Cisco Networking Academy

CCNA Cybersecurity Operations

Curriculum Overview – Updated 31 Jan 2018
Agenda

Cybersecurity and NetAcad

CCNA Cyber Ops 1.0 Learning Pathways

Getting Ready for CCNA Cyber Ops 1.0

CCNA Cyber Ops 1.0 Details

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 2
Cybersecurity and the
Networking Academy

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Digital Disruption

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
 Cybersecurity Opportunities
Cybercrime Costs Security Spending Unprecedented
Opportunity

Cybersecurity Ventures: Cybersecurity Ventures: Cybersecurity Ventures:

Cybersecurity Market Research- Top Cybersecurity Market Research- Top Cybersecurity Market Research- Top
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
5

15 statistics for 2017 15 statistics for 2017 15 statistics for 2017

The Networking Academy Learning Portfolio
Current & Planned
Collaborate for Impact
Aligns to Certification
* Available within 12 months Introduction to Packet
Hackathons Prototyping Lab NetRiders Internships
Instructor Training required Packet Tracer Tracer

Self-paced Exploratory Foundational Career-Ready

CCNA R&S: Introduction to Networks, R&S
Networking Essentials Essentials, Scaling Networks, Connecting
Mobility Fundamentals Networks
Networking CCNP R&S: Switch, Route, TShoot

CCNA Security
Security Introduction to Cybersecurity Cybersecurity Essentials
CCNA Cyber Ops

IoT Fundamentals: Connecting Things,

IoT Introduction to IoT
Big Data & Analytics, Hackathon Playbook

NDG Linux Essentials NDG Linux I

OS & IT NDG Linux Unhatched
IT Essentials NDG Linux II

CLA: Programming Essentials in C

CLP: Advanced Programming in C*
Programming CPA: Programming Essentials in C++
PCA: Programming Essentials in Python CPP: Advanced Programming in C++*

Business Be Your Own Boss Entrepreneurship

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Digital Literacy Get Connected
August 2017
CCNA Cybersecurity Operations Curriculum
Overview
CCNA Cyber Ops introduces the core
security concepts and skills needed to
monitor, detect, analyze and respond to
cybercrime, cyberespionage, insider
threats, advanced persistent threats,
regulatory requirements, and other
cybersecurity issues facing
organizations. It emphasizes the
practical application of the skills needed
to maintain and ensure security
operational readiness of secure
networked systems.
Career Prep
The skills developed in the curriculum
prepares students for a career in the
rapidly growing area of cybersecurity
operations working in or with a
security operations center (SOC) in
entry-level job roles such as:
• Security SOC Analyst
• Incident Responder
Learning Components
• 13 chapters of interactive content,
quizzes, and chapter exams
• Labs, and hands-on labs using virtual
machine environment (PC required,
no other equipment required)
• Cisco® Packet Tracer activities (PT
7.0)
• Certification practice exams, practice
final, final exam and skills-based
assessment

Features
Target Audience: Students enrolled in technology degree programs at institutions of higher education and IT
professionals who wants to pursue a career in Security Operations.

Prerequisites: None
Languages: English
Course Delivery: Instructor-led
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Estimated Time to Complete: 70 hours
 CCNA Cyber Ops Value Proposition
Student
• Gain understanding and hands-
on experience on how to detect
and respond to security incidents
• Understand how organizations
deal with cybercrime,
cyberespionage, insider threats,
advanced persistent threats,
regulatory requirements, and
related issues
• Gain job-ready practical skills
for in-demand job roles in
cybersecurity operations
• Prepare for industry recognize
CCNA Cybersecurity
Operations certification
Instructor
• Teach comprehensive,
hands-on curriculum in the
high demand security
domain align to industry
trends and demand
• Support students’ efforts to
increase their employability
Academy ASC/ITC
• Strengthen institution’s • Recruit potential new
reputation as a leader in academies interested in
teaching high demand offering new course
technology
• Maintain competitive
• Strengthen relationship with
advantage by offering
national and local
instructor professional
employers
development in high demand
• Strengthen ability to recruit courses
students
• Support instructors and
• Enhance students’ academies offering in-
employability demand CCNA Cyber Ops
course
• Be part of the change – help
create a talent pool and fill
the global cybersecurity
skills shortage
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
CCNA Cybersecurity
Operations Learning
Pathways

