. I have never seen this level of effectiveness before on such a course. Thank you and well done to our instructor, you are a credit to Firebrand Training! :)"
Simon Fenwick, Staysure.co.uk. - Cisco ICND2 (CCNA) (3 days) (2016.6.9 to 2016.6.11)

"The best training I've had anywhere!"
Kevin Anderson, NA. - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.6.6 to 2016.6.11)

"I had a great experience at Firebrand. The instructor was very knowledgeable and helpful and the learning environment is spot on."
Anonymous - Cisco CCNA (Routing & Switching) Certification (7 days) (2016.6.6 to 2016.6.11)

"A great Cisco training experience. The classroom was very comfortable, the equipment good to work on and the instructor was excellent. Thanks Firebrand"
R.G. - Cisco ICND2 (CCNA) (3 days) (2016.6.9 to 2016.6.11)

"Great trainers, great location. Well thought out and put together"
Tony Payne. - Cisco ICND2 (CCNA) (3 days) (2016.6.9 to 2016.6.11)

On this 7-day accelerated CCNA Cyber Ops course, you’ll develop the skills to detect cyber security breaches and effectively respond to security incidents.

You’ll be trained by Cisco Certified Trainers who, through our unique Lecture | Lab | Review technique, will take you through key security principles and provide hands-on, practical examples. This technique will help you better retain knowledge and will ensure you are capable of applying your skills to real-life scenarios.

Upon completing this certification you will have:

  • the skills to prepare for more advanced job roles in cyber security operations
  • a basic understanding of Security Operations Centre (SOC) teams including an understanding of the type of metrics used to detect and respond to security incidents
  • an understanding of how to protect your organisation’s information from common attack vectors and endpoint attacks
  • knowledge in security monitoring, including identifying sources and types of data and events.
  • knowledge of how organisations are detecting and responding to cybercrime, cyberespionage, insider threats, advanced persistent threats and regulatory requirements
  • an understanding of security challenges involved with network applications

You'll also be prepared to sit exams 210-250 SECFND: Understanding Cisco Cybersecurity Fundamentals and 210-255 SECOPS: Implementing Cisco Cybersecurity Operations. You'll sit these on-site, during the course, covered by your Certification Guarantee.

This course, which is 35% faster than traditional training, is aimed at Security Operations Center (SOC) Analysts at an associate or beginner level. The certification does require some knowledge of basic cyber security technologies and principles.

Read more ...

Interested? See prices or call +44 207 907 1120

Use your Cisco Learning Credits (CLCs)

You may be entitled to free training via Cisco Learning Credits (CLCs). If you’ve bought Cisco hardware or software - check the invoice to see if you have credits waiting to be used! If you’re unsure, get in touch with us.

  • Get certified 35% faster: Be trained and certified in just 7 days, instead of traditional courses which take 11 days. You'll be back at work sooner, using your new skills to defend against cyber attacks.
  • Cisco Official Curriculum: access to the most up-to-date materials Cisco offer giving you the skills and knowledge aligned to the exam.
  • Cisco Certified Trainers: Our Cisco Certified Trainers have years of industry relevant experience that can be used to support and further enhance course material. Meaning you'll develop skills and knowledge that can't be accessed through curriculum alone.
  • Lecture | Lab | Review: This technique, used throughout Firebrand’s courses, makes use of a mixture of theoretical and practical material to help you retain information and develop the skills to apply your knowledge to real-world scenarios.

Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

This information has been provided as a helpful tool for candidates considering training. Courses that include certification come with a Certification Guarantee. Pass first time or train again for free (just pay for accommodation, exams and incidental costs). We do not make any guarantees about personal successes or benefits of obtaining certification. Benefits of certification determined through studies do not guarantee any particular personal successes.

Read more ...

Interested? See prices or call +44 207 907 1120

The first 3 days of this course are designed to teach you fundamental knowledge for the core skills needed in a cybersecurity environment including basic security principles and concepts. The second half of this course will guide students through the principles of working in a Security Operations Centre.

