Cisco CyberOps Professional

JDMurray · September 2020

Here is the page for the Cisco CyberOps Professional cert due to be released on November 17, 2020.

This a two-exam cert consisting of a core exam and a concentration exam. The first concentration exam to be made available is Forensic Analysis and Incident Response Using Cisco Technologies. Both exams can be taken at home or in a testing center.

thomas_ · September 2020

Interesting, I could have swore Cyber Ops wasn’t on the list for the new cert program.

JDMurray · September 2020

Ah, You hit upon the key!

Old cert: CCNA "Cyber Ops" (two words)
New cert track: "CyberOps" (one word)

Clever, eh?

yoba222 · September 2020

Yeah Cisco ninja-ed the name. I thought I had 2 CCNAs for about an entire year and when I went back to look at the pdf had a serious Mandela effect moment.

This is interesting though. When I read Performing CyberOps Using Cisco Security Technologies, I'm put off by the idea of having to learn a bunch of specialized Cisco security appliance tools (or so I'd think).

But then when I read the exam topics, stuff like

4.2 Interpret basic scripts (for example, Python)
4.3 Modify a provided script to automate a security operations task
4.4 Recognize common data formats (for example, JSON, HTML, CSV, XML)

well there are a lot of really good ones that appeal to me. Will have to give this one some serious thought.

chrisone · September 2020

Looks cool. I don't see myself touching these. I see this track to fill in a gap that cisco security engineers have just managing Cisco security products.

JDMurray · September 2020

Cisco certs have always been a sales tool for Cisco's products (i.e., goods and services). I expect the CyberOps certs to be the same. The CyberOps Expert cert will likely be intended to prove that a candidate can use Cisco's security products hands-on--much like the CCIE labs do now.

spiderjericho · September 2020

What’s the difference between the Cyber Ops and Security?

One was supposed to be geared toward SOC type functions versus implementing security technologies on your network.

JDMurray · September 2020

You means the CCNA Security cert? Yes, that (now defunct) cert was mostly for the implementation and use of Cisco security products. "CyberOps" is security operations activities that are related directly to thw protection of information and information technology. CyberOps can certainly be performed without using any Cisco products, but not from Cisco's point of view.

spiderjericho · September 2020

No, I mean the CCNP and CCIE security.

Cyber Ops CAN be done with open source tools. So is the focus...CCIE Security, implement Cisco security technologies. CCIE Cyber Ops, use said technology to analyze the network and identify anamolous behavior that can lead to the detection of a bad guy?

JDMurray · September 2020

I not sure what you mean by "CCIE Cyber Ops." That's not on Cisco cert list. The Cisco CyberOps track will eventually include a "CyberOps Expert" cert that will have a separate lab component of some sort.

Anyway, Cisco certs are a training and sales tool for Cisco products, so I would always expect to see references to Cisco products on Cisco exams.

chrisone · September 2020

@spiderjericho , in regards to this track being ONLY opensource tools. Based on the syllabus for cert "Performing CyberOps Using Cisco Security Technologies v1.0 (CBRCOR 350-201)" it has a bunch of generalized topics and it doesn't seem to indicate anything in regards to Cisco products. However the name of the cert should be a warning that it WILL be focused on Cisco products. The cert title does say "USING Cisco Security Technologies." So right now I can't really identify or begin to have an idea of what to expect lol

The other exam "Conducting Forensic Analysis and Incident Response Using Cisco Technologies for CyberOps v1.0 (300-215)" The title of this exam states the same thing "USING, Cisco technologies." This time the syllabus DOES hint at several Cisco products, see below:

2.5 Construct Python, PowerShell, and Bash scripts to parse and search logs or multiple data sources (such as, Cisco Umbrella, Sourcefire IPS, AMP for Endpoints, AMP for Network, and PX Grid)
3.5 Recommend mitigation techniques for evaluated alerts from firewalls, intrusion prevention systems (IPS), data analysis tools (such as, Cisco Umbrella Investigate, Cisco Stealthwatch, and Cisco SecureX), and other systems to responds to cyber incidents
3.11 Describe capabilities of Cisco security solutions related to threat intelligence (such as, Cisco Umbrella, Sourcefire IPS, AMP for Endpoints, and AMP for Network)

It is really hard to tell how involved their products will be during these courses. I have some interest in the Expert course/cert, depending on how involved Cisco products are integrated and depending if its a CCIE or not. It seems to indicate that Expert certs are CCIE branded.

Always understand that if a company/brand is investing money on a product, in this case a certification track, you can bet its to educate, promote, and help sales of their brand and products in some sort of fashion. For Cisco to make certs based on other products and have nothing to do with their own products, I truly find that hard to believe.

My two cents.

JDMurray · November 2020

Training and testing is now available for the Cisco CyberOps Professional certification.

To earn CyberOps Pro, you must pass two exams:

350-201 CBRCOR Performing CyberOps Using Core Security Technologies
300-215 CBRFIR Conducting Forensic Analysis and Incident Response Using Cisco CyberOps Technologies

wingsofwax · January 2021

The training course for CyberOps Professional exam 350-201 CBRCOR is currently discounted with a special 365-day access (vs the normal 180-day access) on the Cisco Learning Network Store. Currently around 5 sections already available. They're scheduled to release the rest by April 2021. Bit the bullet and got the course since my CyberOps Associate is expiring soon. I obtained my Associate via the old name CCNA CyberOps through Cisco's free global scholarship (full course + 2 exams) a couple of years ago. Cisco Support advised that passing the 350-201 will renew the Associate whilst waiting for learning materials for 300-215 CBRFIR.

Cisco CyberOps Professional

Comments