CBROPS: Security Events, Firewall Operations, & Traffic Analysis


In this course, you'll learn to categorize intrusion events according to the cyber kill chain and diamond intrusion models. Next, with so many tools available, you'll examine which ones should be used to identify different security events. You'll learn the differences between deep packet inspection, packet filtering, and stateful firewall operations. Finally, you'll review the differences between inline traffic interrogation, taps, and traffic monitoring. This course is one of a collection that prepares learners for the 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS) exam.


  • determine infrastructure elements that are used during the Diamon Model of Intrusion
  • identify the phases of the Cyber Kill Chain model
  • recognize the phase of the Cyber Kill Chain that may involve a phishing attack
  • identify key information being monitored with network application control
  • identify the types of events that occur during network intrusion analysis
  • recognize traffic patterns being monitored in a virtualization environment
  • identify the layer of the OSI model that a DPI firewall runs at
  • recognize the firewall type that only inspects the header of the packet
  • identify monitoring features that can be configured on a Cisco device to monitor specific traffic
  • identify the different methods to perform inline traffic interrogation
  • recognize features of a Cisco switch that allows you to monitor network traffic
Course Details

Library: 200-201: Understanding Cisco Cybersecurity Operations Fundamentals (CBROPS)
Course Length: 72 Minutes
Course ID: it_ccbropstv_11_enus
Course Number: 239902

Knowledge Quest Direct Learning Paths are groups of expertly curated content built to get you up-to-speed on today’s hottest topics.

Start Learning Today!




Copyright © 2020 Knowledge Quest Direct