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
CCNA Cyber Ops
Recommended Pathways

Introduction to Cybersecurity CCNA

Cybersecurity
Security Analyst,
Cybersecurity Essentials Incident Responder
Operations

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
Examples of Career-Ready Pathways
Cybersecurity Program at a 2-year Vocational College/University

A+ Cisco CCNA
Certification Cyber Ops
Example 1 Intro to
Cybersecurity
Linux
Essentials
Networking
IT Essentials Cybersecurity CCNA Cyber
Essentials Essentials Ops

Computer Security Analyst

Technician

A+ Cisco Cisco CCNA

Certification CCENT Cyber Ops

Example 2 Intro to
Cybersecurity
IT Essentials
CPA Programming
Essentials in C++
Linux
Essentials
Cybersecurity
Essentials
CCNA R&S
(ITN and RSE)
CCNA Cyber
Ops

Computer Networking Security Analyst

Technician Technician

Certification © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
Examples of Career-Ready Pathways
Cybersecurity Program at 4-year Vocational College/University

Cisco
Cisco CCNA
CCENT
Cyber Ops
Example 1 Intro to
Cybersecurity
Python Linux
Essentials
Cybersecurity
Essentials
CCNA R&S
(ITN and RSE)
CCNA Cyber
Programming Ops

Networking Security Analyst

Technician

A+ Cisco Cisco CCNA Cisco CCNA

Certification CCENT Cyber Ops Security

Example 2 Intro to
Cybersecurity
Cybersecurity
Essentials
IT Essentials
CCNA R&S
(ITN and RSE)
CCNA Cyber CCNA
Ops Security

Networking Security Analyst Security

Technician Engineer

Certification © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
Getting Ready
for
CCNA Cybersecurity
Operations 1.0

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
 Essentials of:
• Programming

Recommended Entry Knowledge

• Electricity
• Networking

Recommended pre-requisite knowledge :

Note:
While not mandatory, taking one or more of the
• PC and Internet navigation skills following Networking Academy courses enhances
and maximizes student learning:
• Basic Windows and Linux system concepts
IT & OS (one or more of the following
• Basic Networking concepts • IT Essentials
• NDG Linux Essentials
• Binary and Hexadecimal understanding Networking (one or more of the following)
• Networking Essentials
• Awareness of basic programming concepts • CCNA R&S: Introduction to Networks
Security
• Awareness of basic SQL queries
• Introduction to Cybersecurity
• Familiarity with Cisco Packet Tracer, a network simulation application. • Cybersecurity Essentials
Packet Tracer
• Introduction to Packet Tracer

CCNA Cyber Ops contains optional refresher material for the

above skills within the instructional flow
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
Course Structure
Chapter Title Theme Student Profile

1 Cybersecurity and the Security Operations Center Introduction

2 Windows Operating System Students with ITE, Linux Essentials

OS Fundamentals
3 Linux Operating System knowledge

4 Network Protocols and Services Students with CCNA R&S (ITN)

Networking Fundamentals
5 Network Infrastructure knowledge

6 Principles of Network Security

7 Network Attacks: A Deeper Look
Students with Cybersecurity
8 Protecting the Network Cybersecurity Fundamentals Essentials and CCNA Security
knowledge
9 Cryptography and the Public Key Infrastructure

10 Endpoint Security and Analysis

11 Security Monitoring
12 Intrusion Data Analysis Cybersecurity Operations
13 Incident Response and Handling
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Partner Resources
Cisco Press Books

