Cisco CyberOps Proficiency (Advanced Level)

  • 45m
  • 30 questions
The Cisco CyberOps Proficiency benchmark will measure your ability to recognize key terms and concepts related to key Cisco CyberOps concepts. You will be evaluated on endpoint-based attacks, attribution investigation, identifying security events, identifying intrusion elements, and forensic elements. A learner who scores high on this benchmark demonstrates that they have the skills related to performing Cisco CyberOps attribution analysis.

Topics covered

  • compare a duplicated target disk to the original source disk
  • identify how to use grep to search for content within a file
  • identify key information being monitored with network application control
  • identify methods used in Wireshark to decrypt traffic
  • identify monitoring features that can be configured on a Cisco device to monitor specific traffic
  • identify the different methods to perform inline traffic interrogation
  • identify the goals of SOC metrics
  • identify the steps to upload a file through Armitage
  • identify the steps to vulnerability management within an organization
  • identify the types of events that occur during network intrusion analysis
  • identify the types of sensitive data that should be protected
  • recognize examples of digital assets when performing an investigation
  • recognize how data must be acquired from logs to be considered evidence
  • recognize how to use the Firepower Management Center to view information on potential intrusions
  • recognize important attack information provided by malware analysis tools
  • recognize information provided by malware analysis tools
  • recognize the elements of the incident response plan that must align with the organization
  • recognize the firewall type that only inspects the header of the packet
  • recognize the graphical tool to use in Kali to exploit systems
  • recognize the phase of the Cyber Kill Chain that may involve a phishing attack
  • recognize the phases of the Cyber Kill Chain
  • recognize the steps to collecting evidence on a system when performing a computer forensics investigation
  • recognize the steps to incident handling
  • recognize the type of attack a hacker uses to encrypt your data and withhold the encryption key
  • recognize the type of attack that involves a hacker sending more data to an application than what it can handle
  • recognize the types of SOC metrics
  • recognize the use of the different types of evidence
  • recognize tools in Linux to monitor the health of the system
  • recognize tools used to identify performance issues on a Windows system
  • recognize tools used with network and server profiling