SECFND Exam 210-250: Understanding Cisco Cybersecurity Fundamentals

Module 1: Network Concepts

  • Describe the function of the network layers as specified by the OSI and the TCP/IP  network models
  • Describe the operation of the following
    • IP
    • TCP
    • UDP
    • ICMP
  • Describe the operation of these network services
    • ARP
    • DNS
    • DHCP
  • Describe the basic operation of these network device types
    • Router
    • Switch
    • Hub
    • Bridge
    • Wireless access point (WAP)
    • Wireless LAN controller (WLC)
  • Describe the functions of these network security systems as deployed on the host, network, or the cloud:
    • Firewall
    • Cisco Intrusion Prevention System (IPS)
    • Cisco Advanced Malware Protection (AMP)
    • Web Security Appliance (WSA) / Cisco Cloud Web Security (CWS)
    • Email Security Appliance (ESA) / Cisco Cloud Email Security (CES)
  • Describe IP subnets and communication within an IP subnet and between IP subnets
  • Describe the relationship between VLANs and data visibility
  • Describe the operation of ACLs applied as packet filters on the interfaces of network devices
  • Compare and contrast deep packet inspection with packet filtering and stateful firewall operation
  • Compare and contrast inline traffic interrogation and taps or traffic mirroring
  • Compare and contrast the characteristics of data obtained from taps or traffic mirroring and NetFlow in the analysis of network traffic
  • Identify potential data loss from provided traffic profiles

Module 2: Security Concepts

  • Describe the principles of the defense in depth strategy
  • Compare and contrast these concepts:
    • Risk
    • Threat
    • Vulnerability
    • Exploit
  • Describe these terms:
    • Threat actor
    • Run book automation (RBA)
    • Chain of custody (evidentiary)
    • Reverse engineering
    • Sliding window anomaly detection
    • PII
    • PHI
  • Describe these security terms:
    • Principle of least privilege
    • Risk scoring/risk weighting
    • Risk reduction
    • Risk assessment
  • Compare and contrast these access control models:
    • Discretionary access control
    • Mandatory access control
    • Nondiscretionary access control
  • Compare and contrast these terms:
    • Network and host antivirus
    • Agentless and agent-based protections
    • SIEM and log collection
  • Describe these concepts:
    • Asset management
    • Configuration management
    • Mobile device management
    • Patch management
    • Vulnerability management

Module 3: Cryptography

  • Describe the uses of a hash algorithm
  • Describe the uses of encryption algorithms
  • Compare and contrast symmetric and asymmetric encryption algorithms
  • Describe the processes of digital signature creation and verification
  • Describe the operation of a PKI
  • Describe the security impact of these commonly used hash algorithms:
    • MD5
    • SHA-1
    • SHA-256
    • SHA-512
  • Describe the security impact of these commonly used encryption algorithms and secure communications protocols:
    • DES
    • 3DES
    • AES
    • AES256-CTR
    • RSA
    • DSA
    • SSH
    • SSL/TLS
  • Describe how the success or failure of a cryptographic exchange impacts security investigation
  • Describe these items in regards to SSL/TLS:
    • Cipher-suite
    • 509 certificates
    • Key exchange
    • Protocol version
    • PKCS

Module 4: Host-Based Analysis

  • Define these terms as they pertain to Microsoft Windows
    • Processes
    • Threads
    • Memory allocation
    • Windows Registry
    • WMI
    • Handles
    • Services
  • Define these terms as they pertain to Linux
    • Processes
    • Forks
    • Permissions
    • Symlinks
    • Daemon
  • Describe the functionality of these endpoint technologies in regards to security monitoring
    • Host-based intrusion detection
    • Antimalware and antivirus
    • Host-based firewall
    • Application-level whitelisting/blacklisting
    • Systems-based sandboxing (such as Chrome, Java, Adobe reader)
  • Interpret these operating system log data to identify an event
    • Windows security event logs
    • Unix-based syslog
    • Apache access logs
    • IIS access logs

Module 5: Security Monitoring

  • Identify the types of data provided by these technologies
    • TCP Dump
    • NetFlow
    • Next-Gen firewall
    • Traditional stateful firewall
    • Application visibility and control
    • Web content filtering
    • Email content filtering
  • Describe these types of data used in security monitoring
    • Full packet capture
    • Session data
    • Transaction data
    • Statistical data
    • Extracted content
    • Alert data
  • Describe these concepts as they relate to security monitoring
    • Access control list
    • NAT/PAT
    • Tunneling
    • TOR
    • Encryption
    • P2P
    • Encapsulation
    • Load balancing
  • Describe these NextGen IPS event types
    • Connection event
    • Intrusion event
    • Host or endpoint event
    • Network discovery event
    • NetFlow event
  • Describe the function of these protocols in the context of security monitoring
    • DNS
    • NTP
    • SMTP/POP/IMAP
    • HTTP/HTTPS