Booklet – ISDN 9781587134371, April 2018

Lab Manual – ISDN 9781587134388, April 2018

Companion Guide – ISBN 9781587134395, June 2018

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
 CCNA Cyber Ops
Instructor Training Requirements

Instructor Training & Support:

1. Academies must align with an ASC.
2. Instructor Training is required.
• Instructor accredited during Limited Availability can continue
to teach with no additional instructor training
• New instructors will require training and accreditation by ITC
• Instructor candidates with current, valid CCNA
Cybersecurity Operations certification are eligible for
Instructor Fast Track option. Contact your ITC Academy

3. Instructors can register for training with an ITC.

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
Instructor Training Options by ITC
Option 1
Best in class training by a Cisco Qualified Instructor
Instructor Trainer-led
Trainer
In-person • Instructor Trainer will deliver instructor-led training in an in-
New instructor or person format
prefer in-person • Recommended minimum duration is seven working days
training
Option 2 Most flexible solution for experienced instructors
• Instructor Trainer will deliver instructor-led training in a remote
Instructor Trainer-led format
Remote • ITC Academy opens online class and administers
Experienced exam/assessment online
instructors with one or
Option 3
more qualifying skills Experienced instructors that require some in-person
Instructor Trainer-led support in some elements of the training
Remote + In-person • Instructor Trainer will deliver instructor-led training in remote
format and an in-person format
• Recommended minimum duration for in-person portion is
three working days and includes review of chapters 1 to 11,
instruction on chapters 12 & 13, and final multiple-choice
Instructor candidates assessment and skills-based assessment
Option 4
with CCNA Cyber Ops
CCNA Cyber Ops certified instructor candidates
certification
Instructor Fast track demonstrate hands-on skills knowledge
• Candidate provides proof of certification and demonstrates
they have
© 2017 the
Ciscoskills needed
and/or its to rights
affiliates. All teach the course.
reserved. Cisco Public 18
• Instructor Trainer administers skills-based assessment.
Instructor Completion Requirements

Instructor Trainer is responsible for the quality of the newly accredited instructors.

Instructor candidate must complete the course, lab activities, chapter exams,
quizzes, final skills-based assessment and score of min. 75% on the multiple-
choice final before the Instructor Trainer will accredit them as an instructor.

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Instructor Fast Track Completion
Requirements
Instructor Trainer is responsible for the quality of the newly accredited
instructors.

Instructor candidate must review the course, lab activities, chapter exams,
quizzes and multiple-choice final.

Instructor candidate must score 80% or more on the skills-based

assessment.

No Instructor Fast Track course template – use the instructor course template

Instructor Trainer is responsible for verifying CCNA Cyber Ops Certification (not
Support Desk)

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
Becoming a CCNA Cyber Ops Instructor Trainer
For existing Instructor Trainers
1. Successfully complete CCNA Cyber Ops Instructor Training
2. Instructor training course requirements:
a. Complete all chapter exams, final exam and Skills-Based Assessment (SBA)
b. Final Exam minimum score of 75%

3. ITC Contact emails Karen Alderson kalderso@cisco.com and provides the following:
a. Instructor Training Center (ITC) Name
b. When will ITC deliver instructor training class?
c. Who is the Instructor Trainer of the course?
• Include first name, last name and email address (as it appears in NetAcad.com profile)

4. Karen will process qualification and respond to ITC Contact

5. Instructor Trainer has until 31 July 2019 to earn the CCNA Cyber Ops certification (remember
the instructor training course provides a 70% off voucher if criteria are met)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
Becoming a CCNA Cyber Ops Instructor Trainer
For instructors not currently an Instructor Trainer
1. Successfully complete CCNA Cyber Ops Instructor Training
2. Instructor training course requirement
a. Complete all chapter exams, final exam and Skills-Based Assessment (SBA)
b. Final Exam minimum score 75%

