Cisco 600-199 Certification Exam Syllabus

600-199 Syllabus, Cyber Security Exam Questions PDF, Cisco 600-199 Dumps Free, Cyber Security PDF, 600-199 Dumps, 600-199 PDF, Cyber Security VCE, 600-199 Questions PDF, Cisco Cyber Security Questions PDF, Cisco 600-199 VCEA great way to start the Cisco Cybersecurity Specialist (SCYBER) preparation is to begin by properly appreciating the role that syllabus and study guide play in the Cisco 600-199 certification exam. This study guide is an instrument to get you on the same page with Cisco and understand the nature of the Cisco Cyber Security exam.

Our team of experts has composed this Cisco 600-199 exam preparation guide to provide the overview about Cisco Securing Cisco Networks with Threat Detection and Analysis exam, study material, sample questions, practice exam and ways to interpret the exam objectives to help you assess your readiness for the Cisco SCYBER exam by identifying prerequisite areas of knowledge. We recommend you to refer the simulation questions and practice test listed in this guide to determine what type of questions will be asked and the level of difficulty that could be tested in the Cisco Cyber Security certification exam.

Cisco 600-199 Exam Overview:

Exam Name
Securing Cisco Networks with Threat Detection and Analysis
Exam Number 600-199 SCYBER
Exam Price $300 USD
Duration 60 minutes
Number of Questions 50-60
Passing Score Variable (750-850 / 1000 Approx.)
Recommended Training Securing Cisco Networks with Threat Detection and Analysis
Exam Registration PEARSON VUE
Sample Questions Cisco 600-199 Sample Questions
Practice Exam Cisco Cybersecurity Specialist Practice Test

Cisco 600-199 Exam Topics:

Section Weight Objectives
Information Gathering and Security Foundations 13%
1 Describe basic network topologies, application architecture, and host configuration standards
 
2 Identify the services a network and security operations center offers to an organization
 
3 Describe traditional hacking techniques
 
4 Describe basic operational procedures and incident response processes of a security operations center
 
5 Describe basic network security events
 
6 Describe mission-critical network traffic and functions, applications, services, and device behaviors
 
7 Describe corporate security policies
 
8 Describe the role of a network security analyst
 
9 Describe the primary sources of data on vendor vulnerabilities, current threats, exploits, and active attacks
 
10 Describe how vulnerability, attack, and threat data impact operations
 
11 Describe the baseline of a network profile
 
12 Describe correlation baselines (use NetFlow output to validate normal traffic vs. non-normal)
 
13 Describe security around local business process and infrastructure and applications
 
14 Describe risk analysis mitigation
Event Monitoring 16%
1 Describe the various sources of data and how they relate to network security issues
 
2 Monitor the collection of network data as it relates to network security issues
 
3 Monitor and validate health state and availability of devices
 
4 Monitor DNS query log output (monitor telemetry data to validate devices)
 
5 Identify a security incident (single or recurrent)
 
6 Describe the best practices for evidence collection and forensic analysis
 
7 Describe the different types and severity of alarms and events
Security Events and Alarms 16%
1 Identify and dismiss false positive indicators correctly
 
2 Describe event correlation within the context of the various alarms and corporate infrastructure architecture
 
3 Assess traffic and events in relation to stated policies
 
4 Identify actionable events
 
5 Identify basic incident types
 
6 Describe event metrics and diagnostic procedures
Traffic Analysis, Collection, and Correlation 24%
1 Describe IP packet structures
 
2 Describe TCP and UDP header information
 
3 Analyze network traces or TCP dumps and trace back to actual activities
 
4 Describe packet analysis in IOS
 
5 Describe access packets in IOS
 
6 Acquire network traces
 
7 Configure packet capture
Incident Response 16%
1 Describe standard corporate incident response procedure and escalation policies
 
2 Identify necessary changes to enhance the existing procedure, policy, and decision tree
 
3 Describe the basic emergency mitigation of high-level threats, exploits, and vulnerabilities
 
4 Evaluate and recommend responses to vulnerabilities to ensure adequate monitoring response and mitigation
 
5 Assist level 2 incident response team to mitigate issues
 
6 Describe best practices for post-event investigation
 
7 Describe common legal and compliance issues in security event handling
Operational Communications 15%
1 Describe the communication vehicles related to post-threat remediation
 
2 Generate incident reports and interpret the information to determine the direction of the escalation
 
3 Describe the different types of available metrics and channel to appropriate personnel
 
4 Process incident handling communications and provide context awareness for stakeholders
 
5 Articulate details of problems to remediating teams (constituent-based groups)
 
6 Maintain awareness regarding vulnerabilities and the recommended critical security patches as a result from incident handling
 
7 Communicate recurring issues based on incident handling and provide recommendations for architectural changes or modifications and articulate
 
8 Describe the post-mortem process

Cisco SCYBER Exam Description:

The Securing Cisco Networks with Threat Detection and Analysis (SCYBER) exam is the exam associated with the Cisco Cybersecurity Specialist certification. This exam is aimed at testing the knowledge and skills required to proactively detect and mitigate network security threats by leveraging features that exist in Cisco and other industry network security products today. Designed for professional security analysts, the exam covers essential areas of competency including event monitoring, security event/alarm/traffic analysis, and incident response.

Rating: 4.9 / 5 (72 votes)