Class Details

Price: $4,395

5-Day Course Includes:

  • Training instruction and class exercises
  • Courseware books, pens, highlighters, notepads and other material
  • Free exam voucher
  • Course retake option
  • Sample exam questions from leading industry vendors
  • Full breakfast including a combination of doughnuts, bagels, fruits, yogurt, juices
  • Coffee, tea, and soda available all day
  • Fresh baked cookies in the afternoon (participating locations)

Contact our Training and Certification Consultants to discuss Group Pricing Options at (240) 667-7757.

Course Outline

Module 1: Intro to the SCYBER course including network security and operations

Module 2: Data analysis for network security and operations

Module 3: Analyzing packets

Module 4: Analyzing network logs

Module 5: Understanding baseline network operations

Module 6: Preparations before potential security incidents

Module 7: Security incident detection

Module 8: Security incident investigations

Module 9: Responding to security incidents

Module 10: Reporting and efficiently communicating security incidents

Module 11: Managing postevent security activities


  • Monitoring Security Events
  • Configuring and Tuning Security Detecting and Alarming
  • Analyzing Traffic for Security Threats
  • Security Incident Response

Class Exam

This exam measures a student's knowledge and skills for detecting and mitigating network security threats by utilizing Cisco and additional security product features. 

Exam: 600-199 SCYBER

Length - 60 minutes (50-60 questions)


Info Collection and Security Foundations (13%)

  • Network Topologies, Application Architecture and Host Configuration Standards
  • Identifying Network and Security Operation Center Services for Organizations
  • Traditional Hacking Methods
  • Typical Operational Procedures and Incident Response Processes with Security Operations Centers (SOCs)
  • Mission Critical Network Traffic and Functions, Applications, Device and Services Behavior 
  • Corporate Security Policies
  • Network Security Analyst Role and Responsibilities
  • Data Resources for Vendor Vulnerabilities, Threats, Exploits and Active Attacks
  • Influence and Impact of Vulnerabilities, Attacks and Threats on Operations
  • Network Profile Baselines
  • Correlation Baselines
  • Risk Analysis Mitigation

Event Monitoring (16%)

  • Source of Data Types and Connection to Network Security
  • Monitoring Network Data Collections Pertaining to Network Security
  • Monitoring and Validating Health/Performance State and Device Availability
  • Monitoring DNS Query Log Output
    • Verifying devices by Monitoring Telemetry Data
  • Identifying Security Incidents
  • Evidence Collection and Forensic Analysis Best Practices

Security Events and Alarms (16%)

  • Event and Alarm Types and Severity
  • Identifying and Dismissing False Positive Indicators
  • Event Correlation with Alarms and Corporate Infrastructure Architecture
  • Accessing Events and Traffic Pertaining to Set Policies
  • Identifying Actionable Events
  • Identifying Incident Types
  • Diagnostic Procedures and Event Metrics

Analyzing, Collecting and Correlation of Traffic (24%)

  • IP Packet Structures
  • TCP and UDP Header Info
  • Analyzing Network Traces and TCP Dumps for Tracing Activities
  • IOS and Analyzing Packets
  • IOS and Accessing Packets
  • Collecting Network Traces
  • Configuring Packet Capture

Responding to Incidents (16%)

  • Standard Incident Response Practices for Corporate Environments
  • Escalation Policies in Corporate Environments
  • Identifying Enhancements for Procedures, Policies and Decision Trees
  • Emergency Mitigation for Vulnerabilities, Exploits and High-Level Threats
  • Evaluating and Suggesting Vulnerability Response for Improving Monitor, Response and Mitigation Practices
  • Typical Compliance and Legal Problems with Security Event Handling

Operational Communications (15%)

  • Communication Vehicles for Post-Threat Remediation
  • Creating Incident Reports and Interpreting Data for Determining Escalation
  • Metric and Channel Types Pertaining to Select Correct Personnel
  • Processing Incident Handling Communication
  • Supplying Context Awareness of Incident Reports to Stakeholders
  • Communicating Security Problems to Remediation Teams such as Constituent-Based Groups
  • Ensuring Security Awareness with Vulnerabilities, Possible Security Patches from Incident Handling
  • Addressing Repetitive Problems Evident through Incident Handling and Suggesting Solutions for Architecture Adjustments
  • The Post-Mortem Process