3. Teach any NetAcad course to students

4. Earn CCNA Cyber Ops certification (remember the instructor training course provides a 70% off voucher if
criteria are met)
5. ITC Contact and CSR Consultant contact Technical Manager to nominate candidate for CCNA Cyber Ops
Instructor Trainer Qualification
6. Pass the CCNA Cyber Ops ITQ
CCNA Cyber Ops instructor training + CCNA Cyber Ops certification + Pass CCNA Cyber Ops ITQ
=
CCNA Cyber Ops Instructor Trainer
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Instructor Resources
https://www.netacad.com/group/resources/ccna-cyberops/1.0

PPT S&S
Instructor Powerpoints, Scope & Sequence
CCNA Cybersecurity Document
Operations Overview
and Video

FAQ Plus
Frequently Asked Additional information &
Questions resources

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
Instructor Learning Opportunities
Here are some Cisco NetAcad resources to learn
more about the course.

IPD Week
The Feb 2018 IPD Week offer sessions related
to CCNA Cyber Ops curriculum.

Videos
Video recordings by instructors on topics cover
in the CCNA Cyber Ops curriculum

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Certification Vouchers
Availability starts in June 2018
75% or higher on
“Complete” in
first attempt of Certification Exam
NetAcad grade
qualifying course Discount Voucher
book
final exam

• Understanding Cisco Cybersecurity Fundamentals (SECFND) certification exam

(210-250)
• Implementing Cisco Cybersecurity Operations (SECOPS) certification exam
(210-255).

Students Instructors Instructor Trainers

60% Discount 70% Discount 80% Discount

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
CCNA Cybersecurity
Operations 1.0
Curriculum Details

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
 CCNA Cyber Ops
Course Overview
CCNA Cyber Ops introduces the core security concepts and skills
needed to monitor, detect, analyze and respond to cybercrime,
cyberespionage, insider threats, advanced persistent threats, regulatory
requirements, and other cybersecurity issues facing organizations. It
emphasizes the practical application of the skills needed to maintain and
ensure security operational readiness of secure networked systems.

Benefits
Students acquire and applied skills in the rapidly growing area of
cybersecurity operations at the associate level, with alignment to the Certification
Aligned
Cisco CCNA Cybersecurity Operations certification.

Learning Components Features

• 13 Chapters, modifiable chapter •
quizzes and chapter exams
• 13 terms & concepts practice
quizlets
• 54 interactive activities
• 45 hands-on labs (27 uses VM)
• 5 Packet Tracer activities
One each: Skill-based
assessment, practice final exam,
final exam
• 2 certification practice exams
• 1x 210-250 SECFND
• 1x 210-255 SECOPS
Target Audience: Students enrolled in technology degree
programs at institutions of higher education and IT professionals
who wants to pursue a career in Security Operations.
Entry Knowledge: Basic operating system and networking
knowledge
Languages: English
Course Delivery: Instructor-led
Estimated Time to Complete: 70 hours
Recommended Next Course: CCNA Security
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
Instructor Training: Required
CCNA Cyber Ops
Target Audience
Students seeking career-oriented,
entry-level security analyst skills.
Target students include individuals
enrolled in technology degree
programs at institutions of higher
education and IT professionals who
wants to pursue a career in the
Security Operation Centre (SOC).
Entry Knowledge
Basic Windows and Linux system
concepts
Basic Networking concepts
Binary and Hexadecimal
understanding
Awareness of basic programming
concepts
Awareness of basic SQL queries
Apply
© 2017 Cisco
Learning Outcomes
Explain role of Cybersecurity Operations Analyst
Learn Operating Systems features needed to
support cybersecurity analyses
Explain operation of network infrastructure and
classify the various network attacks
Analyze the operation of network protocols and
services; and use monitoring tools to identify
attacks.
Use various methods to prevent malicious access
to computer hosts and data
Explain the impacts of cryptography on network
security monitoring
Explain how to investigate and evaluate endpoint
vulnerabilities and network security alerts
Use virtual machines to implement, evaluate, and
analyze cybersecurity threat events
Analyze network intrusion data to identify
compromised hosts and vulnerabilities
incident
and/or response
its affiliates. model
All rights reserved. (CSIRSTs
Cisco Public and 28
NIST) to manage security incidents.
CCNA Cyber Ops
Equipment Requirements
Curriculum requirements: 1 student Personal Computer (Desktop/Notebook) per student (recommended),
at most 2 students per PC