Module 6: Attack Methods

  • Compare and contrast an attack surface and vulnerability
  • Describe these network attacks
    • Denial of service
    • Distributed denial of service
    • Man-in-the-middle
  • Describe these web application attacks
    • SQL injection
    • Command injections
    • Cross-site scripting
  • Describe these attacks
    • Social engineering
    • Phishing
    • Evasion methods
  • Describe these endpoint-based attacks
    • Buffer overflows
    • Command and control (C2)
    • Malware
    • Rootkit
    • Port scanning
    • Host profiling
  • Describe these evasion methods
    • Encryption and tunneling
    • Resource exhaustion
    • Traffic fragmentation
    • Protocol-level misinterpretation
    • Traffic substitution and insertion
    • Pivot
  • Define privilege escalation
  • Compare and contrast remote exploit and a local exploit

SECOPS Exam 210-255: Implementing Cisco Cybersecurity Operations

Module 1: Endpoint Threat Analysis and Computer Forensics

  • Interpret the output report of a malware analysis tool such as AMP Threat Grid and Cuckoo Sandbox
  • Describe these terms as they are defined in the CVSS 3.0:
    • Attack vector
    • Attack complexity
    • Privileges required
    • User interaction
    • Scope
  • Describe these terms as they are defined in the CVSS 3.0
    • Confidentiality
    • Integrity
    • Availability
  • Define these items as they pertain to the Microsoft Windows file system
    • FAT32
    • NTFS
    • Alternative data streams
    • MACE
    • EFI
    • Free space
    • Timestamps on a file system
  • Define these terms as they pertain to the Linux file system
    • EXT4
    • Journaling
    • MBR
    • Swap file system
    • MAC
  • Compare and contrast three types of evidence
    • Best evidence
    • Corroborative evidence
    • Indirect evidence
  • Compare and contrast two types of image
    • Altered disk image
    • Unaltered disk image
  • Describe the role of attribution in an investigation
    • Assets
    • Threat actor

Module 2: Network Intrusion Analysis

  • Interpret basic regular expressions
  • Describe the fields in these protocol headers as they relate to intrusion analysis:
    • Ethernet frame
    • IPv4
    • IPv6
    • TCP
    • UDP
    • ICMP
    • HTTP
  • Identify the elements from a NetFlow v5 record from a security event
  • Identify these key elements in an intrusion from a given PCAP file
    • Source address
    • Destination address
    • Source port
    • Destination port
    • Protocols
    • Payloads
  • Extract files from a TCP stream when given a PCAP file and Wireshark
  • Interpret common artifact elements from an event to identify an alert
    • IP address (source / destination)
    • Client and Server Port Identity
    • Process (file or registry)
    • System (API calls)
    • Hashes
    • URI / URL
  • Map the provided events to these source technologies
    • NetFlow
    • IDS / IPS
    • Firewall
    • Network application control
    • Proxy logs
    • Antivirus
  • Compare and contrast impact and no impact for these items
    • False Positive
    • False Negative
    • True Positive
    • True Negative
  • Interpret a provided intrusion event and host profile to calculate the impact flag generated by Firepower Management Center (FMC)

Module 3: Incident Response

  • Describe the elements that should be included in an incident response plan as stated in NIST.SP800-61 r2
  • Map elements to these steps of analysis based on the NIST.SP800-61 r2
    • Preparation
    • Detection and analysis
    • Containment, eradication, and recovery
    • Post-incident analysis (lessons learned)
  • Map the organisation stakeholders against the NIST IR categories (C2M2, SP800-61 r2)
    • Preparation
    • Detection and analysis
    • Containment, eradication, and recovery
    • Post-incident analysis (lessons learned)
  • Describe the goals of the given CSIRT
    • Internal CSIRT
    • National CSIRT
    • Coordination centers
    • Analysis centers
    • Vendor teams
    • Incident response providers (MSSP)
  • Identify these elements used for network profiling
    • Total throughput
    • Session duration
    • Ports used
    • Critical asset address space
  • Identify these elements used for server profiling
    • Listening ports
    • Logged in users/service accounts
    • Running processes
    • Running tasks
    • Applications
  • Map data types to these compliance frameworks
    • PCI
    • HIPPA (Health Insurance Portability and Accountability Act)
    • SOX
  • Identify data elements that must be protected with regards to a specific standard (PCI-DSS)

Module 4: Data and Event Analysis

  • Describe the process of data normalisation
  • Interpret common data values into a universal format
  • Describe 5-tuple correlation
  • Describe the 5-tuple approach to isolate a compromised host in a grouped set of logs
  • Describe the retrospective analysis method to find a malicious file, provided file analysis report
  • Identify potentially compromised hosts within the network based on a threat analysis report containing malicious IP address or domains
  • Map DNS logs and HTTP logs together to find a threat actor
  • Map DNS, HTTP, and threat intelligence data together
  • Identify a correlation rule to distinguish the most significant alert from a given set of events from multiple data sources using the firepower   management console
  • Compare and contrast deterministic and probabilistic analysis

