CBRTHD

Course Description

The Conducting Threat Hunting and Defending using Cisco Technologies for CyberOps (CBRTHD) training is a 5-day Cisco threat hunting training that introduces and guides you to a proactive security search through networks, endpoints, and datasets to hunt for malicious, suspicious, and risky activities that may have evaded detection by existing tools. In this training, you will learn the core concepts, methods, and processes used in threat hunting investigations. This training provides an environment for attack simulation and threat hunting skill development using a wide array of security products and platforms from Cisco and third-party vendors.

This training prepares you for the 300-220 CBRTHD v1.0 exam. If passed, you earn the Cisco Certified Specialist – Threat Hunting and Defending certification and satisfy the concentration exam requirement for the Cisco Certified CyberOps Professional certification. This training also earns you 40 credits towards recertification.

Course Objectives

Upon completing this course, the learner will be able to meet these overall objectives:

• Define threat hunting and identify core concepts used to conduct threat hunting investigations
• Examine threat hunting investigation concepts, frameworks, and threat models
• Define cyber threat hunting process fundamentals
• Define threat hunting methodologies and procedures
• Describe network-based threat hunting
• Identify and review endpoint-based threat hunting
• Identify and review endpoint memory-based threats and develop endpoint-based threat detection
• Define threat hunting methods, processes, and Cisco tools that can be utilized for threat hunting
• Describe the process of threat hunting from a practical perspective
• Describe the process of threat hunt reporting

Program of Study

Module 1

Cisco Nexus 5000 Series Switch Product Overview

• Cisco Nexus 2000 Series Fabric Extender Product Overview
• High-Level Product Features Overview
• Deployment Considerations

Module 2

• Cisco Nexus 5000 Series Switch Hardware Architecture
• Hardware Installation Procedures
• Configuring User Management
• Graphical Management Tools
• Configuring System Management
• Understanding Cisco Nexus High Availability
• Troubleshooting Tools

Module 3

• The Cisco NX-OS Software Architecture
• Implementing Layer 2 Switching Features
• Troubleshooting Layer 2 Switching
• Configuring the Cisco Nexus 2000 Series Fabric Extender
• Configuring Virtual Port Channels and Enhanced vPC - FEX Active-Active and EVPC
• Configuring Host Virtual Port Channels
• Configuring Quality of Service
• Configuring Cisco FabricPath
• Understanding the FCoE Protocol
• Identifying IEEE Data Center Bridging (DCB) Ethernet Enhancements
• Configuring FCoE
• Troubleshooting FCoE
• Configuring SAN Switching
• Implementing Cisco NPV Mode and NPIV
• Troubleshooting SAN Switching

Calendar

Course Conditions and Fees

Prerequisiti
The knowledge and skill that a learner must have before attending this course are as follows:

• General knowledge of networks
• Cisco CCNP Security certification

Continuing Education Credits