Platform Description

• OS: Windows 7, 8, or 10, MAC OSX

• Processor: Intel Core i7 4600U 2.7GHz (with Virtualization Support)

• Memory: 8 gigabyte (GB) RAM (standard) or 4 GB (alternate option)
Desktop PC • Display Adapter: PCI, PCIe (recommended), or AGP video card (DirectX 9 graphics device with
WDDM driver)

• Disk: 45 GB hard drive. See table in the next slide for details.
• Network: 1 Ethernet Card or 1 Wireless Ethernet Card

The most recent version of Microsoft Internet Explorer, Google Chrome, or Mozilla Firefox with the
Web Browser
most recent versions of Java and Flash Player installed.

Oracle VirtualBox The latest version. Currently 5.1.22

Windows Experience Index (WEI) 6.5 (recommended)

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
Packet Tracer Version 7.0 Latest build
CCNA Cyber Ops
Equipment Requirements

Disk Space RAM

Virtual Machine Name

CyberOps Workstation VM 7 GB 1 GB

Kali Linux VM 10 GB *1 GB

MetaSploitable VM 8 GB *512 MB

4 GB
(standard)
Security Onion VM 10 GB 3 GB
(alternate
option)
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 30

* Not needed for alternate option Lab Setup

CCNA Cyber Ops Course Outline
Chapter Chapter Titles Summary Description

Understand the who, what, and why of cyberattacks. Different people

Cybersecurity and the Security
1 Operations Center
commit cybercrime for different reasons. Security Operations Centers
work to combat cybercrime.

Understand basic concepts of Windows, including how the operating

2 Windows Operating System
system works and the tools used to secure Windows endpoints.

Perform basic Linux operations, administrative and security-related

3 Linux Operating System
tasks.

Explain how networks normally behave using the TCP/IP suite of

4 Network Protocols and Services protocols, and associated services that enable tasks on computer
networks.

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
CCNA Cyber Ops Course Outline
Chapter Chapter Titles Summary Description

Explain the basic operation of network infrastructures, including wired

5 Network Infrastructure
and wireless networks, network security, and network designs.

Use the variety of tools and methods that threat actors use to launch
6 Principles of Network Security
network attacks.

Understand the importance of traffic monitoring and how it is conducted.

7 Network Attacks: A Deeper Look Classify vulnerabilities of network protocols and services including IP,
TCP, UDP, ARP, DNS, DHCP, HTTP, and email.

Explain the approaches to network security defense, access control

8 Protecting the Network methods, and the various sources cybersecurity analysts rely on for
threat intelligence.

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
CCNA Cyber Ops Course Outline
Chapter Chapter Titles Summary Description

Cryptography and the Public Key

9 Infrastructure
Explain the impact of cryptography on network security monitoring.

10 Endpoint Security and Analysis Explain how to investigate endpoint vulnerabilities and attacks.

11 Security Monitoring Explain security technologies and log files used in security monitoring.

Understand how network security alerts are reported, evaluated,

12 Intrusion Data Analysis
analyzed, escalated, and preserved as evidence.

Apply incident response and handling models and procedures including

the Cyber Kill Chain, the Diamond Model, the VERIS schema and
13 Incident Response and Handling National Institute of Standards and Technologies (NIST) guidelines for
the structure of Computer Security Incident Response Teams (CSIRTs)
and processes for handling an incident.
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33