Module 5: Incident Handling

  • Classify intrusion events into these categories as defined in the diamond model of intrusion
    • Reconnaissance
    • Weaponisation
    • Delivery
    • Exploitation
    • Installation
    • Command and control
    • Action on objectives
  • Apply the NIST.SP800-61 r2 incident handling process to an event
  • Define these activities as they relate to incident handling
    • Identification
    • Scoping
    • Containment
    • Remediation
    • Lesson-based hardening
    • Reporting
  • Describe these concepts as they are documented in NIST SP800-86
    • Evidence collection order
    • Data integrity
    • Data preservation
    • Volatile data collection
  • Apply the VERIS schema categories to a given incident

Read more ...

Interested? See prices or call +44 207 907 1120

Exam 210-250 SECFND: Understanding Cisco Cyber security Fundamentals

This exam will test your understanding of cyber security’s basic principles, foundational knowledge, and core skills needed to grasp the more advanced associate-level materials in the 210-255 SECFND exam.

  • Questions: 55-60 in total
  • Duration: 90 minutes
  • Available Languages: English

Exam 210-255 SECOPS: Implementing Cisco Cyber security Operations

This exam will test your knowledge and skills needed to successfully handle the tasks, duties, and responsibilities of an associate-level Security Analyst working in a SOC.

  • Questions: 55-60 in total
  • Duration: 90 minutes
  • Available Languages: English

Both exams will be taken on the final day of the course. Passes in both exams are required to achieve certification.

Read more ...

Interested? See prices or call +44 207 907 1120

As part of your accelerated course, you'll get the following official Cisco courseware:

  • Understanding Cisco Cybersecurity Fundamentals (SECFND) v1.0
  • Implementing Cisco Cybersecurity Operations (SECOPS) v1.0

Firebrand Training offers top-quality technical education and certification training in an all-inclusive course package specifically designed for the needs and ease of our students. We attend to every detail so our students can focus solely on their studies and certification goals.

Our Accelerated Learning Programmes include:

  • Intensive Hands-on Training Utilising our (Lecture | Lab | Review)TM Delivery
  • Comprehensive Study Materials, Program Courseware and Self-Testing Software including MeasureUp *
  • Fully instructor-led program with 24 hour lab access
  • Examination vouchers **
  • On site testing ***
  • Accommodation, all meals, unlimited beverages, snacks and tea / coffee****
  • Transportation to/from designated local railway stations
  • Examination Passing Policy

Our instructors teach to accommodate every student's learning needs through individualised instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, and question/answer drills.

Firebrand Training has dedicated, well-equipped educational facilities where you will attend instruction and labs and have access to comfortable study and lounging rooms. Our students consistently say our facilities are second-to-none.

Firebrand goes digital

We’re currently migrating from printed to digital courseware. Some courseware is already available in digital, while other books remain in printed form. To find out if this course is digital, call us on +44 207 907 1120.

There are several benefits of easy-to-use digital courseware: downloads are immediate, and you’ll always have your courseware available wherever you are. You won’t need to wait for a printed book to be delivered before you start learning – and it’s better for the environment. You can choose to download the courseware to your own device, or borrow one of ours.

Considering a Microsoft course? Always have the most up-to-date Microsoft digital courseware with ‘Fresh Editions’. This gives you access to all versions of digital courseware – you’ll receive updates and revisions of your textbook, at no charge, for the life of that course.

Examination Passing Policy

Should a student complete a Firebrand Training Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year.  Students will only be responsible for accommodations and vendor exam fees.

Please note

  • * Not on all courses
  • ** Examination vouchers are not included for the following courses: PMI, GIAC, CISA, CISM, CGEIT, CRISC, CISSP CBK Review and CSX Practitioner Level 1,2 and 3
  • *** On site testing is not included for our PMI, GIAC, CSX Practitioner or ITIL Managers and Revision Certification Courses.
  • **** Accommodation not included on the CISSP CBK Review Seminar

Read more ...

Interested? See prices or call +44 207 907 1120

There are no official prerequisites for this course, but it is recommend that you have previously studied ICND 1 or CompTia SEC+ level.

Unsure whether you meet the prerequisites?

Don’t worry - we’ll discuss your technical background, experience and qualifications to determine whether this accelerated course suits you.

Just call us on +44 207 907 1120 and speak to one of our enrolment consultants.

Firebrand is an immersive environment and requires commitment. Some prerequisites are simply guidelines; you may find your unique experience, attitude and determination enables you to succeed on your accelerated course.

Interested? See prices or call +44 207 907 1120